Certified Information Systems Auditor (CISA) — Question 1167

Which of the following would an IS auditor find to be the GREATEST risk associated with the server room in a remote office location?

Answer options

• A. The server room does not have biometric controls.
• B. The server room is secured by a key lock instead of an electronic lock.
• C. The server room does not have temperature controls.
• D. The server room's location is known by people who work in the area.

Correct answer: C

Explanation

The absence of temperature controls poses the greatest risk as it can lead to overheating and potential hardware failure, which can severely impact operations. While biometric controls and electronic locks enhance security, they do not directly threaten the physical integrity of the server equipment like temperature issues do. Additionally, while knowledge of the server room's location is a concern, it is less critical compared to the operational risks posed by temperature control failures.