Certified Information Systems Auditor (CISA) — Question 1236
An IS auditor identifies that an accounts payable clerk has direct access to a payment file after it has been generated. The MOST significant risk to the organization is that payments may be:
Answer options
- A. rejected.
- B. unreconcilable.
- C. altered.
- D. late to customers.
Correct answer: C
Explanation
The most significant risk is that payments may be altered, which can lead to financial losses or fraud. While rejected payments, unreconcilable accounts, and delays to customers are concerns, they do not pose as immediate a threat as the potential for unauthorized changes to payment details.