|
|
เตรียมตัวสอบ CISA
| Area 02 : Question 27 ( C1 - 27 ) |
|
3
4
|
Question : Which of the following tasks would NOT normally be performed by a data security officer ?
| A) |
Developing the data classification methodology |
| |
| B) |
Implementing security measures ( e.g., password change procedures ) |
| |
| C) |
Monitoring the effectiveness of security over data |
| |
| D) |
Monitoring the completeness and accuracy of the data |
| Question |
| |
( ) |
|
| |
| Choice : A |
| |
| Choice : B |
| |
| Choice : C |
| |
| Choice : D |
The Correct Answer is :
D. Monitoring the completeness and accuracy of the data
Explanation :
The data security officer ( or security administrator ) should have no responsibility for authorizing, inputting, or reviewing application data.
Such activities would inhibit his/her independence and not provide an adequate segregation of duties.
|
