IIA IIA-CIA-Part1 Quiz 100 Topic 10 Questions 496-500

Question: 1

A major difference between enterprise risk management and traditional risk management lies in the narrow focus of traditional risk management on:

I . Property and liability risks.

II . Risks with insurance solutions.

III . Risks impacting organizational objectives.

AI and II only

BI and III only

CII and III only

DI, II, and III.

Show Answer

Question: 2

An internal audit activity encounters a scope limitation from senior management that will affect its ability to meet its goals and objectives for a potential engagement client. The nature of the scope limitation should be.

ANoted in the audit workpapers, but the engagement should be carried out as scheduled, with any necessary adjustments made based on the scope limitation.

BCommunicated to the external auditors so that they can investigate the area in more detail.

CCommunicated, preferably in writing, to the board.

DCommunicated to management, stating that the limitation will not be accepted because it would impair the audit activity's independence.

Show Answer

Question: 3

Which statement most accurately describes how criteria are established for use by internal auditors in determining whether goals and objectives have been accomplished?

AManagement is responsible for establishing the criteria.

BInternal auditors should use professional standards or government regulations to establish the criteria.

CThe industry in which a company operates establishes criteria for each member company through benchmarks and best practices for that industry.

DAppropriate accounting or auditing standards, including international standards, should be used as the criteria.

Show Answer

Question: 4

A company has established its environmental audit activity as part of its legal department rather than part of its internal audit activity, which reports to the audit committee. The board has requested that the chief audit executive (CAE) provide an annual opinion on whether environmental risks are being properly addressed. In these circumstances, the CAE should recommend to the audit committee that the internal audit activity:

AReview the recommendations in all environmental audit reports.

BDiscuss with the environmental auditors the results of their reviews.

CPeriodically carry out a quality assessment of the environmental audit activity.

DInclude a review of environmental issues in some internal audit engagements.

Show Answer

Question: 5

In addition to data protection, which of the following is a control that is typically used by companies to safeguard the privacy rights of their customers?

I . End-user computing.

II . Encryption of data.

III . Spyware.

IV . Intrusion detection.

AII only

BI and III only

CII and IV only

DI, II, and IV only

Show Answer

IIA IIA-CIA-Part1 Quiz:100 Topic:10 Questions:496-500