An IS auditor finds that client requests were processed multiple times when received
from different independent departmental databases, which are synchronized weekly. What would
be the BEST recommendation?

A.
increase the frequency for data replication between the different department systems to ensure
timely updates.

B.
Centralize all request processing in one department to avoid parallel processing of the same
request.

C.
Change the application architecture so that common data are held in just one shared database for
all departments.

D.
implement reconciliation controls to detect duplicates before orders are processed in the
systems.

Explanation:
Keeping the data in one place is the best way to ensure that data are stored without redundancy and
that all users have the same data on their systems. Although increasing the frequency may help to
minimize the problem, the risk of duplication cannotbe eliminated completely because parallel data
entry is still possible. Business requirements will most likely dictate where data processing activities
are performed. Changing the business structure to solve an IT problem is not practical or politically
feasible. Detective controls do not solve the problem of duplicate processing, and would require that
an additional process be implemented to handle the discovered duplicates.