An IS auditor is assigned to review the IS department’s quality procedures. Upon contacting the IS manager, the auditor finds that there is an informal unwritten set of standards. Which of the following should be the auditor’s NEXT action?
A. Finalize the audit and report the finding.
B. Make recommendations to IS management as to appropriate quality standards.
C. Postpone the audit until IS management implements written standards.
D. Document and test compliance with the informal standards.
A. Finalize the audit and report the finding.
B. Make recommendations to IS management as to appropriate quality standards.
C. Postpone the audit until IS management implements written standards.
D. Document and test compliance with the informal standards.