ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam
Go to Exam

Exam CISA topic 1 question 202 discussion

Actual exam question from Isaca's CISA
Question #: 202
Topic #: 1
[All CISA Questions]

An organization has implemented a quarterly job schedule to update database tables so prices are adjusted in line with a price index. These changes do not go through the regular change management process. Which of the following is the MOST important control to have in place?

  • A. An overarching approval is obtained from the change advisory board.
  • B. User acceptance testing (UAT) is performed after the production run.
  • C. Each production run is approved by an authorized individual.
  • D. Exception reports are generated to identify anomalies.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Changwha at July 16, 2023, 2:23 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
1Naa
3 days, 14 hours ago
Selected Answer: C
This ensures accountability and oversight, mitigating the risk of unauthorized or incorrect updates that could adversely affect the system or its data.
upvoted 1 times
...
Swallows
2 months, 1 week ago
Selected Answer: A
Approval control that does not go through the normal change management process should be responsibility of the CAB.
upvoted 1 times
...
Yejide03
3 months, 2 weeks ago
Based on best practices and ISACA standards, the MOST important control to have in place in this scenario would be: A. An overarching approval is obtained from the change advisory board. Implementing an overarching approval process from the change advisory board ensures that changes, even if they are scheduled and recurring, are reviewed and approved by appropriate stakeholders. This helps maintain accountability, oversight, and alignment with organizational policies and objectives. While other controls such as user acceptance testing (option B), individual approvals (option C), and exception reporting (option D) are valuable, obtaining approval from the change advisory board ensures a comprehensive review and oversight of the changes, mitigating risks associated with unmanaged modifications to critical database tables.
upvoted 4 times
...
echo_cert
3 months, 2 weeks ago
Selected Answer: C
Implies 4 eyes principle
upvoted 1 times
...
Changwha
11 months, 1 week ago
C. Each production run is approved by an authorized individual.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago