CISA Certified Information Systems Auditor – Question3095

An IS auditor suspects an organization's computer may have been used to commit a crime. Which of the following is the auditor's BEST course of action?

A.
Examine the computer to search for evidence supporting the suspicions.
B. Notify local law enforcement of the potential crime before further investigation.
C. Contact the incident response team to conduct an investigation.
D. Advise management of the crime after the investigation.

Correct Answer: C