CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. IIA
  5. IIA-CRMA

Free IIA-CRMA Exam Braindumps (page: 12)

Page 12 of 71
PDF with 283 Questions

What type of risk management strategy is being employed when an organization installs two firewalls to provide protection from unauthorized access to the network?

  1. Diversifying the risk that network access will not be available to legitimate, authorized users.
  2. Accepting the risk that there may be attempts at unauthorized access to the network.
  3. Avoiding the risk of having a direct network connection to un-trusted networks.
  4. Sharing the risk that either firewall could be compromised by hackers.

Answer(s): A



If an engagement client disputes that a specific action or process is within the scope of the internal audit activity, what would be the most appropriate way for the internal audit activity (IAA) to respond?

  1. Terminate the audit engagement in full because an operational audit will not be productive without the client's cooperation.
  2. Terminate only the specific action or process with which the client disagrees and work to determineasubstitutefunctionthatwillnotimpedefurtherIAAortheclient-auditrelationship.
  3. Refer the client to the IAA's charter and the approved yearly audit plan, which includes the areas designated for audit in the current time period.
  4. Seek the approval of senior management or the board in mediation, allowing an overseer to clarify the scope of the audit engagement for the client.

Answer(s): C



This chief audit executive (CAE) engaged an internal auditor to consult on an organization's complex information technology system. Shortly after beginning the engagement, the auditor unexpectedly resigned. Unfortunately, this auditor was the only available auditor with the necessary expertise. The CAE will not be able to hire someone with similar expertise in time to meet a regulatory deadline. Which of the following would be the best course of action for the CAE to take?

  1. Continue with the engagement in order to meet the regulatory deadline, but highlight areas in the final report that might need to be revised in the future.
  2. Ask that a senior member of the organization's IT department with the required systems expertise join the audit team to assist in completing the engagement.
  3. Delay the engagement and inform the board of the situation, asking them to provide acceptable alternatives for completing the engagement.
  4. Remove the planned engagement from the audit plan and explain to senior management the problems with moving forward without an auditor with the necessary expertise.

Answer(s): C



A candidate has applied for an entry level internal audit position. The candidate holds a CISA (Certified Information Systems Auditor) designation, and has six months of audit experience, but limited knowledge of accounting principles and techniques. According to the IIA guidance, which of the following is the most relevant reason for the chief audit executive to consider this candidate?

  1. Other internal auditors possess sufficient knowledge of accounting principles and techniques.
  2. The candidate's information systems knowledge and real-world experience in internal auditing.
  3. Accounting skills can be learned over time with appropriate training.
  4. An entry level position does not require expertise in any particular area.

Answer(s): B



Page 12 of 71



Post your Comments and Discuss IIA IIA-CRMA exam with other Community members:

Oga commented on November 23, 2024
Graet very helpful
CANADA
upvote

peter commented on November 16, 2024
I'm finding these question helpful
Anonymous
upvote