Last Updated on December 21, 2021 by InfraExam
The use of risk assessment tools for classifying risk factors should be formalized in your IT audit effort through:
- the use of risk controls.
- the use of computer assisted functions.
- using computer assisted audit technology tools.
- the development of written guidelines.
- None of the choices.
Explanation:
A successful risk-based IT audit program could be based on an effective scoring system. In establishing a scoring system, management should consider all relevant risk factors and avoid subjectivity. Auditors should develop written guidelines on the use of risk assessment tools and risk factors and review these guidelines with the audit committee.
A successful risk-based IT audit program could be based on an effective scoring system. In establishing a scoring system, management should consider all relevant risk factors and avoid subjectivity. Auditors should develop written guidelines on the use of risk assessment tools and risk factors and review these guidelines with the audit committee.