Isaca Certified Information Systems Auditor CISA Question # 279 Topic 28 Discussion
CISA Exam Topic 28 Question 279 Discussion:
Question #: 279
Topic #: 28
During an audit of a financial application, it was determined that many terminated users' accounts were not disabled. Which of the following should be the IS auditor's NEXT step?
A.
Perform substantive testing of terminated users' access rights.
B.
Perform a review of terminated users' account activity
C.
Communicate risks to the application owner.
D.
Conclude that IT general controls ate ineffective.
The IS auditor’s next step after determining that many terminated users’ accounts were not disabled is to perform a review of terminated users’ account activity. This means that the IS auditor should check whether any of the terminated users’ accounts were accessed or used after their termination date, which could indicate unauthorized or fraudulent activity. The IS auditor should also assess the impact and risk of such activity on the confidentiality, integrity, and availability of IT resources and data. The other options are not as appropriate as performing a review of terminated users’ account activity, as they do not provide sufficient evidence or assurance of the extent and effect of the problem. References: CISA Review Manual, 27th Edition, page 240
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit