In a follow-up audit, an IS auditor notes that management has addressed the original findings in a different way than originally agreed upon. The auditor should FIRST:

In a follow-up audit, an IS auditor notes that management has addressed the original findings in a different way than originally agreed upon. The auditor should FIRST:
A . mark the recommendation as satisfied and close the finding
B . verify if management’s action mitigates the identified risk
C . re-perform the audit to assess the changed control environment
D . escalate the deviation to the audit committee

Answer: D

Latest CISA Dumps Valid Version with 2694 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
2 Comments
Inline Feedbacks
View all comments
skorte.sk
skorte.sk
2 years ago

The correct answer is D.
The Committee should decide to verify to turn or no risk reduction assessment. Because For the period between the first and next audit, the company’s management could raise the risk of appetite or take the risk without treatment. Therefore, the auditor itself without coordination with the Committee should not evaluate the risk reduction actions

skorte.sk
skorte.sk
2 years ago

The correct answer is A.
The Committee should decide to verify to turn or no risk reduction assessment. Because For the period between the first and next audit, the company’s management could raise the risk of appetite or take the risk without treatment. Therefore, the auditor itself without coordination with the Committee should not evaluate the risk reduction actions