Are you studying for the CISA certification?
Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
During a review of user provisioning processes of the companys identity management system (IDM), an IT auditor discovers a small population of access requests did not go through the appropriate processes to provide access. The next step the IT auditor should take is to:
Perform additional analysis.
Advise that the owner of the IDM system fix the workflow issues.
Report the problem to the audit committee.
Perform a security risk assessment.
The IS auditor needs to perform substantive testing and an additional analysis in order to determine why the approval and workflow processes are not working as intended. Before making any recommendation, the IS auditor should gain a good understanding of the scope of the problem and what factors caused this incident. The IS auditor should identify whether the issue was caused by managers not following procedures, by a problem with the workflow of the automated system or a combination of the two. The other options are not correct because the IS auditor does not have enough information to report the problem, conduct a risk assessment or recommend fixing the workflow issues.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.