Assessments of critical information systems are based on a cyclical audit plan that has not been updated for several years.
Which of the following should the IS auditor recommend to BEST address this situation?
A . Use a revolving set of audit plans to cover all systems
B . Update the audit plan quarterly to account for delays and deferrals of periodic reviews
C . Regularly validate the audit plan against business risks
D . Do not include periodic reviews in detail as part of the audit plan
Answer: C
Latest CISA Dumps Valid Version with 2694 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund