An IS auditor has been asked to perform a post-implementation assessment of a new corporate human resources (HR) system. Which of the following control areas would be MOST important to review for the protection of employee information?
An IS auditor has been asked to perform a post-implementation assessment of a new corporate human resources (HR) system. Which of the following control areas would be MOST important to review for the protection of employee information?
The most important control area to review for the protection of employee information in a post-implementation assessment of a new corporate human resources system is authentication mechanisms. Authentication mechanisms ensure that only authorized individuals can access sensitive employee information. By verifying that strong authentication protocols are in place, the risk of unauthorized access and potential data breaches is minimized, thereby protecting employee information.
Answer should be B
Should be B. Authentication mechanisms
answer is B
I think it must be B
Option B, "Authentication Mechanisms," is directly related to protecting employee information, but data retention practices are more directly important in protecting employee information. Authentication mechanisms are important in controlling access to systems, but in this case, data retention and management practices are of primary concern. Therefore, to verify protection of employee information, it is most appropriate to review option A's data retention practices.