CISA Certified Information Systems Auditor – Question0114

When continuous monitoring systems are being implemented, an IS auditor should FIRST identify:

A.
the location and format of output files
B. applications that provide the highest financial risk
C. high-risk areas within the organization
D. the controls on which to focus

Correct Answer: D