IIA-CIA-Part3-3P

Which of the following are included in ISO 31000 risk principles and guidelines?A . Standards, framework, and process.B . Standards, assessments, and process.C . Principles, framework, and process.D . Principles, practices, and process.View AnswerAnswer: C

Maintenance cost at a hospital was observed to increase as activity level increased. The following data was gathered: Activity Level - Maintenance Cost Month Patient Days January 5,600 $7,900 February 7,100 $8,500 March 5,000 $7,400 April 6,500 $8,200 May 7,300 $9,100 June 8,000 $9,800 If the cost of maintenance is...

According to IIA guidance, which of the following corporate social responsibility (CSR) evaluation activities may be performed by the internal audit activity? 1) Consult on CSR program design and implementation. 2) Serve as an advisor on CSR governance and risk management. 3) Review third parties for contractual compliance with CSR...

The decision to implement enhanced failure detection and back-up systems to improve data integrity is an example of which risk response?A . Risk acceptance.B . Risk sharing.C . Risk avoidance.D . Risk reduction.View AnswerAnswer: D

Which of the following is not a potential area of concern when an internal auditor places reliance on spreadsheets developed by users?A . Increasing complexity over time.B . Interface with corporate systems.C . Ability to meet user needs.D . Hidden data columns or worksheets.View AnswerAnswer: C

Which of the following statements about slack time and milestones are true? 1) Slack time represents the amount of time a task may be delayed without delaying the entire project. 2) A milestone is a moment in time that marks the completion of the project's major deliverables. 3) Slack time...

Which of the following roles would be least appropriate for the internal audit activity to undertake with regard to an organization's corporate social responsibility (CSR) program?A . Consult on project design and implementation of the CSR program.B . Serve as an advisor on internal controls related to CSD . Identify...

Which of the following is false with regard to Internet connection firewalls?A . Firewalls can protect against computer viruses.B . Firewalls monitor attacks from the Internet.C . Firewalls provide network administrators tools to retaliate against hackers.D . Firewalls may be software-based or hardware-based.View AnswerAnswer: A

Which of the following statements about matrix organizations is false?A . In a matrix organization, conflict between functional and product managers may arise.B . In a matrix organization, staff under dual command is more likely to suffer stress at work.C . Matrix organizations offer the advantage of greater flexibility.D ....

When granting third parties temporary access to an entity's computer systems, which of the following is the most effective control?A . Access is approved by the supervising manager.B . User accounts specify expiration dates and are based on services provided.C . Administrator access is provided for a limited period.D ....