IIA
IIA-CIA-PART3 · Question #290
IIA-CIA-PART3 Question #290: Real Exam Question with Answer & Explanation
Sign in or unlock IIA-CIA-PART3 to reveal the answer and full explanation for question #290. The question stem and answer options stay visible for context.
Question
An IT auditor is evaluating IT controls of a newly purchased information system. The auditor discovers that logging is not configured al database and application levels. Operational management explains that they do not have enough personnel to manage the logs and they see no benefit in keeping logs. Which of the fallowing responses best explains risks associated with insufficient or absent logging practices?
Options
- AThe organization will be unable to develop preventative actions based on analytics.
- BThe organization will not be able to trace and monitor the activities of database administers.
- CThe organization will be unable to determine why intrusions and cyber incidents took place.
- DThe organization will be unable to upgrade the system to newer versions.
Unlock IIA-CIA-PART3 to see the answer
You've previewed enough free IIA-CIA-PART3 questions. Unlock IIA-CIA-PART3 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.