Answer: A The IS auditor's first and foremost responsibility is to

An IS auditor has recently discovered that because of a
shortage of skilled operations personnel, the security
administrator has agreed to work one late-night shift a
month as the senior computer operator. The MOST appropriate
course of action for the IS auditor is to:

A. advise senior management of the risk involved.

B. agree to work with the security officer on these shifts
as a form of preventative control.

C. develop a computer-assisted audit technique to detect
instances of abuses of this arrangement.

D. review the system log for each of the late-night shifts
to determine whether any irregular actions occurred.

Question Posted / guest

1 Answers
4285 Views
I also Faced
E-Mail Answers

Answer Posted / guest

Answer: A

The IS auditor's first and foremost responsibility is to
advise senior management of the risk involved in having the
security administrator perform an operations function. This
is a violation of separation of duties. The IS auditor
should not get involved in processing.

Is This Answer Correct ?

5 Yes

0 No

Post New Answer View All Answers

Please Help Members By Posting Answers For Below Questions

WHICH OF THE FOLLOWING IS OFTEN AN ADVANTAGE OF USING PROTOTYPING GOR DYDTEM DVELOPMENT

2843

purchase orders issued to vendors have been authorized as per the authorization matrix

1093