An IS auditor reviewing database controls discovered that changes to the database during normal working hours were handled through a standard set of procedures. However, changes made after normal hours required only an abbreviated number of steps. In this situation, which of the following would be considered an adequate set of compensating controls?
Submitted by: Administrator1. Allow changes to be made only with the DBA user account.
2. Make changes to the database after granting access to a normal user account
3. Use the DBA user account to make changes, log the changes and review the change log the following day.
4. Use the normal user account to make changes, log the changes and review the change log the following day.
Answer: 3
Submitted by: Administrator
2. Make changes to the database after granting access to a normal user account
3. Use the DBA user account to make changes, log the changes and review the change log the following day.
4. Use the normal user account to make changes, log the changes and review the change log the following day.
Answer: 3
Submitted by: Administrator
Read Online CISA Job Interview Questions And Answers
Top CISA Questions
☺ | An IS auditor is performing an audit of a network operating system. Which of the following is a user feature the IS auditor should review? |
☺ | Which of the following is the MOST effective control when granting temporary access to vendors? |
☺ | While designing the business continuity plan (BCP) for an airline reservation system, the MOST appropriate method of data transfer/backup at an offsite location would be: |
☺ | Which of the following cryptography options would increase overhead/cost? |
☺ | IT control objectives are useful to IS auditors, as they provide the basis for understanding the: |
Top IT (Information Technology) Categories
☺ | Computer Operator Interview Questions. |
☺ | Telecommunications Interview Questions. |
☺ | Information Technology Interview Questions. |
☺ | Data Entry Interview Questions. |
☺ | IT Support Interview Questions. |