Discover the next steps an IS auditor should take when electronic swipe card access logs are missing for sensitive communication closets. Ensure proper security controls and prevent unauthorized access.
Table of Contents
Question
An IS auditor finds that communication closets requiring electronic swipe card access are missing access logs. Which of the following should be done NEXT?
A. Determine whether there are video cameras covering the entrances.
B. Determine whether management approved the access policy.
C. Determine whether anything is missing from the closets.
D. Determine whether any access swipe cards have been lost or stolen.
Answer
If an IS auditor discovers that access logs are missing for communication closets secured by electronic swipe cards, the most appropriate next step is:
A. Determine whether there are video cameras covering the entrances.
Explanation
The immediate priority should be to determine if there are any compensating controls in place to help identify who has accessed the communication closets in the absence of swipe card logs. Video surveillance footage of the entrances would provide an alternate means to see who has entered and exited the closets during the period of missing logs.
The other answer choices, while relevant, do not directly address the missing logs:
B. Approving the access policy is important but does not help determine who accessed the closets. This is more of a proactive step rather than reactive to the current situation.
C. Checking if anything is missing is wise but doesn’t necessarily indicate who accessed the closet if something is gone. An inventory check should be done after trying to identify who has entered.
D. Lost or stolen access cards could explain the missing logs but does not conclusively determine if those cards were actually used to enter the closets. Checking video footage is a more direct way to identify actual entrants.
Therefore, upon discovering the missing communication closet access logs, the IS auditor’s immediate next step should be to review any video camera recordings of the entrances to determine who has accessed those sensitive areas. This will help investigate the root cause of the missing logs and potentially identify any unauthorized access attempts warranting further action.
ISACA CISA certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the ISACA CISA exam and earn ISACA CISA certification.