Nov-2021 IIA IIA-CIA-Part2 Certification Real 2021 Mock Exam [Q229-Q244]

Share

Nov-2021 IIA IIA-CIA-Part2 Certification Real 2021 Mock Exam

IIA-CIA-Part2 Exam Questions and Valid PMP Dumps PDF 

NEW QUESTION 229
An internal auditor wants to determine whether employees are complying with the information security policy, which prohibits leaving sensitive information on employee desks overnight. The auditor checked a sample of
90 desks and found eight that contained sensitive information. How should this observation be reported, if the organization tolerates 4 percent noncompliance?

  • A. The incidents of noncompliance exceed the tolerance level and should be included in the final engagement report.
  • B. The deviations are within the acceptable tolerance limit, so the matter only needs to be reported to the information security manager.
  • C. The incidents of noncompliance fall outside the acceptable tolerance limit and require immediate corrective action, as opposed to reporting.
  • D. The matter does not need to be reported, because the noncompliant findings fall within the acceptable tolerance limit.

Answer: A

Explanation:
Section: Volume E

 

NEW QUESTION 230
A limitation of using ratio analysis in an audit engagement is that it:

  • A. Is an expensive method of testing.
  • B. Requires computer software in order to develop meaningful interpretations of data.
  • C. Often uses financial information provided by management which has not been reviewed for reliability and validity.
  • D. Is useful only when comparisons can be made across other industries.

Answer: C

 

NEW QUESTION 231
An internal auditor is conducting a review of the procurement function and uncovers a potential conflict of interest between the chief operating officer and a significant supplier of IT software development services. Which of the following actions is most appropriate for the internal auditor to take?

  • A. Disregard the potential conflict, because it is outside the scope of the audit assignment.
  • B. Inform the audit supervisor.
  • C. Inform the external auditors of the potential conflict of interest.
  • D. Investigate the potential conflict of interest.

Answer: B

 

NEW QUESTION 232
Which of the following actions has the least influence on the chief audit executive's development of an audit plan?

  • A. Changes in the organizations structure or budget.
  • B. An assessment of risk and exposures affecting the organization.
  • C. An evaluation of the complexity of each audit engagement.
  • D. Input from senior management and the board.

Answer: C

 

NEW QUESTION 233
According to IIA guidance, which of the following are the most important objectives for helping to ensure the appropriate completion of an engagement?
1. Coordinate audit team members to ensure the efficient execution of all engagement procedures.
2. Confirm engagement workpapers properly support the observations, recommendations, and conclusions.
3. Provide structured learning opportunities for engagement auditors when possible.
4. Ensure engagement objectives are reviewed for satisfactory achievement and are documented properly.

  • A. 2, 3, and 4
  • B. 1, 2, and 3
  • C. 1, 2, and 4
  • D. 1, 3, and 4

Answer: C

Explanation:
Section: Volume E

 

NEW QUESTION 234
An audit identified a number of weaknesses in the configuration of a critical client/server system. Although some of the weaknesses were corrected prior to the issuance of the audit report, correction of the rest will require between 6 and 18 months for completion. Consequently, management has developed a detailed action plan, with anticipated completion dates, for addressing the weaknesses. What is the most appropriate course of action for the chief audit executive to take?

  • A. Assess the status of corrective action during a follow-up audit engagement after the action plan has been completed.
  • B. Evaluate the ability of the action plan to correct the weaknesses and monitor key dates and deliverables.
  • C. Assess the effectiveness of corrections by reviewing statistics related to unplanned system outages, and denials of service.
  • D. Reassign information systems auditors to assist in implementing management's action plan.

Answer: B

 

NEW QUESTION 235
Which of the following statements regarding the use of external contracted services by the chief audit executive (CAE) is false?

  • A. The expert should be directed by the objectives and scope of work.
  • B. The external expert could have a prior relationship with the audit client.
  • C. The audit report should not disclose the use of contracted services.
  • D. The CAE's responsibility is not impaired by engaging an external expert.

Answer: C

 

NEW QUESTION 236
A large retail organization, which sells most of its products online, experiences a computer hacking incident. The chief IT officer immediately investigates the incident and concludes that the attempt was not successful. The chief audit executive (CAE) learns of the attack in a casual conversation with an IT auditor. Which of the following actions should the CAE take?
1. Meet with the chief IT officer to discuss the report and control improvements that will be implemented as a result of the security breach, if any.
2. Immediately inform the chair of the audit committee of the security breach, because thus far only the chief IT officer is aware of the incident.
3. Meet with the IT auditor to develop an appropriate audit program to review the organization's Internet-based sales process and key controls.
4. Include the incident in the next quarterly report to the audit committee.

  • A. 1 and 2
  • B. 2 and 4
  • C. 1 and 3
  • D. 3 and 4

Answer: A

 

NEW QUESTION 237
Which of the following is a responsibility of the internal auditor once a fraud investigation has been concluded?

  • A. Determine if controls need to be implemented or strengthened to reduce future vulnerability.
  • B. Notify the appropriate regulatory authorities regarding the outcome of the investigation.
  • C. Ascertain the extent to which fraud has been perpetrated.
  • D. Implement controls to prevent future occurrences.

Answer: A

 

NEW QUESTION 238
When conducting audit follow-up of a finding related to cash management routines, an internal auditor would expect to find that all of the following changes have occurred except:

  • A. Controls have been implemented to deter or detect a recurrence of the finding.
  • B. The steps being taken are resolving the condition disclosed by the finding.
  • C. Inherent risk has been eliminated as a result of resolution of the condition.
  • D. Benefits have accrued to the entity as a result of resolving the condition.

Answer: C

Explanation:
Section: Volume B

 

NEW QUESTION 239
After the team member who specialized in fraud investigations left the internal audit team, the chief audit executive decided to outsource fraud investigations to a third party service provider on an as needed basis. Which of the following is most likely to be a disadvantage of this outsourcing decision?

  • A. Familiarity.
  • B. Cost.
  • C. Independence.
  • D. Flexibility.

Answer: A

 

NEW QUESTION 240
Which of the following represents appropriate evidence of supervisory review of engagement workpapers?
I. A supervisor's initials on each workpaper.
II. An engagement workpaper review checklist.
III. A memorandum specifying the nature, extent, and results of the supervisory review of workpapers.
IV.
Performance appraisals that assess the quality of workpapers prepared by auditors.

  • A. I, II, and III only
  • B. II and IV only
  • C. I, II, III, and IV.
  • D. I, III, and IV only

Answer: A

 

NEW QUESTION 241
Which of the following methods would an auditor most likely use to document a complex sales order process?

  • A. Create a critical path method chart, noting the processes involved for each step.
  • B. Utilize a systems narrative, which can be updated during subsequent audits.
  • C. Develop a horizontal flowchart, with supporting documentation for key control points.
  • D. Perform a process review, assigning time and cost to each step of the process to develop a hierarchy flowchart.

Answer: C

 

NEW QUESTION 242
Which of the following would provide the best evidence of compliance with an airline's standard of having aircraft refueled and cleaned within a specified time of arrival at an airport?

  • A. Vendor fuel invoices that have been reconciled to inventory records.
  • B. Time cards completed by aircraft cleaning and fueling crews.
  • C. Observation of selected aircraft while they are being refueled and cleaned.
  • D. Comparison of the standard hourly labor costs for cleaning and fueling personnel with actual labor charges.

Answer: C

 

NEW QUESTION 243
An internal auditor has a recommendation to change operations which could potentially increase profits by $50,000. The best way to sell this recommendation to management is to:

  • A. Carefully work out the details of implementation before presenting it to department management.
  • B. Wait until the exit conference to discuss it in order to ensure all affected parties are present.
  • C. Discuss it with operating supervisors who are directly affected by the change, and then with department management.
  • D. Bring it to the audit manager, who should bring it immediately to senior management's attention.

Answer: C

 

NEW QUESTION 244
......


IIA IIA-CIA-Part2 Exam Syllabus Topics:

TopicDetails
Topic 1
  • Identify a risk management framework to assess risks and prioritize audit engagements based on the results of a risk assessment
  • Communicating and Reporting to Senior Management and the Board
Topic 2
  • Identify sources of potential engagements
  • Describe policies and procedures for the planning, organizing, directing
Topic 3
  • Complete a detailed risk assessment of each audit area, including evaluating and prioritizing risk and control factors
  • Plan the engagement to assure identification of key risks and controls Proficient
Topic 4
  • Interpret administrative activities
  • Use computerized audit tools and techniques
  • Recognize that the chief audit executive communicates the annual audit plan to senior management
Topic 5
  • Identify significant risk exposures and control and governance issues
  • Interpret the types of consulting engagements
Topic 6
  • Determine engagement procedures and prepare the engagement work program
  • Establishing a Risk-based Internal Audit Plan
Topic 7
  • Describe coordination of internal audit efforts with the external auditor, regulatory oversight bodies
  • Determine engagement objectives, evaluation criteria, and the scope of the engagement
Topic 8
  • Evaluate the relevance, sufficiency, and reliability of potential sources of evidence
  • Develop checklists and risk-and-control questionnaires as part of a preliminary survey of the engagement area
Topic 9
  • Prepare workpapers and documentation of relevant information to support conclusions and engagement results
  • Determine the level of staff and resources needed for the engagement

 

IIA-CIA-Part2 Question Bank: Free PDF Download Recently Updated Questions: https://www.practicematerial.com/IIA-CIA-Part2-exam-materials.html

IIA-CIA-Part2 Brain Dump: A Study Guide with Tips & Tricks for passing Exam: https://drive.google.com/open?id=1Y3dsEEFWElwTBAgAtHj_jsdTtSp9WKew