An internal auditor is updating the risk register for risks identified during a recent organizational risk assessment. According to the Standards, which of the following would the auditor include in the risk register?

An internal auditor is updating the risk register for risks identified during a recent organizational risk assessment. According to the Standards, which of the following would the auditor include in the risk register?
A . Management’s acceptance of inadequate controls for cybersecurity risk.
B. Discussions with senior management relating to a new revenue stream.
C. Mitigating controls implemented by the engagement supervisor
D. Project manager planned hours versus time spent for all prior year projects

Answer: A

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments