Following an internal audit of a database, management has committed to enhance password management controls. Which of the following provides the BEST evidence that management has remediated the audit finding?
Following an internal audit of a database, management has committed to enhance password management controls. Which of the following provides the BEST evidence that management has remediated the audit finding?
Observation of updated password settings with database administrators (DBAs) provides the best evidence that management has remediated the audit finding. Directly observing the updated password settings allows for immediate verification of the changes made and ensures that the new settings are actually implemented and functioning as intended. Unlike screenshots or change tickets, which can be manipulated or may not fully capture the current state, direct observation with DBAs ensures the changes are in place and operational.
From CISA Review Questions, Answers and Explanations Manual 12th Edition, Question A4-80 Observation is the best and most effective method to test changes to ensure that the process is effectively designed. The answer is D. Observation of updated password settings Note that a report generated from the system directly by the auditor as an evidence is better than observation because the report is more objective than observation.
A. Screenshots from end users showing updated password settings
No, From CISA Review Questions, Answers and Explanations Manual 12th Edition, Question A1-36 The rules may be modified by the administrator prior to taking the screenshot; therefore, this is not the best evidence.
A should not be correct, just the screenshot will not give u the whole picture of the password setting, to me ans should be C or D
Change tickets are formal records that document changes made to a system or its configuration. In this case, change tickets specifically related to password configuration updates would demonstrate that management has taken action to enhance password management controls. The change tickets would provide a clear trail of the changes made, including details such as the date, time, and individuals involved in the password configuration updates.
Observation is the best and most effective method
Inspection is greater than observation. Answer is A
If the question is about best evidence, then direct verification on the system in option D. is better than just logging a change in a ticket (C.) . In terms of database systems, password configurations are typically a database administration task while password configurations with end-user access - even if it is read-only - are more typical in the PC/desktop area. Interviews with management (B.) are certainly not the best evidence, as their information again only reflects what they are told by their employees. Therefore, my bet is on D. Observation of updated password with database administrators.
Answer: C
By reviewing the ticket content of recent password updates, it is possible to determine the nature of the remedial action adopted by management.
The BEST evidence lies in C. Change tickets of recent password configuration updates. These change tickets provide a documented trail of actions taken by management to enhance password security. By reviewing these records, auditors can verify that the necessary changes were implemented and that password policies were strengthened.
The question is asking for the evidence of remediation. The auditor cannot observe this because he already gave his findings and needs to receive evidence the audit fail had been corrected. A is the best answer in my opinion