- Email support@dumps4free.com
Topic 2, Volume B
Which of the following elements is important for an internal auditor to consider when
performing a privacy risk assessment of an organization?
I.Areas where personal information is collected,used,stored,and disseminated.
II.Inherent risk.
III.Privacy practices of competitors.
IV.Third-party recipients of information.
A.
IIIonly
B.
I and IIonly
C.
I,II,and IVonly
D.
I,II,III,and IV.
I,II,and IVonly
In a well-developed management environment,the internal audit activitywould.
A.
Report the results of audit engagements to line management as well as to senior management.
B.
Conduct regularly scheduled audits of existing systems and initial audits of new computer systems after they have begun operating.
C.
Interface primarily with senior management,minimizing interactions with line managers
who are the subjects of internal audit work.
D.
Focus on the maintenance of accounting controls (such as segregation of the duties of
authorization,recording,and custody) and report results to the audit committee.
Report the results of audit engagements to line management as well as to senior management.
The primary role of the internal audit activity in regard to an organization's ethical climate is to:
A.
Participate as chief ethics officer.
B.
Periodically assess the ethical climate.
C.
Utilize surveys to evaluate employee ethics.
D.
Demonstrate ethical behavior.
Periodically assess the ethical climate.
Which of the following statements is correct regarding risk analysis?
A.
The extent to which management judgments are required in an area could serve as a
risk factor in assisting the auditor in making a comparative risk analysis.
B.
The highest risk assessment should always be assigned to the area with the largest potential loss.
C.
The highest risk assessment should always be assigned to the area with the highest probability of occurrence.
D.
Risk analysis must be reduced to quantitative terms in order to provide meaningful comparisons across an organization.
The extent to which management judgments are required in an area could serve as a
risk factor in assisting the auditor in making a comparative risk analysis.
According to the International Professional Practices Framework,a primary purpose of
evaluating the adequacy of an organization's risk management,control,and governance
processes is to determine if it:
A.
Was designed to ensure compliance with policies,plans,procedures,laws,and regulations.
B.
Provides reasonable assurance that the organization's objectives will be met.
C.
Mitigates inherent risk.
D.
Assures the reliability and integrity of information used by management.
Provides reasonable assurance that the organization's objectives will be met.
| Page 27 out of 114 Pages |
| Previous |