CIA Exam Part Three: Business Knowledge for Internal Auditing
Last Update May 18, 2024
Total Questions : 488
We are offering FREE IIA-CIA-Part3-3P IIA exam questions. All you do is to just go and sign up. Give your details, prepare IIA-CIA-Part3-3P free exam questions and then go for complete pool of CIA Exam Part Three: Business Knowledge for Internal Auditing test questions that will help you more.
According to IIA guidance, which of the following corporate social responsibility (CSR) evaluation activities may be performed by the internal audit activity?
1) Consult on CSR program design and implementation.
2) Serve as an advisor on CSR governance and risk management.
3) Review third parties for contractual compliance with CSR terms.
4) Identify and mitigate risks to help meet the CSR program objectives.
An organization with an annual demand of 25.000 units correctly computes its economic order quantity to be 1,000 units Its safety stock is 300 units and the lead time is two days If there are 250 production days in a year what is the reorder point1?
According to MA guidance, which of the following would indicate poor change management control?
1) Low change success rate
2) Occasional planned outages
3) Low number of emergency changes.
4) Instances of unauthorized changes
Organization X owns a 38 percent equity stake in Organization Y. Which of the following statements is true regarding the financial treatment for this relationship?
Which of the following statements is true regarding an investee that received a dividend distribution from an entity and is presumed to have little influence over the entity?
Which of the following best describes a detective control designed to protect an organization from cyberthreats and attacks?
The board of directors wants to implement an incentive program for senior management that is specifically tied to the long-term health of the organization.
Which of the following methods of compensation would be best to achieve this goal?
A bank uses customer departmentalization to categorize its departments. Which of the following groups best exemplifies this method of categorization?
At a manufacturing plant, how would using Internet of Things during the production process benefit the organization?
During an audit of the organization's annual financial statements, the internal auditor notes that the current cost of goods sold percentage is substantially higher than in prior years. Which of the following is the most likely explanation for this increase?
Which of the following performance measures includes both profits and investment base?
An organization invests excess snort-term cash in trading securities. When of the following actions should an internal auditor take to test the valuation of those securities?
Which of the following control features consists of a set of authorization codes that distinguishes among actions such as reading, adding, and deleting records?
An organization's headquarters is centrally located and the organization runs numerous computer applications in multiple sites. Which of the following would be the most appropriate approach for conducting an audit of the mainframe computer?
Which of the following is a disadvantage of selecting a commercial software package rather than developing an application internally?
When an organization is choosing a new external auditor, which of the following is the most appropriate role for the chief audit executive to undertake?
An organization is considering mirroring the customer data for one regional center at another center. A disadvantage of such an arrangement would be:
Which of the following is a type of network in which an organization permits specific users (such as existing customers) to have access to its internal network through the Internet by building a virtual private network?
An internal auditor performed a review of IT outsourcing and found that the service provider was failing to meet the terms of the service level agreement. Which of the following approaches is most appropriate to address this concern?
The economic order quantity can be calculated using the following formula:
Which of the following describes how the optimal order size will change if the annual demand increases by 36 percent?
Which of the following statements is true regarding the use of public key encryption to secure data while it is being transmitted across a network?
Which of the following statements best describes the frameworks set forth by the International Standards Organization?
According to IIA guidance, which of the following is a broad collection of integrated policies, standards, and procedures used to guide the planning and execution of a project?
A remote location contains a data center with hardware available to support critical production systems as required in the recovery plan IT personnel periodically test and update systems at the data center. This is an example of which of the following recovery solutions?
Which of the following is the best example of a compliance risk that is likely to arise when adopting a bring-your-own-device (BYOD) policy?
An internal auditor is investigating a potential fraudulent activity. What is the first test the auditor should perform on the transaction data under scrutiny?
Which of the following performance measures disincentivizes engaging in earnings management?
While reviewing the contracts for a large city, the internal auditor learns that the organization contracted to perform trash collection is paid based on the number of bins emptied each week as a result, the city has minimal control over payments Which of the following actions should the auditor recommend to give the city greater control over payments?
An internal auditor for a pharmaceutical company is planning a cybersecurity audit and conducting a risk assessment.
Which of the following would be considered the most significant cyber threat to the organization?
An organization's board of directors is particularly focused on positioning the organization as a leader in the industry and beating the competition.
Which of the following strategies offers the greatest alignment with the board's focus?
When using data analytics during a review of the procurement process what is the first step in the analysis process?
Which of the following principles is shared by both hierarchical and open organizational structures?
1) A superior can delegate the authority to make decisions but cannot delegate the ultimate responsibility for the results of those decisions
2) A supervisor's span of control should not exceed seven subordinates
3) Responsibility should be accompanied by adequate authority
4) Employees at all levels should be empowered to make decisions.
During which of the following phases of contracting does the organization analyze whether the market is aligned with organizational objectives?
Which of the following actions would senior management need to consider as pan of new IT guidelines regarding the organization's cybersecurity policies?
An organization has an agreement with a third-party vendor to have a fully operational facility, duplicate of the original site and configured to the organization's needs, in order to quickly recover operational
capability in the event of a disaster.
Which of the following best describes this approach to disaster recovery planning?
Which of the following best describes the primary objective of cybersecurity?
An organization recently documented its procedures for recovering systems and data after a disaster How are these documented procedures most likely to be used during a disaster simulation exercise?
A large hospital has an existing contract with a vendor in another country to provide software support and maintenance of the hospital's patient records information system. From the hospital management's perspective, which of the following controls would be most effective to address privacy risks related to this outsourcing arrangement?
A manager who is authorized to make purchases up to a certain dollar amount approves the set-up of a fictitious vendor and subsequently initiates purchase orders.
Which of the following controls would best address this risk?
Which of the following is an example of a physical security control that should be in place at an organization's data center?
Which of the following cost of capital methods identifies the time period required to recover the cost of the capital investment from the annual inflow produced?
A small software development firm designs and produces custom applications for businesses. The application development team consists of employees from multiple departments who all report to a single project manager.
Which of the following organizational structures does this situation represent?
Which of the following statements regarding organizational governance is not correct?
A brand manager in a consumer food products organization suspected that several days of the point-of-sale data on the spreadsheet from one grocery chain were missing. The best approach for detecting missing rows in spreadsheet data would be to:
In terms of international business strategy, which of the following is true regarding a multi-domestic strategy?
Where complex problems need to be addressed, which of the following communication networks would be most appropriate?
Which of the following is a role of the board of directors in the governance process?
A company's financial balance sheet is presented below:
The company has net working capital of:
Which of the following statements is correct regarding corporate compensation systems and related bonuses?
1) A bonus system should be considered part of the control environment of an organization and should be considered in formulating a report on internal control.
2) Compensation systems are not part of an organization's control system and should not be reported as such.
3) An audit of an organization's compensation system should be performed independently of an audit of the control system over other functions that impact corporate bonuses.
Which of the following describes the result if an organization records merchandise as a purchase, but fails to include it in the closing inventory count?
Which of the following price adjustment strategies encourages prompt payment?
A retail organization is considering acquiring a composite textile company. The retailer's due diligence team determined the value of the textile company to be $50 million. The financial experts forecasted net present value of future cash flows to be $60 million. Experts at the textile company determined their company's market value to be $55 million if purchased by another entity. However, the textile company could earn more than $70 million from the retail organization due to synergies. Therefore, the textile company is motivated to make the negotiation successful. Which of the following approaches is most likely to result in a successful negotiation?
Which of the following distinguishes the added-value negotiation method from traditional negotiating methods?
Which of the following statements is true regarding the relationship between an individual’s average tax rate and marginal tax rate?
Which of the following control techniques would minimize the risk of interception during transmission in an electronic data interchange system?
1) Encryption.
2) Traffic padding.
3) Edit checks.
4) Structured data format.
Which of the following conditions could lead an organization to enter into a new business through internal development rather than through acquisition?
In mergers and acquisitions, which of the following is an example of a horizontal combination?
If legal or regulatory standards prohibit conformance with certain parts of The IIA's Standards, the auditor should do which of the following?
A global business organization is selecting managers to post to various international (expatriate) assignments.
In the screening process, which of the following traits would be required to make a manager a successful expatriate?
1) Superior technical competence.
2) Willingness to attempt to communicate in a foreign language.
3) Ability to empathize with other people.
An organization is considering the outsourcing of its business processes related to payroll and information technology functions. Which of the following is the most significant area of concern for management regarding this proposed agreement?
Which of the following statements accurately describes one of the characteristics that distinguishes a multinational company from a domestic company?
Which of the following steps should an internal auditor take during an audit of an organization's business continuity plans?
1) Evaluate the business continuity plans for adequacy and currency.
2) Prepare a business impact analysis regarding the loss of critical business.
3) Identify key personnel who will be required to implement the plans.
4) Identify and prioritize the resources required to support critical business processes.
Which of the following is false with regard to Internet connection firewalls?