During preparation for an IS audit of an organization's IT security processes, which of the following documents would BEST enable the IS auditor to understand the ownership of specific operational tasks?
During preparation for an IS audit of an organization's IT security processes, which of the following documents would BEST enable the IS auditor to understand the ownership of specific operational tasks?
Explanation: A RACI chart (Responsible, Accountable, Consulted, and Informed) is a responsibility assignment matrix that clearly defines the roles and responsibilities for tasks or deliverables across a project or process. Responsible – who performs the task. Accountable – who is ultimately answerable for the task's success. Consulted – who provides input or advice. Informed – who is kept updated on progress. This chart best helps an IS auditor understand who owns which operational tasks, making it invaluable for understanding task accountability within IT security processes.