According to the COSO enterprise risk management (ERM) framework, which of the following is not a typical responsibility of the chief risk officer?
According to the COSO enterprise risk management (ERM) framework, which of the following is not a typical responsibility of the chief risk officer?A . Establishing risk category definitions and a common risk language for likelihood and impact measures.B . Defining ERM roles and responsibilities.C . Providing the board with an...
At what point during the systems development process should an internal auditor verify that the new application's connectivity to the organization's other systems has been established correctly?
At what point during the systems development process should an internal auditor verify that the new application's connectivity to the organization's other systems has been established correctly?A . Prior to testing the new application.B . During testing of the new application.C . During implementation of the new application.D . During...
Organizational activities that complement each other and create a competitive advantage are called a:
Organizational activities that complement each other and create a competitive advantage are called a:A . Merger.B . Strategic fit.C . Joint venture.D . Strategic goal.View AnswerAnswer: B
Multinational organizations generally spend more time and effort to identify and evaluate:
Multinational organizations generally spend more time and effort to identify and evaluate:A . Internal strengths and weaknesses.B . Break-even points.C . External trends and events.D . Internal risk factors.View AnswerAnswer: C
Which of the following describes the most likely year-over-year change to the organization's total liabilities and total stockholder equity?
An organization's balance sheet indicates that the total asset amount and the total capital stock amount remained unchanged from one year to the next, and no dividends were declared or paid. However, the organization reported a loss of $200,000 . Which of the following describes the most likely year-over-year change...
According to IIA guidance, which of the following would be a primary reason for an internal auditor to test the organization's IT contingency plan?
TION NO: 129 According to IIA guidance, which of the following would be a primary reason for an internal auditor to test the organization's IT contingency plan?A . To ensure that adequate controls exist to prevent any significant business interruptions.B . To identify and address potential security weaknesses within the...
Which of the following would best prevent unauthorized external changes to an organization's data?
Which of the following would best prevent unauthorized external changes to an organization's data?A . Antivirus software, firewall, data encryption.B . Firewall, data encryption, backup procedures.C . Antivirus software, firewall, backup procedures.D . Antivirus software, data encryption, change logs.View AnswerAnswer: A
Under a value-added taxing system:
Under a value-added taxing system:A . Businesses must pay a tax only if they make a profit.B . The consumer ultimately bears the cost of the tax through higher prices.C . Consumer savings are discouraged.D . The amount of value added is the difference between an organization's sales and its...
According to IIA guidance, which of the following steps are most important for an internal auditor to perform when evaluating an organization's social and environmental impact on the local community?
According to IIA guidance, which of the following steps are most important for an internal auditor to perform when evaluating an organization's social and environmental impact on the local community? 1) Determine whether previous incidents have been reported, managed, and resolved. 2) Determine whether a business contingency plan exists. 3)...
Which of the following are likely indicators of ineffective change management?
Which of the following are likely indicators of ineffective change management? 1) IT management is unable to predict how a change will impact interdependent systems or business processes. 2) There have been significant increases in trouble calls or in support hours logged by programmers. 3) There is a lack of...