Best IIA-CIA-Part3-3P Dumps – Prepare For CIA Exam Part Three: Business Knowledge for Internal Auditing Exam Well

1. If legal or regulatory standards prohibit conformance with certain parts of The IIA's Standards, the auditor should do which of the following?

2. According to IIA guidance, which of the following steps are most important for an internal auditor to perform when evaluating an organization's social and environmental impact on the local community?

1) Determine whether previous incidents have been reported, managed, and resolved.

2) Determine whether a business contingency plan exists.

3) Determine the extent of transparency in reporting.

4) Determine whether a cost/benefit analysis was performed for all related projects.

3. An internal auditor has been asked to conduct an investigation involving allegations of independent contractor fraud .

Which of the following controls would be least effective in detecting any potential fraudulent activity?

4. Which of the following statements about matrix organizations is false?

5. Which of the following is not included in the process of user authentication?

6. Which of the following steps should an internal auditor take during an audit of an organization's business continuity plans?

1) Evaluate the business continuity plans for adequacy and currency.

2) Prepare a business impact analysis regarding the loss of critical business.

3) Identify key personnel who will be required to implement the plans.

4) Identify and prioritize the resources required to support critical business processes.

7. Which of the following is not a barrier to effective communication?

8. One change control function that is required in client/server environments, but is not required in mainframe environments, is to ensure that:

9. During the last year, an organization had an opening inventory of $300,000, purchases of $980,000, sales of $1,850,000, and a gross margin of 40 percent .

What is the closing inventory if the periodic inventory system is used?

10. A department purchased one copy of a software program for internal use. The manager of the department installed the program on an office computer and then made two complete copies of the original software.

Copy 1 was solely for backup purposes.

Copy 2 was for use by another member of the department.

In terms of software licenses and copyright law, which of the following is correct?

11. Under a value-added taxing system:

12. Which of the following is a characteristic of an emerging industry?

13. Which of the following best describes a market signal?

14. An organization is projecting sales of 100,000 units, at a unit price of $12. Unit variable costs are $7. If fixed costs are $350,000, what is the projected total contribution margin?

15. An organization's balance sheet indicates that the total asset amount and the total capital stock amount remained unchanged from one year to the next, and no dividends were declared or paid. However, the organization reported a loss of $200,000 .

Which of the following describes the most likely year-over-year change to the organization's total liabilities and total stockholder equity?

16. A small furniture-manufacturing firm with 100 employees is located in a two-story building and does not plan to expand. The furniture manufactured is not special-ordered or custom-made.

The most likely structure for this organization would be:

17. A holding company set up a centralized group technology department, using a local area network with a mainframe computer to process accounting information for all companies within the group.

An internal auditor would expect to find all of the following controls within the technology department except:

18. International marketing activities often begin with:

19. The economic order quantity can be calculated using the following formula:

Which of the following describes how the optimal order size will change if the annual demand increases by 36 percent?

20. Unsecured loans are loans:

21. The internal audit activity completed an initial risk analysis of the organization's data storage center and found several areas of concern .

Which of the following is the most appropriate next step?

22. According to Porter's model of competitive strategy, which of the following is a generic strategy?

1 Differentiation.

2) Competitive advantage.

3) Focused differentiation.

4) Cost focus.

23. Which of the following is false with regard to Internet connection firewalls?

24. In terms of international business strategy, which of the following is true regarding a multi-domestic strategy?

25. Which of the following engagement observations would provide the least motivation for management to amend or replace an existing cost accounting system?

26. A manager has difficulty motivating staff to improve productivity, despite establishing a lucrative individual reward system .

Which of the following is most likely the cause of the difficulty?

27. Which of the following statements best describes the frameworks set forth by the International Standards Organization?

28. The activity that involves a trial run of a product in a typical segment of the market before proceeding to a national launch is referred to as:

29. Which of the following statements accurately describes the responsibility of the internal audit activity (IAA) regarding IT governance?

1) The IAA does not have any responsibility because IT governance is the responsibility of the board and senior management of the organization.

2) The IAA must assess whether the IT governance of the organization supports the organization’s strategies and objectives.

3) The IAA may assess whether the IT governance of the organization supports the organization’s strategies and objectives.

4) The IAA may accept requests from management to perform advisory services regarding how the IT governance of the organization supports the organizations strategies and objectives.

30. According to Porter, which of the following is associated with fragmented industries?

31. Presented below are partial year-end financial statement data (000 omitted from dollar amounts) for companies A and B:

If company A has a quick ratio of 2:1, then it has an accounts receivable balance of:

32. When applied to international economics, the theory of comparative advantage proposes that total worldwide output will be greatest when:

33. According to the International Professional Practices Framework, which of the following statements is true regarding a corporate social responsibility (CSR) program?

1) Every employee generally has a responsibility for ensuring the success of CSR objectives.

2) The board has overall responsibility for the effectiveness of internal control processes associated with CSR.

3) Public reporting on the CSR governance process is expected.

4) Organizations generally have flexibility regarding what is included in a CSR program.

34. Which of the following stages of group development is associated with accepting team responsibilities?

35. Which audit approach should be employed to test the accuracy of information housed in a database on an un-networked computer?

36. Which of the following are appropriate reasons for internal auditors to document processes as part of an audit engagement?

1) To determine areas of primary concern.

2) To establish a standard format for process mapping.

3) To define areas of responsibility within the organization.

4) To assess the performance of employees.

37. Multinational organizations generally spend more time and effort to identify and evaluate:

38. Which of the following costs would be incurred in an inventory stockout?

39. Which of the following IT strategies is most effective for responding to competitive pressures created by the marketplace?

40. Which of the following techniques would be least effective in resolving the conflict created by an internal audit client's perception of the audit report as a personal attack on his management performance?

41. Which of the following is a disadvantage of selecting a commercial software package rather than developing an application internally?

42. Which of the following is not a potential area of concern when an internal auditor places reliance on spreadsheets developed by users?

43. The cost to enter a foreign market would be highest in which of the following methods of global expansion?

44. When granting third parties temporary access to an entity's computer systems, which of the following is the most effective control?

45. Which of the following is the most appropriate test to assess the privacy risks associated with an organization's workstations?

46. Which of the following is a type of network in which an organization permits specific users (such as existing customers) to have access to its internal network through the Internet by building a virtual private network?

47. Which of the following is the best reason for considering the acquisition of a nondomestic organization?

48. According to IIA guidance on IT auditing, which of the following would not be an area examined by the internal audit activity?

49. Which of the following techniques is the most relevant when an internal auditor conducts a valuation of an organization's physical assets?

50. An internationally recognized brand name is an entrance barrier to new competitors because new competitors would:

51. During a review of a web-based application used by customers to check the status of their bank accounts, it would be most important for the internal auditor to ensure that:

52. Which of the following distinguishes the added-value negotiation method from traditional negotiating methods?

53. Where complex problems need to be addressed, which of the following communication networks would be most appropriate?

54. ESTION NO: 13

Which stage in the industry life cycle is characterized by many different product variations?

55. Which of the following roles would be least appropriate for the internal audit activity to undertake with regard to an organization's corporate social responsibility (CSR) program?

56. An organization engages in questionable financial reporting practices due to pressure to meet unrealistic performance targets .

Which internal control component is most negatively affected?

57. A global business organization is selecting managers to post to various international (expatriate) assignments.

In the screening process, which of the following traits would be required to make a manager a successful expatriate?

1) Superior technical competence.

2) Willingness to attempt to communicate in a foreign language.

3) Ability to empathize with other people.

58. Which of the following would best prevent unauthorized external changes to an organization's data?

59. Which of the following COSO internal control framework components encompasses establishing structures, reporting lines, authorities, and responsibilities?

60. Which of the following are likely indicators of ineffective change management?

1) IT management is unable to predict how a change will impact interdependent systems or business processes.

2) There have been significant increases in trouble calls or in support hours logged by programmers.

3) There is a lack of turnover in the systems support and business analyst development groups.

4) Emergency changes that bypass the normal control process frequently are deemed necessary.

61. TION NO: 129

According to IIA guidance, which of the following would be a primary reason for an internal auditor to test the organization's IT contingency plan?

62. Organizational activities that complement each other and create a competitive advantage are called a:

63. Which of the following does not provide operational assurance that a computer system is operating properly?

64. At what point during the systems development process should an internal auditor verify that the new application's connectivity to the organization's other systems has been established correctly?

65. According to IIA guidance, which of the following corporate social responsibility (CSR) evaluation activities may be performed by the internal audit activity?

1) Consult on CSR program design and implementation.

2) Serve as an advisor on CSR governance and risk management.

3) Review third parties for contractual compliance with CSR terms.

4) Identify and mitigate risks to help meet the CSR program objectives.

66. Which of the following methods, if used in conjunction with electronic data interchange (EDI), will improve the organization's cash management program, reduce transaction data input time and errors, and allow the organization to negotiate discounts with EDI vendors based on prompt payment?

67. Which is the least effective form of risk management?

68. According to the Standards, which of the following is based on the assertion that the quality of an organization's risk management process should improve with time?

69. The decision to implement enhanced failure detection and back-up systems to improve data integrity is an example of which risk response?

70. An organization produces two products, X and Y. The materials used for the production of both products are limited to 500 kilograms (kg) per month.

All other resources are unlimited and their costs are fixed. Individual product details are as follows:

Product X

Product Y

Selling price per unit

$10

$13

Materials per unit (at $1/kg)

2 kg

6 kg

Monthly demand

100 units

120 units

In order to maximize profit, how much of product Y should the organization produce each month?

71. In order to provide useful information for an organization's risk management decisions, which of the following factors is least important to assess?

72. Which of the following is not a common feature of cumulative preferred stock?

73. Which of the following is always true regarding the use of encryption algorithms based on public key infrastructure (PKI)?

74. An organization had three large centralized divisions: one that received customer orders for service work; one that scheduled the service work at customer locations; and one that answered customer calls about service problems. These three divisions were restructured into seven regional groups, each of which performed all three functions.

One advantage of this restructuring would be:

75. All of the following are possible explanations for a significant unfavorable material efficiency variance except:

76. Which of the following is not a method for implementing a new application system?

77. Which of the following statements is true regarding the resolution of interpersonal conflict?

78. An organization is considering mirroring the customer data for one regional center at another center. A disadvantage of such an arrangement would be:

79. The market price is the most appropriate transfer price to be charged by one department to another in the same organization for a service provided when:

80. Maintenance cost at a hospital was observed to increase as activity level increased.

The following data was gathered:

Activity Level -

Maintenance Cost

Month

Patient Days

January

5,600

$7,900

February

7,100

$8,500

March

5,000

$7,400

April

6,500

$8,200

May

7,300

$9,100

June

8,000

$9,800

If the cost of maintenance is expressed in an equation, what is the independent variable for this data?

81. In which type of business environment are price cutting strategies and franchising strategies most appropriate?

82. For an engineering department with a total quality management program, important elements of quality management include all of the following except:

83. Which of the following are included in ISO 31000 risk principles and guidelines?

84. The first step in determining product price is:

85. Which of the following phases of a business cycle are marked by an underuse of resources?

1) The trough.

2) The peak.

3) The recovery.

4) The recession.

86. Organizations use matrix management to accomplish which of the following?

87. An organization is considering the outsourcing of its business processes related to payroll and information technology functions .

Which of the following is the most significant area of concern for management regarding this proposed agreement?

88. According to the COSO enterprise risk management (ERM) framework, which of the following is not a typical responsibility of the chief risk officer?

89. Which of the following is a key characteristic of a zero-based budget?

90. In an organization where enterprise risk management practices are mature, which of the following is a core internal audit role?

91. Which of the following local area network physical layouts is subject to the greatest risk of failure if one device fails?

92. Which of the following is a role of the board of directors in the governance process?

93. Which of the following statements is in accordance with COBIT?

1) Pervasive controls are general while detailed controls are specific.

2) Application controls are a subset of pervasive controls.

3) Implementation of software is a type of pervasive control.

4) Disaster recovery planning is a type of detailed control.

94. When an organization is choosing a new external auditor, which of the following is the most appropriate role for the chief audit executive to undertake?

95. Which of the following statements pertaining to a market skimming pricing strategy is not true?

96. Which of the following are typical responsibilities for operational management within a risk management program?

1) Implementing corrective actions to address process deficiencies.

2) Identifying shifts in the organization's risk management environment.

3) Providing guidance and training on risk management processes.

4) Assessing the impact of mitigation strategies and activities.

97. Which of the following is the best approach to overcome entry barriers into a new business?

98. Which of the following statements about market signaling is correct?

1) The organization releases information about a new product generation.

2) The organization limits a challenger's access to the best source of raw materials or labor.

3) The organization announces that it is fighting a new process technology.

4) The organization makes exclusive arrangements with the channels.

99. Which of the following statements is true regarding outsourced business processes?

100. Which of the following statements about slack time and milestones are true?

1) Slack time represents the amount of time a task may be delayed without delaying the entire project.

2) A milestone is a moment in time that marks the completion of the project's major deliverables.

3) Slack time allows the project manager to move resources from one task to another to ensure that the project is finished on time.

4) A milestone requires resource allocation and needs time to be completed.