Certified Information Systems Auditor (CISA) — Question 613

Which of the following is the MOST important benefit of involving IS audit when implementing governance of enterprise IT?

Answer options

• A. Identifying relevant roles for an enterprise IT governance framework
• B. Providing independent and objective feedback to facilitate improvement of IT processes
• C. Making decisions regarding risk response and monitoring of residual risk
• D. Verifying that legal, regulatory, and contractual requirements are being met

Correct answer: D

Explanation

The correct answer is D because verifying compliance with legal, regulatory, and contractual requirements is crucial for the integrity and accountability of enterprise IT governance. While the other options provide value, they do not hold the same level of critical importance as ensuring compliance, which can have significant legal and financial implications.