IIA IIA-CIA-Part3 CIA Exam Part Three: Business Knowledge for Internal Auditing Online Training
IIA IIA-CIA-Part3 Online Training
The questions for IIA-CIA-Part3 were last updated at Jan 29,2025.
- Exam Code: IIA-CIA-Part3
- Exam Name: CIA Exam Part Three: Business Knowledge for Internal Auditing
- Certification Provider: IIA
- Latest update: Jan 29,2025
A financial institution receives frequent and varied email requests from customers for funds to be wired out of their accounts.
Which verification activity would best help the institution avoid falling victim to phishing?
- A . Reviewing the customer’s wire activity to determine whether the request is typical.
- B . Calling the customer at the phone number on record to validate the request.
- C . Replying to the customer via email to validate the sender and request.
- D . Reviewing the customer record to verify whether the customer has authorized wire requests from that email address.
A chief audit executive wants to implement an enterprisewide resource planning software.
Which of the following internal audit assessments could provide overall assurance on the likelihood of the software implementation’s success?
- A . Readiness assessment.
- B . Project risk assessment.
- C . Post-implementation review.
- D . Key phase review.
Management has established a performance measurement focused on the accuracy of disbursements. The disbursement statistics, provided daily to ail accounts payable and audit staff, include details of payments stratified by amount and frequency.
Which of the following is likely to be the greatest concern regarding this performance measurement?
- A . Articulation of the data
- B . Availability of the data.
- C . Measurability of the data
- D . Relevance of the data.
Which of the following statements. Is most accurate concerning the management and audit of a web server?
- A . The file transfer protocol (FTP) should always be enabled.
- B . The simple mail transfer protocol (SMTP) should be operating under the most privileged accounts.
- C . The number of ports and protocols allowed to access the web server should be maximized.
- D . Secure protocols for confidential pages should be used instead of dear-text protocols such as HTTP or FTP.
Which of the following disaster recovery plans includes recovery resources available at the site, but they may need to be configured to support the production system?
- A . Warm site recovery plan.
- B . Hot site recovery plan.
- C . Cool site recovery plan.
- D . Cold site recovery plan.
Which of the following describes the most appropriate set of tests for auditing a workstation’s logical access controls?
- A . Review the list of people with access badges to the room containing the workstation and a log of those who accessed the room.
- B . Review the password length, frequency of change, and list of users for the workstation’s login process.
- C . Review the list of people who attempted to access the workstation and failed, as well as error messages.
- D . Review the passwords of those who attempted unsuccessfully to access the workstation and the log of their activity
In an effort to increase business efficiencies and improve customer service offered to its major trading partners, management of a manufacturing and distribution company established a secure network, which provides a secure channel for electronic data interchange between the company and its partners.
Which of the following network types is illustrated by this scenario?
- A . A value-added network.
- B . A local area network.
- C . A metropolitan area network.
- D . A wide area network.
An internal auditor is assessing the risks related to an organization’s mobile device policy. She notes that the organization allows third parties (vendors and visitors) to use outside smart devices to access its proprietary networks and systems.
Which of the following types of smart device risks should the internal Auditor be most concerned about?
- A . Compliance.
- B . Privacy
- C . Strategic
- D . Physical security
Which of following best demonstrates the application of the cost principle?
- A . A company reports trading and investment securities at their market cost
- B . A building purchased last year for $1 million is currently worth ©1.2 million, but the company still reports the building at $1 million.
- C . A building purchased last year for ©1 million is currently worth £1,2 million, and the company adjusts the records to reflect the current value
- D . A company reports assets at either historical or fair value, depending which is closer to market value.
Which of the following backup methodologies would be most efficient in backing up a database in the production environment?
- A . Disk mirroring of the data being stored on the database.
- B . A differential backup that is performed on a weekly basis.
- C . An array of independent disks used to back up the database.
- D . An incremental backup of the database on a daily basis.
Latest IIA-CIA-Part3 Dumps Valid Version with 402 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
