ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam
Go to Exam

Exam CISA topic 1 question 389 discussion

Actual exam question from Isaca's CISA
Question #: 389
Topic #: 1
[All CISA Questions]

Which of the following controls BEST ensures appropriate segregation of duties within an accounts payable department?

  • A. Including the creator's user ID as a field in every transaction record created
  • B. Ensuring that audit trails exist for transactions
  • C. Restricting access to update programs to accounts payable staff only
  • D. Restricting program functionality according to user security profiles
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Deeplaxmi at Oct. 2, 2022, 6:14 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Swallows
1 month ago
Selected Answer: D
Segregation of duties is a fundamental principle of internal controls aimed at preventing errors and fraud by dividing responsibilities among different individuals or roles. By restricting program functionality according to user security profiles, the organization can control access to specific functions or actions within the accounts payable system based on the roles and responsibilities of individual users. This ensures that users only have access to the functionalities necessary for their job roles, preventing unauthorized or inappropriate access to sensitive functions and data.
upvoted 1 times
...
a84n
2 months, 2 weeks ago
Selected Answer: C
Answer: C Option D, restricting program functionality according to user security profiles, contributes to access control and limits users' abilities based on their roles. However, it does not ensure strict segregation of duties within the accounts payable department. While it helps prevent unauthorized access to certain functions, it doesn't inherently prevent a single user from having conflicting duties, such as being able to both create and approve payments. Restricting access to update programs specifically to accounts payable staff ensures a clearer segregation of duties by limiting who can perform specific tasks within the department.
upvoted 1 times
...
Yejide03
4 months ago
C. Restricting access to update programs to accounts payable staff only This control limits the access to update programs to only those staff members who are responsible for accounts payable activities. By restricting access in this manner, the organization can prevent unauthorized personnel from making changes to transaction records, thereby ensuring that the segregation of duties principle is maintained. Other staff members, such as those responsible for creating transaction records or reviewing/approving payments, would have different access privileges tailored to their respective roles, further enforcing segregation of duties.
upvoted 2 times
...
3008
1 year, 2 months ago
Selected Answer: D
`d' is answer
upvoted 1 times
...
swmasinde
1 year, 4 months ago
D. Rokeby based
upvoted 2 times
...
Deeplaxmi
1 year, 9 months ago
D is correct.. A is incorrect bcos just mentioning the user name against the transaction, might hold that person responsible/accoutable but will not stop an unrelated employee from making changes. will not solve. SOD primarily required that the jobs are performed by appropriate / relevant individuals.
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago