CISA Certified Information Systems Auditor – Question0300

During an incident management audit, an IS auditor finds that several similar incidents were logged during the audit period. Which of the following is the auditor’s MOST important course of action?

A.
Document the finding and present it to management.
B. Determine if a root cause analysis was conducted.
C. Validate whether all incidents have been actioned.
D. Confirm the resolution time of the incidents.

Correct Answer: C