IIA-CIA-PART3-3P Online Practice Questions and Answers

Which of the following statements is correct regarding risk analysis?

A. The extent to which management judgments are required in an area could serve as a risk factor in assisting the auditor in making a comparative risk analysis.

B. The highest risk assessment should always be assigned to the area with the largest potential loss.

C. The highest risk assessment should always be assigned to the area with the highest probability of occurrence.

D. Risk analysis must be reduced to quantitative terms in order to provide meaningful comparisons across an organization.

Which of the following statements about market signaling is correct?

1) The organization releases information about a new product generation. 2) The organization limits a challenger's access to the best source of raw materials or labor. 3) The organization announces that it is fighting a new process technology. 4) The organization makes exclusive arrangements with the channels.

A. 1 and 3 only

B. 1 and 4 only

C. 2 and 3 only

D. 2 and 4 only

The main reason to establish internal controls in an organization is to:

A. Encourage compliance with policies and procedures.

B. Safeguard the resources of the organization.

C. Ensure the accuracy, reliability, and timeliness of information.

D. Provide reasonable assurance on the achievement of objectives.

Which is the least effective form of risk management?

A. Systems-based preventive control.

B. People-based preventive control.

C. Systems-based detective control.

D. People-based detective control.

Which of the following is a strategy that organizations can use to stimulate innovation?

1) Source from the most advanced suppliers. 2) Establish employee programs that reward initiative. 3) Identify best practice competitors as motivators. 4) Ensure that performance targets are always achieved.

A. 1 and 3 only

B. 2 and 4 only

C. 1, 2, and 3 only

D. 1, 2, 3, and 4

Which of the following best describes the concept of relevant cost?

A. A future cost that is the same among alternatives.

B. A future cost that differs among alternatives.

C. A past cost that is the same among alternatives.

D. A past cost that differs among alternatives.

Which of the following factors is considered a disadvantage of vertical integration?

A. It may reduce the flexibility to change partners.

B. It may not reduce the bargaining power of suppliers.

C. It may limit the organization's ability to differentiate the product.

D. It may lead to limited control of proprietary knowledge.

The most important reason to use risk assessment in audit planning is to:

A. Identify redundant controls.

B. Improve budgeting accuracy.

C. Enhance assurance provided to management.

D. Assist in developing audit programs.

What would be the effect if an organization paid one of its liabilities twice during the year in error?

A. Assets liabilities and owners' equity would be understated

B. Assets net income and owners' equity would be unaffected

C. Assets and liabilities would be understated

D. Assets net income and owners' equity would be understated, but liabilities would be overstated

According to IIA guidance, which of the following statements is true with regard to workstation computers that access company information stored on the network?

A. individual workstation computer controls are not as important as company wide server controls.

B. Particular attention should be paid to housing workstations away from environmental hazards.

C. Cyber security issues can be controlled at an enterprise level making workstation level controls redundant

D. With security risks near an all-time high workstations should not be connected to the company network

Which of the following budgets serves as a basis for the budgeted income statement?

A. All financial budgets

B. All operating budgets

C. Only the cash budget and budgeted balance sheet

D. Only the sales and production budgets

Which of the following is a key component of an organization's cybersecurity governance?

A. Administrators monitoring the use, assignment and configuration of privileges on the network.

B. The IT department establishing implementing, and actively managing security configurations.

C. Management identifying and classifying the types of critical data in the organization's system

D. Senior management of the organization setting the cybersecurity policy

Which of me following statements is true regarding the reporting of tangible and intangible assets?

A. For plant assets cost includes the purchase price and the cost of design and construction

B. For intangible assets cost includes the purchase price and development costs

C. Due to their indefinite nature intangible assets are not subject to amortization

D. The organization must expense any cost incurred in developing a plant asset

An internal auditor is assigned to perform data analytics. Which of the following is the next step the auditor should undertake after she has ascertained the value expected from the review?

A. Normalize the data

B. Obtain the data

C. identify the risks

D. Analyze the data

Which of the following statements about mentoring is true?

1) Mentoring can be used effectively for increasing employee retention

2) Mentoring can be used effectively in reducing employees frustration.

3) Mentoring can be used effectively for increasing organization communication.

4) Mentoring can be used effectively as a short term activity consisting of instruction and training

A. 1 2. and 3 only.

B. 1. 2 and 4 only

C. 1, 3. and 4 only.

D. 1,2. 3, and 4