Free Preparation Discussions
MENU
IIA Exam IIA-CHAL-QISA Topic 3 Question 19 Discussion
Topic #: 3
Following an IT systems audit, management agreed to implement a specific control in one of the IT systems. After a period, the internal auditor followed up and learned that management had not implemented the agreed management action due to the decision to move to another IT system that has built-in controls, which may address this risks highlighted by the Internal audit Which of the following Is the most appropriate action to address the outstanding audit recommendation?
Verification of Controls: The auditor should verify that the new IT system addresses the previously identified risks. This involves reviewing the system documentation and ensuring that the controls in the new system effectively mitigate the risks.
Reporting: Once the auditor has confirmed that the new system controls address the risks, they can report to senior management and close the outstanding issue, ensuring that all audit recommendations are appropriately resolved.
Other Options:
Accepting Management's Explanation: Without verification (option B) is not appropriate as it may leave risks unmitigated.
Escalating Without Verification: Advising management and escalating (option C) is premature if the new system may already address the issues.
Detailed Process Evaluation: Requiring additional details about the process (option D) may be unnecessary if the auditor can verify the controls directly.
Eveline
2 months agoLinsey
21 days agoGlenn
28 days agoFelicidad
1 months agoCarlota
2 months agoMauricio
2 months agoCristal
16 days agoRosann
16 days agoFelicitas
19 days agoMonroe
21 days agoHuey
2 months agoNieves
2 months agoAlaine
2 months agoWilbert
2 months agoGilma
2 months agoJannette
2 months agoJeanice
2 months agoPhung
2 months agoVivienne
2 months agoShakira
2 months agoCarlota
3 months ago