CRISC · Question #391
CRISC Question #391: Real Exam Question with Answer & Explanation
The correct answer is B: Share the concern through a whistleblower communication channel.. When a system administrator suspects a colleague of intentionally weakening validation controls for fraudulent transactions, the best course of action is to report the concern through a whistleblower communication channel.
Question
Which of the following is the BEST course of action for a system administrator who suspects a colleague may be intentionally weakening a system's validation controls in order to pass through fraudulent transactions?
Options
- AImplement compensating controls to deter fraud attempts.
- BShare the concern through a whistleblower communication channel.
- CMonitor the activity to collect evidence.
- DDetermine whether the system environment has flaws that may motivate fraud attempts.
Explanation
When a system administrator suspects a colleague of intentionally weakening validation controls for fraudulent transactions, the best course of action is to report the concern through a whistleblower communication channel.
Common mistakes.
- A. Implementing compensating controls might deter future fraud but does not address the existing suspected intentional malicious activity by a colleague or the need for investigation.
- C. Monitoring activity to collect evidence without proper authorization or policy could lead to legal issues or compromise the investigation.
- D. While understanding system flaws is important, focusing on environmental flaws distracts from the immediate and serious concern of a colleague intentionally weakening controls for fraud.
Concept tested. Insider threat response and ethical reporting
Topics
Community Discussion
No community discussion yet for this question.