Which of the following should be of GREATEST concern to an organization’s board when reviewing the internal audit department’s quality assurance and improvement program?
A. The program does not include periodic external assessments.
B. Program metrics have not been updated in over two years.
C. The program has not been approved by senior management.
D. The program does not incorporate recommendations from prior audits.
A. The program does not include periodic external assessments.
B. Program metrics have not been updated in over two years.
C. The program has not been approved by senior management.
D. The program does not incorporate recommendations from prior audits.