CertsTopics Logo

Labour Day Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

IIA-CIA-Part2 Reviews Questions

Page: 13 / 14
Total 360 questions
Get IIA-CIA-Part2 Full Access Download IIA-CIA-Part2 PDF

Practice of Internal Auditing Questions and Answers

Question 49

An internal auditor at a bank informed the branch manager of a malfunctioning lock on one of the vaults. The risk associated with this issue was deemed significant by the chief audit executive (CAE), and immediate remediation was recommended However during a follow-up engagement the branch manager told the CAE that the risk was actually not significant, hence no action was taken. What is the most appropriate next step for the CAE?

Options:

A.

Inform senior management that the branch manager deeded to cancel the committed action plan without any previous communication

B.

Discuss the issue with the board which has ultimate responsibility to resolve the risk

C.

Have another discussion with the branch manager attempt to change his view, and encourage him to movement the recommendations

D.

Document the branch manager's decision to accept the risk otherwise, no other speak: course of action is required.

Question 50

While performing fieldwork for an assurance engagement, a member of the internal audit team identified a key control that was not identified during the planning phase of the engagement Which of the following actions by the internal auditor would be most appropriate?

Options:

A.

Promptly adjust the audit work program to include tests that address the newly identified control and notify the other audit team members of the change

B.

Proceed with the current audit work program because the engagement scope has already been finalized but plan to address the newly identified control as part of the follow up engagement

C.

Adjust the audit work program to account for the new control, but only with approval from the engagement supervisor

D.

Discuss the control with management of the area under review and seek their approval prior to including the control in the current audit engagement

Question 51

Which of the following should be included in a privacy audit engagement?

1. Assess the appropriateness of the information gathered.

2. Review the methods used to collect information.

3. Consider whether the information collected is in compliance with applicable laws.

4. Determine how the information is stored.

Options:

A.

1 and 3 only

B.

2 and 4 only

C.

1, 3, and 4 only

D.

1, 2, 3, and 4

Question 52

Which of the following is a disadvantage of using flowcharts during a risk assessment?

Options:

A.

People cannot quickly understand the processes via flowcharts

B.

Flowcharts are not applicable for evaluating the design of controls

C.

Some serious risks that are not part of the linear process can be missed

D.

Flowcharts do not enable auditors to identify missing controls

Page: 13 / 14
Total 360 questions
Get IIA-CIA-Part2 Full Access Download IIA-CIA-Part2 PDF