PrepAway - Latest Free Exam Questions & Answers

Which audit technique provides the BEST evidence of the segregation of duties in an IS department?

Which audit technique provides the BEST evidence of the segregation of duties in an IS
department?

PrepAway - Latest Free Exam Questions & Answers

A.
Discussion with management

B.
Review of the organization chart

C.
Observation and interviews

D.
Testing of user access rights

Explanation:

By observing the IS staff performing their tasks, an IS auditor can identify whether they are
performing any incompatible operations, and by interviewing the IS staff, the auditor can get an
overview of the tasks performed. Based on the observationsand interviews the auditor can
evaluate the segregation of duties. Management may not be aware of the detailed functions of
each employee in the IS department; therefore, discussion with the management would provide
only limited information regardingsegregation of duties. An organization chart would not provide

details of the functions of the employees. Testing of user rights would provide information about
the rights they have within the IS systems, but would not provide complete information about the
functions they perform.


Leave a Reply