PrepAway - Latest Free Exam Questions & Answers

Which of the following should be of MOST concern to an IS auditor?

Which of the following should be of MOST concern to an IS auditor?

PrepAway - Latest Free Exam Questions & Answers

A.
Lack of reporting of a successful attack on the network

B.
Failure to notify police of an attempted intrusion

C.
Lack of periodic examination of access rights

D.
Lack of notification to the public of an intrusion

Explanation:

Not reporting an intrusion is equivalent to an IS auditor hiding a malicious intrusion, which would
be a professional mistake. Although notification to the police may be required and the lack of a
periodic examination of access rights might be a concern, they do not represent as big a concern
as the failure to report the attack. Reporting to the public is not a requirement and is dependent on
the organization’s desire, or lack thereof, to make the intrusion known.


Leave a Reply