IIA IIA-CIA-Part1 Question Answer
An internal auditor performed a risk assessment and concluded that the controls over access privileges to a bank account were appropriate. Later, the auditor learned that a contractor was using a shared password provided by an authorized user of the account. Which of the following statements best describes the auditor's application of due professional care?