CISA Certified Information Systems Auditor – Question0281

A 5-year audit plan provides for general audits every year and application audits on alternating years. To achieve higher efficiency, the IS audit manager would MOST likely:

A.
proceed with the plan and integrate all new applications.
B. alternate between control self-assessment (CSA) and general audits every year.
C. implement risk assessment criteria to determine audit priorities.
D. have control self-assessments (CSAs) and formal audits of applications on alternating years.

Correct Answer: D