CISA Certified Information Systems Auditor – Question0092

During a security audit, an IS auditor is tasked with reviewing log entries obtained from an enterprise intrusion prevention system (IPS). Which type of risk would be associated with the potential for the auditor to miss a sequence of logged events that could indicate an error in the IPS configuration?

A.
Inherent risk
B. Sampling risk
C. Control risk
D. Detection risk

Correct Answer: D