Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam
Go to Exam

Exam CISA topic 1 question 619 discussion

Actual exam question from Isaca's CISA
Question #: 619
Topic #: 1
[All CISA Questions]

An IS auditor discovers that due to resource constraints, a database administrator (DBA) is responsible for developing and executing changes into the production environment. Which of the following should the auditor do FIRST?

  • A. Ensure a change management process is followed prior to implementation.
  • B. Identify whether any compensating controls exist.
  • C. Determine whether another database administrator (DBA) could make the changes.
  • D. Report a potential segregation of duties (SoD) violation.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by oldmagic at July 2, 2023, 1:57 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
PurpleParrot
2 months, 4 weeks ago
Selected Answer: A
first is ensuring only authorized changes are taking place. then SOD's can be checked for compensating controls
upvoted 1 times
...
Swallows
4 months ago
Selected Answer: A
When database administrators (DBAs) are responsible for developing and implementing changes to a production environment, it is important that those changes are properly managed. A change management process is a framework for consistently managing the planning, approval, implementation, monitoring, and evaluation of change.
upvoted 1 times
...
Yejide03
9 months ago
Selected Answer: B
B. Identify whether any compensating controls exist.
upvoted 3 times
...
FAGFUR
12 months ago
Selected Answer: D
Identifying and reporting a segregation of duties (SoD) violation is crucial because it highlights the potential risk associated with a single individual having both development and execution responsibilities in the production environment. This situation poses a risk of unauthorized or erroneous changes, and reporting the SoD violation can trigger corrective actions to mitigate this risk. Addressing the segregation of duties issue is a fundamental concern that needs immediate attention to enhance control and security. The auditor can then work collaboratively with the organization to implement appropriate measures, such as a change management process or additional controls, to mitigate the identified risk.
upvoted 1 times
Eiad1100
6 months, 1 week ago
Due to resource constraints. I think there should be compensating controls. so the answer is B
upvoted 2 times
...
...
3008
1 year, 2 months ago
Selected Answer: B
B is answer.
upvoted 2 times
...
oldmagic
1 year, 4 months ago
Selected Answer: D
I'll go with D; the first order of business should be to report the SoD violation as its a direct risk
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel