An IS auditor is reviewing processes for importing market price data from external data providers. Which of the following findings should the auditor consider
MOST critical?
An IS auditor is reviewing processes for importing market price data from external data providers. Which of the following findings should the auditor consider
MOST critical?
When reviewing processes for importing market price data from external data providers, the most critical issue is that the transfer protocol is not encrypted. Encryption is essential to ensure the confidentiality and integrity of the data being transferred. Without encryption, the data could be intercepted and potentially altered or misused, leading to significant risks. While data quality and other considerations are important, they become secondary if the data can be compromised during transfer.
You are importing data from external market provider which makes it authentic source, data quality doesnt need to be monitored as it may only be one source. But transfer protocol should be encrypted both for confidentiality and integrity. Authentication may not even be needed maybe its open to everyone. Answer is clearly D, in all cases you need encryption
I will go with A. If the quality is already compromised, encryption of the protocol will not be of any help.
D is the correct answer.
I cannot be A. I am debating between B and D.
B. The transfer protocol does not require authentication.
I believe A is the right answer. Market price data is public information and not sensitive. Therefore, the quality of data is important.
B. The transfer protocol does not require authentication.
this is public data available to anyone, why do they need to be encrypted?
I though D is the answer. Am I wrong?
In practice, the answer should be A. A is related to the SLA with the vendor and therefore has a direct financial impact and legal impact if it is escalated to a dispute. For option B and D, the party baring the risks and costs is actually the vendor, and hence for the auditor's client, the most concerning finding should be A.
The question remark "MOST critical", so it has to be D) rather than A)
I Though A is answer. Data quality is most important. There is no need for low quality data. If the data is of a quality appropriate for your business level, you must decide whether to encrypt it or not. This question is about the data brought in.
The answer is A. Market prices are not confidential information and need not be encrypted.
Too much assumptions to deduce from these CISA-esque questions.
The main consideration when relying on data from external source is authenticity of the source
my answer is B
Answer: B
Sorry the correct answer is D
This is a key concern because if data quality is not monitored, there is a high chance that inaccurate data will enter the system and negatively impact decision-making.