IIA
IIA-CIA-PART2 · Question #202
IIA-CIA-PART2 Question #202: Real Exam Question with Answer & Explanation
Sign in or unlock IIA-CIA-PART2 to reveal the answer and full explanation for question #202. The question stem and answer options stay visible for context.
Question
A healthcare organization's chief audit executive (CAE) noted that the organization's IT team relies heavily on a vendor. Therefore an IT vendor assessment review was added to the annual audit plan. During the review, the audit team discovered that the vendor had not been performing proper monitoring to ensure that the subcontractors it hired comply with the organization requirements. The organization's chief information officer (ClO) does not agree with the audit team's recommendation for the IT team to monitor the compliance level of vendor subcontractors. How should the audit team proceed to resolve this situation?
Options
- AWrite a risk acceptance memo for the CIO to sign acknowledging the observation and indicating a
- BProvide an example of the attestation form that vendors must use. Then, recommend that the IT
- CEscalate the issue to the audit committee, as the CIO is unwilling to implement the recommended
- DEscalate the issue to the CAE to assess whether the ClO's reasoning is acceptable.
Unlock IIA-CIA-PART2 to see the answer
You've previewed enough free IIA-CIA-PART2 questions. Unlock IIA-CIA-PART2 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.