Certified Information Systems Auditor (CISA) — Question 650

An IS auditor discovers an option in a database that allows the administrator to directly modify any table. This option is necessary to overcome bugs in the software, but is rarely used. Changes to tables are automatically logged. The IS auditor's FIRST action should be to:

Answer options

• A. recommend that the system require two persons to be involved in modifying the database.
• B. determine whether the log of changes to the tables is backed up.
• C. determine whether the audit trail is secured and reviewed.
• D. recommend that the option to directly modify the database be removed immediately.

Correct answer: C

Explanation

The correct answer is C because ensuring that the audit trail is secured and reviewed is crucial for maintaining accountability and detecting unauthorized changes. Options A and D suggest changes to the modification process, which may not address the immediate concern of logging security. Option B focuses on backups, which is important but secondary to securing and reviewing the audit trail.