IIA-CIA-Part3 Sample Questions Answers

Key performance indicators.

Reports of software customization.

Change and patch management.

Master data management

Internal auditors perform reconciliation procedures to support an external audit of financial reporting.

Internal auditors perform a systems-focused analysis to review relevant controls.

Internal auditors perform a risk assessment to identify potential audit subjects as input for the annual internal audit plan

Internal auditors test IT general controls with regard to operating effectiveness versus design

Authorization

Architecture model

Firewall

Virtual private network

Identification of achievable goals and timelines

Analysis of the competitive environment.

Plan for the procurement of resources

Plan for progress reporting and oversight.

Intrinsic reward.

Job enrichment

Extrinsic reward.

The hierarchy of needs.

A flat structure results in lower operating and support costs than a hierarchical structure.

A flat structure results in a stable and very collaborative environment.

A flat structure enables field auditors to report to and learn from senior auditors.

A flat structure is more dynamic and offers more opportunities for advancement than a hierarchical structure.

Horizontal analysis

Vertical analysis

Ratio analysis

Trend analysis

The ability to use the software with ease to perform the data analysis to meet the engagement objectives.

The ability to purchase upgraded features of the software that allow for more In-depth analysis of the big data.

The ability to ensure that big data entered into the software is secure from potential compromises or loss.

The ability to download the software onto the appropriate computers for use in analyzing the big data.

Maintenance service items such as production support.

Management of infrastructure services, including network management.

Physical hosting of mainframes and distributed servers

End-to -end security architecture design.

Verify whether the organization uses the most recent database software version.

Verify whether the database software version is supported by the vendor.

Verify whether the database software version has been recently upgraded.

Verify whether .access to database version information is appropriately restricted.

Reactive strategy.

Cost leadership strategy.

Differentiation strategy.

Focus strategy

A balanced scorecard.

A quality audit

Earned value analysis.

Trend analysis

Identity requests are approved in two steps.

Logs are checked for misaligned identities and access rights.

Users have to validate their identity with a smart card.

Functions can toe performed based on access rights

$0

$4,000

$5,000

$10,000

The cash dividends received increase the investee investment account accordingly.

The investee must adjust the investment account by the ownership interest

The investment account is adjusted downward by the percentage of ownership.

The investee must record the cash dividends as dividend revenue

Estimate time required to complete the whole project.

Determine the responses to expected project risks.

Break the project into manageable components.

Identify resources needed to complete the project

Inability to adapt.

Greater costs of control function.

Inconsistency in decision making.

Lack of resilience.

Cash.

Dividends.

Gross margin.

Net income.

Lawfulness.

Consideration.

Agreement.

Discharge

Residual income

A flexible budget

Variance analysis.

A contribution margin income statement by segment.

Automated password change requirements.

System data backup process.

User testing of system changes.

Formatted data fields

Required documentation of process for discontinuing use of the devices

Required removal of personal pictures and contacts.

Required documentation of expiration of contract with service provider.

Required sign-off on conflict of interest statement.

2 and 3 only.

1, 2, and 3 only

1, 3, and 4 only

2, 3, and 4 only

Perform gap testing.

Join different data sources.

Perform duplicate testing.

Calculate statistical parameters.

The organization reports inappropriate estimates and accruals due to poof accounting controls.

The organization uses an unreliable process forgathering and reporting executive compensation data.

The organization experiences increasing discontent of employees, if executives are eligible for compensation amounts that are deemed unreasonable.

The organization encourages employee behavior that is inconsistent with the interests of relevant stakeholders.

Communication conflicts

Slower decision making.

Loss of economies of scale

Vulnerabilities in sharing knowledge

Application program code.

Database system.

Operating system.

Networks.

Streamlined decision-making, rather than building consensus among users.

Consideration of the facts, rather than consideration of the emotions displayed by project stakeholders.

Focus on flexibility and adaptability, rather than use of a formal methodology.

Inclusion of critical features, rather than inclusion of an array of supplementary features.

Block unauthorized traffic.

Encrypt data.

Review disaster recovery test results.

Provide independent assessment of IT security.

Variety.

Velocity.

Volume.

Veracity.

Using a jailbroken or rooted smart device feature.

Using only smart devices previously approved by the organization.

Obtaining written assurance from the employee that security policies and procedures are followed.

Introducing a security question known only by the employee.

Contribution margin is the amount remaining from sales revenue after fixed expenses have been deducted.

Breakeven point is the amount of units sold to cover variable costs.

Breakeven occurs when the contribution margin covers fixed costs.

Following breakover1, he operating income will increase by the excess of fixed costs less the variable costs per units sold.

System backups should always be performed real time.

Backups should be stored in a secured location onsite for easy access.

The tape rotation schedule affects how long data is retained

Backup media should be restored only m case of a hardware or software failure

Less than 12 percent.

12 percent.

Between 12.01 percent and 12.50 percent.

More than 12 50 percent.

The organization sells inventory to an overseas subsidiary at fair value.

The local subsidiary purchases inventory at a discounted price.

The organization sells inventory to an overseas subsidiary at the original cost.

The local subsidiary purchases inventory at the depreciated cost.

Verify completeness and accuracy.

Verify existence and accuracy.

Verify completeness and integrity.

Verify existence and completeness.

It calculates the overall value of a project.

It ignores the time value of money.

It calculates the time a project takes to break even.

It begins at time zero for the project.

Monitoring network traffic.

Using whitelists and blacklists to manage network traffic.

Restricting access and blocking unauthorized access to the network

Educating employees throughout the company to recognize phishing attacks.

It should be reported as an administrative expense on the income statement.

It should be reported as period cost other than a product cost on the management accounts

It should be reported as cost of goods sold on the income statement.

It should be reported on the balance sheet as part of inventory.

Last-in-first-Out (LIFO}.

Average cost.

First-in-first-out (FIFO).

Specific identification

Frozen site

Cold site

Warm site

Hot site

Fixed maintenance costs.

Variable maintenance costs.

Mixed maintenance costs.

Indirect maintenance costs.

Vertical integration.

Unrelated diversification.

Differentiation

Focus

Determining the frequency with which backups will be performed.

Prioritizing the order in which business systems would be restored.

Assigning who in the IT department would be involved in the recovery procedures.

Assessing the resources needed to meet the data recovery objectives.

Firewall.

Antivirus software.

Passwords.

Encryption.

Cash budget.

Budgeted balance sheet.

Selling and administrative expense budget.

Budgeted income statement.

Export strategy.

Transnational strategy

Multi-domestic strategy

Globalization strategy

Phishing.

Ransomware.

Hacking.

Makvare