[Free] Download New Updated (October 2016) IIA IIA-CIA-Part2 Real Exam 141-150

Ensurepass

QUESTION 141

Which of the following items should be addressed in an organization’s privacy statement?

 

I. Intended use of collected information.

 

II. Data storage and security.

 

III. Network/infrastructure authentication controls.

 

IV. Data retention policy of the organization.

 

V. Parties authorized to access information.

 

A.

I and II only

B.

I and IV only

C.

I, II, and V only

D.

II, III, IV, and V only

 

Correct Answer: C

 

 

QUESTION 142

The internal auditor of a bank has developed a multiple regression model which has been used for a number of years to estimate the amount of interest income from commercial loans. During the current year, the auditor applies the model and discovers that the R2 value has decreased dramatically, but that the model otherwise seems to be working correctly. Which of the following conclusions is justified by the change?

 

A.

Changing to a cross-sectional regression analysis should cause the R2 to increase.

B.

Regression analysis is no longer an appropriate technique to estimate interest income.

C.

Some new factors, not included in the model, are causing interest income to change.

D.

A linear regression analysis would increase the model’s reliability.

 

Correct Answer: C

 

 

QUESTION 143

A company used simple regression analysis to analyze maintenance costs against machine hours (MH) for a 26-week period when the plant was in full operation. The regression yielded the following estimated cost function:

 

Maintenance Cost = $60 + $0.25/MH

 

The regression analysis also generated a coefficient of determination (R2), or goodness of fit, of 0.85. Which of the following statements regarding this regression analysis is appropriate?

 

A.

This regression can be used to determine the maintenance cost for any period at any activity level by substituting the machine hours in the equation.

B.

The $60 component represents the best estimate of fixed maintenance costs for the company in a shutdown situation.

C.

The $0.25 component is the slope coefficient of the cost estimate and represents the average variable maintenance cost per machine hour.

D.

The coefficient of determination of R2 = 0.85 indicates that the goodness of fit is poor because the value is close to the maximum value of one.

 

Correct Answer: C

 

 

QUESTION 144

In a review of an electronic data interchange application using a third-party service provider, the auditor should:

 

I. Ensure encryption keys meet International Organization for Standardization (ISO) standards.

 

II. Determine whether an independent review of the service provider’s operation has been conducted.

 

III. Verify that only public-switched data networks are used by the service provider.

 

IV. Verify that the service provider’s contracts include necessary clauses, such as the right to audit.

 

A.

I and II only

B.

I and IV only

C.

II and III only

D.

II and IV only

 

Correct Answer: D

 

 

QUESTION 145

In preparing to facilitate a control self-assessment session, an auditor would be least likely to ensure that:

 

A.

Key stakeholders are represented in the group.

B.

An independent content expert is available to help settle disagreements.

C.

Background research is completed to familiarize the auditor with relevant issues.

D.

Management is consulted on the issues and priorities.

 

Correct Answer: B

 

 

QUESTION 146

An internal auditor for a financial institution has just completed an audit of loan processing. Of the 81 loans approved by the loan committee, the auditor found seven loans which exceeded the approved amount. Which of the following actions would be inappropriate on the part of the auditor?

 

A.

Examine the seven loans to determine if there is a pattern. Summarize amounts and include in the engagement final communicatio
n.

B.

Report the amounts to the loan committee and leave it up to them to correct. Take no further follow-up action at this time and do not include the items in the engagement final communication.

C.

Follow up with the appropriate vice president and include the vice president’s acknowledgment of the situation in the engagement final communication.

D.

Determine the amount of the differences and make an assessment as to whether the dollar differences are material. If the amounts are not material, not in violation of government regulations, and can be rationally explained, omit the observation from the engagement final communication.

 

Correct Answer: B

 

 

QUESTION 147

Which of the following would not be an appropriate step for an internal auditor to perform during an assessment of compliance with an organization’s privacy policy?

 

A.

Determine who can access databases containing confidential information.

B.

Evaluate the organization’s privacy policy to determine if appropriate information is covered.

C.

Analyze access to permanent files and reports containing confidential information.

D.

Evaluate the government’s security measures related to confidential information received from the organization.

 

Correct Answer: D

 

 

QUESTION 148

Which of the following is not relevant when developing recommendations for inclusion in audit reports?

 

A.

Feasibility.

B.

Cost of implementation.

C.

Underlying causes.

D.

Timing of follow-up.

 

Correct Answer: D

 

 

 

QUESTION 149

While conducting a payroll audit, an internal auditor in a large government organization found inadequate segregation in the duties assigned to the assistant director of personnel. When the auditor explained the risk of fraud, the assistant director became upset, terminated the interview, and threatened to sue the organization for defamation of character if the audit engagement was not curtailed. The auditor discussed the situation with the chief audit executive (CAE). The CAE should then:

 

A.

Curtail the audit engagement to avoid potential legal action.

B.

Provide a report to senior management recommending a fraud investigation.

C.

Continue the original engagement program as planned but include a comment about the assistant director’s reaction in the engagement final communication.

D.

Add additional testing to determine whether other indicators of fraud exist.

 

Correct Answer: D

 

 

QUESTION 150

Which of the following would be the least important reason for a company to merge with another company?

 

A.

To diversify risk.

B.

As a response to new government policy.

C.

To reduce labor costs.

D.

To increase stock prices.

 

Correct Answer: D

 

Free VCE & PDF File for IIA IIA-CIA-Part2 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in IIA-CIA-Part2 Actual Test (October 2016) and tagged , , , , , , , . Bookmark the permalink.