In organizations, authority types define how power and influence are exercised. Since the technician
is prioritizing projects, their authority comes from their specialized knowledge or expertise, making
this an example of expert authority.
Why Option D (Expert Authority) is Correct:
Expert authority is based on specialized knowledge, skills, or expertise rather than formal position or
hierarchical power.
The technician is trusted to prioritize projects because of their technical knowledge and
understanding of project impact.
Expert authority is commonly seen in IT specialists, consultants, and industry professionals who
guide decision-making based on expertise.
Why Other Options Are Incorrect:
Option A (Legitimate Authority):
Incorrect because legitimate authority is derived from a formal position or title within an
organizational hierarchy (e.g., CEO, manager).
Option B (Coercive Authority):
Incorrect because coercive authority relies on threats, punishment, or force, which is not applicable
in this scenario.
Option C (Referent Authority):
Incorrect because referent authority is based on personal influence, charisma, or relationships,
rather than expertise.
IIA Reference:
IIA Practice Guide – "Auditing Organizational Governance": Discusses different types of authority in
decision-making.
COSO ERM Framework – "Risk Governance & Decision-Making": Recognizes expert authority as a key
factor in risk-based project prioritization.
IIA’s GTAG – "Auditing IT Governance": Highlights the role of expert authority in IT project
prioritization and governance.
