New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

  1. Home
  2. IIA
  3. CIA Challenge Exam
  4. IIA-ACCA - ACCA CIA Challenge Exam

IIA-ACCA Exam Dumps - ACCA CIA Challenge Exam

Go to page:
Question # 81

An internal auditor determines that certain information from the engagement results is not appropriate for disclosure to all report recipients because it is privileged. In this situation, which of the following actions would be most appropriate?

A.

Disclose the information in a separate report.

B.

Distribute the information in a confidential report to the board only

C.

Distribute the reports through the use of blind copies.

D.

Exclude the results from the report and verbally report the conditions to senior management and the board.

Full Access
Question # 82

An internal auditor wants to determine whether employees are complying with the information security policy, which prohibits leaving sensitive information on employee desks overnight. The auditor checked a sample of 90 desks and found eight that contained sensitive information. How should this observation be reported, if the organization tolerates 4 percent noncompliance?

A.

The matter does not need to be reported, because the noncompliant findings fall within the acceptable tolerance limit.

B.

The deviations are within the acceptable tolerance limit, so the matter only needs to be reported to the information security manager.

C.

The incidents of noncompliance fall outside the acceptable tolerance limit and require immediate corrective action, as opposed to reporting.

D.

The incidents of noncompliance exceed the tolerance level and should be included in the final engagement report.

Full Access
Question # 83

A chief audit executive (CAE) received a detailed internal report of senior management's internal control assessment. Which of the following subsequent actions by the CAE would provide the greatest assurance over management's assertions?

A.

Assert whether the described and reported control processes and systems exist.

B.

Assess whether senior management adequately supports and promotes the internal control culture described in the report.

C.

Evaluate the completeness of the report and management's responses to identified deficiencies.

D.

Determine whether management's operating style and the philosophy described in the report reflect the effective functioning of internal controls.

Full Access
Question # 84

An internal auditor has been assigned to facilitate a risk and control self-assessment for the finance group. Which of the following is the most appropriate role that she should assume when facilitating the workshop?

A.

Express an opinion on the participants' inputs and conclusions as the assessment progresses.

B.

Provide appropriate techniques and guidelines on how the exercise should be undertaken.

C.

Evaluate and report on all issues that may be uncovered during the exercise.

D.

Screen and vet participants so that the most appropriate candidates are selected to participate in the exercise.

Full Access
Question # 85

Which of the following application software features is the least effective control to protect passwords?

A.

Suspension of user IDs after a user's repeated attempts to sign on with an invalid password.

B.

Encryption of passwords prior to their transmission or storage.

C.

Forced change of passwords after a designated number of days.

D.

Automatic logoff of inactive users after a specified time period of inactivity.

Full Access
Question # 86

When granting third parties temporary access to an entity's computer systems, which of the following is the most effective control?

A.

Access is approved by the supervising manager.

B.

User accounts specify expiration dates and are based on services provided.

C.

Administrator access is provided for a limited period.

D.

User accounts are deleted when the work is completed.

Full Access
Question # 87

Which of the following is an example of a management control technique?

A.

A budget.

B.

A risk assessment.

C.

The board of directors.

D.

The control environment.

Full Access
Question # 88

An internal auditor in a small broadcasting organization was assigned to review the revenue collection process. The auditor discovered that some checks from three customers were never recorded in the organization's financial records. Which of the following documents would be the least useful for the auditor to verify the finding?

A.

Bank statements.

B.

Customer confirmation letters.

C.

Copies of sales invoices.

D.

Copies of deposit slips.

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps