Practice IIA-CIA-Part3-3P-CHS Exam Online

Question 1

An internal auditor identified a database administrator with an incompatible dual role. Which of the following duties should not be performed by the identified administrator?

A : Designing and maintaining the database.

B : Preparing input data and maintaining the database.

C : Maintaining the database and providing its security.

D : Designing the database and providing its security.

Answer: B

Question 2

A manager who is authorized to make purchases up to a certain dollar amount approves the set-up of a fictitious vendor and subsequently initiates purchase orders.

Which of the following controls would best address this risk?

A : Establish separate vendor creation and approval teams.

B : Develop and distribute a code of conduct that prohibits conflicts of interest.

C : Perform a regular review of the vendor master file.

D : Require submission of a conflict-of-interest declaration.

Answer: B

Question 3

Which of the following is a systems software control?

A : Restricting server room access to specific individuals.

B : Housing servers with sensitive software away from environmental hazards.

C : Ensuring that all user requirements are documented.

D : Performing of intrusion testing on a regular basis.

Answer: C

Question 4

According to IIA guidance, which of the following would be a primary reason for an internal auditor to test the organization's IT contingency plan?

A : To ensure that adequate controls exist to prevent any significant business interruptions.

B : To identify and address potential security weaknesses within the system.

C : To ensure that tests contribute to improvement of the program.

D : To ensure that deficiencies identified by the audit are promptly addressed.

Answer: C

Question 5

When developing an effective risk-based plan to determine audit priorities, an internal audit activity should start by:

A : Identifying risks to the organization's operations.

B : Observing and analyzing controls.

C : Prioritizing known risks.

D : Reviewing organizational objectives.

Answer: D

Name:	Certified Internal Auditor - Part 3, Internal Audit Knowledge Elements
Exam Code:	IIA-CIA-Part3-3P-CHS
Certification:	Certified Internal Auditor
Vendor:	IIA
Total Questions:	628
Last Updated:	May 02, 2024

IIA IIA-CIA-Part3-3P-CHS