During an audit, what should an auditor obtain to meet audit objectives?

The correct answer focuses on the fundamental requirement of an audit, which is to obtain evidence. Evidence is crucial to support the findings, conclusions, and recommendations generated during the audit process. It provides a basis for assessing compliance with established standards, policies, and procedures.

Evidence can come in various forms, including but not limited to logs, documents, and witness statements. However, the key aspect is that the auditor must have sufficient and appropriate evidence to substantiate the audit objectives. Evidence helps verify the integrity of information, assess the effectiveness of controls, and evaluate the overall security posture of the information systems being audited.

Logs can serve as a type of evidence, but logs alone may not suffice to meet all audit points. Witnesses can provide additional insight or clarification, but their testimonies also need to be supported by documented evidence. Similarly, documents are a form of evidence, yet they must be collected as part of a broader strategy to ensure a complete and comprehensive audit. Therefore, focusing on obtaining evidence as the primary objective encapsulates the broader goal of an audit, which is to derive justified conclusions based on reliable and verifiable information.