Posted by: Pdfprep
Post Date: December 22, 2020
Assessments of critical information systems are based on a cyclical audit plan that has not been updated for several years.
Which of the following should the IS auditor recommend to BEST address this situation?
A . Use a revolving set of audit plans to cover all systems
B . Update the audit plan quarterly to account for delays and deferrals of periodic reviews
C . Regularly validate the audit plan against business risks
D . Do not include periodic reviews in detail as part of the audit plan
Answer: C
Leave a Reply