IIA IIA-CIA-Part3 Übungsprüfungen
Zuletzt aktualisiert am 26.04.2025- Prüfungscode: IIA-CIA-Part3
- Prüfungsname: CIA Exam Part Three: Business Knowledge for Internal Auditing
- Zertifizierungsanbieter: IIA
- Zuletzt aktualisiert am: 26.04.2025
Which of the following Issues would be a major concern for internal auditors when using a free software to analyze a third-party vendor’s big data?
- A . The ability to use the software with ease to perform the data analysis to meet the engagement objectives.
- B . The ability to purchase upgraded features of the software that allow for more In-depth analysis of the big data.
- C . The ability to ensure that big data entered into the software is secure from potential compromises or loss.
- D . The ability to download the software onto the appropriate computers for use in analyzing the big data.
Which of the following physical access controls often functions as both a preventive and detective control?
- A . Locked doors.
- B . Firewalls.
- C . Surveillance cameras.
- D . Login IDs and passwords.
Which of the following controls would be the most effective in preventing the disclosure of an organization’s confidential electronic information?
- A . Nondisclosure agreements between the firm and its employees.
- B . Logs of user activity within the information system.
- C . Two-factor authentication for access into the information system.
- D . limited access so information, based on employee duties
Which of the following types of budgets will best provide the basis for evaluating the organization’s performance?
- A . Cash budget.
- B . Budgeted balance sheet.
- C . Selling and administrative expense budget.
- D . Budgeted income statement.
Which of the following would an organization execute to effectively mitigate and manage risks created by a crisis or event?
- A . Only preventive measures.
- B . Alternative and reactive measures.
- C . Preventive and alternative measures.
- D . Preventive and reactive measures.
Employees at an events organization use a particular technique to solve problems and improve processes. The technique consists of five steps: define, measure, analyze, improve, and control.
Which of the following best describes this approach?
- A . Six Sigma,
- B . Quality circle.
- C . Value chain analysis.
- D . Theory of constraints.
Which of the following statements is true regarding user developed applications (UDAs) and traditional IT applications?
- A . UDAs arid traditional JT applications typically follow a similar development life cycle
- B . A UDA usually includes system documentation to illustrate its functions, and IT-developed applications typically do not require such documentation.
- C . Unlike traditional IT applications. UDAs typically are developed with little consideration of controls.
- D . IT testing personnel usually review both types of applications thoroughly to ensure they were developed properly.
Which of the following scenarios best illustrates a spear phishing attack?
- A . Numerous and consistent attacks on the company’s website caused the server to crash and service was disrupted.
- B . A person posing as a representative of the company’s IT help desk called several employees and played a generic prerecorded message requesting password data.
- C . A person received a personalized email regarding a golf membership renewal, and he click a hyperlink to enter his credit card data into a fake website
- D . Many users of a social network service received fake notifications of e unique opportunity to invest in a new product.
An internal auditor found the following information while reviewing the monthly financial siatements for a wholesaler of safety
The cost of goods sold was reported at $8,500.
Which of the following inventory methods was used to derive this value?
- A . Average cost method
- B . First-in, first-out (FIFO) method
- C . Specific identification method
- D . Activity-based costing method
Which of the following is the best example of a compliance risk that Is likely to arise when adopting a bring-your-own-device (BYOD) policy?
- A . The risk that users try to bypass controls and do not install required software updates.
- B . The risk that smart devices can be lost or stolen due to their mobile nature..
- C . The risk that an organization intrusively monitors personal Information stored on smart devices.
- D . The risk that proprietary information is not deleted from the device when an employee leaves.