CISA Certified Information Systems Auditor – Question2030

Which of the following should be an IS auditor’s PRIMARY focus when developing a risk-based IS audit program?

A.
Business plans
B. Business processes
C. IT strategic plans
D. Portfolio management

Correct Answer: C