An IS auditor has been asked to investigate critical business applications that have been producing suspicious results. Which of the following should be done FIRST? A. Evaluate control design B. Evaluate incident management C. Review configuration management D. Review user access rights Suggested Answer: C Community Answer: B This question is in CISA Certified Information Systems Auditor Exam For getting Certified Information Systems Auditor (CISA) Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by ISACA. Trademarks, certification & product names are used for reference only and belong to ISACA. The website does not contain actual questions and answers from ISACA's Certification Exams.
Please login or Register to submit your answer