PrepAway - Latest Free Exam Questions & Answers

What should the auditor do?

An IS auditor is performing an audit of a remotely managed server backup. The IS auditor reviews the logs for
one day and finds one case where logging on a server has failed with the result that backup restarts cannot be
confirmed. What should the auditor do?

PrepAway - Latest Free Exam Questions & Answers

A.
Issue an audit finding

B.
Seek an explanation from IS management

C.
Review the classifications of data held on the server

D.
Expand the sample of logs reviewed

Explanation:
Audit standards require that an IS auditor gather sufficient and appropriate audit evidence. The auditor has
found a potential problem and now needs to determine if this is an isolated incident or a systematic control
failure. At this stage it is too preliminary to issue an audit finding and seeking an explanation from management
is advisable, but it would be better to gather additional evidence to properly evaluate the seriousness of the
situation. A backup failure, which has not been established at this point, will be serious if it involves critical datA.However, the issue is not the importance of the data on the server, where a problem has been detected, but
whether a systematic control failure that impacts other servers exists.


Leave a Reply