Which of the following is the BEST source of information for an IS auditor when planning an audit of a business application’s controls?
A. User documentation
B. Change control procedures
C. Access control lists
D. Process flow diagrams
A. User documentation
B. Change control procedures
C. Access control lists
D. Process flow diagrams