An internal audit team is performing an audit of workplace accident claims.
Which of the following actions by the audit team best demonstrates due professional care?

• A.Having an occupational health officer on the engagement team.
• B.Determining that the claims have been classified properly.
• C.Reviewing claims to ensure all accidents actually occurred in the workplace.
• D.Placing reliance on medical reports from the injured worker's doctor.

Comment: *

Name: *

Email: *

Verification: *

With regard To IT governance, which of the following is the most effective and appropriate role for the internal audit activity?

• A.Independently evaluate the skills and experience of potential chief information officer candidates to assess the best fit based on the organization's risk appetite.
• B.Evaluate the organization's governance standards and assess IT-related activities to identify gaps and develop policies, ensuring alignment with the organization's risk appetite.
• C.Assist management in interpreting complex IT-related privacy and security risk exposures and evaluating potential mitigation strategies.
• D.Assess whether governance activities are aligned with the organization's risk appetite and take into consideration emerging risks.

Comment: *

Name: *

Email: *

Verification: *

What type of risk management strategy is being employed when an organization installs two firewalls to provide protection from unauthorized access to the network?

• A.Sharing the risk that either firewall could be compromised by hackers.
• B.Diversifying the risk that network access will not be available to legitimate, authorized users.
• C.Avoiding the risk of having a direct network connection to un-trusted networks.
• D.Accepting the risk that there may be attempts at unauthorized access to the network.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is not one of the 10 core competencies identified in the IIA Competency Framework?

• A.Business acumen.
• B.Internal audit delivery.
• C.Governance, risk, and control.
• D.Performance management.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is a second line of defense in effective risk management and control?

• A.Purchasing department.
• B.Credit department.
• C.Internal audit department.
• D.Compliance department.

Comment: *

Name: *

Email: *

Verification: *