CISA EXAM – 1 questions with correct answers
Q3) During the review of an in-house developed application, the GREATEST concern to an IS auditor is if a: A) manager approves a change request and then reviews it in production. B) programmer codes a change in the development environment and tests it in the test environment. C) manager initiates a change request and subsequently approves it. D) user raises a change request and tests it in the test environment. Correct Answer-C) Manager initiates a change request and subsequently approves it is correct. Initiating and subsequently approving a change request violates the principle of segregation of duties. D) A person should not be able to approve their own requests. User raises a change request and tests it in the test environment is incorrect. Having a user involved in testing changes is common practice. B) Programmer codes a change in the development environment and tests it in the test environment is incorrect. Having a programmer code a change in development and then separately test the change in a test environment is a good practice and preferable over testing in production. A) Manager approves a change request and then reviews it in production is incorrect. C) Having a manager review a change to make sure it was done correctly is an acceptable practice.
Written for
- Institution
- CISA - Certified Information Systems Auditor
- Course
- CISA - Certified Information Systems Auditor
Document information
- Uploaded on
- October 10, 2023
- Number of pages
- 128
- Written in
- 2023/2024
- Type
- Exam (elaborations)
- Contains
- Questions & answers
Subjects
-
cisa exam 1 questions with correct answers
Also available in package deal
