nerdexam
ExamsCISAQuestions#456
IsacaIsaca

CISA · Question #456

CISA Question #456: Real Exam Question with Answer & Explanation

The correct answer is D: Least privilege access is being enforced. Verifying that finance personnel no longer have permission to alter audit logging settings confirms that access rights are restricted to only those roles that legitimately require it, ensuring the principle of least privilege is upheld.

Submitted by ashley.k· Apr 18, 2026Information System Auditing Process

Question

A financial accounting system audit determined that audit logging of transactions had been disabled by a finance employee. The IS auditor recommended that finance personnel no longer have the capability to change audit logging settings. Which of the following is MOST important to verify during the follow-up?

Options

  • AFinance personnel receive security awareness training
  • BAudit logs of transactions are reviewed
  • CChanges to configurations are documented
  • DLeast privilege access is being enforced

Explanation

Verifying that finance personnel no longer have permission to alter audit logging settings confirms that access rights are restricted to only those roles that legitimately require it, ensuring the principle of least privilege is upheld.

Topics

#Audit follow-up#Least privilege#Access control#Remediation verification

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CISA PracticeBrowse All CISA Questions