A. inform management of the finding and determine if management is willing

When conducting a review of business process re-engineering,
an IS auditor found that a key preventive control had been
removed. In this case, the IS auditor should:

A. inform management of the finding and determine if
management is willing to accept the potential material risk
of not having that preventing control.

B. determine if a detective control has replaced the
preventive control during the process and if so, not report
the removal of the preventive control.

C. recommend that this and all control procedures that
existed before the process was reengineered be included in
the new process.

D. develop a continuous audit approach to monitor the
effects of the removal of the preventive control.

Question Posted / antoine

2 Answers
10226 Views
I also Faced
E-Mail Answers

Answer Posted / antoine

A. inform management of the finding and determine if
management is willing to accept the potential material risk
of not having that preventing control.

Is This Answer Correct ?

4 Yes

0 No

Post New Answer View All Answers

Please Help Members By Posting Answers For Below Questions

WHICH OF THE FOLLOWING IS OFTEN AN ADVANTAGE OF USING PROTOTYPING GOR DYDTEM DVELOPMENT

2975

purchase orders issued to vendors have been authorized as per the authorization matrix

1207