An IS auditor is reviewing logical access controls for an organization's financial business application. Which of the following findings should be of GREATEST concern to the auditor?
A.
Management does not review application user activity logs.
B.
Password length is set to eight characters.
C.
User accounts are shared between users.
D.
Users are not required to change their passwords on a regular basis.
Sharing user accounts between users is a serious security concern. It undermines the principle of individual accountability and makes it difficult to trace actions back to specific individuals. This practice poses a significant risk to the integrity and confidentiality of the financial business application data, as it becomes challenging to determine who performed specific actions or accessed certain information. It also increases the likelihood of unauthorized access and misuse of the system.
upvoted 1 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
FAGFUR
3 months, 3 weeks ago