CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. IIA
  5. CIA

Free CIA Exam Braindumps (page: 7)

Page 6 of 427
PDF with 1702 Questions

An organization receives the most value from an internal audit activity's enterprise-wide risk assessment when the auditor

  1. Focuses primarily on enterprise-level risks
  2. Considers activities at all levels of the organization
  3. Reviews special projects and new initiatives
  4. Validates supporting financial and operational data

Answer(s): B



Internal auditors who are concerned with potential risks due to the mishandling of records or transactions should take into consideration

  1. The type and nature of the activities to be examined
  2. Whether employees in key positions of trust are bonded
  3. The history of losses suffered by the company
  4. The results of prior risk assessments

Answer(s): A



A chief audit executive (CAE) used an electronic spreadsheet to facilitate the risk assessment process for a number of different divisions. The spreadsheet included the following factors Complexity of operations Competence of divisional personnel Dollar amount of accounts where management's judgment can affect the expense. The CAE used a group meeting of audit managers to reach a consensus on the competence of divisional personnel. Other factors were assessed as high, medium, or low risk by either the CAE or an audit manager who had audited the division. The CAE weighted each factor and computed a composite risk score. Which of the following statements is correct regarding this risk assessment process?

  1. The risk analysis would not be appropriate because it mixes both quantitative and qualitative factors.
  2. Assessing factors at discrete levels, such as high, medium, and low, is inappropriate for the risk assessment process because the ratings are not quantifiable.
  3. The weighting is subjective and should have been determined through a process such as multiple regression analysis.
  4. Using a subjective group consensus to assess personnel competence is appropriae.

Answer(s): D



Which of the following is a risk factor that a chief audit executive should consider when prioritizing audit work schedules?

I). Quality of internal control
II). Management competence
III). Time of last audit engagement
IV). Degree of change or organizational stability

  1. I and III only
  2. I, II, and IV only
  3. II, III, and IV only
  4. I, II, III, and IV

Answer(s): D






Post your Comments and Discuss IIA CIA exam with other Community members:

CIA Exam Discussions & Posts