According to IIA guidance, which of the following is not a responsibility of the chief audit executive pertaining to documenting information to support internal audit engagement results and conclusions?
A. Rating each engagement record to assess its relevance and accessibility for the organization’s board.
B. Controlling access to engagement records, including access by senior management.
C. Developing retention requirements for engagement records that are consistent with organizational guidelines.
D. Forming policies governing the custody and retention of consulting engagement records before their release to other parties.