Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam
Go to Exam

Exam CISA topic 1 question 1376 discussion

Actual exam question from Isaca's CISA
Question #: 1376
Topic #: 1
[All CISA Questions]

An IS auditor is reviewing a client’s outsourced payroll system to assess whether the financial audit team can rely on the application. Which of the following findings would be the auditor's GREATEST concern?

  • A. Payroll processing costs have not been included in the IT budget.
  • B. User access rights have not been periodically reviewed by the client.
  • C. The third-party contract does not comply with the vendor management policy.
  • D. The third-party contract has not been reviewed by the legal department.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Sibsankar at Feb. 18, 2024, 12:17 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
blehbleh
3 weeks, 4 days ago
Selected Answer: B
it is B
upvoted 1 times
...
PurpleParrot
2 months, 1 week ago
Selected Answer: D
option D
upvoted 2 times
...
46080f2
5 months ago
Selected Answer: D
I vote for D., but seem to be pretty much alone in this view. The usual AI chatbot's here have different answers, but none say. D. Anyway, I'm sticking with D. The way I've understood ISACA thinking so far from many other ISACA questions is that for third-party contracts, having a contract reviewed by a Legal Department or Lawyer is paramount. At least in the questions from the official ISACA learning material, I was always right with this understanding. So I stick with D.
upvoted 2 times
PurpleParrot
2 months, 1 week ago
you are not alone, i am with D too. as per isaca CRM chapter 3, the legal counsel should review the contract. it is a must.
upvoted 2 times
...
...
Sibsankar
5 months, 3 weeks ago
Sorry , It must be C
upvoted 1 times
...
Swallows
5 months, 3 weeks ago
Selected Answer: B
User access rights are crucial for maintaining the confidentiality, integrity, and availability of payroll data. Without periodic reviews, there's a higher risk of unauthorized access, which could lead to data breaches, fraud, or errors in financial records. This finding indicates a potential weakness in security controls, raising significant concerns about data protection and the accuracy of financial audits relying on the payroll system.
upvoted 1 times
...
MJORGER
7 months, 1 week ago
Selected Answer: B
B. User access rights have not been periodically reviewed by the client Periodic review of user access rights is crucial for maintaining security and ensuring that only authorized individuals have access to sensitive data. If these reviews are not being conducted, there could be users with inappropriate access, which poses a significant risk to data integrity and confidentiality.
upvoted 1 times
...
Sibsankar
9 months ago
Fue to its direct impact on the ability to rely on the outsourced payroll system for the financial audit, a non-compliant third-party contract is the greatest concern for the IS auditor. So, the answer will be C
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel