Exam succes question about system general controls
- This topic has 3 replies, 3 voices, and was last updated 3 years ago by Alexey Gnoevoy.
Hello, can you help me please to undestand next question
CIA 596 3.48
A company with several hundred stores has a network for the stores to transmit sales data to headquarters. The network is also used for:
vendors to submit reorders,
stores to transmit special orders to headquarters,
regional distribution centers to communicate delivery and out-of-stock information to the stores,
the national office to distribute training materials,
store, regional, and national personnel to share any information they think helpful.
In order to accommodate the large volume of transmissions, large stores have their own satellite receiving/transmitting stations. Small stores use leased lines.
The information systems director is concerned that someone might be able to enter fictitious orders from store terminals. Of the following, the best control for minimizing the likelihood of such an occurrence is to:
Correct answer: “Enforce password control procedures for users”
My answer: “Require change control procedures for programs”
In my mind even if you authorized person that doesnot mitigate risk that you can commit fraud, also chagne controls also include authorization control and include testings and documentation support. So i think that my answer is more applicable that the correct.
Explain me please why correct answer is better than mine?
- You must be logged in to reply to this topic.