Certified in Risk and Information Systems Control (CRISC) — Question 327

Which of the following controls will BEST detect unauthorized modification of data by a database administrator?

Answer options

• A. Reviewing database access rights
• B. Reviewing changes to edit checks
• C. Comparing data to input records
• D. Reviewing database activity logs

Correct answer: D

Explanation

The correct answer, D, is effective because database activity logs provide a detailed record of all actions taken within the database, allowing for the detection of unauthorized modifications. Options A and B are preventative measures that do not inherently detect unauthorized changes, while option C compares data but may not capture unauthorized alterations made after the fact.