Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam
Go to Exam

Exam CISA topic 1 question 1142 discussion

Actual exam question from Isaca's CISA
Question #: 1142
Topic #: 1
[All CISA Questions]

A company requires that all program change requests (PCRs) be approved and all modifications be automatically logged. Which of the following IS audit procedures will BEST determine whether unauthorized changes have been made to production programs?

  • A. Use source code comparison software to determine whether any changes have been made to a sample of programs since the last audit date.
  • B. Review a sample of PCRs for proper approval throughout the program change process.
  • C. Trace a sample of complete PCR forms to the log of all program changes.
  • D. Trace a sample of program changes from the log to completed PCR forms.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by 3008 at Aug. 20, 2023, 5:27 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
shiowbah
Highly Voted 12 months ago
D. Trace a sample of program changes from the log to completed PCR forms.
upvoted 5 times
...
RS66
Most Recent 3 months, 2 weeks ago
Selected Answer: D
D. Trace a sample of program changes from the log to completed PCR forms.
upvoted 2 times
...
Swallows
8 months ago
Selected Answer: D
The only complete data from which to trace is the log.
upvoted 4 times
...
FAGFUR
1 year ago
Selected Answer: C
The best IS audit procedure to determine whether unauthorized changes have been made to production programs is to trace a sample of complete Program Change Request forms to the log of all program changes. This procedure ensures that approved changes documented in PCR forms are correctly reflected in the log of actual program changes.
upvoted 3 times
...
3008
1 year, 3 months ago
Selected Answer: A
however, involves using source code comparison software to determine whether any changes have been made to a sample of programs since the last audit date. This approach is more effective because it verifies whether any changes have been made to the actual code itself, rather than just relying on the approval or logging process. If any unauthorized changes are found, the auditor can investigate further to determine how they were made and take appropriate action
upvoted 4 times
3008
1 year, 3 months ago
proposes tracing a sample of program changes from the log to completed PCR forms. While this is another useful audit procedure, it is also limited in providing assurance that unauthorized changes have not been made. In this case, a change could have been authorized through the PCR process but not recorded in the log, or the log itself could have been tampered with to hide unauthorized changes.
upvoted 2 times
...
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel