Summer Certification Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Download Full Version IIA-CIA-Part3 IIA Exam

Page: 41 / 59
Total 791 questions

Internal Audit Function Questions and Answers

Question 161

According to IIA guidance, which of the following statements is true regarding the chief audit executive ' s (CAE’s) responsibility for following up on management action plans?

Options:

A.

Follow-up activities must be performed on an ongoing basis, such as quarterly, rather than being scheduled as specific assignments in the internal audit plan

B.

The primary purpose of the CAE’s follow-up activities is to verify whether the audit issues raised in the audit report are valid

C.

The CAE may plan follow-up activities on a selective basis, depending on risk significance, to verify whether management action plans were completed

D.

Where management believes certain action plans are no longer necessary, the CAE must resolve the matter with the board and if the matter remains unresolved, communicate to senior management

Question 162

Which of the following are typical audit considerations for a review of authentication?

    Authentication policies and evaluation of controls transactions.

    Management of passwords, independent reconciliation, and audit trail.

    Control self-assessment tools used by management.

    Independent verification of data integrity and accuracy.

Options:

A.

1, 2, and 3

B.

1, 2, and 4

C.

1, 3, and 4

D.

2, 3, and 4

Question 163

Which of the following data security policies is most likely to be the result of a data privacy law?

Options:

A.

Access to personally identifiable information is limited to those who need it to perform their job.

B.

Confidential data must be backed up and recoverable within a 24-hour period.

C.

Updates to systems containing sensitive data must be approved before being moved to production.

D.

A record of employees with access to insider information must be maintained, and those employees may not trade company stock during blackout periods.

Question 164

According to 11A guidance on it; which of the following statements is true regarding websites used in e-commerce transactions?

Options:

A.

HTTP sites provide sufficient security to protect customers ' credit card information.

B.

Web servers store credit cardholders ' information submitted for payment.

C.

Database servers send cardholders’ information for authorization in clear text.

D.

Payment gatewaysauthorizecredit cardonlinepayments.

Page: 41 / 59
Total 791 questions