Certified Information Systems Auditor (CISA) — Question 1318

Which of the following is the BEST way to faster continuous improvement of IS audit processes and practices?

Answer options

• A. Frequently review IS audit policies, procedures, and instruction manuals.
• B. Establish and embed quality assurance (QA) within the IS audit function.
• C. Invite external auditors and regulators to perform regular assessment of the IS audit function.
• D. Implement rigorous managerial review and sign-off of IS audit deliverables.

Correct answer: B

Explanation

Integrating quality assurance (QA) within the IS audit function establishes a systematic approach to improvement, ensuring ongoing evaluation and enhancement of practices. While reviewing policies, inviting external assessments, and enforcing managerial reviews are valuable, they do not create the same level of continuous improvement as embedding QA directly into the processes.