CISA Certified Information Systems Auditor – Question0685

Which of the following should be of GREATEST concern to an IS auditor reviewing an organization’s initiative to adopt an enterprise governance framework?

A.
The organization has not identified the business drivers for adopting the framework.
B. The organization’s security department has not been involved with the initiative.
C. The organization has tried to adopt the entire framework at once.
D. The organization has not provided employees with formal training on the framework.

Correct Answer: A