CISA Certified Information Systems Auditor – Question2553 - CISA Certified Information Systems Auditor

An IS auditor performing a review of an application's controls would evaluate the:

A. efficiency of the application in meeting the business processes.
B. impact of any exposures discovered.
C. business processes served by the application.
D. application's optimization.

Correct Answer: B

Explanation:

Explanation:
An application control review involves the evaluation of the application’s automated controls and an assessment of any exposures resulting from the control weaknesses. The other choices may be objectives of an application audit but are not part of an audit restricted to a review of controls.