Importance of Access Controls at Multinational Companies

C.

In the given scenario, an IS auditor is evaluating the access controls at a multinational company with a shared network infrastructure. The IS auditor needs to identify the most important factor to consider while evaluating access controls.

Option A: Simplicity of end-to-end communication paths The simplicity of end-to-end communication paths is important to ensure that the network infrastructure is easy to understand and manage. However, it is not the most important factor to consider when evaluating access controls.

Option B: Remote network administration Remote network administration is important for managing the network infrastructure, but it is not the most important factor to consider when evaluating access controls.

Option C: Common security policies Common security policies are essential for ensuring that all users and systems follow the same security protocols. This is important to maintain a consistent level of security across the organization, which makes it easier to manage access controls. Therefore, it is a factor that an IS auditor should consider when evaluating access controls.

Option D: Logging of network information at the user level Logging of network information at the user level is important for tracking user activity and detecting any unauthorized access or security breaches. This is essential for maintaining the integrity of the network infrastructure and ensuring that access controls are effective. Therefore, it is the most important factor to consider when evaluating access controls.

In summary, the most important factor to consider when evaluating access controls at a multinational company with a shared network infrastructure is logging of network information at the user level (option D). Common security policies (option C) are also important, but they are not as critical as logging of network information at the user level.