PrepAway - Latest Free Exam Questions & Answers

Which of the following is a corrective control that the IS auditor should recommend?

During an application audit, an IS auditor finds several problems related to corrupted data in the
database. Which of the following is a corrective control that the IS auditor should recommend?

PrepAway - Latest Free Exam Questions & Answers

A.
implement data backup and recovery procedures.

B.
Define standards and closely monitor for compliance.

C.
Ensure that only authorized personnel can update the database.

D.
Establish controls to handle concurrent access problems.

Explanation:

Implementing data backup and recovery procedure is a corrective control, because backup and
recovery procedures can be used to roll back database errors. Defining or establishing standards
is a preventive control, while monitoring for compliance is adetective control. Ensuring that only
authorized personnel can update the database is a preventive control. Establishing controls to
handle concurrent access problems is also a preventive control.


Leave a Reply