Isaca Certified Information Systems Auditor CISA Question # 372 Topic 38 Discussion
CISA Exam Topic 38 Question 372 Discussion:
Question #: 372
Topic #: 38
UESTION NO: 210
An accounting department uses a spreadsheet to calculate sensitive financial transactions. Which of the following is the MOST important control for maintaining the security of data in the spreadsheet?
A.
There Is a reconciliation process between the spreadsheet and the finance system
B.
A separate copy of the spreadsheet is routinely backed up
C.
The spreadsheet is locked down to avoid inadvertent changes
D.
Access to the spreadsheet is given only to those who require access
Access to the spreadsheet is given only to those who require access is the most important control for maintaining the security of data in the spreadsheet. An IS auditor should ensure that the principle of least privilege is applied to limit the access to sensitive financial data and prevent unauthorized disclosure, modification, or deletion. The other options are less important controls that may enhance the accuracy, availability, or integrity of data in the spreadsheet, but not its security. References:
CISA Review Questions, Answers and Explanations Database, Question ID 210
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit