Isaca Certified Information Systems Auditor CISA Question # 34 Topic 4 Discussion
CISA Exam Topic 4 Question 34 Discussion:
Question #: 34
Topic #: 4
An IS auditor has been asked to review an event log aggregation system to ensure risk management practices have been applied. Which of the following should be of MOST concern to the auditor?
A.
Log feeds are uploaded via batch process.
B.
Completeness testing has not been performed on the log data.
C.
The log data is not normalized.
D.
Data encryption standards have not been considered.
The IS auditor should be most concerned if completeness testing has not been performed on the log data, as this could indicate that some logs are missing, corrupted, or tampered with, and that the log aggregation system is not reliable or accurate12. Completeness testing is a process of verifying that all the logs generated by the source systems are successfully collected, transferred, and stored by the log aggregation system, and that there are no gaps or inconsistencies in the log data34. Completeness testing is essential for ensuring the integrity and validity of the log data, and for supporting the risk management practices of the organization.
References
1: Log Aggregation: How it Works, Methods, and Tools - Exabeam2 2: Log Aggregation and Monitoring Relation in Cybersecurity4 3: Log Aggregation: What It Is and How It Works | Datadog3 4: Data Flow Testing - GeeksforGeeks1
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit