As a class you did rather well on the first quiz. If you didn’t do well don’t worry. You will be taking eleven quizzes and I will only use ten to calculate your final grade. If you struggled with this quiz or any of the topics, call me and let’s discuss it – 910 880 1254.
Two questions seemed to raise some problems:
- Which of the following controls would an IS auditor look for in an environment where duties cannot be appropriately segregated? – The right answer is a Compensating Control because you would have preferred to segregate the duties but couldn’t. The best example of this that I’ve seen was at our small plants around the world. Each plant employed less that 20 workers over multiple shifts so there just weren’t enough people to handle all the roles that needed to be done on a daily basis. People had to be assigned conflicting roles with someone at another site looking over their electronic paperwork trail to ensure the correct handling of everything.
- What does an organization want from its IT systems and organization? For example, a company wants its IT systems to be available. – I was looking for the COSO list of seven attributes. Most of you gave me the Confidential, Integrity, Availability and some form of Efficient. Effective was often missing although some wrote in terms of adding value which I accepted. Compliant and Reliable were the two that were most often missing.
As I said, overall well done.
Leave a Reply