When continuous monitoring systems are being implemented, an IS auditor should FIRST identify:
A. the location and format of output files
B. applications that provide the highest financial risk
C. high-risk areas within the organization
D. the controls on which to focus
A. the location and format of output files
B. applications that provide the highest financial risk
C. high-risk areas within the organization
D. the controls on which to focus