The Most Appropriate Document for Granting Authority to an External IS Auditor

A.

The MOST appropriate document for granting authority to an external IS auditor in an audit engagement with a client organization is a formally approved audit charter (option B).

An audit charter outlines the objectives, scope, and responsibilities of the audit, and is typically issued by the audit committee or board of directors of the client organization. The audit charter establishes the external auditor's authority to conduct the audit, and defines the boundaries of the audit engagement, including access to information and personnel, as well as the reporting requirements and expected timelines for the audit.

An approved statement of work (option A) may also be used to define the scope of the audit engagement, but it does not provide the same level of authority or oversight as a formal audit charter. A statement of work typically outlines the specific tasks and deliverables of the audit, but does not establish the authority of the auditor or provide guidance on the overall objectives of the audit.

An internal memo to all concerned parties (option C) is not an appropriate document for granting authority to an external auditor. An internal memo may be used to communicate the audit engagement to internal stakeholders, but it does not establish the authority of the auditor or provide guidance on the scope and objectives of the audit.

A request for proposal for audit services (option D) is a document that is typically issued by the client organization to solicit proposals from external auditors. While a request for proposal may outline the scope and objectives of the audit, it does not provide the same level of authority as a formal audit charter, and it is not typically used to grant authority to an external auditor once the engagement has been awarded.

In summary, a formally approved audit charter is the MOST appropriate document for granting authority to an external IS auditor in an audit engagement with a client organization.