Free Access to IIA.IIA-CIA-Part3.v2023-01-15.q275 with Valid Practice Test (Page 7)

Question 26

When assessing the adequacy of a risk mitigation strategy, an internal auditor should consider which of the following?
1. Management's tolerance for specific risks.
2. The cost versus benefit of implementing a control.
3. Whether a control can mitigate multiple risks.
4. The ability to test the effectiveness of the control.

A.2, 3, and 4
B.1, 2, and 4
C.1, 2, and 3
D.1, 3, and 4

Question 27

Based upon the data derived from the regression analysis, 420 maintenance hours in a month would mean the maintenance costs rounded to the nearest U dollar) would be budgeted at

A.U $3,780
B.U $3,600
C.U $3,790
D.U $3,746

Question 28

Which component of an organization's cybersecurity risk assessment framework would allow management to implement user controls based on a user's role?

A.Inventory of information assets
B.Prompt response and remediation policy
C.Standard security configurations
D.Information access management

Question 29

Which of the following is a role of the board of directors in the governance process?

A.Conduct periodic assessments of the organization's governance systems.
B.Review and approve operational goals and objectives.
C.Implement an effective system of internal controls to support the organization's governance systems.
D.Obtain assurance concerning the effectiveness of the organization's governance systems.

Question 30

A manufacturer is considering using bar code identification for recording information on parts used by the manufacturer. A reason to use bar codes rather than other means of identification is to ensure that:

A.The movement of all parts is recorded.
B.The movement of parts is easily and quickly recorded.
C.Vendors use the same part numbers.
D.Vendors use the same identification methods.

Question 26

Question 27

Question 28

Question 29

Question 30

Download PDF File