Which of the following would an IS auditor use to determine if unauthorized modifications were made to production programs?

Last Updated on December 25, 2021 by Admin 3

Which of the following would an IS auditor use to determine if unauthorized modifications were made to production programs?

  • System log analysis
  • Compliance testing
  • Forensic analysis
  • Analytical review
Explanation: 
Determining that only authorized modifications are made to production programs would require the change management process be reviewed to evaluate the existence of a trail of documentary evidence. Compliance testing would help to verify that the change management process has been applied consistently. It is unlikely that the system log analysis would provide information about the modification of programs. Forensic analysis is a specialized technique for criminal investigation. An analytical review assesses the general control environment of an organization.
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments