An IS auditor finds that a mortgage origination team receives customer mortgage applications via a shared repository. Which of the following test procedures is the BEST way to assess whether there are adequate privacy controls over this process?
A. Validate whether the encryption is compliant with the organization’s requirements.
B. Validate that data is entered accurately and timely.
C. Validate whether documents are deleted according to data retention procedures.
D. Validate whether complex passwords are required.
A. Validate whether the encryption is compliant with the organization’s requirements.
B. Validate that data is entered accurately and timely.
C. Validate whether documents are deleted according to data retention procedures.
D. Validate whether complex passwords are required.