IIA-CIA-Part3 Exam - Certified Internal Auditor - Part 3, Business Analysis and Information Technology

NEW QUESTION 1

An internal auditor is reviewing the organization's performance appraisal process. Which of the following methods would be most effective to identify stereotyping?

• A. Use a behaviorally anchored rating scale to Break down jobs into their components.
• B. Analyze and compare the ratings for different classes or groupings of employees.
• C. Compare the ratings of selective employees with their previous appraisals.
• D. Analyze the number and percentages of employee appraisals that fall into each rating category

Answer: C

NEW QUESTION 2

According to MA guidance, which of the following best describes an adequate management (audit) trail application control for the general ledger?

• A. Report identifying data that is outside of system parameters
• B. Report identifying general ledger transactions by time and individual
• C. Report comparing processing results with original input
• D. Report confirming that the general ledger data was processed without error.

Answer: B

NEW QUESTION 3

The decision to implement enhanced failure detection and back-up systems to improve data integrity is an example of which risk response?

• A. Risk acceptance.
• B. Risk sharing.
• C. Risk avoidance.
• D. Risk reduction.

Answer: D

NEW QUESTION 4

Which of the following would best prevent unauthorized external changes to an organization's data?

• A. Antivirus software, firewall, data encryption.
• B. Firewall, data encryption, backup procedures.
• C. Antivirus software, firewall, backup procedures.
• D. Antivirus software, data encryption, change logs.

Answer: A

NEW QUESTION 5

Which of the following professional organizations sets standards for quality and environmental audits?

• A. The Committee of Sponsoring Organizations of the Treadway Commission.
• B. The Board of Environmental, Health, and Safety Auditor Certifications.
• C. The International Organization of Supreme Audit Institutions.
• D. The International Standards Organization.

Answer: D

NEW QUESTION 6

If a bank's activities are categorized under such departments as community banking, institutional banking, and agricultural banking, what kind of departmentalization is being utilized?

• A. Product departmentalization.
• B. Process departmentalization.
• C. Functional departmentalization.
• D. Customer departmentalization.

Answer: D

NEW QUESTION 7

According to MA guidance, which of the following would indicate poor change management control?
* 1. Low change success rate
* 2. Occasional planned outages
* 3. Low number of emergency changes.
* 4. Instances of unauthorized changes

• A. 1 and 3
• B. 1 and 4
• C. 2 and 3
• D. 2 and 4

Answer: B

NEW QUESTION 8

Which of me Wowing summarizes information about the cash receipts and cash payments for a specific time period?

• A. Income statement
• B. Statement of cash flows.
• C. Balance sheet
• D. Owner's equity statement

Answer: B

NEW QUESTION 9

Which of the following standards would be most useful in evaluating the performance of a customer-service group?

• A. The average time per customer inquiry should be kept to a minimum.
• B. Customer complaints should be processed promptly.
• C. Employees should maintain a positive attitude when dealing with customers.
• D. All customer inquiries should be answered within seven days of receipt.

Answer: D

NEW QUESTION 10

The most important reason to use risk assessment in audit planning is to:

• A. Identify redundant controls.
• B. Improve budgeting accuracy.
• C. Enhance assurance provided to management.
• D. Assist in developing audit programs.

Answer: C

NEW QUESTION 11

Which of the following statements regarding program change management is not correct?

• A. The goal of the change management process is to sustain and improve organizational operations.
• B. The degree of risk associated with a proposed change determines if the change request requires authorization.
• C. In order to protect the production environment, changes must be managed in a repeatable, defined, and predictable manner.
• D. All changes should be tested in a non-production environment before migrating to the production environment.

Answer: B

NEW QUESTION 12

If a just-in-time purchasing system is successful in reducing the total inventory costs of a manufacturing company, which of the following combinations of cost changes would be most likely to occur?

• A. 1
• B. 2
• C. 3
• D. 4

Answer: D

NEW QUESTION 13

Which of the following is a typical example of structured data?

• A. Production information maintained in relational tables.
• B. Tweets and posts of users on social media.
• C. Photos and videos stored in hard drive catalogs.
• D. Sales reports documented in word processing software.

Answer: A

NEW QUESTION 14

According to IIA guidance on IT auditing, which of the following would not be an area examined by the internal audit activity?

• A. Access system security.
• B. Policy development.
• C. Change management.
• D. Operations processes.

Answer: B

NEW QUESTION 15

Which of the following statements is true regarding a bring-your-own-device (BYOD) environment?

• A. There is a greater need Kr organizations to rely on users to comply with policies and procedures.
• B. With fewer devices owned by the organization, there is reduced need to maintain documented policies and procedures.
• C. Incident response times are less critical in the BYOD environmen
• D. compared to a traditional environment
• E. There is greater sharing of operational risk in a BYOD environment.

Answer: A

NEW QUESTION 16

The market price is the most appropriate transfer price to be charged by one department to another in the same organization for a service provided when:

• A. There is an external market for that service.
• B. The selling department operates at 50 percent of its capacity.
• C. The purchasing department has more negotiating power than the selling department.
• D. There is no external market for that service.

Answer: A

NEW QUESTION 17

Which of the following best describes the concept of relevant cost?

• A. A future cost that is the same among alternatives.
• B. A future cost that differs among alternatives.
• C. A past cost that is the same among alternatives.
• D. A past cost that differs among alternatives.

Answer: B

NEW QUESTION 18

Which of the following statements regarding organizational governance is not correct?

• A. An effective internal audit function is one of the four cornerstones of good governance.
• B. Those performing governance activities are accountable to the customer.
• C. Accountability is one of the key elements of organizational governance.
• D. Governance principles and the need for an internal audit function are applicable to governmental and not-for-profit activities.

Answer: B

NEW QUESTION 19

Which of the following data analytics tools would be applied by an internal audit activity positioned at the lowest level of maturity?

• A. Workflow and data capture technology
• B. Data visualization applications.
• C. Software integrated with central data warehouse
• D. Spreadsheets.

Answer: D

NEW QUESTION 20

The board has requested that the internal audit activity be involved in all phases of the organization's outsourcing of its network management. During which of the following stages is the internal auditor most likely to verify that the organization's right-to-audit clause is drafted effectively?

• A. Implementation and transition phase.
• B. Monitoring and reporting phase
• C. Decision-making and business-case phase.
• D. Tendering and contracting phase.

Answer: D

NEW QUESTION 21
......