IIA-CIA-Part3 Free Questions – CIA Exam Part Three: Business Knowledge for Internal Auditing V10.02 – PassQuestion Free Questions To Test Online

1. Which of the following statements regarding organizational governance is not correct?

An effective internal audit function is one of the four cornerstones of good governance.

Those performing governance activities are accountable to the customer.

Accountability is one of the key elements of organizational governance.

Governance principles and the need for an internal audit function are applicable to governmental and not-for-profit activities.

2. Which of the following statements is correct regarding corporate compensation systems and related bonuses?
1. A bonus system should be considered part of the control environment of an organization and should be considered in formulating a report on internal control.
2. Compensation systems are not part of an organization’s control system and should not be reported as such.
3. An audit of an organization’s compensation system should be performed independently of an audit of the control system over other functions that impact corporate bonuses.

1 only

2 only

3 only

2 and 3 only

3. Which is the least effective form of risk management?

Systems-based preventive control.

People-based preventive control.

Systems-based detective control.

People-based detective control.

4. Which of the following is a role of the board of directors in the governance process?

Conduct periodic assessments of the organization’s governance systems.

Obtain assurance concerning the effectiveness of the organization’s governance systems.

Implement an effective system of internal controls to support the organization’s governance systems.

Review and approve operational goals and objectives.

5. The first stage in the development of a crisis management program is to:

Formulate contingency plans.

Conduct a risk analysis.

Create a crisis management team.

Practice the response to a crisis.

6. The decision to implement enhanced failure detection and back-up systems to improve data integrity is an example of which risk response?

Risk acceptance.

Risk sharing.

Risk avoidance.

Risk reduction.

7. Which of the following activities most significantly increases the risk that a bank will make poor-quality loans to its customers?

Borrowers may not sign all required mortgage loan documentation.

Fees paid by the borrower at the time of the loan may not be deposited in a timely manner.

The bank’s loan documentation may not meet the government’s disclosure requirements.

Loan officers may override the lending criteria established by senior management.

8. When developing an effective risk-based plan to determine audit priorities, an internal audit activity should start by:

Identifying risks to the organization’s operations.

Observing and analyzing controls.

Prioritizing known risks.

Reviewing organizational objectives.

9. Which of the following statements is correct regarding risk analysis?

The extent to which management judgments are required in an area could serve as a risk factor in assisting the auditor in making a comparative risk analysis.

The highest risk assessment should always be assigned to the area with the largest potential loss.

The highest risk assessment should always be assigned to the area with the highest probability of occurrence.

Risk analysis must be reduced to quantitative terms in order to provide meaningful comparisons across an organization.

10. During a review of a web-based application used by customers to check the status of their bank accounts, it would be most important for the internal auditor to ensure that:

Access to read application logs is restricted to authorized users.

Account balance information is encrypted in the database.

The web server used to host the application is located in a physically secure area.

Sensitive data, such as account numbers, are submitted using encrypted communications.

11. Which of the following steps should an internal auditor take during an audit of an organization’s business continuity plans?
1. Evaluate the business continuity plans for adequacy and currency.
2. Prepare a business impact analysis regarding the loss of critical business.
3. Identify key personnel who will be required to implement the plans.
4. Identify and prioritize the resources required to support critical business processes.

1 only

2 and 4 only

1, 3, and 4 only

1, 2, 3, and 4

12. Which of the following engagement observations would provide the least motivation for management to amend or replace an existing cost accounting system?

The distorted unit cost of a service is 50 percent lower than the true cost, while the true cost is 50 percent higher than the competition’s cost.

The organization is losing $1,000,000 annually because it incorrectly outsourced an operation based on information from its current system.

The cost of rework, hidden by the current system, is 50 percent of the total cost of all services.

50 percent of total organizational cost has been allocated on a volume basis.

13. Which of the following control techniques would minimize the risk of interception during transmission in an electronic data interchange system?
1. Encryption.
2. Traffic padding.
3. Edit checks.
4. Structured data format.

1 and 2 only

2 and 3 only

3 and 4 only

1, 2, and 3 only

14. The main reason to establish internal controls in an organization is to:

Encourage compliance with policies and procedures.

Safeguard the resources of the organization.

Ensure the accuracy, reliability, and timeliness of information.

Provide reasonable assurance on the achievement of objectives.

15. For an engineering department with a total quality management program, important elements of quality management include all of the following except:

Basing performance evaluations on the number of projects completed.

Comparing results with those of other engineering departments.

Creating a quality council within the engineering department.

Conducting post-project surveys on performance.

16. The economic order quantity for inventory is higher for an organization that has:

Lower annual unit sales.

Higher fixed inventory ordering costs.

Higher annual carrying costs as a percentage of inventory value.

A higher purchase price per unit of inventory.

17. Which of the following is a characteristic of just-in-time inventory management systems?

Users determine the optimal level of safety stocks.

They are applicable only to large organizations.

They do not really increase overall economic efficiency because they merely shift inventory levels further up the supply chain.

They rely heavily on high quality materials.

18. The percentage of sales method, rather than the percentage of receivables method, would be used to estimate uncollectible accounts if an organization seeks to:

Use an aging schedule to more closely estimate uncollectible accounts.

Eliminate the need for an allowance for doubtful accounts.

Emphasize the accuracy of the net realizable value of the receivables on the balance sheet.

Use a method that approximates the matching principle.

19. What must be monitored in order to manage risk of consumer product inventory obsolescence?
1. Inventory balances.
2. Market share forecasts.
3. Sales returns.
4. Sales trends.

1 only

4 only

1 and 4 only

1, 2, and 3 only

20. Preferred stock is less risky for investors than is common stock because:

Common stock pays dividends as a stated percentage of face value.

Common stock has priority over preferred stock with regard to earnings and assets.

Preferred dividends are usually cumulative.

Preferred stock with no conversion feature has a higher dividend yield than does convertible preferred stock.

IIA-CIA-Part3 Free Questions – CIA Exam Part Three: Business Knowledge for Internal Auditing V10.02

IIA-CIA-Part3 Free Questions – CIA Exam Part Three: Business Knowledge for Internal Auditing V10.02

Leave a Reply Cancel reply