Topic 1: Exam Pool A
Which of the following is the most appropriate test to assess the privacy risks associated with an organization's workstations?
A. Penetration test.
B. Social engineering test.
C. Vulnerability test.
D. Physical control test.
Which of the following are likely indicators of ineffective change management?
1) IT management is unable to predict how a change will impact interdependent systems or business processes.
2) There have been significant increases in trouble calls or in support hours logged by programmers.
3) There is a lack of turnover in the systems support and business analyst development groups.
4) Emergency changes that bypass the normal control process frequently are deemed necessary.
A. 1 and 3 only
B. 2 and 4 only
C. 1, 2, and 4 only
D. 1, 2, 3, and 4
Refer to the exhibit.
If the profit margin of an organization decreases, and all else remains equal, which of the
following describes how the "Funds Needed" line in the graph below will shift?
A. The "Funds Needed" line will remain pointed upward, but will become less steep.
B. The "Funds Needed" line will remain pointed upward, but will become more steep.
C. The "Funds Needed" line will point downward with a minimal slope.
D. The "Funds Needed" line will point downward with an extreme slope.
Which of the following statements regarding program change management is not correct?
A. The goal of the change management process is to sustain and improve organizational operations.
B. The degree of risk associated with a proposed change determines if the change request requires authorization.
C. In order to protect the production environment, changes must be managed in a repeatable, defined, and predictable manner.
D. All changes should be tested in a non-production environment before migrating to the production environment.
Which audit approach should be employed to test the accuracy of information housed in a database on an un-networked computer?
A. Submit batches of test transactions through the current system and verify with expected results.
B. Use a test program to simulate the normal data entering process.
C. Select a sample of records from the database and ensure it matches supporting documentation.
D. Evaluate compliance with the organization's change management process.
Which of the following is a major advantage of decentralized organizations, compared to centralized organizations?
A. Decentralized organizations are more focused on organizational goals.
B. Decentralized organizations streamline organizational structure.
C. Decentralized organizations tend to be less expensive to operate.
D. Decentralized organizations tend to be more responsive to market changes.
According to IIA guidance, which of the following corporate social responsibility (CSR) activities is appropriate for the internal audit activity to perform?
A. Determine the optimal amount of resources for the organization to invest in CSR.
B. Align CSR program objectives with the organization's strategic plan.
C. Integrate CSR activities into the organization's decision-making process.
D. Determine whether the organization has an appropriate policy governing its CSR activities.
Capacity overbuilding is most likely to occur when management is focused on which of the following?
A. Marketing.
B. Finance.
C. Production.
D. Diversification.
Which of the following costs would be incurred in an inventory stockout?
A. Lost sales, lost customers, and backorder.
B. Lost sales, safety stock, and backorder.
C. Lost customers, safety stock, and backorder.
D. Lost sales, lost customers, and safety stock.
Senior management has decided to implement the Three Lines of Defense model for risk management. Which of the following best describes senior management's duties with regard to this model?
A. Ensure compliance with the model.
B. Identify management functions.
C. Identify emerging issues.
D. Set goals for implementation.
Which of the following IT strategies is most effective for responding to competitive pressures created by the marketplace?
A. Promote closer linkage between organizational strategy and information.
B. Provide users with greater online access to information systems.
C. Enhance the functionality of application systems.
D. Expand the use of automated controls.
A global business organization is selecting managers to post to various international (expatriate) assignments.
In the screening process, which of the following traits would be required to make a manager a successful expatriate?
1) Superior technical competence.
2) Willingness to attempt to communicate in a foreign language.
3) Ability to empathize with other people.
A. 1 and 2 only
B. 1 and 3 only
C. 2 and 3 only
D. 1, 2, and 3
| Page 14 out of 41 Pages |
| 891011121314151617181920 |
| IIA-CIA-Part3-3P Practice Test Home |
Real-World Scenario Mastery: Our IIA-CIA-Part3-3P practice exam don't just test definitions. They present you with the same complex, scenario-based problems you'll encounter on the actual exam.
Strategic Weakness Identification: Each practice session reveals exactly where you stand. Discover which domains need more attention, before Certified Internal Auditor Part Three - Business Knowledge for Internal Auditing exam day arrives.
Confidence Through Familiarity: There's no substitute for knowing what to expect. When you've worked through our comprehensive IIA-CIA-Part3-3P practice exam questions pool covering all topics, the real exam feels like just another practice session.
Copyright © All Rights Reserved