Certified Information Systems Auditor (CISA) — Question 268

Which of the following findings from an IT governance review should be of GREATEST concern?

Answer options

• A. IT value analysis has not been completed.
• B. All IT services are provided by third parties.
• C. IT supports two different operating systems.
• D. The IT budget is not monitored.

Correct answer: D

Explanation

The correct answer is D because not monitoring the IT budget can lead to overspending and misallocation of resources, impacting the overall financial health of the organization. While the other findings are concerning, they do not pose as immediate a risk to the organization's governance and financial stability as an unmonitored budget.