ExamGecko
Search Search Login
Home Home / IIA / IIA-CIA-Part3
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

When executive compensation is based on the organization's financial results, which of the following situations is most likely to arise?
Which of the following contract concepts is typically given in exchange for the execution of a promise?
An internal auditor is reviewing key phases of a software development project. Which of the following would; the auditor most likely use to measure the project team's performance related to how project tasks are completed?
Which of the following statements is true regarding a project life cycle?
An internal auditor observed that the organization's disaster recovery solution will make use of a cold site in a town several miles away. Which of the following is likely to be a characteristic of this disaster recover/ solution?
An organization is considering outsourcing its IT services, and the internal auditor as assessing the related risks. The auditor grouped the related risks into three categories; - Risks specific to the organization itself. - Risks specific to the service provider. - Risks shared by both the organization and the service provider Which of the following risks should the auditor classify as specific to the service provider?
A newly appointed board member received an email that appeared to be from the company's CEO. The email stated: "Good morning. As you remember, the closure of projects is our top priority. Kindly organize prompt payment of the attached invoice for our new solar energy partners." The board member quickly replied to the email and asked under which project the expense should be accounted. Only then did he realize that the sender 's mail domain was different from the company's. Which of the following cybersecurity risks nearly occurred in the situation described?
An employee was promoted within the organization and relocated to a new office in a different building. A few months later, security personnel discovered that the employee's smart card was being used to access the building where she previously worked. Which of the following security controls could prevent such an incident from occurring?
Which of the following best describes the use of predictive analytics?
Which of the following characteristics applies to an organization that adopts a flat structure?

Question 23 - IIA-CIA-Part3 discussion

Report
Export

During an audit of the payroll system, the internal auditor identifies and documents the following condition:

"Once a user is logged into the system, the user has access to all functionality within the system." What is the most likely root cause for tins issue?

A.
The authentication process relies on a simple password only, which is a weak method of authorization.
Answers
A.
The authentication process relies on a simple password only, which is a weak method of authorization.
B.
The system authorization of the user does not correctly reflect the access rights intended.
Answers
B.
The system authorization of the user does not correctly reflect the access rights intended.
C.
There was no periodic review to validate access rights.
Answers
C.
There was no periodic review to validate access rights.
D.
The application owner apparently did not approve the access request during the provisioning process.
Answers
D.
The application owner apparently did not approve the access request during the provisioning process.
Suggested answer: B
Show Answer
asked 18/09/2024
Louis Reeves
44 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms