IIA-CIA-PART3-3P Online Practice Questions and Answers

Multinational organizations generally spend more time and effort to identify and evaluate:

A. Internal strengths and weaknesses.

B. Break-even points.

C. External trends and events.

D. Internal risk factors.

Which of the following is the primary benefit of including end users in the system development process?

A. Improved integrity of programs and processing.

B. Enhanced ongoing maintenance of the system.

C. Greater accuracy of the testing phase.

D. Reduced need for unexpected software changes.

In order to provide useful information for an organization's risk management decisions, which of the following factors is least important to assess?

A. The underlying causes of the risk.

B. The impact of the risk on the organization's objectives.

C. The risk levels of current and future events.

D. The potential for eliminating risk factors.

A manager has difficulty motivating staff to improve productivity, despite establishing a lucrative individual reward system. Which of the following is most likely the cause of the difficulty?

A. High degree of masculinity.

B. Low uncertainty avoidance.

C. High collectivism.

D. Low long-term orientation.

Senior management has decided to implement the Three Lines of Defense model for risk management. Which of the following best describes senior management's duties with regard to this model?

A. Ensure compliance with the model.

B. Identify management functions.

C. Identify emerging issues.

D. Set goals for implementation.

The internal audit activity completed an initial risk analysis of the organization's data storage center and found several areas of concern. Which of the following is the most appropriate next step?

A. Risk response.

B. Risk identification.

C. Identification of context.

D. Risk assessment.

Which of the following risks would involve individuals attacking an oil company's IT system as a sign of solidarity against drilling in a focal area?

A. Tampering

B. Hacking

C. Phishing

D. Piracy

According to Maslow's hierarchy of needs theory, which of the Mowing best describes a strategy where a manager offers an assignment to a subordinate specifically to support his professional growth and future advancement?

A. Esteem by colleagues

B. Sell-fulfillment

C. Sense of belonging in the organization

D. Job security

Which of the following most accurately describes the purpose of application authentication controls?

A. To ensure that data input into business applications is valid, complete, and accurate.

B. To prevent or detect errors in data processed using business applications.

C. To ensure that business applications are protected from unauthorized logical access.

D. To ensure the validity, accuracy, and completeness of outputs from business applications.

Which of the following types of analytics would be used by an organization to examine metrics by business units and identity the most profitable business units?

A. Detailed analytics

B. Predictive analytics

C. Diagnostic analytics

D. Prescriptive analytics