Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Discussions
  1. Home
  2. IIA
  3. CIA
  4. IIA-CIA-Part3-3P
  5. CIA Exam Part Three: Business Knowledge for Internal Auditing Questions and Answers

Pass the IIA CIA IIA-CIA-Part3-3P Questions and answers with ValidTests

Exam IIA-CIA-Part3-3P All Questions
Exam IIA-CIA-Part3-3P Premium Access

View all detail and faqs for the IIA-CIA-Part3-3P exam

Go to Exam
Viewing page 5 out of 15 pages
Viewing questions 41-50 out of questions
Questions # 41:

In reviewing an organization's IT infrastructure risks, which of the following controls is to be tested as part of reviewing workstations?

Options:

A.

Input controls.

B.

Segregation of duties.

C.

Physical controls.

D.

Integrity controls.

Expert Solution
Questions # 42:

What would an internal auditor do to ensure that a process to mitigate risk is in place for the organization's change management process?

Options:

A.

Develop and enforce change policies to ensure employees are continually trained.

B.

Apply a risk-based approach and impose segregation of duties related to the change management process.

C.

Conduct a high-level threat analysis and implement a compensating control.

D.

Validate authorization, segregation of duties, testing of changes, and approval to move changes into production.

Expert Solution
Questions # 43:

Which of the following statements is true regarding a bring-your-own-device (BYOD) environment?

Options:

A.

There is a greater need Kr organizations to rely on users to comply with policies and procedures.

B.

With fewer devices owned by the organization, there is reduced need to maintain documented policies and procedures.

C.

Incident response times are less critical in the BYOD environment. compared to a traditional

environment

D.

There is greater sharing of operational risk in a BYOD environment.

Expert Solution
Questions # 44:

While reviewing the contracts for a large city, the internal auditor learns that the organization contracted to perform trash collection is paid based on the number of bins emptied each week as a result, the city has minimal control over payments Which of the following actions should the auditor recommend to give the city greater control over payments?

Options:

A.

Change the contract so payment is based on the distances traveled by the contractor during collection.

B.

Renegotiate a lump-sum contract when the contract is up for renewal

C.

Assign a city employee to verify the number of bins emptied each day

D.

Require that the contractor provide supervisory review of the number of bins emptied each day

Expert Solution
Questions # 45:

Which of the following is an example of internal auditors applying data mining techniques for exploratory purposes?

Options:

A.

Internal auditors perform reconciliation procedures to support an external audit of financial reporting.

B.

Internal auditors perform a systems-focused analysis to review relevant controls.

C.

Internal auditors perform a risk assessment to identify potential audit subjects as input for the annual internal audit plan.

D.

Internal auditors test IT general controls with regard to operating effectiveness versus design.

Expert Solution
Questions # 46:

Based on lest results an IT auditor concluded that the organization would suffer unacceptable toss of data if there was a disaster at its data center. Which of the following test results would likely lead the auditor to this conclusion?

Options:

A.

Requested backup tapes were not returned from the offsite vendor in a timely manner

B.

Returned backup tapes from the offsite vendor contained empty spaces

C.

Critical systems have been Backed up more frequently than required.

D.

Critical system backup tapes are taken off site less frequently than required.

Expert Solution
Questions # 47:

Which of the following network types should an organization choose if it wants to allow access only to its own personnel?

Options:

A.

An extranet

B.

A local area network.

C.

An intranet

D.

The internet

Expert Solution
Questions # 48:

Which of the following statements about mentoring is true?

1) Mentoring can be used effectively for increasing employee retention

2) Mentoring can be used effectively in reducing employees frustration.

3) Mentoring can be used effectively for increasing organization communication.

4) Mentoring can be used effectively as a short term activity consisting of instruction and training

Options:

A.

1 2. and 3 only.

B.

1. 2 and 4 only

C.

1, 3. and 4 only.

D.

1,2. 3, and 4

Expert Solution
Questions # 49:

Which of the following statements is true concerning the basic accounting treatment of a partnership?

Options:

A.

The initial investment of each partner should be recorded at book value.

B.

The ownership ratio identifies the basis for dividing net income and net loss.

C.

A partner's capital only changes due to net income or net loss.

D.

The basis for sharing net incomes or net losses must be fixed.

Expert Solution
Questions # 50:

Which component of an organization's cybersecurity risk assessment framework would allow management to implement user controls based on a user's role?

Options:

A.

Prompt response and remediation policy.

B.

Inventory of information assets.

C.

Information access management.

D.

Standard security configurations.

Expert Solution
Viewing page 5 out of 15 pages
Viewing questions 41-50 out of questions