Certified Internal Auditor (CIA) Part 3: Business Knowledge for Internal Auditing — Question 251

Which of the following is the best example of IT governance controls?

Answer options

• A. Controls that focus on segregation of duties, financial, and change management.
• B. Personnel policies that define and enforce conditions for staff in sensitive IT areas.
• C. Standards that support IT policies by more specifically defining required actions.
• D. Controls that focus on data structures and the minimum level of documentation required.

Correct answer: A

Explanation

Option A is correct because it emphasizes key IT governance controls such as segregation of duties, which is crucial for risk management and compliance. The other options, while important, do not encompass the broader aspect of governance controls needed for effective oversight of IT processes.