During a security access review, an IS auditor identifies a segregation of duties issue involving financial reporting for which there are no mitigating controls. Which of the following stakeholders should be notified of this finding FIRST?
The audit committee typically oversees financial reporting and internal controls within an organization. They are responsible for ensuring the integrity and accuracy of financial statements. Therefore, informing the audit committee first allows them to take prompt action to address the issue, assess its impact on financial reporting, and determine appropriate remediation measures. Additionally, notifying the audit committee aligns with best practices for governance and ensures that the highest levels of management are aware of and involved in addressing significant control deficiencies.
In the context of a segregation of duties issue involving financial reporting, the IS auditor should inform the audit committee first. The audit committee is typically responsible for overseeing financial reporting and controls within an organization. They play a crucial role in governance, risk management, and oversight, making them a key stakeholder for such findings. Once the audit committee is informed, they can initiate appropriate actions and communicate the issue to other relevant parties, such as operational management, external auditors, or the board of directors if necessary.
C. Operational management
When identifying a segregation of duties issue during a security access review, the IS auditor should first notify operational management. Operational management is responsible for the day-to-day operations and processes within the organization, including financial reporting. They need to be made aware of the issue promptly so that they can take appropriate action to address the segregation of duties concern and implement necessary controls or process changes. It is crucial to inform operational management first to ensure they have the opportunity to rectify the issue before escalating it to higher-level stakeholders such as the audit committee, external auditors, or the board of directors.
upvoted 4 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Swallows
1 month, 2 weeks agoSibsankar
4 months, 4 weeks ago0timepass
6 months, 2 weeks agoKAP2HURUF
6 months, 3 weeks ago