Identify the option that is NOT typically a high-value cyber audit focus.

In cyber audits, high-value focuses are those that directly govern risk and protect operations: governance, incident response, and identity and access management. Governance covers policies, risk management processes, oversight, and alignment with regulatory requirements. Incident response assesses whether there are documented playbooks, escalation paths, testing, and coordination to detect, contain, and recover from incidents. Identity and access management examines how access is granted and revoked, including MFA, least-privilege principles, and regular access reviews, to prevent unauthorized use of systems. Network topology mapping, while important for understanding the environment, is primarily an information asset used to plan and scope work rather than a control or process that reduces risk on its own. It supports audits but isn’t typically a high-value focus in the same way as governance, incident response, and IAM, which address the core controls that protect confidentiality, integrity, and availability.