Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
What action should an IT auditor take when the IT group is in compliance with company policy requiring the IDs of terminated employees are deactivated within 90 days?
Report that the control is operating and effective
Recommend the additonal control that activity logs of terminated users be reviewed on a routine basis.
Recommend changes to the IS policy to ensure deactivation of user IDs upon termination.
Validate that user access rights have been approriately provisioned on a need-to-have basis.
Although a policy provides a reference for performing IS audit assignments, an IS auditor needs to review the adequacy and the appropriateness of the policy. If, in the opinion of the IS auditor, the time frame defined for deactivation is inappropriate, the auditor needs to communicate this to management and recommend changes to the policy. Although the deactivation happens as stated in the policy, it cannot be concluded that the control is effective. Best practice would require that the ID of a terminated user be deactivated immediately. Verifying that user access rights have been granted on a need-to-have basis is necessary when permissions are granted. Recommending that activity logs of terminated users be reviewed on a regular basis is a good practice, but not as effective as deactivation upon termination.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.