IIA IIA-CIA-Part2 Quiz 230 Topic 8 Questions 1146-1150

Question: 1

A large retail organization, which sells most of its products online, experiences a computer hacking incident. The chief IT officer immediately investigates the incident and concludes that the attempt was not successful. The chief audit executive (CAE) learns of the attack in a casual conversation with an IT auditor. Which of the following actions should the CAE take?

1. Meet with the chief IT officer to discuss the report and control improvements that will be implemented as a result of the security breach, if any.

2. Immediately inform the chair of the audit committee of the security breach, because thus far only the chief IT officer is aware of the incident.

3. Meet with the IT auditor to develop an appropriate audit program to review the organization's Internet-based sales process and key controls.

4. Include the incident in the next quarterly report to the audit committee.

A1 and 2

B1 and 3

C2 and 4

D3 and 4

Show Answer

Question: 2

According to IIA guidance, which of the following actions might place the independence of the internal audit function in jeopardy?

AHaving no active role or involvement in the risk management process.

BAuditing the risk management process for reasonableness.

CCoordinating and managing the risk management process.

DParticipating with management in identifying and evaluating risks.

Show Answer

Question: 3

Which of the following is not an objective of the exit meeting for an engagement performed by the internal auditors?

ATo resolve conflicts.

BTo discuss the observations, conclusions, and recommendations.

CTo identify concerns for future engagements.

DTo identify management's actions and responses to the observations, conclusions, and recommendations.

Show Answer

Question: 4

Which of the following statements most likely represents a disadvantage for an entity that keeps data files on a server rather than on a manual system?

AAttention is focused on the accuracy of the programming process rather than errors in individual transactions.

BIt is usually easier for unauthorized persons to access and alter the files.

CRandom error associated with processing similar transactions in different ways is usually greater.

DIt is usually more difficult to compare recorded accountability with the physical count of assets.

Show Answer

Question: 5

The internal auditor is evaluating the effectiveness of a sales commission plan adopted 12 months earlier. An engagement procedure likely to provide strong support for the plan's effectiveness is to

ACalculate the percentage change in monthly sales by product line for the last 3 years.

BCompare monthly selling costs of this year with those of the 2 preceding years.

CRegress monthly indices of external economic conditions against sales for the 2 preceding years and compare predictions with reported sales.

DCompare the ratio of selling costs per dollar of sales each month for the past year with that of other organizations in the industry.

Show Answer

IIA IIA-CIA-Part2 Quiz:230 Topic:8 Questions:1146-1150