Which of the following findings should be of GREATEST concern to an IS auditor assessing the risk associated with end-user computing (EUC) in an organization?
A.
Lack of defined criteria for EUC applications
B.
Lack of awareness training for EUC users
C.
Insufficient processes to track ownership of each EUC application
D.
Insufficient processes to test for version control
In most instances, EUC applications do not pose
significant risk to the enterprise. Nonetheless,
management should define risk criteria to determine
the criticality of an application. p. 278
Version control issues can lead to the use of outdated or incorrect data, resulting in financial misstatements, operational errors, or compliance violations.
Without proper version control, multiple versions of a spreadsheet or database may exist, increasing the risk of unauthorized changes, data corruption, or reliance on incorrect information.
This poses a direct threat to data integrity and decision-making, which is a critical risk in EUC environments.
Lack of tracking of ownership leads to unclear accountability and increased risk management and compliance issues. While lack of clear standards is important, poor tracking of ownership is a particularly serious risk.
This section is not available anymore. Please use the main Exam Page.CISA Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
swmasinde
Highly Voted 2 years, 1 month agoveli_117
6 months, 3 weeks ago9967be3
Most Recent 1 week, 5 days agoSwallows
9 months, 3 weeks ago3008
1 year, 5 months agoBA27
1 year, 6 months agoMohamedAbdelaal
2 years agoEric0223
2 years, 3 months agoEric0223
2 years, 3 months ago