A small startup organization does not have the resources to implement segregation of duties. Which of the following is the MOST effective compensating control?
A.
Rotation of log monitoring and analysis responsibilities
B.
Additional management reviews and reconciliations
In a small organization, where the number of employees is relatively small, job rotations may not make much sense, and they are likely to be transferred back to their original positions after a while. So B is the correct answer.
A third-party evaluation is an assessment of an organization's processes and operations by an external auditor or consultant. This can compensate for segregation of duties or lack of control within the organization.
Answer is clearly B, isaca recommends first procedures then review followed by third party assessments. Since there is no procedure in choices then management review looks most promising control
additional management is required more effort and resource as well. For a small organization which is having limitation of resource, this is not an effective control. Rotating job of staff is more effective cause it is balancing between resource and integrity. Hence, the reasonable answer should be A
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Victor83516
Highly Voted 2 years, 2 months agoPumeza
Most Recent 1 week, 1 day agoa84n
6 months, 3 weeks ago5b56aae
7 months agoSwallows
7 months, 1 week agoOD1N
11 months, 2 weeks agomeelaan
1 year, 1 month ago[Removed]
11 months, 3 weeks agoSuperman
1 year, 2 months agofrisbg
1 year, 5 months ago[Removed]
1 year, 6 months agoMohamedAbdelaal
1 year, 6 months agoBroesweelies
1 year, 8 months agoMichaelHoang
1 year, 10 months agoZephaniah
2 years, 2 months agoElikplim
2 years, 2 months ago