An internal auditor is assessing the risks related to an organization's mobile device policy. She notes that the organization allows third parties (vendors and visitors) to use outside smart devices to access its proprietary networks and systems. Which of the following types of smart device risks should the internal Auditor be most concerned about?
A. Compliance.
B. Privacy
C. Strategic
D. Physical security
An internal auditor discusses user-defined default passwords with the database administrator. Such passwords will be reset as soon as the user logs in for the first time, but the initial value of the password is set as "123456." Which of the following are the auditor and the database administrator most likely discussing in this situation?
A. Whether it would be more secure to replace numeric values with characters
B. What happens in the situations where users continue using the initial password.
C. What happens in the period between the creation of the account and the password change
D. Whether users should be trained on password management features and requirements
Which of the following concepts of managerial accounting is focused on achieving a point of low or no inventory?
A. Theory of constraints.
B. Just-in-time method
C. Activity-based costing
D. Break-even analysis
Which of the following is most influenced by a retained earnings policy?
A. Cash.
B. Dividends.
C. Gross margin.
D. Net income
Which of the following financial statements provides the best disclosure of how a company's money was used during a particular period?
A. Income statement.
B. Owner's equity statement
C. Balance sheet
D. Statement of cash flows
Which of the following best explains why an organization would enter into a capital lease contract?
A. To increase the ability to borrow additional funds from creditors
B. To reduce the organization's free cash flow from operations
C. To Improve the organization's free cash flow from operations
D. To acquire the asset at the end of the lease period at a price lower than the fair market value
Which of the following describes a mechanistic organizational structure?
A. Primary direction of communication tends to be lateral.
B. Definition of assigned tasks tends to be broad and general.
C. Type of knowledge required tends to be broad and professional.
D. Reliance on self-control tends to be low.
According to I1A guidance on IT. which of the following activities regarding information security Is most likely to be the responsibility of line management as opposed to executive management, internal auditors, or the board?
A. Review and monitor security controls.
B. Dedicate sufficient security resources.
C. Provide oversight to the security function.
D. Assess information control environments
An organization is considering integration of governance, risk., and compliance (GRC) activities into a centralized technology-based resource. In implementing this GRC resource, which of the following is a key enterprise governance concern that should be fulfilled by the final product?
A. The board should be fully satisfied that there is an effective system of governance in place through accurate, quality information provided.
B. Compliance, audit, and risk management can find and seek efficiencies between their functions through integrated information reporting.
C. Key compliance and risk metrics can be tracked and compared throughout the enterprise, aiding in identifying problem departments.
D. Data analytics can be utilized for trending of the data to ensure that patterns and ongoing monitoring occurs throughout the organization.
According to 11A guidance on IT, which of the following spreadsheets is most likely to be considered a high-risk user-developed application?
A. A revenue calculation spreadsheet supported with price and volume reports from the production department.
B. An asset retirement calculation spreadsheet comprised of multiple formulas and assumptions.
C. An ad-hoc inventory listing spreadsheet comprising details of written-off inventory quantities.
D. An accounts receivable reconciliation spreadsheet used by the accounting manager to verify balances
Which of the following measures the operating success of a company for a given period of time?
A. Liquidity ratios.
B. Profitability ratios.
C. Solvency ratios.
D. Current ratios.
Which of these instances accurately describes the responsibilities for big data governance?
A. Management must ensure information storage systems are appropriately defined and processes to update critical data elements are clear.
B. External auditors must ensure that analytical models are periodically monitored and maintained.
C. The board must implement controls around data quality dimensions to ensure that they are effective.
D. Internal auditors must ensure the quality and security of data, with a heightened focus on the riskiest data elements.
| Page 16 out of 41 Pages |
| 10111213141516171819202122 |
| IIA-CIA-Part3 Practice Test Home |
Real-World Scenario Mastery: Our IIA-CIA-Part3 practice exam don't just test definitions. They present you with the same complex, scenario-based problems you'll encounter on the actual exam.
Strategic Weakness Identification: Each practice session reveals exactly where you stand. Discover which domains need more attention, before Certified Internal Auditor Part 3 - Internal Audit Function exam day arrives.
Confidence Through Familiarity: There's no substitute for knowing what to expect. When you've worked through our comprehensive IIA-CIA-Part3 practice exam questions pool covering all topics, the real exam feels like just another practice session.