Which of the following should be PRIMARILY considered while designing information systems
controls?
A.
The IT strategic plan
B.
The existing IT environment
C.
The organizational strategic plan
D.
The present IT budget
Explanation:
Review of the enterprise’s strategic plan is the first step in designing effective IS controls that
would fit the enterprise’s long-term plans.
Answer B is incorrect. Review of the existing IT environment is also useful and necessary but is
not the first step that needs to be undertaken.
Answer D is incorrect. The present IT budget is just one of the components of the strategic plan.
Answer A is incorrect. The IT strategic plan exists to support the enterprise’s strategic plan but is
not solely considered while designing information system control.