Multiple Choice
While performing an audit of the human resources department, an internal auditor discovered unencrypted files containing the personal information of employees stored on a public shared drive. According to IIA guidance, which of the following actions by the auditor would be the most appropriate?
A) Remove the files containing the social security numbers and personal information.
B) Communicate the issue to the chief audit executive as well as IT and legal departments.
C) Change permissions to the shared drive to only allow access to human resources personnel.
D) Immediately review the audit logs to see if anyone has accessed this information and follow-up.
Correct Answer:
Verified
Correct Answer:
Verified
Q352: A chief audit executive has noticed that
Q353: If an auditor used nonstatistical sampling instead
Q354: A post-audit questionnaire sent to audit clients
Q355: A chief audit executive (CAE) of a
Q356: According to the International Professional Practices Framework,
Q358: An auditor is performing a review of
Q359: A staff auditor, nearly finished with an
Q360: A payroll clerk enters payroll transactions into
Q361: Which of the following conditions should a
Q362: According to IIA guidance, which of the