While the development methodology (option A) is also important, particularly for understanding the approach taken in the project, evaluating controls within system specifications is typically more directly relevant to the IS auditor's role in assessing security and compliance during the design phase.
B Is correct, The PRIMARY responsibility of an IS auditor during the design phase of a software development project is to evaluate the controls incorporated into the system specifications. The auditor should ensure that proper controls are included in the design to prevent, detect, and correct errors or irregularities that could adversely impact the system's integrity or the organization's operations. This includes ensuring that security, accuracy, completeness, and other control objectives are appropriately addressed in the system specifications. While the other options listed may also be relevant to the auditor's evaluation, they are not the PRIMARY responsibility during the design phase.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Swallows
1 month, 1 week ago007Georgeo
1 year, 2 months agoTP99
1 year, 6 months agopeelu
1 year, 7 months ago