CFE – Financial Transactions and Fraud Schemes — Question 51

Which of the following is NOT an indicator of insider cyberfraud?

Answer options

• A. Production programs are run during normal business hours.
• B. Access logs are not reviewed by management.
• C. Exception reports are not reviewed and resolved.
• D. Access privileges are beyond those required to perform assigned job functions.

Correct answer: D

Explanation

The correct answer is D because having access privileges that exceed job requirements can be a normal practice in some organizations, whereas the other options indicate a lack of oversight and control that commonly point to insider threats. Options A, B, and C highlight lapses in monitoring and management, which are clear indicators of potential cyberfraud.