IIA-CIA-Part3-3P Questions and Answers

An extranet

A local area network.

An intranet

The internet

Liquidity.

Profitability.

Solvency.

Efficiency.

High-yield bonds.

Commodity-backed bonds.

Zero coupon bonds.

Junk bonds.

Use a behaviorally anchored rating scale to Break down jobs into their components.

Analyze and compare the ratings for different classes or groupings of employees.

Compare the ratings of selective employees with their previous appraisals.

Analyze the number and percentages of employee appraisals that fall into each rating category

It may reduce the flexibility to change partners.

It may not reduce the bargaining power of suppliers.

It may limit the organization's ability to differentiate the product.

It may lead to limited control of proprietary knowledge.

Management by objectives is most helpful in organizations that nave rapid changes.

Management by objectives is most helpful in mechanistic organizations with rigidly defined tasks.

Management by objectives helps organizations to keep employees motivated.

Management by objectives helps organizations to distinguish clearly strategic goals from operational goals

Commissions.

Stock options.

Gain-sharing bonuses.

Allowances.

The organization should review the skill requirements and ensure that the service provider is maintaining sufficient expertise and retaining skilled resources.

The organization should proactively monitor the performance of the service provider, escalate concerns, and use penalty clauses in the contract where necessary.

The organization should ensure that there is a clear management communication strategy and path for evaluating and reporting on all outsourced services concerns.

The organization should work with the service provider to review the current agreement and

expectations relating to objectives, processes, and overall performance.

Introduction.

Growth.

Maturity.

Decline.

A flexible budget.

Variance analysis.

A contribution margin income statement by segment.

Residual income.

1 and 2 only

1 and 3 only

2 and 4 only

3 and 4 only

Develop and test the organization's disaster recovery plan.

Install and test fire detection and suppression equipment.

Restrict access to tangible IT resources.

Ensure that at least one developer has access to both systems and operations.

Workstation contains software that prevents unauthorized transmission of information into and out of the organization's network.

Workstation contains software that controls information flow between the organization's network and the Internet.

Workstation contains software that enables the processing of transactions and is not shared among users of the organization's network.

Workstation contains software that manages user's access and processing of stored data on the organization's network.

Voice recognition and token.

Password and fingerprint.

Fingerprint and voice recognition

Password and token

Implementation and transition phase.

Monitoring and reporting phase

Decision-making and business-case phase.

Tendering and contracting phase.

Logical access controls monitor application usage and generate audit trails.

The development process is designed to prevent, detect and correct errors that may occur

A record is maintained to track the process of data from input, to output, to storage

Business users' requirements are documented, and their achievement is monitored

A contract is a tool used by both suppliers and customers, the model and complexity of which generally remains constant

Collaboration during contract negotiation encourages stakeholders to develop consensus but typically increases cycle times and the likelihood that the contract will fail

Differing legal requirements affect the attitudes of contracting parties as well as the length content and language of contracts

A contract is a tool used by both suppliers and customers though it offers commercial assurance of the relationship, purely from a customer perspective

A slight increase in carrying costs.

A greater need for inspection of goods as the goods arrive.

A greater need for linkage with a vendor s computerized order entry system.

An increase in the number of suitable suppliers

Full or near capacity in processes.

Smooth workflow among processes.

Few or no defects.

Lowered inventory levels.

Determining the frequency with which backups will be performed.

Prioritizing the order in which business systems would be restored.

Assigning who in the IT department would be involved in the recovery procedures.

Assessing the resources needed to meet the data recovery objectives

Residual income.

A flexible budget.

Variance analysis.

A contribution margin income statement by segment.

Backup media is not properly stored, as the storage facility should be off-site.

Backup procedures are adequate and appropriate according to best practices.

Backup media is not properly indexed, as backup media should be indexed by system, not date.

Backup schedule is not sufficient, as full backup should be conducted daily.

Conduct a risk assessment regarding the effectiveness of the data analytics process.

Analyze possible and available sources of raw data

Define the purpose and the anticipated value

Select data for cleaning and normalization procedures.

Predictive analytics

Prescriptive analytics

Descriptive analytics

Diagnostic analytics

Unexpected increases in outsourcing costs.

Loss of data privacy.

Inadequate staffing.

Violation of contractual terms.

Input controls.

Output controls

Processing controls

Integrity controls

Achievement-oriented style

People-oriented style

Goal-oriented style

Task-oriented style

Risk tolerance

Performance.

Threats and opportunities.

Governance

A value-added network.

A local area network.

A metropolitan area network.

A wide area network.

A revenue calculation spreadsheet supported with price and volume reports from the production department

An asset retirement calculation spreadsheet comprised of multiple formulas and assumptions

An ad-hoc inventory listing spreadsheet comprising details of written-off inventory quantitates

An accounts receivable reconciliation spreadsheet used by the accounting manager to verify balances.

Cost of sales increased relative to sales.

Total sales increased relative to expenses.

The organization had a higher dividend payout rate in year two.

The government increased the corporate tax rate.

Conversion of user requirements into system specifications

Conversion of user requirements into program codes

Conversion of test data into production data

Conversion of data from the old system into the new system

To improve the chain of command.

To strengthen corporate headquarters.

To focus better on a single market.

To increase lateral communication.

50 units.

60 units.

100 units.

120 units.

Cutbacks in preventive maintenance.

An inadequately trained and supervised labor force.

A large number of rush orders.

Production of more units than planned for in the master budget.

Direct cutover.

Parallel.

Pilot.

Test.

That do not have to be repaid for over one year.

That appear to be too risky for most lenders to consider.

Granted on the basis of a company's credit standing.

Backed by mortgaged assets.

Recognize that organizations use different techniques for managing risk.

Seek assurance that the key objectives of the risk management processes are being met.

Determine and accept the level of risk for the organization.

Treat the evaluation of risk management processes differently from the risk analysis used to plan audit engagements.

Internal strengths and weaknesses.

Break-even points.

External trends and events.

Internal risk factors.

Fixed cost.

Variable cost.

Total maintenance cost.

Patient days.

Risk response.

Risk identification.

Identification of context.

Risk assessment.

Embryonic, focused.

Fragmented, decline.

Mature, fragmented.

Competitive, embryonic.

Electronic funds transfer.

Knowledge-based systems.

Biometrics.

Standardized graphical user interface.

Cost X is a variable cost.

Cost X is a fixed cost.

Cost X is a semi-fixed cost.

Cost X and the value of Output Produced are unrelated.

Unrealized expectations can be avoided with open and honest discussion.

Reorganization would probably not help ambiguous or overlapping jurisdictions.

Deferring action should be used until there is sufficient time to fully deal with the issue.

Timely and unambiguous clarification of roles and responsibilities will eliminate most interpersonal conflict.

Chain.

All-channel.

Circle.

Wheel.

Determining the trends that will influence key factors in the organization's environment.

Selecting the issue or decision that will impact how the organization conducts future business.

Selecting leading indicators to alert the organization of future developments.

Identifying how customers, suppliers, competitors, employees, and other stakeholders will react.

Functional departmentalization.

Product departmentalization.

Matrix organization.

Divisional organization.

Standards, framework, and process.

Standards, assessments, and process.

Principles, framework, and process.

Principles, practices, and process.

Established strategy of players.

Low number of new firms.

High unit costs.

Technical expertise.

1 and 2 only

3 and 4 only

1, 2, and 4 only

2, 3, and 4 only

Database management systems handle data manipulation inside the tables, rather than it being done by the operating system itself in files.

The database management system acts as a layer between the application software and the operating system.

Applications pass on the instructions for data manipulation which are then executed by the database

management system.

The data within the database management system can only be manipulated directly by the database management system administrator.

The goal of the change management process is to sustain and improve organizational operations.

The degree of risk associated with a proposed change determines if the change request requires authorization.

In order to protect the production environment, changes must be managed in a repeatable, defined, and predictable manner.

All changes should be tested in a non-production environment before migrating to the production environment.

In a matrix organization, conflict between functional and product managers may arise.

In a matrix organization, staff under dual command is more likely to suffer stress at work.

Matrix organizations offer the advantage of greater flexibility.

Matrix organizations minimize costs and simplify communication.

Firewalls can protect against computer viruses.

Firewalls monitor attacks from the Internet.

Firewalls provide network administrators tools to retaliate against hackers.

Firewalls may be software-based or hardware-based.

Risk acceptance.

Risk sharing.

Risk avoidance.

Risk reduction.

1 and 3 only

1 and 4 only

2 and 3 only

2 and 4 only

1, 2, and 3

1, 2, and 4

1, 3, and 4

2, 3, and 4

Lack of awareness of the state of processing.

Increased cost and complexity of network traffic.

Interference of the mirrored data with the original source data.

Confusion about where customer data are stored.

2 only

3 and 4 only

1, 3, and 4 only

1, 2, 3, and 4

The board has overall responsibility for the internal control processes associated with the CSR program.

Management has overall responsibility for the effectiveness of governance, risk management, and internal control processes associated with the CSR program.

The internal audit activity is responsible for ensuring that CSR principles are integrated into the

organization's policies and procedures.

Every employee has a responsibility for ensuring the success of the organization's CSR objectives.

Develop a bargaining zone that lies between $50 million and $70 million and create sets of outcomes between $50 million and $70 million.

Adopt an added-value negotiating strategy, develop a bargaining zone between $50 million and $70 million, and create sets of outcomes between $50 million and $70 million.

Involve a mediator as a neutral party who can work with the textile company's management to determine a bargaining zone.

Develop a bargaining zone that lies between $55 million and $60 million and create sets of outcomes between $55 million and $60 million.

Theory of constraints

Just-in-time method

Activity-based costing

Break-even analysis

Servers optimize data processing by sharing it with other computers on the information system

Servers manage the interconnectivity of system hardware devices in the information system.

Servers manage the data stored in databases residing on the information system.

Servers enforce access controls between networks transmitting data on the information system

Detailed analytics

Predictive analytics

Diagnostic analytics

Prescriptive analytics

Requested backup tapes were not returned from the offsite vendor in a timely manner

Returned backup tapes from the offsite vendor contained empty spaces

Critical systems have been Backed up more frequently than required.

Critical system backup tapes are taken off site less frequently than required.

Operating rate.

Asset efficiency rate.

Resource utilization rate.

Productivity rate.

Diversification

Vertical integration

Risk avoidance

Differentiation