An internal auditor notes that employees continue to violate segregation-of-duty controls in several areas of the finance department, despite previous audit recommendations. Which of the following recommendations is the most appropriate to address this concern?

• A.Recommend rotating finance staff in this area.
• B.Recommend additional segregation-of-duty reviews.
• C.Recommend appropriate awareness training for all finance department staff.
• D.Recommend that management address these concerns immediately.

Comment: *

Name: *

Email: *

Verification: *

When setting the scope for the identification and assessment of key risks and controls in a process, which of the following would be the least appropriate approach?

• A.Ensure the audit includes an assessment of manual and automated controls to determine whether business risks are effectively managed.
• B.Specify that the auditors need to assess only key controls, but may include an assessment of non-key controls if there is value to the business in providing such assurance.
• C.Develop the scope of the audit to include controls that are necessary to manage risk associated with a critical business objective.
• D.Develop the scope of the audit based on a bottom-up perspective to ensure that all business objectives are considered.

Comment: *

Name: *

Email: *

Verification: *

According to Porter, which of the following is associated with fragmented industries?

• A.Weak entrance barriers.
• B.Strong negotiation power with suppliers.
• C.Significant scale economies.
• D.Steep experience curve.

Comment: *

Name: *

Email: *

Verification: *

A retail organization is considering acquiring a composite textile company. The retailer's due diligence team determined the value of the textile company to be $50 million. The financial experts forecasted net present value of future cash flows to be $60 million. Experts at the textile company determined their company's market value to be $55 million if purchased by another entity. However, the textile company could earn more than $70 million from the retail organization due to synergies. Therefore, the textile company is motivated to make the negotiation successful. Which of the following approaches is most likely to result in a successful negotiation?

• A.Involve a mediator as a neutral party who can work with the textile company's management to determine a bargaining zone.
• B.Develop a bargaining zone that lies between $50 million and $70 million and create sets of outcomes between $50 million and $70 million.
• C.Adopt an added-value negotiating strategy, develop a bargaining zone between $50 million and $70 million, and create sets of outcomes between $50 million and $70 million.
• D.Develop a bargaining zone that lies between $55 million and $60 million and create sets of outcomes between $55 million and $60 million.

Comment: *

Name: *

Email: *

Verification: *

According to IIA guidance, which of the following would be the best first step to manage risk when a third party is overseeing the organization's network and data?

• A.Drafting a strong contract that requires regular vendor control reports and a right-to-audit clause.
• B.Creating a comprehensive reporting system for vendors to demonstrate their ongoing due diligence in network operations
• C.Creating a standing cybersecurity committee to identify and manage risks related to data security
• D.Applying administrative privileges to ensure right-to-access controls are appropriate

Comment: *

Name: *

Email: *

Verification: *