What should the auditor do?

seenagapeMay 7, 2016

An IS auditor is performing an audit of a remotely managed server backup. The IS auditor reviews
the logs for one day and finds one case where logging on a server has failed with the result that
backup restarts cannot be confirmed. What should the auditor do?

PrepAway - Latest Free Exam Questions & Answers

A.
Issue an audit finding

B.
Seek an explanation from IS management

C.
Review the classifications of data held on the server

D.
Expand the sample of logs reviewed

Explanation:
Audit standards require that an IS auditor gather sufficient and appropriate audit evidence. The
auditor has found a potential problem and now needs to determine if this is an isolated incident or a
systematic control failure. At this stage it is too preliminary to issue an audit finding and seeking an
explanation from management is advisable, but it would be better to gather additional evidence to
properly evaluate the seriousness of the situation. A backup failure, which has not been established
at this point, will be serious if it involves critical datA . However, the issue is not the importance of
the data on the server, where a problem has been detected, but whether a systematic control failure
that impacts other servers exists.

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ISACA Exam Questions

Free ISACA Study Guide

What should the auditor do?

Leave a Reply Cancel reply