IIA-CIA-Part3 Practice Questions

A.  

Revenues should be recognized when earned.

B.  

Revenue recognition is matched with cash.

C.  

Expense recognition is tied to revenue recognition.

D.  

Expenses are recognized at each accounting period.

A.  

There is a greater need for organizations to rely on users to comply with policies and procedures.

B.  

With fewer devices owned by the organization, there is reduced need to maintain documented policies and procedures.

C.  

Incident response times are less critical in the BYOD environment compared to a traditional environment.

D.  

There is greater sharing of operational risk in a BYOD environment.

A.  

The sole responsibility for change management is assigned to an experienced and competent IT team

B.  

Change management follows a consistent process and is done in a controlled environment.

C.  

Internal audit participates in the implementation of change management throughout the organisation.

D.  

All changes to systems must be approved by the highest level of authority within an organization.

A.  

Anti-malware software

B.  

Authentication

C.  

Spyware

D.  

Rooting

A.  

A witness verifies the quantities of the copies signed.

B.  

A witness verifies that the contract was signed with the free consent of the promisor and promisee.

C.  

A witness ensures the completeness of the contract between the promisor and promisee.

D.  

A witness validates that the signatures on the contract were signed by the promisor and promisee.

A.  

Standards used for evaluation and control are determined at local subsidiaries, not set by headquarters

B.  

Orders, commands, and advice are sent to the subsidiaries from headquarters

C.  

People of local nationality are developed for the best positions within their own country

D.  

There is a significant amount of collaboration between headquarters and subsidiaries

A.  

Conciseness

B.  

Constructiveness

C.  

Objectivity

D.  

Accuracy

A.  

Report identifying data that is outside of system parameters.

B.  

Report identifying general ledger transactions by time and individual.

C.  

Report comparing processing results with original input.

D.  

Report confirming that the general ledger data was processed without error.

A.  

Regulations related to privacy are evolving and complex, and the number of laws is increasing

B.  

Most privacy laws are prescriptive and focused on organizations’ privacy rights

C.  

The concept of data privacy is well established, privacy regulations are mature, and minimal regulatory changes are expected

D.  

Because the concept of privacy is different around the world, data privacy is relatively unregulated

A.  

Output controls.

B.  

Input controls

C.  

Processing controls.

D.  

Integrity controls.

A.  

Data relationships are assumed to exist and to continue where no known conflicting conditions exist.

B.  

Analytical procedures are intended primarily to ensure the accuracy of the information being examined.

C.  

Data relationships cannot include comparisons between operational and statistical data

D.  

Analytical procedures can be used to identify unexpected differences, but cannot be used to identify the absence of differences

A.  

Customers can access and update personal information when needed.

B.  

The organization retains customers' personal information indefinitely.

C.  

Customers reserve the right to reject sharing personal information with third parties.

D.  

The organization performs regular maintenance on customers' personal information.

A.  

Constructive communications

B.  

Complete communications

C.  

Concise communications

D.  

Clear communications

A.  

Average cost method

B.  

First-in, first-out (FIFO) method

C.  

Specific identification method

D.  

Activity-based costing method

A.  

Corrective

B.  

Detective

C.  

Preventive

D.  

Discretionary