CISA Certified Information Systems Auditor – Question1428

The PRIMARY objective of a logical access control review is to:

A.
review access controls provided through software.
B. ensure access is granted per the organization's authorities.
C. walk through and assess the access provided in the IT environment.
D. provide assurance that computer hardware is adequately protected against abuse.

Correct Answer: B

Explanation:

Explanation:
The scope of a logical access control review is primarily to determine whether or not access is granted per the organization’s authorizations. Choices A and C relate to procedures of a logical access control review, rather than objectives. Choice D is relevant to a physical access control review.