Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

← CISA Practice Hub

CISA • Practice Test 36

CISA Practice Test 36 — 15 Questions

Free CISA practice test — 15 questions with explanations. Set 36. No signup required.

15
Questions
Free
No signup
Certifications/CISA/Practice Test/Set 36
Question 1 of 150 answered
medium

An IS auditor is auditing the user access management process for a large healthcare organization that uses an electronic health records (EHR) system. The organization has 5,000 users including doctors, nurses, and administrative staff. The auditor reviews a sample of access requests and finds that 20% of the requests were approved by the user's manager but the approval was not documented in the system. The auditor also finds that there is no periodic review of user access rights. The IT security manager states that users are automatically provisioned based on their role in the HR system, and that access reviews are performed manually by managers but not documented. What is the auditor's BEST recommendation to address the most significant risk?

Scored session

Track progress, bookmark weak spots, and get readiness analysis.

Start full session

Practice tests

Scored 10-question sessions with instant feedback and explanations.

CISA Practice Test 1 — 10 Questions→CISA Practice Test 2 — 10 Questions→CISA Practice Test 3 — 10 Questions→CISA Practice Test 4 — 10 Questions→CISA Practice Test 5 — 10 Questions→CISA Practice Exam 1 — 20 Questions→CISA Practice Exam 2 — 20 Questions→CISA Practice Exam 3 — 20 Questions→CISA Practice Exam 4 — 20 Questions→Free CISA Practice Test 1 — 30 Questions→Free CISA Practice Test 2 — 30 Questions→Free CISA Practice Test 3 — 30 Questions→CISA Practice Questions 1 — 50 Questions→CISA Practice Questions 2 — 50 Questions→CISA Exam Simulation 1 — 100 Questions→

Practice by domain

Each domain maps to a weighted exam section. Focus on the domain where you are weakest.

Governance and Management of ITInformation Systems Acquisition, Development and ImplementationInformation Systems Operations and Business ResilienceProtection of Information AssetsInformation System Auditing Process

Practice by scenario

Filter questions by type — troubleshooting, exhibit, drag-and-drop, PBQ, ACLs, OSPF, and more.

Browse scenarios→

Continue studying

CISA Practice HubGovernance and Management of ITInformation Systems Acquisition, Development and ImplementationInformation Systems Operations and Business ResilienceProtection of Information Assets