Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home IIA IIA-CIA-Part1

IIA IIA-CIA-Part1 Exam Practice Questions (P. 3)

  • Full Access (968 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #21
Which of the following would not be a factor for senior management to consider when determining the internal audit activity's role in an organization's risk management process?
  1. A
    The extent to which the internal audit activity is outsourced.
  2. B
    The maturity level of risk management practices in the organization.
  3. C
    The competency of the internal auditors in risk management.
  4. D
    The nature of the business and the environment in which the organization operates.

Correct Answer:
A

Question #22
Which of the following best describes the underlying premise of the COSO enterprise risk management framework?
  1. A
    Management should set objectives before assessing risk.
  2. B
    Every entity exists to provide value for its stakeholders.
  3. C
    Policies are established to ensure that risk responses are performed effectively.
  4. D
    Enterprise risk management can minimize the impact and likelihood of unanticipated events.

Correct Answer:
B

Question #23
An internal auditor is assigned to conduct an audit of security for a local area network (LAN) in the finance department of the organization. Investment decisions, including the use of hedging strategies and financial derivatives, use data and financial models which run on the LAN. The LAN is also used to download data from the mainframe to assist in decisions. Which of the following should be considered outside the scope of this security audit engagement?
  1. A
    Investigation of the physical security over access to the components of the LAN.
  2. B
    The ability of the LAN application to identify data items at the field or record level and implement user access security at that level.
  3. C
    Interviews with users to determine their assessment of the level of security in the system and the vulnerability of the system to compromise.
  4. D
    The level of security of other LANs in the company which also utilize sensitive data.

Correct Answer:
D

Question #24
When internal auditors perform consulting services that add value and improve an organization's operations, these services:
  1. A
    Impair the internal auditors' objectivity with respect to an assurance service involving the same engagement client.
  2. B
    Would preclude the achievement of assurance from the consulting engagement.
  3. C
    Should be consistent with the internal audit activity's empowerment reflected in the charter.
  4. D
    Impose no responsibility to communicate information other than to the engagement client.

Correct Answer:
C

Question #25
A manufacturing firm uses hazardous materials in the production of its products. An audit of the firm's processes related to hazardous materials should include.
I. Recommending an environmental management system as part of policies and procedures.
II. Verifying the existence of tracking records for these materials from creation to destruction.
III. Using consultants to avoid self-incrimination of the firm in the event illegalities were detected in an environmental audit.
IV. Evaluating the cost provided for in an environmental liability accrual account.
  1. A
    II only
  2. B
    III and IV only
  3. C
    I, II, and IV only
  4. D
    I, III, and IV only

Correct Answer:
C

Question #26
An organization's accounts payable function improved its internal controls significantly after it received an unsatisfactory audit report.
When planning a follow-up audit of the function, what level of detection risk should be expected if the audit and sampling procedures used are unchanged from the prior audit?
  1. A
    Detection risk is lower because control risk is lower.
  2. B
    Detection risk is lower because control risk is higher.
  3. C
    Detection risk is higher because control risk is lower.
  4. D
    Detection risk is unchanged although control risk is lower.

Correct Answer:
D

Question #27
Which of the following risk assessment tools would best facilitate the matching of controls to risks?
  1. A
    Control matrix.
  2. B
    Internal control questionnaire.
  3. C
    Control flowchart.
  4. D
    Program evaluation and review technique (PERT) analysis.

Correct Answer:
A

Question #28
Which of the following is an example of sharing risk?
  1. A
    An organization redesigned a business process to change the risk pattern.
  2. B
    An organization outsourced a portion of its services to a third-party service provider.
  3. C
    An organization sold an unprofitable business unit to its competitor.
  4. D
    In order to spread total risk, an organization used multiple vendors for critical materials.

Correct Answer:
B

Question #29
Which of the following components influences the risk consciousness of an organization's people and is the basis for all other components of enterprise risk management?
  1. A
    Objective setting.
  2. B
    Information and Communication.
  3. C
    Risk Assessment.
  4. D
    Internal Environment.

Correct Answer:
D

Question #30
Which of the following is an appropriate consideration by the auditor when preparing an engagement program for a human resource audit?
  1. A
    State the work steps in the form of questions.
  2. B
    Use standard audit program for HR from previous years.
  3. C
    Include in the audit program certain audit tests requested by audit client.
  4. D
    Defer preparation of the audit program after the field work.

Correct Answer:
C

Previous Questions Next Questions

All Pages