What can unauthorized changes in the system indicate during an IS audit?

Unauthorized changes in a system during an IS audit signal data integrity issues because such changes can compromise the trustworthiness and accuracy of the information stored within that system. When changes are made without proper authorization, it raises concerns about whether the data has been altered in a manner that could be malicious or unintentional, leading to potential inaccuracies.

Maintaining data integrity is essential for ensuring that the information used for decision-making is reliable. Auditors need to investigate any unauthorized modifications to assess the risk of data corruption, loss, or unauthorized access, which can have significant implications for the organization, including legal repercussions and potential financial loss.

In contrast, compliance with regulations, effective change management, and system performance problems do not accurately reflect the implications of unauthorized changes. Compliance usually refers to adherence to laws and regulations, effective change management relates to the proper handling and documentation of system changes, and system performance problems generally address issues related to system efficiency or responsiveness, not unauthorized alterations. Thus, the focus on data integrity is crucial in identifying potential risks associated with unauthorized changes.