IIA-CIA-PART3 Exam Questions

Internal auditors want to increase the likelihood of identifying very small control and transaction anomalies in their testing that could potentially be exploited to cause material...

An internal auditor discusses user-defined default passwords with the database administrator. Such passwords will be reset as soon as the user logs in for the first time, but the i...

Which of the following should internal auditors be attentive of when reviewing personal data consent and opt-in/opt-out management process?

In an effort to increase business efficiencies and improve customer service offered to its major trading partners, management of a manufacturing and distribution company establishe...

Which of these instances accurately describes the responsibilities for big data governance?

According to IIA guidance, which of the following statements is true regarding penetration testing?

Which of the following financial statements provides the best disclosure of how a company's money was used during a particular period?

According to The IIA's Three Lines Model, which of the following IT security activities is commonly shared by all three lines?

A organization finalized a contract in which a vendor is expected to design, procure, and construct a power substation for $3,000,000. In this scenario, the organization agreed to...

Which of the following analytical techniques would an internal auditor use to verify that none of an organization's employees are receiving fraudulent invoice payments?

Which of the following would be the best method to collect information about employees' job satisfaction?

Which of the following is a distinguishing feature of managerial accounting, which is not applicable to financial accounting?

Which of the following facilitates data extraction from an application?

Which of the following controls is the most effective for ensuring confidentially of transmitted information?

An internal auditor was assigned to test for ghost employees using data analytics. The auditor extracted employee data from human resources and payroll. Using spreadsheet functions...

An organization prepares a statement of privacy to protect customers' personal information. Which of the following might violate the privacy principles?

Which of the following statements describes the typical benefit of using a flat organizational structure for the internal audit activity, compared to a hierarchical structure?

Which of the following statements is true regarding the term "flexible budgets" as it is used in accounting?

While conducting an audit of the accounts payable department, an internal auditor found that 3% of payments made during the period under review did not agree with the submitted inv...

Which of the following backup methodologies would be most efficient in backing up a database in the production environment?

Senior management is trying to decide whether to use the direct write-off or allowance method for recording bad debt on accounts receivables. Which of the following would be the be...

The chief audit executive (CAE) has been asked to evaluate the chief technology officer's proposal to outsource several key functions in the organization's IT department. Which of...

Which of the following types of budgets will best provide the basis for evaluating the organization's performance?

Which of the following can be viewed as a potential benefit of an enterprisewide resource planning system?

When executive compensation is based on the organization's financial results, which of the following situations is most likely to arise?

Which of the following would be classified as IT general controls?

Which of the following physical access controls often functions as both a preventive and detective control?

Which of the following statements is true regarding a project life cycle?

Which of the following statements is true regarding activity-based costing (ABC)?

An organization was forced to stop production unexpectedly, as raw materials could not be delivered due to a military conflict in the region. Which of the following plans have most...

An organization selected a differentiation strategy to compete at the business level. Which of the following structures best fits this strategic choice?