CISA Certified Information Systems Auditor – Question0034

An IS audit team is evaluating the documentation related to the most recent application user-access review performed by IT and business management. It is determined the user list was not system-generated. Which of the following should be the GREATEST concern?

A.
Source of the user list reviewed
B. Availability of the user list reviewed
C. Confidentiality of the user list reviewed
D. Completeness of the user list reviewed

Correct Answer: A