While conducting an information security audit, an internal auditor learns that the existing disaster recovery plan is four years old and untested. The auditor also learns that in the four years since the recovery plan was implemented, the information systems have undergone extensive changes. Which of the following actions is most appropriate for the auditor to take?
Which of the following is the primary reason a chief audit executive should network with an organization’s executives?
Which of the following is the primary engagement responsibility of an entry-level internal auditor?
Which of the following is an example of a compliance assurance engagement?