When performing an audit of access rights, an IS auditor
should be suspicious of which of the following if allocated
to a computer operator?
A. READ access to data
B. DELETE access to transaction data files
C. Logged READ/EXECUTE access to programs
D. UPDATE access to job control language/script files
Answer Posted / guest
Answer: B
Deletion of transaction data files should be a function of
the application support team, not operations staff. Read
access to production data is a normal requirement of a
computer operator, as well as logged access to programs and
access to JCL in order to control job execution.
Is This Answer Correct ? | 8 Yes | 1 No |
Post New Answer View All Answers