IIA-CIA-Part3 Business Knowledge for Internal Auditing Question and Answers

Lower costs.

Slower decision making at the senior executive level.

Limited creative freedom in lower-level managers.

Senior-level executives more focused on short-term, routine decision making

Review the call center script used by customer service agents to interact with callers, and update the script if necessary.

Be-emphasize the importance of call center employees completing a certain number of calls per hour.

Retrain call center staff on area processes and common technical issues that they will likely be asked to resolve.

Increase the incentive for call center employees to complete calls quickly and raise the number of calls completed daily

The structure is dispersed geographically

The hierarchy levels are more numerous.

The span of control is wide

The tower-level managers are encouraged to exercise creativity when solving problems

Residual income

A flexible budget

Variance analysis.

A contribution margin income statement by segment.

Real-time processing of transactions and elimination of data redundancies.

Fewer data processing errors and more efficient data exchange with trading partners.

Exploitation of opportunities and mitigation of risks associated with e-business.

Integration of business processes into multiple operating environments and databases.

Analyze invoice payments just under individual authorization limits.

Analyze stratification of inventory adjustments by warehouse location.

Analyze Inventory Invoice amounts and compare with approved contract amounts.

Analyze differences discovered curing duplicate payment testing.

Data relationships are assumed to exist and to continue where no known conflicting conditions exist.

Analytical procedures are intended primarily to ensure the accuracy of the information being examined.

Data relationships cannot include comparisons between operational and statistical data

Analytical procedures can be used to identify unexpected differences, but cannot be used to identify the absence of differences

Greater cost-effectiveness

Increased economies of scale

Larger talent pool

Strong internal controls

A wireless local area network (WLAN ).

A personal area network (PAN).

A wide area network (WAN).

A virtual private network (VPN)

Nondisclosure agreements between the firm and its employees.

Logs of user activity within the information system.

Two-factor authentication for access into the information system.

limited access so information, based on employee duties

Access to personally identifiable information is limited to those who need It to perform their job.

Confidential data must be backed up and recoverable within a 24-hour period.

Updates to systems containing sensitive data must be approved before being moved to production.

A record of employees with access to insider information must be maintained, and those employees may not trade company stock during blackout periods

Resource planning.

Cost estimating

Cost budgeting.

Cost control.

Waterfall.

Projects in Controlled Environments (PRINCE2).

Information Technology Infrastructure Library (ITIL).

COBIT

This will support execution of the right-to-audit clause.

This will enforce robust risk assessment practices

This will address cybersecurity considerations and concerns.

This will enhance the third party's ability to apply data analytics

Risk and uncertainty increase over the life of the project.

Costs and staffing levels are typically high as the project draws to a close.

Costs related to making changes increase as the project approaches completion.

The project life cycle corresponds with the life cycle of the product produced by or modified by the project.

Less than 12 percent.

12 percent.

Between 12.01 percent and 12.50 percent.

More than 12 50 percent.

Train all employees on bring-your-own-device (BYOD) policies.

Understand what procedures are in place for locking lost devices

Obtain a list of all smart devices in use

Test encryption of all smart devices

$0

$4,000

$5,000

$10,000

Understand strategic context and evaluate whether supporting information is reliable and complete.

Ascertain whether governance and approval processes are transparent, documented, and completed.

Perform a due diligence review or asses management's review of provider operations.

Identify key performance measures and data sources.

The organizational chart shows only formal relationships.

The organizational chart shows only the line of authority.

The organizational chart shows only the senior management positions.

The organizational chart is irrelevant when testing the control environment.

Firewall.

Encryption.

Antivirus.

Biometrics.

An ABC costing system is similar to conventional costing systems in how it treats the allocation of manufacturing overhead.

An ABC costing system uses a single unit-level basis to allocate overhead costs to products.

An ABC costing system may be used with either a job order or a process cost accounting system.

The primary disadvantage of an ABC costing system is less accurate product costing.

Measure product performance against an established standard.

Develop standard methods for performing established activities.

Require the grouping of activities under a single manager.

Assign each employee a reasonable workload.

High-yield bonds

Commodity-backed bonds

Zero coupon bonds

Junk bonds

Rooting.

Eavesdropping.

Man in the middle.

Session hijacking.

The maximum tolerable downtime after the occurrence of an incident.

The maximum tolerable data loss after the occurrence of an incident.

The maximum tolerable risk related to the occurrence of an incident

The minimum recovery resources needed after the occurrence of an incident

A warm recovery plan.

A cold recovery plan.

A hot recovery plan.

A manual work processes plan

Password selection

Password aging

Password lockout

Password rotation

Corrective

Detective

Preventive

Discretionary

Fixed maintenance costs.

Variable maintenance costs.

Mixed maintenance costs.

Indirect maintenance costs.

Intrinsic reward.

Job enrichment

Extrinsic reward.

The hierarchy of needs.

Compare to the annual cost of capital

Compare to the annual interest data.

Compare to the required rate of return.

Compare to the net present value.

Identification of achievable goals and timelines

Analysis of the competitive environment.

Plan for the procurement of resources

Plan for progress reporting and oversight.

HTTP sites provide sufficient security to protect customers' credit card information.

Web servers store credit cardholders' information submitted for payment.

Database servers send cardholders’ information for authorization in clear text.

Payment gatewaysauthorizecredit cardonlinepayments.

Customers can access and update personal information when needed.

The organization retains customers' personal information indefinitely.

Customers reserve the right to reject sharing personal information with third parties.

The organization performs regular maintenance on customers' personal information.

Direct, product costs.

Indirect product costs.

Direct period costs,

Indirect period costs

Top management does little monitoring of the decisions made at lower levels.

The decisions made at the lower levels of management are considered very important.

Decisions made at lower levels in the organizational structure are few.

Reliance is placed on top management decision making by few of the organization's departments.

UDAs arid traditional JT applications typically follow a similar development life cycle

A UDA usually includes system documentation to illustrate its functions, and IT-developed applications typically do not require such documentation.

Unlike traditional IT applications. UDAs typically are developed with little consideration of controls.

IT testing personnel usually review both types of applications thoroughly to ensure they were developed properly.

Required documentation of process for discontinuing use of the devices

Required removal of personal pictures and contacts.

Required documentation of expiration of contract with service provider.

Required sign-off on conflict of interest statement.

A witness verifies the quantities of the copies signed.

A witness verifies that the contract was signed with the free consent of the promisor and promisee.

A witness ensures the completeness of the contract between the promisor and promisee.

A witness validates that the signatures on the contract were signed by the promisor and promisee.

Individual skills and capabilities.

Alignment with organizational strategy.

Financial and human resources of the unit.

Targets of key performance indicators

The spam filter removed Incoming communication that included certain keywords and domains.

The spam filter deleted commercial ads automatically, as they were recognized as unwanted.

The spam filter routed to the "junk|r folder a newsletter that appeared to include links to fake websites.

The spam filter blocked a fitness club gift card that coworkers sent to an employee for her birthday.

Primary direction of communication tends to be lateral.

Definition of assigned tasks tends to be broad and general.

Type of knowledge required tends to be broad and professional.

Reliance on self-control tends to be low.

Assets minus liabilities.

Total assets.

Total liabilities.

Owners contribution plus drawings.

First-in. first-out method (FIFO).

Last-in, first-out method (LIFO).

Specific identification method.

Average-cost method

Error listings.

Distribution controls.

Transaction logging.

Systems development controls.

Use of a central processing unit

Use of a database management system

Use of a local area network

Use of electronic data Interchange

Wide area network.

Local area network

Metropolitan area network.

Storage area network.