Are you studying for the CISA certification?
Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
What type of control should be applied in a small company where application programmers are permitted to move applications into production?
Independent review of user acceptance
Independent access controls review
Independent review of user requirements
Independent postimplementation testing
An independent review of access controls would most likely detect segregation of duties conflicts. An auditor should consider application access. For example, if the programmer moves an application to production, the programmer should not have the ability to post transactions to the general ledger. Independent postimplementation testing would not be as effective because the system could be accepted by the end user without detecting the undocumented functionality. An independent review of user requirements would not be as effective because the system could meet user requirements and still include undocumented functionalities. An independent review of user acceptance would not be as effective because the system could be accepted by the end users, and the undocumented functionalities could remain undetected.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.