Certified Information Systems Auditor (CISA) — Question 785

Internal audit is evaluating an organization's IT portfolio management. Which of the following would be the BEST recommendation for prioritizing the funding of IT projects?

Answer options

• A. Direct funds toward projects that reduce the organization's technology risk exposure.
• B. Group projects into portfolios based on their potential to increase market share and reduce costs.
• C. Direct funds toward projects that increase the availability of the organization's technology infrastructure.
• D. Group projects with common themes into portfolios and assess them against strategic objectives.

Correct answer: D

Explanation

The correct answer, D, emphasizes the importance of aligning projects with strategic objectives, ensuring that resources are allocated based on overall business goals. Options A, B, and C, while valid approaches, do not focus on the strategic alignment of projects, which is essential for effective portfolio management.