correct answer C
A manager decided to build his team's enthusiasm by giving encouraging talks about employee
empowerment, hoping to change the perception that management should make all decisions in the
department.
The manager is most likely trying to impact which of the following components of his team's
attitude?
A. Affective component.
B. Cognition component.
C. Thinking component.
D. Behavioral component.
A
Which of the following can be classified as debt investments?
B
Reference:
https://www.investopedia.com/terms/g/government-bond.asp
Which of the following devices best controls both physical and logical access to information systems?
B
Reference:
https://mytechdecisions.com/physical-security/biometrics-access-control-technology/
Which of the following is a cybersecurity monitoring activity intended to deter disruptive codes from
being installed on an organization's systems?
B
Reference:
https://www.techtarget.com/searchsecurity/tip/6-common-types-of-cyber-attacks-and-
how-to-prevent-them
Which of the following activities best illustrates a user's authentication control?
A
correct answer C
A company produces water buckets with the following costs per bucket:
Direct labor = $2
Direct material = $5
Fixed manufacturing = $3.50
Variable manufacturing = $2.50
The water buckets are usually sold for $15. However, the company received a special order for
50,000 water buckets at $11 each.
Assuming there is adequate manufacturing capacity and all other variables are constant, what is the
relevant cost per unit to consider when deciding whether to accept this special order at the reduced
price?
B
CORRECT ANSWER LETTER A
Which of the following IT disaster recovery plans includes a remote site designated for recovery with
available space for basic services, such as internet and telecommunications, but does not have
servers or infrastructure equipment?
B
Reference:
https://www.sciencedirect.com/topics/computer-science/disaster-recovery
Which of the following organization structures would most likely be able to cope with rapid changes
and uncertainties?
A
Reference:
https://hbr.org/2017/12/when-to-decentralize-decision-making-and-when-not-to
A chief audit executive wants to implement an enterprisewide resource planning software.
Which of the following internal audit assessments could provide overall assurance on the likelihood
of the software implementation's success?
B
Reference:
https://www.oecd.org/daf/ca/risk-management-corporate-governance.pdf
C. Post-implementation review.
A post-implementation review (PIR) is an internal audit assessment that could provide overall assurance on the likelihood of the software implementation's success. A PIR is conducted after the implementation of a project, such as the enterprise resource planning (ERP) software, to evaluate the results and outcomes achieved.
Which of the following statements is true regarding change management?
D
Reference:
https://chapters.theiia.org/montreal/ChapterDocuments/GTAG%202%20-
%20Change%20and%20Patch%20Management%20Controls%20Critical%20for%20Organizational
%20Success_2nd%20ed.pdf
During disaster recovery planning, the organization established a recovery point objective. Which of
the following best describes this concept?
B
Reference:
https://www.druva.com/glossary/what-is-a-disaster-recovery-plan-definition-and-
related-faqs/#:~:text=The%20recovery%20point%20objective%20refers,hour%20to%20meet%20this
%20objective
Which of the following statements is true regarding user-developed applications (UDAs) and
traditional IT applications?
D
correct one C
Correct Answer is A
While there may be some differences in the development processes, such as the level of formality and expertise, both UDAs and traditional IT applications go through similar stages in their development life cycle, which may include: Requirements Gathering: Understanding the business needs and functional requirements of the application.
Design: Creating the application's architecture and user interface based on the requirements.
Development: Writing the code and building the application.
Testing: Evaluating the application to ensure it functions as intended and is free from errors.
Implementation: Deploying the application into the production environment.
Maintenance: Making updates and improvements to the application as needed.
In reviewing an organization's IT infrastructure risks, which of the following controls is to be tested as
part of reviewing workstations?
D
C. Physical controls.
Correct answer is
C. Physical controls
other options are logical controls
Which of the following is an example of internal auditors applying data mining techniques for
exploratory purposes?
B
Reference:
https://www.researchgate.net/publication/221174455_Data_Mining_Technique_in_the_Internal_Au
diting_of_Enterprise_Groups
Which of the following is likely to occur when an organization decides to adopt a decentralized
organizational structure?
B
Reference:
https://opentextbc.ca/principlesofaccountingv2openstax/chapter/differentiate-between-
centralized-and-decentralized-management/