Certified Information Systems Auditor (CISA) — Question 191

Which of the following is the MOST appropriate role for an IS auditor assigned as a team member for a software development project?

Answer options

• A. Implementing controls within the software
• B. Developing user acceptance testing (UAT) scripts
• C. Performing a mid-term evaluation of the project management process
• D. Monitoring assessed risk for the project

Correct answer: D

Explanation

The correct answer is D because monitoring assessed risk is a critical aspect of an IS auditor's role, ensuring that risks are managed throughout the project lifecycle. Options A and B are more aligned with software development tasks rather than auditing functions, while option C, although relevant, does not focus specifically on risk assessment.