When performing an audit of access rights, an IS auditor should be suspicious of which of the following if allocated to a computer operator?

When performing an audit of access rights, an IS auditor should be suspicious of which of the following if allocated to a computer operator?

When performing an audit of access rights, an IS auditor should be suspicious of which of the following if allocated to a computer operator?

A.
Read access to data

B.
Delete access to transaction data files

C.
Logged read/execute access to programs

D.
Update access to job control language/script files

Explanation:
Deletion of transaction data files should be a function of the application support team, not operations staff. Read access to production data is a normal requirement of a computer operator, as is logged access to programs and access to JCL to controljob execution.

Show Hint

Leave a Reply 0

Your email address will not be published. Required fields are marked *

fourteen − 4 =