Certified Information Systems Auditor (CISA) — Question 1103

An IS auditor evaluating the change management process must select a sample from the change log. What is the BEST way for the auditor to confirm the change log is complete?

Answer options

• A. Obtain management attestation of completeness.
• B. Take the last change from the system and trace it back to the log.
• C. Take an item from the log and trace it back to the system.
• D. Interview change management personnel about completeness.

Correct answer: B

Explanation

The best method for confirming the completeness of the change log is to take the last change from the system and trace it back to the log, as this ensures that the most recent activity is documented. Option A does not provide direct evidence of completeness, while option C only verifies a specific log entry and option D relies on subjective information from personnel.