Certified Internal Auditor (CIA) Part 3: Business Knowledge for Internal Auditing — Question 88

According to IIA guidance, which of the following would be a primary reason for an internal auditor to test the organization's IT contingency plan?

Answer options

• A. To ensure that adequate controls exist to prevent any significant business interruptions.
• B. To identify and address potential security weaknesses within the system.
• C. To ensure that tests contribute to improvement of the program.
• D. To ensure that deficiencies identified by the audit are promptly addressed.

Correct answer: A

Explanation

The correct answer is A because the primary focus of testing an IT contingency plan is to ensure that controls are effective in mitigating significant business interruptions. Options B, C, and D, while relevant to IT audits, are not the primary reason for testing the contingency plan.