GREATEST Concerns in Application User-Access Review | ISACA Exam CISA

User-Access Review in Application: GREATEST Concerns

Prev Question Next Question

Question

An IS audit team is evaluating the documentation related to the most recent application user-access review performed by IT and business management.

It is determined the user list was not system-generated.

Which of the following should be the GREATEST concern?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

A.

The fact that the user list was not system-generated means that it was created manually, which increases the risk of errors or omissions in the list. Therefore, the greatest concern would be the completeness of the user list reviewed.

Option A, the source of the user list reviewed, is important but may not necessarily be the greatest concern. The source of the list can provide insight into the reliability and accuracy of the list, but it does not necessarily affect the completeness of the list.

Option B, the availability of the user list reviewed, is also important but is not directly related to the completeness of the list. The availability of the list can affect the ability to perform the review but does not necessarily affect the completeness of the list itself.

Option C, the confidentiality of the user list reviewed, is important but may not necessarily be the greatest concern in this case. The confidentiality of the list is important to protect sensitive information, but it does not necessarily affect the completeness of the list or the accuracy of the review.

Therefore, the greatest concern is option D, the completeness of the user list reviewed, as the manual creation of the list increases the risk of errors or omissions that could impact the effectiveness of the review.