The Auditor has been asked to perform preliminary work that

Berikut ini adalah pertanyaan dari darrenlanogaozhan pada mata pelajaran Akuntansi untuk jenjang Sekolah Menengah Atas

The Auditor has been asked to perform preliminary work that will assess the readiness of the organization for a review to measure compliance with the new regulatory requirement. This requirements are design to ensure that management is taking an active role in setting up and maintaining a well-controlled environment. Areas to be assessed include logical and physical security, change management, production control and network management, IT Governance, and IT Control. The Auditor has been given six month to perform this preliminary work so sufficient time should be available. It should be noted that in previous years, repeated problems have been identifiedinte areas of logical security and change management so this area most likely require some degree of remidiation. Logical security deficiencies noted included the sharing of administrator accounts and faliure to enforce adequate controls over paswords. Change management deficiencies included improper segregration of incompatible duties and faliure to document all changes. Additionally, the process of delpoying operation system update to servers was found to be partially effective. In anticipation of the work to be performance by Auditor, the chief information officer (CIO). requested direct reports to develop narratives and process flows describing the major activities for wich It responsible. These were completed, approved by the various process owners and the CIO, and then forwared to the Auditor for examination. Auditor also planning to review the security of financial application web for company with several locations worldwide. The application system is made up of a web interface, a business logic layer and database layer.Questions:
1. What should the Auditor do First?
2. When testing program change management, how should the sample be selected?

Jawaban dan Penjelasan

Berikut ini adalah pilihan jawaban terbaik dari pertanyaan diatas.

Jawaban:

maybe this can work,

  1. The first step for assessors is to delve into the new regulatory requirements to understand the expectations and scope of the assessment. This allows the evaluator to identify relevant areas of focus and plan the evaluation. Auditors should also review documentation provided by the CIO and other process owners to understand key activities and processes within the organization. After this initial review, the auditor can begin to assess the organization's readiness for review by examining the areas of logical and physical security, change management, production and network management, IT governance and IT controls. increase.
  2. When testing program change management, sample selection should be based on a risk-based approach. Auditors should assess the significance and complexity of the changes and select a sample that includes a variety of change types and sources. The sample should also include changes that have been approved and implemented as well as changes that have been rejected or not implemented. Reviewers must review documents related to the selected change, such as change requests, approvals, test results, and implementation plans. Additionally, the auditor should interview those responsible for the change to understand the process and identify any problems or areas for improvement. The sample should be representative of the population and provide sufficient evidence to support the auditor's conclusions. 

Semoga dengan pertanyaan yang sudah terjawab oleh Adamken dapat membantu memudahkan mengerjakan soal, tugas dan PR sekolah kalian.

Apabila terdapat kesalahan dalam mengerjakan soal, silahkan koreksi jawaban dengan mengirimkan email ke yomemimo.com melalui halaman Contact

Last Update: Sat, 20 May 23