Which of the following should be of GREATEST concern to an IS auditor reviewing on-site preventive maintenance for an organization’s business-critical server hardware?
A.
The preventive maintenance schedule is based on mean time between failures (MTBF) parameters.
B.
Preventive maintenance is outsourced to multiple vendors without requiring nondisclosure agreements (NDAs).
C.
Preventive maintenance has not been approved by the information system owner.
D.
Preventive maintenance costs exceed the business’s allocated budget.
In cases such as replacing HDDs for on-site maintenance, confidential information may be leaked to outside parties. To prevent such cases, an NDA should be signed.
The greatest concern for an IS auditor reviewing on-site preventive maintenance for an organization's business-critical server hardware is when preventive maintenance has not been approved by the information system owner.
Preventive maintenance is crucial for ensuring the reliability and optimal performance of server hardware. However, before implementing preventive maintenance activities, it is essential to have approval from the information system owner. The information system owner is responsible for making decisions about the system's operation, including maintenance activities. Without proper approval, there is a risk of unauthorized or inappropriate changes that could impact the stability and security of the business-critical server.
upvoted 2 times
...
This section is not available anymore. Please use the main Exam Page.CISA Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Swallows
8 months agoFAGFUR
1 year ago