Home MCQs CISA Question #1793
Back to Questions
CISA QUESTION #1793
Question 1
During an application review, an IS auditor encounters activity that may constitute an illegal act. What is the most appropriate course of action?
  • Disregard the finding as it falls outside the current review scope
  • Conduct an independent investigation to assist law enforcement
  • Immediately inform the auditee of the suspected activity
  • Obtain qualified legal counsel before proceeding further with the audit✔️
Correct Answer Explanation
Detecting illegal activity is outside the auditor's formal mandate; however, the auditor must not ignore the finding. The appropriate response is to seek competent legal advice to understand liability, disclosure obligations, and reporting requirements before taking any further action or communicating the finding to others.