An internal auditor is assigned to conduct an audit of security for a local area network (LAN) in the finance department of the organization. Investment decisions, including the use of hedging strategies and financial derivatives, use data and financial models which run on the LAN. The LAN is also used to download data from the mainframe to assist in decisions. Which of the following should be considered outside the scope of this security audit engagement?
A) Investigation of the physical security over access to the components of the LAN.
B) The ability of the LAN application to identify data items at the field or record level and implement user access security at that level.
C) Interviews with users to determine their assessment of the level of security in the system and the vulnerability of the system to compromise.
D) The level of security of other LANs in the company which also utilize sensitive data.
Correct Answer:
Verified
Q9: According to the International Professional Practices Framework,
Q10: Which of the following risk assessment tools
Q11: A manufacturing firm uses hazardous materials in
Q12: An organization that outsources much of its
Q13: An organization has a policy requiring two
Q15: Which of the following best describes the
Q16: Which of the following factors affects the
Q17: During the planning phase of an audit
Q18: Which of the following is an appropriate
Q19: The top three sales representatives for a
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents