PrepAway - Latest Free Exam Questions & Answers

Which of the following actions should the IS auditor take?

An IS auditor conducting a review of software usage and licensing discovers that numerous PCs
contain unauthorized software. Which of the following actions should the IS auditor take?

PrepAway - Latest Free Exam Questions & Answers

A.
Personally delete all copies of the unauthorized software.

B.
Inform the auditee of the unauthorized software, and follow up to confirm deletion.

C.
Report the use of the unauthorized software and the need to prevent recurrence to auditee
management.

D.
Take no action, as it is a commonly accepted practice and operations management is
responsible for monitoring such use.

Explanation:

The use of unauthorized or illegal software should be prohibited by an organization. Software
piracy results in inherent exposure and can result in severe fines. An IS auditor must convince the
user and user management of the risk and the need to eliminate the risk. An IS auditor should not
assume the role of the enforcing officer and take on any personal involvement in removing or
deleting the unauthorized software.


Leave a Reply