If an IS auditor finds evidence of risk involved in not implementing proper segregation of duties, such as having the security administrator perform an operations function, what is the auditor’s primary responsibility?

Posted by: Pdfprep Category: CISA Tags: , ,

If an IS auditor finds evidence of risk involved in not implementing proper segregation of duties, such as having the security administrator perform an operations function, what is the auditor’s primary responsibility?
A . To advise senior management.
B . To reassign job functions to eliminate potential fraud.
C . To implement compensator controls.
D . Segregation of duties is an administrative control not considered by an IS auditor.

Answer: A

Explanation:

An IS auditor’s primary responsibility is to advise senior management of the risk involved in not implementing proper segregation of duties, such as having the security administrator perform an operations function.

Leave a Reply

Your email address will not be published.