IIA IIA-CIA-Part2 Quiz 230 Topic 8 Questions 1146-1150

Question: 1

A large retail organization, which sells most of its products online, experiences a computer hacking incident. The chief IT officer immediately investigates the incident and concludes that the attempt was not successful. The chief audit executive (CAE) learns of the attack in a casual conversation with an IT auditor. Which of the following actions should the CAE take?

1. Meet with the chief IT officer to discuss the report and control improvements that will be implemented as a result of the security breach, if any.

2. Immediately inform the chair of the audit committee of the security breach, because thus far only the chief IT officer is aware of the incident.

3. Meet with the IT auditor to develop an appropriate audit program to review the organization's Internet-based sales process and key controls.

4. Include the incident in the next quarterly report to the audit committee.

A1 and 2

B1 and 3

C2 and 4

D3 and 4

Show Answer

Question: 2

According to IIA guidance, which of the following actions might place the independence of the internal audit function in jeopardy?

AHaving no active role or involvement in the risk management process.

BAuditing the risk management process for reasonableness.

CCoordinating and managing the risk management process.

DParticipating with management in identifying and evaluating risks.

Show Answer

Question: 3

One engagement procedure for an engagement to evaluate facilities and equipment is to test the accuracy of recorded depreciation. Which of the following is the best source of information that the equipment in question is in service?

AA review of depreciation policies and procedures.

BA comparison of depreciation schedules with a listing of insurance appraisals for the same equipment.

CA comparison of depreciation schedules with the maintenance and repair logs for the same equipment.

DA review of inventory documentation for the equipment.

Show Answer

Question: 4

Once an audit report is drafted, the auditor's supervisor should review it primarily to ensure that all:

AStatements are supported and can be authenticated.

BRecommendations for corrective action are clear.

CProcesses within the audited area were reviewed.

DSample sizes appear appropriate for any issues found.

Show Answer

Question: 5

In preparing to facilitate a control self assessment session, an auditor would be least likely to ensure that

AKey stakeholders are represented in the group.

BAn independent content expert is available to help settle disagreements.

CBackground research is completed to familiarize the auditor with relevant issues.

DManagement is consulted on the issues and priorities.

Show Answer

IIA IIA-CIA-Part2 Quiz:230 Topic:8 Questions:1146-1150