Certified Internal Auditor (CIA) Part 3: Business Knowledge for Internal Auditing — Question 137

According to IIA guidance on IT, which of the following best describes a logical access control?

Answer options

• A. Require complex passwords to be established and changed quarterly.
• B. Require swipe cards to control entry into secure data centers.
• C. Monitor access to the data center with closed circuit camera surveillance.
• D. Maintain current role definitions to ensure appropriate segregation of duties.

Correct answer: A

Explanation

Option A is correct because logical access controls involve securing systems through user authentication methods, such as complex passwords. The other options describe physical access controls (B and C) or management practices (D) that do not directly pertain to logical access.