CISA Certified Information Systems Auditor – Question0689

Which of the following is the BEST evidence that an organization is aware of applicable laws and regulations?

A.
The organization's compliance matrix
B. History of legal actions and regulatory correspondence
C. The existence of an employee awareness training program
D. Industry benchmark results

Correct Answer: A