The auditor has accessed logs to the server room. What source of information was collected?

The correct answer is based on the nature of logs accessed during the audit. Logs are typically considered a form of records because they provide documented evidence of activities over a specific period. In this case, accessing server room logs would yield information such as access times, actions taken by users, or system events, which are all important for confirming compliance with security policies and procedures.

Records serve as historical evidence that can be reviewed to verify processes and activities. In this scenario, logs help the auditor assess the effectiveness of security measures in place and understand any events that have occurred within the server environment.

While documents can also refer to any written or electronic material and may include policies or procedures, in this context, the emphasis is on logs being categorized specifically as records. Observations pertain to what the auditor sees during site visits and interviews involve discussions with personnel. Both methods serve valuable roles in an audit but do not apply to the nature of data gathered from logs in this case.