CISA Certified Information Systems Auditor – Question2601

An IS auditor has been asked to perform a post-implementation assessment of a new corporate human resources (HR) system. Which of the following control areas would be MOST important to review for the protection of employee information?

A.
Logging capabilities
B. Authentication mechanisms
C. Data retention practices
D. System architecture

Correct Answer: B