IIA-CIA-Part3-3P by IIA Valid Free Exam Practice Test

Question 1

Multinational organizations generally spend more time and effort to identify and evaluate:

A. Internal risk factors. B. Internal strengths and weaknesses. C. Break-even points. D. External trends and events.

Correct Answer: D

Question 2

Which of the following should an organization consider when developing strategic objectives for its business processes?
1) Contribution to the success of the organization.
2) Reliability of operational information.
3) Behaviors and actions expected of employees.
4) How inputs combine with outputs to generate activities.

A. 3 and 4 only B. 1 and 3 only C. 2 and 4 only D. 1 and 2 only

Correct Answer: B

Question 3

Which of the following statements is correct regarding risk analysis?

A. The extent to which management judgments are required in an area could serve as a risk factor in assisting the auditor in making a comparative risk analysis. B. The highest risk assessment should always be assigned to the area with the highest probability of occurrence. C. The highest risk assessment should always be assigned to the area with the largest potential loss. D. Risk analysis must be reduced to quantitative terms in order to provide meaningful comparisons across an organization.

Correct Answer: A

Question 4

A retail organization is considering acquiring a composite textile company. The retailer's due diligence team determined the value of the textile company to be $50 million. The financial experts forecasted net present value of future cash flows to be $60 million. Experts at the textile company determined their company's market value to be $55 million if purchased by another entity. However, the textile company could earn more than $70 million from the retail organization due to synergies. Therefore, the textile company is motivated to make the negotiation successful. Which of the following approaches is most likely to result in a successful negotiation?

A. Develop a bargaining zone that lies between $50 million and $70 million and create sets of outcomes between $50 million and $70 million. B. Develop a bargaining zone that lies between $55 million and $60 million and create sets of outcomes between $55 million and $60 million. C. Involve a mediator as a neutral party who can work with the textile company's management to determine a bargaining zone. D. Adopt an added-value negotiating strategy, develop a bargaining zone between $50 million and $70 million, and create sets of outcomes between $50 million and $70 million.

Correct Answer: B

Question 5

According to the International Professional Practices Framework, which of the following statements is true regarding a corporate social responsibility (CSR) program?
1) Every employee generally has a responsibility for ensuring the success of CSR objectives.
2) The board has overall responsibility for the effectiveness of internal control processes associated with CSR.
3) Public reporting on the CSR governance process is expected.
4) Organizations generally have flexibility regarding what is included in a CSR program.

A. 2, 3, and 4 only B. 1, 2, and 4 only C. 1, 3, and 4 only D. 1, 2, and 3 only

Correct Answer: B

Question 6

Which of the following is not a common feature of cumulative preferred stock?

A. Priority over common stock with regard to earnings. B. Priority over common stock with regard to dilution of shares. C. Priority over common stock with regard to dividend payment. D. Priority over common stock with regard to assets.

Correct Answer: B

Question 7

Which of the following is a cybersecurity monitoring activity that involves assessing the strength of an organization's IT protection?

A. Malware defense B. Wireless access controls C. Penetration tests D. Boundary defense

Correct Answer: D

Question 8

A holding company set up a centralized group technology department, using a local area network with a mainframe computer to process accounting information for all companies within the group. An internal auditor would expect to find all of the following controls within the technology department except:

A. Adequate segregation of duties between data processing controls and file security controls. B. Documented procedures for remote job entry and for local data file retention. C. Established procedures to prevent and detect unauthorized changes to data files. D. Emergency and disaster recovery procedures and maintenance agreements in place to ensure continuity of operations.

Correct Answer: B

Question 9

In reviewing an organization's IT infrastructure risks, which of the following controls is to be tested as part of reviewing workstations?

A. Input controls. B. Physical controls. C. Segregation of duties. D. Integrity controls.

Correct Answer: D

Question 10

An internal auditor reviews a data population and calculates the mean, median, and range.
What is the most likely purpose of performing this analytic technique?

A. To determine whether duplicates in the data inflate the range. B. To inform the classification of the data population. C. To determine the completeness and accuracy of the data. D. To identify whether the population contains outliers.

Correct Answer: D

Question 11

Which of the following principles is shared by both hierarchical and open organizational structures?
1) A superior can delegate the authority to make decisions but cannot delegate the ultimate responsibility for the results of those decisions
2) A supervisor's span of control should not exceed seven subordinates
3) Responsibility should be accompanied by adequate authority
4) Employees at all levels should be empowered to make decisions.

A. 2 and 3 only B. 3 and 4 only. C. 1 and 3 only. D. 1 and 4 only.

Correct Answer: C

IIA CIA Exam Part Three: Business Knowledge for Internal Auditing - IIA-CIA-Part3-3P Exam Practice Test