An internal auditor is conducting an initial risk assessment of an audit area and wants to assess management's compliance with privacy laws for safeguarding customer information stored on the organization's servers. Which course of action is appropriate for this phase of the engagement?
A. Solicit the services of a specialist information systems auditor.Which of the following statements is correct regarding the assessment of risk in the annual audit planning process?
1.Activities requested by management should be considered higher risk than those requested by the audit committee.
2.Activities with lower budgets can be as high risk as those with higher budgets.
3.The potential financial or adverse exposure should always be considered in the assessment of risk.
A. 1 onlyAn internal auditor assigned to carry out a regulatory compliance audit decides to circulate a close ended internal control questionnaire to process owners as part of the preliminary survey. What is the value of adopting this method?
A. The respondents may freely offer additional information to the questionnaireIn performance auditing, which of the following must first be determined by the internal auditor?
A. Which key performance indicators are in use.Which of the following documents should the chief audit executive review and approve?
1.Workpaper retention policy.
2.Audit committee meeting minutes.
3.Internal audit handbook.
4.Quarterly financial statements.
A. 1 and 2 onlyAn audit client responded to recommendations from a recent consulting engagement. The client indicated that several recommended process improvements would not be implemented. Which of the following actions should the internal audit activity take in response?
A. Escalate the unresolved issues to the board, because they could pose significant risk exposures to the organization.Which of the following statements is true pertaining to interviewing a fraud suspect?
1.Information gathered can be subjective as well as objective to be useful.
2.The primary objective is to obtain a voluntary written confession.
3.The interviewer is likely to begin the interview with open-ended questions.
4.Video recordings always should be used to provide the highest quality evidence.
A. 1 onlyAn internal auditor provided the following statement about division A's performance during the month: "Because supplies of raw material X were scarce, division A's profits declined by 15 percent." Which of the following can be validly concluded from the auditor's statement?
I. Division A's production level declined by 15 percent.
II. Division A could have sold more products than it produced.
III.
Division A usually sells all of the products that it produces.
A. I onlyAccording to IIA guidance, senior management and the board have ultimate responsibility for which of the following aspects of internal audit resource management?
A. Developing appropriate goals and metrics to monitor the adequacy of internal audit resources.While performing an audit of the human resources department, an internal auditor discovered unencrypted files containing the personal information of employees stored on a public shared drive. According to IIA guidance, which of the following actions by the auditor would be the most appropriate?
A. Remove the files containing the social security numbers and personal information.Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your IIA-CIA-PART2 exam preparations and IIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.