Posted by: Pdfprep
Post Date: October 30, 2020
An IS auditor finds that periodic reviews of read-only users for a reporting system are not being performed.
Which of the following should be the IS auditor’s NEXT course of action?
A . Obtain a verbal confirmation from IT for this exemption.
B . Review the list of end-users and evaluate for authorization.
C . Verify management’s approval for this exemption.
D . Report this control process weakness to senior management.
Answer: C
Leave a Reply