IIA iia-cia-part3 practice test

Question 1

Management has established a performance measurement focused on the accuracy of
disbursements The disbursement statistics, provided daily to all accounts payable and audit staff,
include details of payments stratified by amount and frequency Which of the following is likely to be
the greatest concern regarding this performance measurement?
A. Articulation of the data.
B. Availability of the data
C. Measurability of the data
D. Relevance of the data

Answer:

D
118/119
Questions & Answers PDF
P-
119/119

Question 2

Which of the following should software auditors do when reporting internal audit findings related to
enterprise wide resource planning?

• A. Draft separate audit reports for business and IT management
• B. Connect IT audit findings to business issues
• C. Include technical details to support IT issues
• D. Include an opinion on financial reporting accuracy and completeness

Answer:

A

Question 3

An internal audit activity is piloting a data analytics model, which aims to identify anomalies in
payments to vendors and potential fraud indicators Which of the following would be the most
appropriate criteria for assessing the success of the piloted model?

• A. The percentage of cases flagged by the model and confirmed as positives.
• B. The development and maintenance costs associated with the model
• C. The feedback of auditors involved with developing the model
• D. The number of criminal investigations initiated based on the outcomes of the model

Answer:

B

Question 4

While auditing an organization's customer call center, an internal auditor notices that key
performance indicators show a positive trend despite the fact that there have been increasing
customer complaints over the same period Which of the following audit recommendations would
most likely correct the cause of this inconsistency?

• A. Review the the call center script used by customer service agents to interact with callers and update the script rf necessary
• B. De-emphasize the importance of call center employees completing a certain number of calls per hour
• C. Retrain call center staff on area processes and common technical issues that they will Likely be asked to resolve
• D. Increase the incentive for call center employees to complete calls quickly and raise the number of 117/119 Questions & Answers PDF P- calls completed daily

Answer:

A

Question 5

Which of the following is a disadvantage in a centralized organizational structure?

• A. Communication conflicts.
• B. Slower decision making
• C. Loss of economies of scale
• D. Vulnerabilities in sharing knowledge

Answer:

B

Question 6

According to MA guidance on IT. which of the following best describes a logical access control?

• A. Require complex passwords to be established and changed quarterly
• B. Require swipe cards to control entry into secure data centers
• C. Monitor access to the data center with closed circuit camera surveillance.
• D. Maintain current role definitions to ensure appropriate segregation of duties

Answer:

A

Question 7

Which of the following is the best example of IT governance controls?
116/119
Questions & Answers PDF
P-

• A. Controls that focus on segregation of duties, financial and change management
• B. Personnel policies that define and enforce conditions for staff in sensitive IT areas
• C. Standards that support IT policies by more specifically defining required actions
• D. Controls that focus on data structures and the minimum level of documentation required

Answer:

A

Question 8

Which of the following best describes a detective control designed to protect an organization from
cyberthreats and attacks?

• A. A list of trustworthy good traffic and a list of unauthorized blocked traffic.
• B. Monitoring for vulnerabilities based on industry intelligence
• C. Comprehensive service level agreements with vendors.
• D. Firewall and other network penmeter protection tools.

Answer:

D

Question 9

An internal auditor reviewed Finance Department records to obtain a list of current vendor addresses
The auditor then compared the vendor addresses to a record of employee addresses maintained by
the Payroll Department Which of the following types of data analysis did the auditor perform?

• A. Duplicate testing.
• B. Joining data sources
• C. Gap analysis
• D. Classification

Answer:

D

Question 10

When using data analytics during a review of the procurement process, what is the first step in the
analysis process?

• A. Identify data anomalies and outliers
• B. Define questions to be answered
• C. Identify data sources available
• D. Determine the scope of the data extract.

Answer:

C