Certified Information Systems Auditor (CISA) — Question 88

An organization was recently notified by its regulatory body of significant discrepancies in its reporting data. A preliminary investigation revealed that the discrepancies were caused by problems with the organization's data quality. Management has directed the data quality team to enhance their program. The audit committee has asked internal audit to be advisors to the process. To ensure that management concerns are addressed, which data set should internal audit recommend be reviewed FIRST?

Answer options

• A. Data impacting business objectives
• B. Data supporting financial statements
• C. Data reported to the regulatory body
• D. Data with customer personal information

Correct answer: C

Explanation

The correct answer is C because the discrepancies reported to the regulatory body could lead to serious compliance issues and potential penalties. While the other data sets are important, the data reported to regulators is critical for maintaining trust and avoiding legal repercussions.