Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

IIA Exam IIA-CHAL-QISA Topic 1 Question 11 Discussion

Actual exam question for IIA's IIA-CHAL-QISA exam
Question #: 11
Topic #: 1
[All IIA-CHAL-QISA Questions]

Following an IT systems audit, management agreed to implement a specific control in one of the IT systems. After a period, the internal auditor followed up and learned that management had not implemented the agreed management action due to the decision to move to another IT system that has built-in controls, which may address this risks highlighted by the Internal audit Which of the following Is the most appropriate action to address the outstanding audit recommendation?

Show Suggested Answer Hide Answer
Suggested Answer: A

Verification of Controls: The auditor should verify that the new IT system addresses the previously identified risks. This involves reviewing the system documentation and ensuring that the controls in the new system effectively mitigate the risks.


Reporting: Once the auditor has confirmed that the new system controls address the risks, they can report to senior management and close the outstanding issue, ensuring that all audit recommendations are appropriately resolved.

Other Options:

Accepting Management's Explanation: Without verification (option B) is not appropriate as it may leave risks unmitigated.

Escalating Without Verification: Advising management and escalating (option C) is premature if the new system may already address the issues.

Detailed Process Evaluation: Requiring additional details about the process (option D) may be unnecessary if the auditor can verify the controls directly.

by Ora at Sep 08, 2024, 07:01 PM

Limited Time Offer

25%

Off

Get Premium IIA-CHAL-QISA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Shonda
2 months ago
Haha, I bet the new system has built-in controls like a 'Ignore Audit Findings' button. Option C is the way to go, no excuses!
upvoted 0 times
Daniel
1 months ago
Definitely, option C is the best way to address the outstanding audit recommendation and hold management accountable.
upvoted 0 times
...
Oretha
1 months ago
Yeah, the auditor needs to escalate the issue to senior management and the board to ensure accountability.
upvoted 0 times
...
Casie
2 months ago
I agree, management should not be able to just ignore the audit findings by switching to a new system.
upvoted 0 times
...
...
Fallon
2 months ago
I still think option C is the best course of action to address the outstanding audit recommendation.
upvoted 0 times
...
Almeta
2 months ago
That's a valid point, but it's important to ensure that the agreed action plan is implemented, regardless of the new system.
upvoted 0 times
...
Sunshine
2 months ago
But what if the new IT system really does address the risk? Shouldn't we trust management's decision?
upvoted 0 times
...
Fallon
2 months ago
I agree with Almeta, the auditor should escalate the issue to senior management and the board.
upvoted 0 times
...
Stacey
2 months ago
Option D seems more prudent. The auditor should examine the process for selecting the new system and whether other options were considered before closing the issue.
upvoted 0 times
Barney
2 months ago
It's crucial for the auditor to gather all the necessary information before making a decision on closing the outstanding audit recommendation.
upvoted 0 times
...
Latonia
2 months ago
Definitely. The auditor needs to have a clear understanding of the decision-making process behind selecting the new IT system.
upvoted 0 times
...
Rikki
2 months ago
I agree. It's important to ensure that the new system was chosen thoughtfully and that all options were considered.
upvoted 0 times
...
Elliot
2 months ago
Option D seems more prudent. The auditor should examine the process for selecting the new system and whether other options were considered before closing the issue.
upvoted 0 times
...
...
Almeta
3 months ago
I think option C is the most appropriate action.
upvoted 0 times
...
Charlette
3 months ago
I agree with Floyd. The auditor should hold management accountable for the previous agreement, regardless of the new system. Option C is the right call here.
upvoted 0 times
Patria
2 months ago
The auditor needs to ensure that the agreed action plan is implemented, regardless of the change in IT systems.
upvoted 0 times
...
Hubert
2 months ago
Agreed, option C is the right call in this situation.
upvoted 0 times
...
Tomas
2 months ago
I think the auditor should escalate the issue to senior management and the board.
upvoted 0 times
...
Sommer
2 months ago
Management should still be held accountable for the previous agreement, even with the new system.
upvoted 0 times
...
...
Floyd
3 months ago
Option C is the most appropriate. Management can't just ignore the agreed action plan because they decided to move to a new system. The auditor should escalate this to senior management and the board.
upvoted 0 times
France
3 months ago
I agree, the auditor should escalate this to senior management and the board.
upvoted 0 times
...
Marquetta
3 months ago
Option C is the most appropriate. Management can't just ignore the agreed action plan because they decided to move to a new system.
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77