Certified Information Systems Auditor (CISA) — Question 374

An IS auditor performing an application development review attends development team meetings. The IS auditor's independence will be compromised if the IS auditor:

Answer options

• A. assists in developing an integrated test facility (ITF) on the system.
• B. re-performs test procedures used by the development team.
• C. reviews the result of systems tests that were performed by the development team.
• D. designs and executes the user's acceptance test plan.

Correct answer: D

Explanation

The correct answer is D because designing and executing the user's acceptance test plan directly involves the auditor in the testing process, compromising their objectivity. Options A, B, and C may involve oversight or review but do not engage the auditor in the actual development or execution tasks, thereby maintaining their independence.