CISA Question #642: Real Exam Question with Answer & Explanation

Sign in or unlock CISA to reveal the answer and full explanation for question #642. The question stem and answer options stay visible for context.

Submitted by parkjh· Apr 18, 2026Information Systems Acquisition, Development, and Implementation

Question

Which of the following controls should an IS auditor recommend for a small organization where a single employee performs the combined functions of server operator and application programmer?

Options

ARequire approval on all change requests prior to deployment.
BHire additional technical staff in order to force separation of duties.
CImplement automated logging and monitoring of changes made to development libraries.
DImplement automated controls to prevent the operator logon ID from making program

Unlock CISA to see the answer

You've previewed enough free CISA questions. Unlock CISA for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock CISA - $49.99 / 30 days Sign in

Topics

#Separation of Duties#Detective Controls#Risk Mitigation#Change Management

Full CISA Practice Browse All CISA Questions