What decision-making approach should a facilitator initiate if a group addresses an unfamiliar situation during a control self-assessment session?
A. Spontaneous agreement.
B. Consensus building.
C. Majority voting.
D. Compromise.
If participants in a control self-assessment workshop begin breaking their agreed-upon ground rules, the facilitator should:
A. Ignore the behavior and continue the workshop.
B. Allow them to continue briefly and then remind them of the ground rules.
C. Have the participants modify the ground rules.
D. Strictly enforce the ground rules.
In a review of an electronic data interchange application using a third-party service provider, the auditor should:
I. Ensure encryption keys meet International Organization for Standardization (ISO) standards.
II. Determine whether an independent review of the service provider's operation has been conducted.
III. Verify that only public-switched data networks are used by the service provider.
IV.
Verify that the service provider's contracts include necessary clauses, such as the right to audit.
A.
I and II only
B.
I and IV only
C.
II and III only
D.
II and IV only
A bank is developing an integrated customer information system. The type of audit involvement that would most likely help avoid implementation of a system that does not cover all types of accounts would be:
A. A design review.
B. An application control review.
C. A source code review.
D. An access control review.
The internal audit activity can be involved with systems development continuously, immediately prior to implementation, after implementation, or not at all. An advantage of continuous internal audit involvement compared to the other types of involvement is that:
A. The cost of audit involvement can be minimized.
B. There are clearly defined points at which to issue audit comments.
C. Redesign costs can be minimized.
D. The threat of lack of audit independence can be minimized.
Which of the following is a responsibility of the internal auditor once a fraud investigation has been concluded?
A. Ascertain the extent to which fraud has been perpetrated.
B. Notify the appropriate regulatory authorities regarding the outcome of the investigation.
C. Determine if controls need to be implemented or strengthened to reduce future vulnerability.
D. Implement controls to prevent future occurrences.
A chief audit executive has noticed that staff auditors are presenting more oral reports to supplement written reports. The best reason for the increased use of oral reports is that they:
A. Reduce the amount of testing required to support audit findings.
B. Can be delivered in an informal manner without preparation.
C. Can be prepared using a flexible format and reduce the information included in the written report.
D. Permit auditors to counter arguments and provide additional information that the audience may require.
Which of the following tests must an internal auditor perform in order to ensure that inbound electronic data interchange (EDI) transactions are received and translated accurately?
I. Computerized tests to assess transaction reasonableness and validity.
II. Review of log books to ensure that transactions are logged upon receipt.
III. Edit checks to identify unusual transactions.
IV.
Verification of limitations on the authority of users to initiate specific EDI transactions.
A.
I and IV only
B.
II and III only
C.
I, II, and III only
D.
I, II, III, and IV.
When interviewing an individual suspected of fraud, what type of questions would be asked after the introductory questions?
A. Informational questions.
B. Admission-seeking questions.
C. Assessment questions.
D. Closing questions.
Which of the following activities would be performed during a benchmarking consulting engagement?
I. Collect data relevant to the benchmarking process.
II. Review all business processes.
III. Define critical success factors.
IV.
Identify performance gaps.
A.
I and III only
B.
II and IV only
C.
I, II, and III only
D.
I, III, and IV only
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your IIA-CIA-PART2 exam preparations and IIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.