Certified Information Systems Auditor (CISA) — Question 184
Which of the following findings should be of MOST concern to an IS auditor assessing agile software development practices?
Answer options
- A. There is a low acceptance rate by the business of delivered software.
- B. Testing is performed by both software developers and testers.
- C. Release plans have been revised several times before actual release.
- D. The IT team feels unable to strictly follow standard agile practices.
Correct answer: A
Explanation
A low acceptance rate by the business indicates that the delivered software does not meet user needs, which is critical for agile success. While collaboration in testing and revisions to release plans can be part of adaptive processes, they are not as concerning as user acceptance. Additionally, the inability to follow standard practices can be a challenge but does not directly reflect software quality.