Free Access IIA.IIA-CIA-Part2.v2022-07-26.q511 Practice Test (Page 55)

Question 266

A bank uses a risk analysis matrix to quantify the relative risk of auditable entities. The analysis involves rating auditable entities on risk factors using a scale of 1 to 10, with 10 representing the greatest risk. A partial list of risk factors and the ratings given to three of the bank's departments is provided below:

Which of the following statements regarding risk in the department is true?

A.The internal audit activity should schedule audits of department B more often than audits of department C because of the relative control strength of department C as compared to department B.

B.As compared to departments A and C, department B has a stronger control system to compensate for the greater complexity of the department's transactions and dollar value of its assets.

C.The nature of department A's control structure may be justified by the nature of the department's assets and the complexity of its transactions.

D.The relative ranking of the departments in order of their risk, from greatest to least risk, is: A; C; B.

Question 267

A chief audit executive (CAE) of a major retailer has engaged an independent firm of information security specialists to perform specialized internal audit activities. The CAE can rely on the specialists' work only if it is:

A.Performed in accordance with the terms of the contract.

B.Performed under the supervision of the information technology department.

C.Carried out using standard review procedures for retailers.

D.Carried out in accordance with the Standards.

Question 268

According to the Standards, which of the following would least likely be considered a red flag when evaluating the risk for fraud?

A.Health benefits are detected to be claimed for a deceased employee.

B.Cash receipts appear to be lower than expected from an employee's cash drawer.

C.An employee did not approve an internal report detailing expenses for the month.

D.It is alleged that an employee is receiving vendor kickbacks.

Question 269

Which of the following is not a reason for an internal auditor to prepare an audit plan before the detailed audit work begins?

A.The objectives of the audit should be set.

B.The organization's management should be informed about the work to be performed.

C.Attention should be devoted toward the key audit areas.

D.The timing of the audit should be set.

Question 270

An auditor evaluating excessive product rejection rates should investigatE.
I.
Communication between sales and production departments on sales returns.
II.
Volume of product sales year-to-date in comparison to prior year-to-date.
III.
Changes in credit ratings of customers versus sales to those customers.
IV.
Detailed product scrap accounts and accumulations.

A.I and IV only

B.I, II, III, and IV.

C.I and III only

D.II, III, and IV only

Other Version: 1729IIA.IIA-CIA-Part2.v2024-12-09.q342; 7773IIA.IIA-CIA-Part2.v2023-05-26.q379; 7871IIA.IIA-CIA-Part2.v2023-04-08.q383; 3171IIA.IIA-CIA-Part2.v2023-03-09.q121; 13495IIA.IIA-CIA-Part2.v2022-09-28.q589; 9271IIA.IIA-CIA-Part2.v2022-01-22.q283; 108IIA.Prepawaypdf.IIA-CIA-Part2.v2021-10-22.by.nat.555q.pdf

Latest Upload: 106OCEG.GRCP.v2025-09-11.q211; 106HP.HPE0-V27.v2025-09-11.q78; 122Oracle.1Z0-1057-23.v2025-09-10.q47; 157Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 136SAP.C-S4EWM-2023.v2025-09-08.q83; 172TheSecOpsGroup.CNSP.v2025-09-08.q20; 240CFAInstitute.ESG-Investing.v2025-09-08.q173; 236PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 159Salesforce.Data-Architect.v2025-09-05.q216; 153Adobe.AD0-E605.v2025-09-05.q50

Question 266

Question 267

Question 268

Question 269

Question 270

Download PDF File