Examice

Exam IIA-CIA-Part2 All QuestionsBrowse all questions from this exam

Question 253

Which of the following recommendations made by the internal audit activity (IAA) is most likely to help prevent fraud?

A review of password policy compliance found that employees frequently use the same password more than once during a year. The IAA recommends that the access control software reject any password used more than once during a 12-month period.

A review of internal service-level agreement compliance in financial services found that requests for information frequently are fulfilled up to two weeks late. The IAA recommends that the financial services unit be eliminated for its ineffectiveness.

A vacation policy compliance review found that employees frequently leave on vacation before their leave applications are signed by their manager. The IAA recommends that the manager attend to the leave applications in a more timely fashion.

A review of customer service-level agreements found that orders to several customers are frequently delivered late. The IAA recommends that the organization extend the expected delivery time advertised on its website.

Correct Answer: A

A review of password policy compliance is directly related to preventing unauthorized access, which is a common method of committing fraud. Ensuring that passwords cannot be reused within a 12-month period enhances security by making it more difficult for unauthorized users to gain access through guesswork or using previously leaked passwords. This recommendation directly addresses a significant vulnerability and helps to prevent fraudulent activities by ensuring stronger access controls.

Discussion

KonradK

How any of these prevent fraud? Can someone explain please

Asem3bbadi

maybe another employee can steal the password and do a fraudulent activity