An IS auditor has been asked to review an event log aggregation system to ensure risk management practices have been applied. Which of the following should be of MOST concern to the auditor?
A. Completeness testing has not been performed on the log data.
B. Data encryption standards have not been considered.
C. Log feeds are uploaded via batch process.
D. The log data is not normalized.
A. Completeness testing has not been performed on the log data.
B. Data encryption standards have not been considered.
C. Log feeds are uploaded via batch process.
D. The log data is not normalized.