IIA-CIA-Part2 Practice Test

Which of the following situations might allow an employee to steal checks sent to an organization
and subsequently cash them?

A.

Checks are not restrictively endorsed when received.

B.

Only one signature is required on the organization's checks.

C.

One employee handles both accounts receivable and purchase orders.

D.

One employee handles both cash deposits and accounts payable.

An internal auditor is assigned to conduct an audit of security for a local area network (LAN) in the
finance department of the organization. Investment decisions, including the use of hedging
strategies and financial derivatives, use data and financial models which run on the LAN. The LAN
is also used to download data from the mainframe to assist in decisions. Which of the following
should be considered outside the scope of this security audit engagement?

A.

 Investigation of the physical security over access to the components of the LAN.

B.

The ability of the LAN application to identify data items at the field or record level and
implement user access security at that level.

C.

. Interviews with users to determine their assessment of the level of security in the system and
the vulnerability of the system to compromise.

D.

The level of security of other LANs in the company which also utilize sensitive data.

An audit of management's quality program includes testing the accuracy of the cost-of-quality
reports provided to management. Which of the following internal control objectives is the focus of
this testing?

A.

To ensure compliance with policies, plans, procedures, laws, and regulations.

B.

To ensure the accomplishment of established objectives and goals for operations or programs.

C.

To ensure the reliability and integrity of information.

D.

 To ensure the economical and efficient use of resources.

When internal auditors provide consulting services, the scope of the engagement is primarily
determined by:

A.

 Internal auditing standards.

B.

The audit engagement team.

C.

The engagement client.

D.

The internal audit activity's charter.

A manufacturing process could create hazardous waste at several production stages, from raw
materials handling to finished goods storage. If the objective of a pollution prevention audit
engagement is to identify opportunities for minimizing waste, in what order should the following
opportunities be considered?
I. Recycling and reuse.
II. Elimination at the source.
III. Energy conservation.
IV. Recovery as a usable product Treatment.

A.

V, II, IV, I, III.

B.

IV, II, I, III, V.

C.

I, III, IV, II, V.

D.

III, IV, II, V, I.