During a follow-up audit, an IS auditor concludes that a previously identified issue has not been adequately remediated. The auditee insists the risk has been addressed. The auditor should:
A . recommend an independent assessment by a third party
B . report the disagreement according to established procedures
C . follow-up on the finding next year
D . accept the auditee’s position and close the finding
Answer: A
Latest CISA Dumps Valid Version with 2694 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund