CISA Certified Information Systems Auditor – Question0306

Which of the following is the BEST source of information for an IS auditor when planning an audit of a business application’s controls?

A.
User documentation
B. Change control procedures
C. Access control lists
D. Process flow diagrams

Correct Answer: A