Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
What is the best approach for an IT auditor to take if it is discovered that there is a critcal control finding in the change management software that manages the accounting application?
Halt all audit activity until the control deficiency in the change management software is addressed.
Continue to test the accounting application controls and include mention of the change management software control deficiency in the final report.
Complete the application controls audit, but not report the control deficiency in the change management software because it is not part of the audit scope.
Continue to test the accounting application controls, inform the IT manager about the change management software control deficiency and offer advice on potential solutions.
It is the responsibility of the IS auditor to report on findings that could have a material impact on the effectiveness of controlswhether or not they are within the scope of the audit. The IS auditor should not assume that the IT manager will follow through on resolving the change management control deficiency, and it is inappropriate to offer consulting services on issues discovered during an audit. While not technically within the audit scope, it is the responsibility of the IS auditor to report findings discovered during an audit that could have a material impact on the effectiveness of controls. It is not the role of the IS auditor to demand that IT work be completed before performing or completing an audit.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.