CISA Certified Information Systems Auditor – Question2924

A clerk changed the interest rate for a loan on a master file. The rate entered is outside the normal range for such a loan. Which of the following controls is MOST effective in providing reasonable assurance that the change was authorized?

A.
The system will not process the change until the clerk's manager confirms the change by entering an approval code.
B. The system generates a weekly report listing all rate exceptions and the report is reviewed by the clerk's manager.
C. The system requires the clerk to enter an approval code.
D. The system displays a warning message to the clerk.

Correct Answer: A

Explanation:

Explanation:
Choice A would prevent or detect the use of an unauthorized interest rate. Choice B informs the manager after the fact that a change was made, thereby making it possible for transactions to use an unauthorized rate prior to management review. Choices C and
D do not prevent the clerk from entering an unauthorized rate change.