IIA IIA-CIA-Part3 Übungsprüfungen
Zuletzt aktualisiert am 12.12.2025- Prüfungscode: IIA-CIA-Part3
- Prüfungsname: CIA Exam Part Three: Business Knowledge for Internal Auditing
- Zertifizierungsanbieter: IIA
- Zuletzt aktualisiert am: 12.12.2025
Which of the following is true of bond financing, compared to common stock, when alJ other variables are equal?
- A . Lower shareholder control
- B . lower indebtedness
- C . Higher company earnings per share.
- D . Higher overall company earnings
Which of the following is a sound network configuration practice to enhance information security?
- A . Change management practices to ensure operating system patch documentation is retained.
- B . User role requirements are documented in accordance with appropriate application-level control needs.
- C . Validation of intrusion prevention controls is performed to ensure intended functionality and data integrity.
- D . Interfaces reinforce segregation of duties between operations administration and database development.
A financial institution receives frequent and varied email requests from customers for funds to be wired out of their accounts.
Which verification activity would best help the institution avoid falling victim to phishing?
- A . Reviewing the customer’s wire activity to determine whether the request is typical.
- B . Calling the customer at the phone number on record to validate the request.
- C . Replying to the customer via email to validate the sender and request.
- D . Reviewing the customer record to verify whether the customer has authorized wire requests from that email address.
Which of the following business practices promotes a culture of high performance?
- A . Reiterating the importance of compliance with established policies and procedures.
- B . Celebrating employees‘ individual excellence.
- C . Periodically rotating operational managers.
- D . Avoiding status differences among employees.
An internal auditor is assessing the risks related to an organization’s mobile device policy. She notes that the organization allows third parties (vendors and visitors) to use outside smart devices to access its proprietary networks and systems.
Which of the following types of smart device risks should the internal Auditor be most concerned about?
- A . Compliance.
- B . Privacy
- C . Strategic
- D . Physical security
Which of the following best describes a cyberattacK in which an organization faces a denial-of-service threat created through malicious data encryption?
- A . Phishing.
- B . Ransomware.
- C . Hacking.
- D . Makvare
Which of the following measures the operating success of a company for a given period of time?
- A . Liquidity ratios.
- B . Profitability ratios.
- C . Solvency ratios.
- D . Current ratios.
Senior management is trying to decide whether to use the direct write-off or allowance method for recording bad debt on accounts receivables.
Which of the following would be the best argument for using the direct write-off method?
- A . It is useful when losses are considered insignificant.
- B . It provides a better alignment with revenue.
- C . It is the preferred method according to The IIA.
- D . It states receivables at net realizable value on the balance sheet.
Senior management is trying to decide whether to use the direct write-off or allowance method for recording bad debt on accounts receivables.
Which of the following would be the best argument for using the direct write-off method?
- A . It is useful when losses are considered insignificant.
- B . It provides a better alignment with revenue.
- C . It is the preferred method according to The IIA.
- D . It states receivables at net realizable value on the balance sheet.
Which of the following IT disaster recovery plans includes a remote site dessgnated for recovery with available space for basic services, such as internet and telecommunications, but does not have servers or infrastructure equipment?
- A . Frozen site
- B . Cold site
- C . Warm site
- D . Hot site