Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. IIA
  5. CIA

IIA CIA Exam
Certified Internal Auditor Exam (Page 35 )

Updated On: 12-Feb-2026
Page 35 of 342
PDF with 1702 Questions

In which order should an environmental auditor audit the following manufacturing plants?
Factor Hazard rating Prior audit results Plant population

Plant 1 Medium Average Small
Plant 2 High Poor Medium
Plant 3 Low Good Large

  1. 1, 2, 3.
  2. 1, 3, 2.
  3. 2, 1, 3.
  4. 2, 3, 1.

Answer(s): C



A large financial services firm has a formal privacy policy and recently hired a chief privacy officer. Since the new chief privacy officer has taken over, risk assessments have been performed, priorities have been established, and resources have been allocated to ensure that effective and consistent privacy controls could be implemented and maintained throughout the company. Based on the Capability Maturity Model (CMM), what level of maturity has the firm reached regarding its privacy strategy?

  1. Defined.
  2. Managed.
  3. Repeatable.
  4. Optimized.

Answer(s): A



Which of the following is an appropriate management strategy for supporting an organization's code of conduct?

I). Offering training opportunities for all employees on ethics topics.
II). Surveying employees, suppliers, and customers regarding compliance.
III). Using case studies and examples of appropriate and inappropriate behaviors.
IV). Establishing clear delineation of responsibilities throughout the organization.

  1. II and IV only.
  2. I, II, and III only.
  3. I, III, and IV only.
  4. I, II, III, and IV.

Answer(s): D



Which of the following factors should internal auditors consider when planning an audit
engagement?

I). The extent of documentation required to complete the engagement.
II). Objectives of the area to be reviewed and how activities are controlled.
III). Significant risks, resources, and operations.
IV). Scope and degree of testing required to achieve the engagement's objectives.

  1. I and IV only.
  2. I, II, and III only.
  3. II, III, and IV only.
  4. I, II, III, and IV.

Answer(s): C



A chief audit executive (CAE) decides to implement a quality assurance and improvement program for the internal audit department but encounters some resistance from internal audit staff concerning how the program should be monitored. Internal audit staff would prefer that all monitoring be performed through supervision during an audit engagement. The CAE needs to include in the monitoring program periodic quality assessments by staff independent from the audit engagement. How should the CAE promote the quality assessment concept?

  1. Encourage all internal audit staff to see the independent quality assessments as part of a process to continuously improve the internal audit department's performance.
  2. Explain that independent quality assessments will identify those staff whose performance does not meet the requirements of the internal audit department.
  3. Arrange for internal audit staff to be given appropriate training in all audit engagement procedures.
  4. Tell internal audit staff that the only purpose of the independent quality assessments is to ensure that errors are corrected quickly before reports are issued.

Answer(s): A






Post your Comments and Discuss IIA CIA exam prep with other Community members:

Join the CIA Discussion