Which of the following risks would Involve individuals attacking an oil company's IT system as a sign of solidarity against drilling in a local area?
A. Tampering
B. Hacking
C. Phishing
D. Piracy
How do data analysis technologies affect internal audit testing?
A. They improve the effectiveness of spot check testing techniques.
B. They allow greater insight into high risk areas.
C. They reduce the overall scope of the audit engagement,
D. They increase the internal auditor's objectivity.
Which of the following is a likely result of outsourcing?
A. Increased dependence on suppliers.
B. Increased importance of market strategy.
C. Decreased sensitivity to government regulation
D. Decreased focus on costs
During disaster recovery planning, the organization established a recovery point objective. Which of the following best describes this concept?
A. The maximum tolerable downtime after the occurrence of an incident.
B. The maximum tolerable data loss after the occurrence of an incident.
C. The maximum tolerable risk related to the occurrence of an incident
D. The minimum recovery resources needed after the occurrence of an incident
Which type of bond sells at & discount from face value, then increases in value annually until it reaches maturity and provides the owner with the total payoff?
A. High-yield bonds
B. Commodity-backed bonds
C. Zero coupon bonds
D. Junk bonds
Which of the following can be classified as debt investments?
A. Investments in the capital stock of a corporation
B. Acquisition of government bonds.
C. Contents of an investment portfolio,
D. Acquisition of common stock of a corporation
An investor has acquired an organization that has a dominant position in a mature. slewgrowth
Industry and consistently creates positive financial income.
Which of the following terms would the investor most likely label this investment in her
portfolio?
A. A star
B. A cash cow
C. A question mark
D. A dog
According to IIA guidance on IT, which of the following would be considered a primary control for a spreadsheet to help ensure accurate financial reporting?
A. Formulas and static data are locked or protected.
B. The spreadsheet is stored on a network server that is backed up daily.
C. The purpose and use of the spreadsheet are documented.
D. Check-in and check-out software is used to control versions.
Which of the following disaster recovery plans includes recovery resources available at the site, but they may need to be configured to support the production system?
A. Warm site recovery plan.
B. Hot site recovery plan.
C. Hot site recovery plan.
D. Cold site recovery plan.
Which of the following would be the strongest control to prevent unauthorized wireless network access?
A. Allowing access to the organization's network only through a virtual private network.
B. Logging devices that access the network, including the date. time, and identity of the user.
C. Tracking all mobile device physical locations and banning access from non-designated areas.
D. Permitting only authorized IT personnel to have administrative control of mobile devices.
Which of the following principles s shared by both hierarchies and open organizational
structures?
1. A superior can delegate the authority to make decisions but cannot delegate the ultimate
responsibility for the results of those decisions.
2. A supervisor's span of control should not exceed seven subordinates.
3. Responsibility should be accompanied by adequate authority.
4. Employees at all levels should be empowered to make decisions.
A. 1 and 3 only
B. 1 and 4 only
C. 2 and 3 only
D. 3 and 4 only
An internal auditor reviewed Finance Department records to obtain a list of current vendor addresses. The auditor then compared the vendor addresses to a record of employee addresses maintained by the Payroll Department Which of the following types of data analysis did the auditor perform?
A. Duplicate testing.
B. Joining data sources.
C. Gap analysis.
D. Classification
| Page 9 out of 28 Pages |
| Previous |