Main Concern of IS Auditor

B.

The IS auditor's main concern, given the situation described, should be the failure of the alternate power generator during a power outage (Option B). Here's why:

A mission-critical system refers to an information system that is essential to the organization's operations and is expected to be available at all times, with minimal downtime. The fact that the system is hosted in an outsourced data center means that the organization has contracted with an external service provider to manage the data center infrastructure, including power supply and maintenance.

An alternate power generator is a backup power source that is typically used in case of a power outage. In this case, the fact that the contracted routine maintenance for the generator was not performed implies that the generator may not be functioning optimally, and may even fail during an actual power outage.

Therefore, the main concern for the IS auditor is the potential for the failure of the alternate power generator during a power outage, which could lead to extended system downtime, loss of critical data, and even reputational damage for the organization. Option A is less likely to be the main concern, as there is no indication of fraudulent behavior by the outsourcer charging for work not performed. Option C is also a concern, but it is secondary to the main concern of system availability. Option D is also a concern, but it is not as critical as the potential for system downtime.