What is the recommended initial step for an IS auditor to implement continuous-monitoring systems?

What is the recommended initial step for an IS auditor to implement continuous-monitoring systems?
A . Document existing internal controls
B . Perform compliance testing on internal controls
C . Establish a controls-monitoring steering committee
D . Identify high-risk areas within the organization

View Answer

Answer: D

Explanation:

When implementing continuous-monitoring systems, an IS auditor’s first step is to identify high-risk areas within the organization.