CISA Certified Information Systems Auditor – Question0380

Which of the following provides an IS auditor with the BEST evidence that an organization's information security program is aligned to business objectives?

A.
Balanced scorecard
B. Risk assessment results
C. Business impact analysis (BIA)
D. Cost-benefit analysis

Correct Answer: A