An IS auditor is assigned to perform a postimplementation review of an application system. Which
of the following situations may have impaired the independence of the IS auditor? The IS auditor:
implemented a specific control during the development of the application system.
designed an embedded audit module exclusively for auditing the application system.
participated as a member of the application system project team, but did not have operational
provided consulting advice concerning application system best practices.
Independence may be impaired if an IS auditor is, or has been, actively involved in the development,
acquisition and implementation of the application system. Choices B and C are situations that do
not impair an IS auditor’s independence. Choice D isincorrect because an IS auditor’s
independence is not impaired by providing advice on known best practices.