CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. IIA
  5. IIA-CIA-Part2

Free IIA-CIA-Part2 Exam Braindumps (page: 36)

Page 36 of 128
PDF with 508 Questions

Which of the following would not be an appropriate step for an internal auditor to perform during an assessment of compliance with an organization's privacy policy?

  1. Determine who can access databases containing confidential information.
  2. Evaluate the organization's privacy policy to determine if appropriate information is covered.
  3. Analyze access to permanent files and reports containing confidential information.
  4. Evaluate the government's security measures related to confidential information received from the organization.

Answer(s): D



An internal auditor for a financial institution has just completed an audit of loan processing. Of the 81 loans approved by the loan committee, the auditor found seven loans which exceeded the approved amount. Which of the following actions would be inappropriate on the part of the auditor?

  1. Examine the seven loans to determine if there is a pattern. Summarize amounts and include in the engagement final communication.
  2. Report the amounts to the loan committee and leave it up to them to correct. Take no further follow-up action at this time and do not include the items in the engagement final communication.
  3. Follow up with the appropriate vice president and include the vice president's acknowledgment of the situation in the engagement final communication.
  4. Determine the amount of the differences and make an assessment as to whether the dollar differences are material. If the amounts are not material, not in violation of government regulations, and can be rationally explained, omit the observation from the engagement final communication.

Answer(s): B



During a systems development audit, software developers indicated that all programs were moved
from the development environment to the production environment and then tested in the production environment. What should the auditor recommend?

  1. Implement a test environment to ensure that testing is not performed in the production environment.
    II. Require developers to move modified programs from the development environment to the test environment and from the test environment to the production environment.
    III. Eliminate access by developers to the production environment.
  2. I only
  3. III only
  4. I and II only
  5. I and III only

Answer(s): D



A post-audit questionnaire sent to audit clients is an effective mechanism for:

  1. Substantiating audit observations.
  2. Promoting the internal audit activity.
  3. Improving future audit engagements.
  4. Validating process flow.

Answer(s): C



Page 36 of 128



Post your Comments and Discuss IIA IIA-CIA-Part2 exam with other Community members:

NOOR commented on October 06, 2024
I want to pass my CIA Exam P2 withing the next 2weeks, can I get help?
UNITED ARAB EMIRATES
upvote

ET commented on August 19, 2024
I have just failed my CIA 2 second attempt today. May I have any assistance from you guys?
Anonymous
upvote