Which of the following should a general internal auditor be able to characterize as an IT-related risk?

IIA-CIA-Part1 V4 0 Comments

Which of the following should a general internal auditor be able to characterize as an IT-related risk?
A . Computer servers are in a room that is accessible to all employees,
B . An IT architect avoids taking vacations and sharing his workload with coworkers,
C . Hours billed by IT developers exceed 24 hours daily.
D . Audit logs are lacking in a system that processes personal data.

Answer: D

Explanation:

Audit logs are crucial for monitoring and reviewing the activities within IT systems, especially those processing personal data. The lack of audit logs presents a significant IT-related risk as it undermines the ability to trace any unauthorized or inappropriate access and actions within the system, thereby impacting the integrity and security of data.

Reference: Best practices in IT security and internal control frameworks like COBIT and ISO/IEC 27001.

Latest IIA-CIA-Part1 Dumps Valid Version with 566 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download IIA-CIA-Part1 PDF     IIA-CIA-Part1 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments