An IS auditor discovered abnormalities in a monthly report generated from a system upgraded six months ago.
Which of the following should be the auditor's FIRST course of action?
Click on the arrows to vote for the correct answer
A. B. C. D.D.
The correct answer is D. Determine the impact of abnormalities in the report.
Explanation:
When an IS auditor discovers abnormalities in a monthly report generated from a system upgraded six months ago, the FIRST course of action should be to determine the impact of these abnormalities in the report. This will help the auditor understand the scope and severity of the issue, as well as prioritize subsequent actions.
Inspecting the source code for proof of abnormalities (Option A) is not the FIRST course of action because it assumes that the issue is due to a coding error. There could be other reasons for the abnormalities, such as configuration issues or user error.
Performing a change management review of the system (Option B) is a reasonable course of action, but it should be done after determining the impact of the abnormalities. A change management review will help the auditor understand whether the abnormalities are the result of unauthorized changes or if they were approved but had unintended consequences.
Scheduling an access review of the system (Option C) is also a reasonable course of action, but it is not the FIRST priority. An access review will help the auditor understand who has access to the system and whether any unauthorized access occurred. However, this does not necessarily address the abnormalities in the report.
Therefore, determining the impact of the abnormalities in the report is the FIRST course of action that an IS auditor should take. Once the impact is understood, the auditor can then proceed with appropriate actions such as investigating the cause of the abnormalities, reviewing change management procedures, or conducting an access review.