Which of the following should be the auditor’s FIRST course of action?
An IS auditor discovered abnormalities in a monthly report generated from a system upgraded six months ago.
Which of the following should be the auditor’s FIRST course of action?
A . Inspect source code for proof of abnormalities
B . Perform a change management review of the system
C . Schedule an access review of the system
D . Determine the impact of abnormalities in the report
Answer: D
Latest CISA Dumps Valid Version with 2694 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
1st review to determine impact i.e. material/immaterial. Depending on outcome, this will determine next steps (i.e. inspect source code, perform change management, schedule access review…)
Correct answer is D. 1st review to determine impact i.e. material/immaterial. Depending on outcome, this will determine next steps (i.e. inspect source code, perform change management, schedule access review…)