1. Home
  2. IIA
  3. IIA-CIA-PART3-3P

CIA Exam Part Three: Business Knowledge for Internal Auditing

Exam Details

  • Exam Code
    :IIA-CIA-PART3-3P
  • Exam Name
    :CIA Exam Part Three: Business Knowledge for Internal Auditing
  • Certification
    :IIA Certifications
  • Vendor
    :IIA
  • Total Questions
    :413 Q&As
  • Last Updated
    :Jun 13, 2025

IIA IIA Certifications IIA-CIA-PART3-3P Questions & Answers

  • Question 191:

    With regard to disaster recovery planning, which of the following would most likely involve stakeholders from several departments?

    A. Determining the frequency with which backups will be performed.

    B. Prioritizing the order in which business systems would be restored.

    C. Assigning who in the IT department would be involved in the recovery procedures.

    D. Assessing the resources needed to meet the data recovery objectives

  • Question 192:

    An organization recently documented its procedures for recovering systems and data after a disaster How are these documented procedures most likely to be used during a disaster simulation exercise?

    A. To help property configure mass communication notification tools

    B. To help identify training needs across the functional areas required to recover systems and data.

    C. To help ensure that the team members who are required to recover systems and data understand their roles.

    D. To help validate the contact information of key personnel required to recover systems and data

  • Question 193:

    Which of me following statements is most accurate concerning me management and audit of a web server?

    A. The file transfer protocol (FTP) should always be enabled

    B. The simple mail transfer protocol (SMTP) should be operating under me most privileged accounts

    C. The number of ports and protocols allowed to access the web server should be maximized

    D. Secure protocols for confidential pages should be used instead of clear-text protocol such as HTTP or FTP

  • Question 194:

    Which of the following financial instruments should be recorded at fair market value on the financial statements?

    A. Accounts receivable in the short term

    B. Bonds to be held to maturity.

    C. Notes receivable in the short term

    D. Bonds to be held for sale in the short term.

  • Question 195:

    Which of the following should be included m a company's year-end inventory valuation?

    A. Company goods that were sold during the year free on board shipping point that have been shipped but not yet received by the customer

    B. Goods purchased by the company free on board destination mat have not yet been received

    C. Goods on consignment, which the company is trying to sell for its customers

    D. Company goods tor sale on consignment at a consignment shop

  • Question 196:

    A large hospital has an existing contract with a vendor in another country to provide software support and maintenance of the hospital's patient records information system. From the hospital management's perspective, which of the following controls would be most effective to address privacy risks related to this outsourcing arrangement?

    A. Conduct periodic reviews of the privacy policy to ensure that the existing policy meets current legislation requirements in both regions.

    B. Include a "right to audit" clause in the contract and impose detailed security obligations on the outsourced vendor

    C. Implement mandatory privacy training for management to help with identifying privacy risks when outsourcing services

    D. Develop an incident monitoring and response plan to track breaches from internal and external sources

  • Question 197:

    Which of the following best describes a detective control designed to protect an organization from cyberthreats and attacks?

    A. A list of trustworthy good traffic and a list of unauthorized blocked traffic.

    B. Monitoring for vulnerabilities based on industry intelligence

    C. Comprehensive service level agreements with vendors.

    D. Firewall and other network penmeter protection tools.

  • Question 198:

    Which of the following application controls checks the integrity of data entered into a business application?

    A. Input controls.

    B. Output controls

    C. Processing controls

    D. Integrity controls

  • Question 199:

    When using cost-volume-profit analysts which of the following will increase operating income once the break-even point has been reached?

    A. Fixed costs per unit for each additional unit sold

    B. Variable costs per unit for each additional unit sold

    C. Contribution margin per unit for each additional unit sold

    D. Gross margin per unit for each additional unit sold

  • Question 200:

    An organization engages in questionable financial reporting practices due to pressure to meet unrealistic performance targets. Which internal control component is most negatively affected?

    A. Monitoring.

    B. Control activities.

    C. Risk assessment.

    D. Control environment.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your IIA-CIA-PART3-3P exam preparations and IIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.