exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam

Exam CISA topic 1 question 1632 discussion

Actual exam question from Isaca's CISA
Question #: 1632
Topic #: 1
[All CISA Questions]

Which of the following should an IS auditor do FIRST when determining whether unauthorized changes have been made to production code?

  • A. Review access control permissions operating within the production program libraries.
  • B. Examine the change control system records and trace them forward to object code files.
  • C. Review change-approved designations established within the change control system.
  • D. Examine object code to find instances of changes and trace them back to change control records.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
pLulu
3 months, 3 weeks ago
A. Review access control permissions operating within the production program libraries. By reviewing access control permissions, the auditor can identify who has the ability to make changes to the production code. This helps in understanding whether the controls in place are adequate to prevent unauthorized changes. If access controls are weak or improperly configured, it increases the risk of unauthorized modifications.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago