IIA-CRMA-ADV exam

Which of the following audit techniques is used to evaluate control design while also embodying auditing's analytical process?A . A risk and control matrix.B . A flowchart.C . A walk-through.D . A process narrative.View AnswerAnswer: A

Which of the following actions indicates a lack of due professional care by an internal auditor performing an audit of a store's cash function?A . The audit report included a well-supported recommendation for a reduction in staff even though such a reduction might adversely impact morale.B . The auditor tested...

A computer system automatically locks a user's account after three unsuccessful attempts to log on. Which type of control does this scenario represent?A . Corrective control.B . Preventive control.C . Detective control.D . Compensating control.View AnswerAnswer: B

Which of the following audit techniques is used to evaluate control design while also embodying auditing's analytical process?A . A risk and control matrix.B . A flowchart.C . A walk-through.D . A process narrative.View AnswerAnswer: A

According to IIA guidance, which of the following best describes processes and tools typically used in ongoing internal assessments?A . Benchmarking of the internal audit activity's practices and performance.B . Report of internal assessment results, response plans, and outcomes.C . Analysis of performance metrics such as cycle times.D . Self-assessments...

A candidate has applied for an entry level internal audit position. The candidate holds a CISA (Certified Information Systems Auditor) designation, and has six months of audit experience, but limited knowledge of accounting principles and techniques. According to the IIA guidance, which of the following is the most relevant reason...

What type of risk management strategy is being employed when an organization installs two firewalls to provide protection from unauthorized access to the network?A . Diversifying the risk that network access will not be available to legitimate, authorized users.B . Accepting the risk that there may be attempts at unauthorized...

A computer system automatically locks a user's account after three unsuccessful attempts to log on. Which type of control does this scenario represent?A . Corrective control.B . Preventive control.C . Detective control.D . Compensating control.View AnswerAnswer: B

According to IIA guidance, which of the following statements is false regarding continuing professional education for the internal audit activity (IAA)?A . Continuing professional education can be obtained through IAA involvement in research projects.B . Employers are responsible for ensuring that the continuing professional education needs of the IAA are...

Which of the following is not an appropriate activity for internal auditors to perform?A . Recommend management seek a consulting firm to advise on outsourcing.B . Highlight matters that require management's attention.C . Implement solutions for specific organizational problems.D . Accumulate data, obtain varying views, and report information to senior...