Final answer:
The internal audit function is appropriate to review a new IT application before implementation, as it aligns with their mandate to verify that internal controls and processes operate effectively. Other options may impair auditor objectivity.
Step-by-step explanation:
It would be appropriate for the internal audit function to perform the task of reviewing a new IT application before implementation. The role of an internal audit is to provide independent assurance that an organization's risk management, governance, and internal control processes are operating effectively. Reviewing an IT application before it is implemented is a preventative control that helps ensure that potential issues are identified and addressed, aligning with the internal auditor's mandate. On the other hand, designing controls for a process, developing new policies, or leading process reengineering projects may conflict with the internal auditor's objectivity, as these are more aligned with management responsibilities.