29. Corrective action has been taken by an auditee immediately after the identification of a reportablefinding. The auditor should:A. include the finding in the final report, because the IS auditor is responsible for an accurate report of allB. not include the finding in the final report, because management resolved the item.C. not include the finding in the final report, because corrective action can be verified by the IS auditorD. include the finding in the closing meeting for discussion purposes only.findings.during the audit.30. An IS auditor identifies that reports on product profitability produced by an organization's financeand marketing departments give different results. Further investigation reveals that the productdefinition being used by the two departments is different. What should the IS auditor recommend?31. Which of the following is the MOST important IS audit consideration when an organizationoutsources a customer credit review system to a third-party service provider? The provider:...5 of 812-05-2019, 11:11
32. At the completion of a system development project, a postproject review should include which ofthe following?33. To determine if unauthorized changes have been made to production code the BEST auditprocedure is to:A. examine the change control system records and trace them forward to object code files.B. review access control permissions operating within the production program libraries.C. examine object code to find instances of changes and trace them back to change control records.D. review change approved designations established within the change control system.
You've reached the end of your free preview.
Want to read all 8 pages?
- Spring '19
- Computer Security