IIA-CHAL-QISA Practice Questions

A.  

Risk treatment method based on risk evaluation.

B.  

Organizational culture, objectives, and processes.

C.  

The regulatory and competitive environment.

D.  

The method of determining the risk level

A.  

Assets, liabilities, and owners' equity would be understated.

B.  

Assets, net income, and owners’ equity would be unaffected

C.  

Assets and liabilities would be understated.

D.  

Assets, net income, and owners’ equity would be understated, but liabilities would be overstated

A.  

For both assurance and consulting engagements, planning typically occurs after the engagement objectives and scope have already been determined.

B.  

The expectations and objectives of an assurance engagement are usually determined by. or in conjunction with, the engagement client

C.  

Internal auditors may not need to complete a preliminary risk assessment for a consulting engagement as they would when planning an assurance engagement.

D.  

For both consulting and assurance engagements, internal auditors usually form the engagement objectives prior to completing the preliminary risk assessment

A.  

Establish and measure performance objectives for the internal audit activity

B.  

Select board members with necessary knowledge and skills.

C.  

Develop, approve, and execute the strategic plan of the organization

D.  

Develop strategies to mitigate the risks to achieving the organization's objectives

A.  

Creating a comprehensive reporting system for vendors to demonstrate their ongoing due diligence in network operations.

B.  

Drafting a strong contract that requires regular vendor control reports and a right-to-audit clause

C.  

Applying administrative privileges to ensure right-to-access controls are appropriate

D.  

Creating a standing cybersecurity committee to identify and manage risks related to data security.