Topic 1: Exam Pool A
According to IIA guidance on IT auditing, which of the following would not be an area examined by the internal audit activity?
A. Access system security.
B. Policy development.
C. Change management.
D. Operations processes.
Which of the following techniques would be least effective in resolving the conflict created by an internal audit client's perception of the audit report as a personal attack on his management performance?
A. The auditor should focus on the audit client as a person and understand him, rather than just concentrating on the problem.
B. The auditor should make recommendations based on objective criteria, rather than based on a subjective assessment.
C. The auditor should explore alternative solutions to address the audit problem, so the audit client has options.
D. The auditor should take a flexible position on the recommendations and focus on resolving the issue by addressing the interests of the people concerned.
Which of the following statements is true regarding the roles and responsibilities associated with a corporate social responsibility (CSR) program?
A. The board has overall responsibility for the internal control processes associated with the CSR program.
B. Management has overall responsibility for the effectiveness of governance, risk management, and internal control processes associated with the CSR program.
C. The internal audit activity is responsible for ensuring that CSR principles are integrated into the organization's policies and procedures.
D. Every employee has a responsibility for ensuring the success of the organization's CSR objectives.
Which of the following statements best describes the frameworks set forth by the International Standards Organization?
A. Globally accepted standards for industries and processes.
B. Bridging the gaps among control requirements, technical issues, and business risks.
C. Practical guidance and benchmarks for all organizations that use information systems.
D. Frameworks and guidance on enterprise risk management, internal control, and fraud deterrence.
An internal auditor is reviewing physical and environmental controls for an IT organization. Which control activity should not be part of this review?
A. Develop and test the organization's disaster recovery plan.
B. Install and test fire detection and suppression equipment.
C. Restrict access to tangible IT resources.
D. Ensure that at least one developer has access to both systems and operations.
Which of the following factors would reduce dissatisfaction for a management trainee but would not particularly motivate the trainee?
A. A sense of achievement.
B. Promotion.
C. Recognition.
D. An incremental increase in salary.
An organization had three large centralized divisions: one that received customer orders for service work; one that scheduled the service work at customer locations; and one that answered customer calls about service problems. These three divisions were restructured into seven regional groups, each of which performed all three functions. One advantage of this restructuring would be:
A. Better internal controls.
B. Greater economies of scale.
C. Improved work flow.
D. Increased specialization.
A company's financial balance sheet is presented below:
The company has net working capital of:
A. $160
B. $210
C. $350
D. $490
Which of the following standards would be most useful in evaluating the performance of a customer-service group?
A. The average time per customer inquiry should be kept to a minimum.
B. Customer complaints should be processed promptly.
C. Employees should maintain a positive attitude when dealing with customers.
D. All customer inquiries should be answered within seven days of receipt.
Which of the following statements is true regarding outsourced business processes?
A. Outsourced business processes should not be considered in the internal audit universe because the controls are owned by the external service provider.
B. Generally, independence is improved when the internal audit activity reviews outsourced business processes.
C. The key controls of outsourced business processes typically are more difficult to audit because they are designed and managed externally.
D. The system of internal controls may be better and more efficient when the business process is outsourced compared to internally sourced.
According to Porter's model of competitive strategy, which of the following is a generic strategy?
1) Differentiation.
2) Competitive advantage.
3) Focused differentiation.
4) Cost focus.
A. 2 only
B. 3 and 4 only
C. 1, 3, and 4 only
D. 1, 2, 3, and 4
Which of the following is not a common feature of cumulative preferred stock?
A. Priority over common stock with regard to dilution of shares.
B. Priority over common stock with regard to earnings.
C. Priority over common stock with regard to dividend payment.
D. Priority over common stock with regard to assets.
| Page 17 out of 41 Pages |
| 11121314151617181920212223 |
| IIA-CIA-Part3-3P Practice Test Home |
Real-World Scenario Mastery: Our IIA-CIA-Part3-3P practice exam don't just test definitions. They present you with the same complex, scenario-based problems you'll encounter on the actual exam.
Strategic Weakness Identification: Each practice session reveals exactly where you stand. Discover which domains need more attention, before Certified Internal Auditor Part Three - Business Knowledge for Internal Auditing exam day arrives.
Confidence Through Familiarity: There's no substitute for knowing what to expect. When you've worked through our comprehensive IIA-CIA-Part3-3P practice exam questions pool covering all topics, the real exam feels like just another practice session.
Copyright © All Rights Reserved