IIA IIA-CIA-PART3-3P Online Practice Questions and Exam Preparation

IIA IIA-CIA-PART3-3P Online Questions & Answers

• Question 91:

  An organization uses a database management system (DBMS) as a repository for data. The DBMS, in turn, supports a number of end-user developed applications which were created using fourth-generation programming languages. Some of the applications update the database. Which of the following is the most important control related to the integrity of the data in the database?

  A. End users have their read-only applications approved by the information systems department before accessing the database.
  B. Concurrency update controls are in place.
  C. End-user applications are developed on personal computers before being implemented on the mainframe.
  D. A hierarchical database model is adopted so that multiple users can be served at the same time.
  B. Concurrency update controls are in place.

• Question 92:

  An internal auditor was asked to review an equal equity partnership In one sampled transaction Partner A transferred equipment into the partnership with a self-declared value of $10,000 and Partner B contributed equipment with a self-declared value of $15 000 The capital accounts of each partner were subsequently credited with S12,500. Which of the following statements is true regarding this transaction?

  A. The capital accounts of the partners should be increased by the original cost of the contributed equipment.
  B. The capital accounts should be increased using a weighted average based on the current percentage of ownership
  C. No action is needed as the capital account of each partner was increased by the correct amount
  D. The capital accounts of the partners should be increased by the fair market value of their contribution
  D. The capital accounts of the partners should be increased by the fair market value of their contribution

• Question 93:

  Which of the following COSO internal control framework components encompasses establishing structures, reporting lines, authorities, and responsibilities?

  A. Control environment.
  B. Control activities.
  C. Information and communication.
  D. Monitoring.
  A. Control environment.

• Question 94:

  Which of the following is the primary benefit of including end users in the system development process?

  A. Improved integrity of programs and processing.
  B. Enhanced ongoing maintenance of the system.
  C. Greater accuracy of the testing phase.
  D. Reduced need for unexpected software changes.
  C. Greater accuracy of the testing phase.

• Question 95:

  Which of the following is an example of a phishing attack?

  A. An employee receives an email that appears to be from the organization's bank, though it is not. The employee replies to the email and sends the requested confidential information.
  B. An organization's website has been hacked. The hacker added political content that is not consistent with the organization's views.
  C. An organization's systems have been compromised by malicious software. The software locks the organization's operating system until d ransom is paid.
  D. An organization's communication systems have been intercepted. A communication session is controlled by an unauthorized third party.
  A. An employee receives an email that appears to be from the organization's bank, though it is not. The employee replies to the email and sends the requested confidential information.

• Question 96:

  Which of the following is not a common feature of cumulative preferred stock?

  A. Priority over common stock with regard to dilution of shares.
  B. Priority over common stock with regard to earnings.
  C. Priority over common stock with regard to dividend payment.
  D. Priority over common stock with regard to assets.
  A. Priority over common stock with regard to dilution of shares.

• Question 97:

  The leadership of an organization encourages employees to form voluntary problem- solving groups whereby several employees from the same work area meet regularity during work hours to discuss improvements and creative ways to reduce costs. Which of the following best describes this approach?

  A. Open-book management
  B. Quality control circles
  C. Self-managed teams
  D. Cross-functional teams
  C. Self-managed teams

• Question 98:

  According to IIA guidance, which of the following steps are most important for an internal auditor to perform when evaluating an organization's social and environmental impact on the local community?

  1) Determine whether previous incidents have been reported, managed, and resolved.

  2) Determine whether a business contingency plan exists.

  3) Determine the extent of transparency in reporting.

  4) Determine whether a cost/benefit analysis was performed for all related projects.

  A. 1 and 3.
  B. 1 and 4.
  C. 2 and 3.
  D. 2 and 4.
  A. 1 and 3.

• Question 99:

  Which of the following is the best example of IT governance controls?

  A. Controls that focus on segregation of duties, financial and change management
  B. Personnel policies that define and enforce conditions for staff in sensitive IT areas
  C. Standards that support IT policies by more specifically defining required actions
  D. Controls that focus on data structures and the minimum level of documentation required
  A. Controls that focus on segregation of duties, financial and change management

• Question 100:

  The most important reason to use risk assessment in audit planning is to:

  A. Identify redundant controls.
  B. Improve budgeting accuracy.
  C. Enhance assurance provided to management.
  D. Assist in developing audit programs.
  C. Enhance assurance provided to management.