When auditing an ecommerce architecture, the IS auditor discovers that customer master data is retained on the web server for six months after the transaction date. What is the PRIMARY concern?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Study for the CISA Domain 4 Exam. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

When auditing an ecommerce architecture, the IS auditor discovers that customer master data is retained on the web server for six months after the transaction date. What is the PRIMARY concern?

Explanation:
The primary concern when customer master data is retained on the web server for six months after the transaction date is the confidentiality of customer data. Keeping sensitive customer information accessible on a server for an extended period raises significant privacy risks. If the data is not adequately protected, there is a higher chance of unauthorized access, leading to potential data breaches that could expose personal information such as names, addresses, and payment details. Confidentiality is crucial in ensuring that this sensitive data is not disclosed to unauthorized parties, which could have legal implications and damage customer trust in the organization. Given the nature of e-commerce and the value of personal data, the risks associated with failing to protect confidentiality are particularly pronounced. While aspects such as data availability, integrity, and system performance are important in their own right, the primary focus in this context should be on how well customer information is protected against unauthorized access. Ensuring confidentiality safeguards customer trust and complies with regulations such as GDPR or PCI DSS, which mandate stringent measures to protect personal data.

The primary concern when customer master data is retained on the web server for six months after the transaction date is the confidentiality of customer data. Keeping sensitive customer information accessible on a server for an extended period raises significant privacy risks. If the data is not adequately protected, there is a higher chance of unauthorized access, leading to potential data breaches that could expose personal information such as names, addresses, and payment details.

Confidentiality is crucial in ensuring that this sensitive data is not disclosed to unauthorized parties, which could have legal implications and damage customer trust in the organization. Given the nature of e-commerce and the value of personal data, the risks associated with failing to protect confidentiality are particularly pronounced.

While aspects such as data availability, integrity, and system performance are important in their own right, the primary focus in this context should be on how well customer information is protected against unauthorized access. Ensuring confidentiality safeguards customer trust and complies with regulations such as GDPR or PCI DSS, which mandate stringent measures to protect personal data.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy