Home MCQs CISA Question #1790
Back to Questions
CISA QUESTION #1790
Question 1
According to ISACA, which description best defines a 'strong control'?
  • Effective deployment of multiple overlapping controls aimed at the same objective✔️
  • A preventive control that completely stops a problem from ever occurring
  • Implementing at least one control each from the detective, corrective, and preventive categories
  • Applying comprehensive pervasive controls within an ERP application
Correct Answer Explanation
A strong control uses multiple layers — combining administrative, physical, and technical methods across detective, corrective, and preventive categories. This layered approach, known as depth of control, ideally spans all nine control layers. Relying on a single control type represents a weak control posture.