Certified Information Systems Auditor (CISA) — Question 26

Which of the following would be an IS auditor's GREATEST concern when reviewing the early stages of a software development project?

Answer options

• A. The lack of acceptance criteria behind user requirements
• B. The lack of completion of all requirements at the end of each sprint
• C. The lack of technical documentation to support the program code
• D. The lack of a detailed unit and system test plan

Correct answer: A

Explanation

The greatest concern for an IS auditor is the absence of acceptance criteria for user requirements, as this can lead to misunderstandings and misalignment between user expectations and the final product. While other options like technical documentation and test plans are important, they can be addressed later in the project. Acceptance criteria are fundamental for ensuring that the project's goals are met.