55、An IS auditor finds out-of-range data in some tables of a database. Which of the following controls should the IS auditor recommend to avoid this situation?
A、Log all table update transactions.
B、Implement before-and-after image reporting.
C、Use tracing and tagging.
D、Implement integrity constraints in the database.
ANSWER: D
NOTE: Implementing integrity constraints in the database is a preventive control, because data is checked against predefined tables or rules preventing any undefined data from being entered. Logging all table update transactions and implementing before-and-after image reporting are detective controls that would not avoid the situation. Tracing and tagging are used to test application systems and controls and could not prevent out-of-range data.
55.信息系统审计师在一个数据库的一些表中发现了超出范围的数据。下列哪个控制措施是信息系统审计师应该推荐实施来防止这种情况？
A.将所有的表更新操作都做日志
B.实施事前和事后镜像报告
C.使用跟踪和标签
D.在数据库中实施完整性约束