ExamGecko
Search Search Login
Home Home / IIA / IIA-CIA-Part3

IIA IIA-CIA-Part3 Practice Test - Questions Answers, Page 32

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

When executive compensation is based on the organization's financial results, which of the following situations is most likely to arise?
Which of the following contract concepts is typically given in exchange for the execution of a promise?
An internal auditor is reviewing key phases of a software development project. Which of the following would; the auditor most likely use to measure the project team's performance related to how project tasks are completed?
Which of the following statements is true regarding a project life cycle?
An internal auditor observed that the organization's disaster recovery solution will make use of a cold site in a town several miles away. Which of the following is likely to be a characteristic of this disaster recover/ solution?
An organization is considering outsourcing its IT services, and the internal auditor as assessing the related risks. The auditor grouped the related risks into three categories; - Risks specific to the organization itself. - Risks specific to the service provider. - Risks shared by both the organization and the service provider Which of the following risks should the auditor classify as specific to the service provider?
A newly appointed board member received an email that appeared to be from the company's CEO. The email stated: "Good morning. As you remember, the closure of projects is our top priority. Kindly organize prompt payment of the attached invoice for our new solar energy partners." The board member quickly replied to the email and asked under which project the expense should be accounted. Only then did he realize that the sender 's mail domain was different from the company's. Which of the following cybersecurity risks nearly occurred in the situation described?
An employee was promoted within the organization and relocated to a new office in a different building. A few months later, security personnel discovered that the employee's smart card was being used to access the building where she previously worked. Which of the following security controls could prevent such an incident from occurring?
Which of the following best describes the use of predictive analytics?
Which of the following characteristics applies to an organization that adopts a flat structure?

Question 311

Report
Export
Collapse

Which of the following should internal auditors be attentive of when reviewing personal data consent and opt-in/opt-out management process?

A.
Whether customers are asked to renew their consent for their data processing at least quarterly.
A.
Whether customers are asked to renew their consent for their data processing at least quarterly.
Answers
B.
Whether private data is processed in accordance with the purpose for which the consent was obtained?
B.
Whether private data is processed in accordance with the purpose for which the consent was obtained?
Answers
C.
Whether the organization has established explicit and entitywide policies on data transfer to third parties.
C.
Whether the organization has established explicit and entitywide policies on data transfer to third parties.
Answers
D.
Whether customers have an opportunity to opt-out the right to be forgotten from organizational records and systems.
D.
Whether customers have an opportunity to opt-out the right to be forgotten from organizational records and systems.
Answers
Suggested answer: C

Question 312

Report
Export
Collapse

In an effort to increase business efficiencies and improve customer service offered to its major trading partners, management of a manufacturing and distribution company established a secure network, which provides a secure channel for electronic data interchange between the company and its partners. Which of the following network types is illustrated by this scenario?

A.
A value-added network.
A.
A value-added network.
Answers
B.
A local area network.
B.
A local area network.
Answers
C.
A metropolitan area network.
C.
A metropolitan area network.
Answers
D.
A wide area network.
D.
A wide area network.
Answers
Suggested answer: A

Question 313

Report
Export
Collapse

Which of these instances accurately describes the responsibilities for big data governance?

A.
Management must ensure information storage systems are appropriately defined and processes to update critical data elements are clear.
A.
Management must ensure information storage systems are appropriately defined and processes to update critical data elements are clear.
Answers
B.
External auditors must ensure that analytical models are periodically monitored and maintained.
B.
External auditors must ensure that analytical models are periodically monitored and maintained.
Answers
C.
The board must implement controls around data quality dimensions to ensure that they are effective.
C.
The board must implement controls around data quality dimensions to ensure that they are effective.
Answers
D.
Internal auditors must ensure the quality and security of data, with a heightened focus on the riskiest data elements.
D.
Internal auditors must ensure the quality and security of data, with a heightened focus on the riskiest data elements.
Answers
Suggested answer: A

Question 314

Report
Export
Collapse

According to IIA guidance, which of the following statements is true regarding penetration testing?

A.
Testing should not be announced to anyone within the organization to solicit a real-life response.
A.
Testing should not be announced to anyone within the organization to solicit a real-life response.
Answers
B.
Testing should take place during heavy operational time periods to test system resilience.
B.
Testing should take place during heavy operational time periods to test system resilience.
Answers
C.
Testing should be wide in scope and primarily address detective management controls for identifying potential attacks.
C.
Testing should be wide in scope and primarily address detective management controls for identifying potential attacks.
Answers
D.
Testing should address the preventive controls and management's response.
D.
Testing should address the preventive controls and management's response.
Answers
Suggested answer: B

Question 315

Report
Export
Collapse

Which of the following financial statements provides the best disclosure of how a company's money was used during a particular period?

A.
Income statement.
A.
Income statement.
Answers
B.
Owner's equity statement.
B.
Owner's equity statement.
Answers
C.
Balance sheet.
C.
Balance sheet.
Answers
D.
Statement of cash flows.
D.
Statement of cash flows.
Answers
Suggested answer: D

Question 316

Report
Export
Collapse

According to The IIA's Three Lines Model, which of the following IT security activities is commonly shared by all three lines?

A.
Assessments of third parties and suppliers.
A.
Assessments of third parties and suppliers.
Answers
B.
Recruitment and retention of certified IT talent.
B.
Recruitment and retention of certified IT talent.
Answers
C.
Classification of data and design of access privileges.
C.
Classification of data and design of access privileges.
Answers
D.
Creation and maintenance of secure network and device configuration.
D.
Creation and maintenance of secure network and device configuration.
Answers
Suggested answer: C

Question 317

Report
Export
Collapse

A organization finalized a contract in which a vendor is expected to design, procure, and construct a power substation for $3,000,000. In this scenario, the organization agreed to which of the following types of contracts?

A.
A cost-reimbursable contract.
A.
A cost-reimbursable contract.
Answers
B.
A lump-sum contract.
B.
A lump-sum contract.
Answers
C.
A time and material contract.
C.
A time and material contract.
Answers
D.
A bilateral contract.
D.
A bilateral contract.
Answers
Suggested answer: B

Question 318

Report
Export
Collapse

Which of the following analytical techniques would an internal auditor use to verify that none of an organization's employees are receiving fraudulent invoice payments?

A.
Perform gap testing.
A.
Perform gap testing.
Answers
B.
Join different data sources.
B.
Join different data sources.
Answers
C.
Perform duplicate testing.
C.
Perform duplicate testing.
Answers
D.
Calculate statistical parameters.
D.
Calculate statistical parameters.
Answers
Suggested answer: B

Question 319

Report
Export
Collapse

Which of the following would be the best method to collect information about employees' job satisfaction?

A.
Online surveys sent randomly to employees.
A.
Online surveys sent randomly to employees.
Answers
B.
Direct onsite observations of employees.
B.
Direct onsite observations of employees.
Answers
C.
Town hall meetings with employees.
C.
Town hall meetings with employees.
Answers
D.
Face-to-face interviews with employees.
D.
Face-to-face interviews with employees.
Answers
Suggested answer: D

Question 320

Report
Export
Collapse

Which of the following is a distinguishing feature of managerial accounting, which is not applicable to financial accounting?

A.
Managerial accounting uses double-entry accounting and cost data.
A.
Managerial accounting uses double-entry accounting and cost data.
Answers
B.
Managerial accounting uses general accepted accounting principles.
B.
Managerial accounting uses general accepted accounting principles.
Answers
C.
Managerial accounting involves decision making based on quantifiable economic events.
C.
Managerial accounting involves decision making based on quantifiable economic events.
Answers
D.
Managerial accounting involves decision making based on predetermined standards.
D.
Managerial accounting involves decision making based on predetermined standards.
Answers
Suggested answer: D
Total 340 questions
Go to page: of 34
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms