IIA IIA-CIA-PART3 Online Practice Questions and Exam Preparation

IIA IIA-CIA-PART3 Online Questions & Answers

• Question 71:

  A problem with the effectiveness of teams is the concept known as:

  A. Brainstorming.
  B. Social loafing.
  C. Synergy.
  D. Role playing.
  B. Social loafing.

  ---

  Explanation

  Social loafing is the situation wherein a team member puts forth less effort in a group than he or she would individually. To avoid social loafing, individual efforts should be identifiable and subject to evaluation.

• Question 72:

  According to IIA guidance, which of the following statements is true regarding the chief audit executive's (CAE's) responsibility for following up on management action plans?

  A. Follow-up activities must be performed on an ongoing basis, such as quarterly, rather than being scheduled as specific assignments in the internal audit plan
  B. The primary purpose of the CAE's follow-up activities is to verify whether the audit issues raised in the audit report are valid
  C. The CAE may plan follow-up activities on a selective basis, depending on risk significance, to verify whether management action plans were completed
  D. Where management believes certain action plans are no longer necessary, the CAE must resolve the matter with the board and if the matter remains unresolved, communicate to senior management
  C. The CAE may plan follow-up activities on a selective basis, depending on risk significance, to verify whether management action plans were completed

  ---

  Explanation

  The CAE is responsible for monitoring progress selectively based on risk significance. Not every recommendation requires follow-up with the same intensity. Instead, the CAE should focus on high-risk issues and verify whether management

  has taken corrective actions.

  Option A is too rigid and does not reflect risk-based prioritization. Option B is incorrect because the purpose of follow-up is not to revalidate audit issues but to ensure corrective actions were implemented. Option D incorrectly reverses the

  escalation order (unresolved issues must go from management # senior management # board).

  IIA Standards - Standard 2500: Monitoring Progress.

• Question 73:

  Which of the following controls would enable management to receive timely feedback and help mitigate unforeseen risks?

  A. Measure product performance against an established standard.
  B. Develop standard methods for performing established activities.
  C. Require the grouping of activities under a single manager.
  D. Assign each employee a reasonable workload.
  A. Measure product performance against an established standard.

  ---

  Explanation

• Question 74:

  An organization decided to outsource its human resources function. As part of its process migration, the organization is implementing controls over sensitive employee data. What would be the most appropriate directive control in this area?

  A. Require a Service Organization Controls (SOC) report from the service provider
  B. Include a data protection clause in the contract with the service provider
  C. Obtain a nondisclosure agreement from each employee at the service provider who will handle sensitive data
  D. Encrypt the employee's data before transmitting it to the service provider
  B. Include a data protection clause in the contract with the service provider

  ---

  Explanation

• Question 75:

  According to HA guidance or IT which of the following spreadsheets is most likely to be considered a high-risk user-develop application?

  A. A revenue calculation spreadsheet supported with price and volume reports from the production department
  B. An asset retirement calculation spreadsheet comprised of multiple formulas and assumptions
  C. An ad-hoc inventory listing spreadsheet comprising details of written-off inventory quantitates
  D. An accounts receivable reconciliation spreadsheet used by the accounting manager to verify balances.
  B. An asset retirement calculation spreadsheet comprised of multiple formulas and assumptions

  ---

  Explanation

• Question 76:

  What would an internal auditor do to ensure that a process to mitigate risk is in place for the organization's change management process?

  A. Develop and enforce change policies to ensure employees are continually trained.
  B. Apply a risk-based approach and impose segregation of duties related to the change management process.
  C. Conduct a high-level threat analysis and implement a compensating control.
  D. Validate authorization, segregation of duties, testing of changes, and approval to move changes into production.
  D. Validate authorization, segregation of duties, testing of changes, and approval to move changes into production.

  ---

  Explanation

• Question 77:

  A manager decided to build his team's enthusiasm by giving encouraging talks about employee empowerment, hoping to change the perception that management should make all decisions in the department.

  The manager is most likely trying to impact which of the following components of his team's attitude?

  A. Affective component.
  B. Cognition component.
  C. Thinking component.
  D. Behavioral component.
  A. Affective component.

  ---

  Explanation

• Question 78:

  What is the first step an internal audit function should take to define its organizational structure, deliverables, communication protocols, and resourcing model?

  A. Recommend improvements to the organization's governance policies, processes, and structures
  B. Define a hiring plan to address competency gaps needed to execute the audit plan
  C. Construct periodic self-assessments, ongoing monitoring, and external assessments to measure quality
  D. Assess the needs and expectations of the board, senior management, and external auditors
  D. Assess the needs and expectations of the board, senior management, and external auditors

  ---

  Explanation

  The first step in defining the internal audit function's structure and processes is to understand the needs and expectations of the board, senior management, and external stakeholders. This ensures alignment with organizational priorities and

  risk appetite.

  Option A (recommend improvements) is a later activity. Option B (hiring plan) comes after the structure and resourcing needs are identified. Option C (quality assessments) occurs after processes are established.

  IIA Standards - Standard 1000: Purpose, Authority, and Responsibility.

• Question 79:

  When demand uncertainty is low, firms tend to adopt a strategy of preemptive expansion. The conditions for successful preemption expansion include which of the following?

  A. The firm should avoid market signals that alert competitors to the firm's plans.
  B. The expansion should be small relative to the market to minimize risk.
  C. Economies of scale should be large relative to demand.
  D. The business should be strategically vital to competitors.
  C. Economies of scale should be large relative to demand.

  ---

  Explanation

  Economies of scale should be large in relation to demand, or the learning-curve effect should give an initial large investor a permanent cost advantage. For example, the preemptive firm may be able to secure too much of the market to allow a subsequent firm to invest at the efficient scale. That is, the residual demand available to be met by the later firm is less than the efficient scale of production. The later firm therefore must choose between intense competition at the efficient scale or a cost disadvantage.

• Question 80:

  When using cost-volume-profit analysts which of the following will increase operating income once the break-even point has been reached?

  A. Fixed costs per unit for each additional unit sold
  B. Variable costs per unit for each additional unit sold
  C. Contribution margin per unit for each additional unit sold
  D. Gross margin per unit for each additional unit sold
  C. Contribution margin per unit for each additional unit sold

  ---

  Explanation