Choice "D" is correct. Embedded audit modules are sections of the application program code that collect transaction data for the auditor. Embedded audit modules are usually built into the application program when the program is developed. This would require that the auditors be involved in the system design of the application to be monitored.
Choice "b" is incorrect. Embedded audit modules can be protected from computer viruses the same way any other application program would be protected.
Choice "a" is incorrect. Auditors are not required to monitor embedded audit modules continuously to obtain valid results.
Choice "c" is incorrect. As long as there are appropriate controls in place, embedded audit modules cannot easily be modified through management tampering.