IIA-CIA-Part3 Internal Audit Function Questions and Answers
During a routine bank branch audit, the internal audit function observed that the sole security guard at the branch only worked part time. The chief audit executive (CAE) believed that this increased the risk of loss of property and life in the event of a robbery. The branch security manager informed the CAE that a full-time guard was not needed because the branch was in close proximity to a police station. Still, the CAE found this to be an unacceptable risk due to the recent increase in robberies in that area. Which of the following is the most appropriate next step for the CAE to take?
A department purchased one copy of a software program for internal use. The manager of the department installed the program on an office computer and then made two complete copies of the original software. Copy 1 was solely for backup purposes. Copy 2 was for use by another member of the department. In terms of software licenses and copyright law, which of the following is correct?
Which of the following issues is a concern that a database administrator may face when integrating an organization’s applications that were once operated separately?
A one-time password would most likely be generated in which of the following situations?
While auditing an organization ' s customer call center, an internal auditor notices that Key performance indicators show a positive trend, despite the fact that there have been increasing customer complaints over the same period. Which of the following audit recommendations would most likely correct the cause of this inconsistency?
Which of the following activities would come last in the development and implementation of a privacy and data protection program?
A bond that matures after one year has a face value of S250,000 and a coupon of $30,000. if the market price of the bond is 5265,000, which of the following would be the market interest rate?
Which of the following attributes of data are cybersecurity controls primarily designed to protect?
Which of the following data security policies is most likely to be the result of a data privacy law?
When granting third parties temporary access to an entity ' s computer systems, which of the following is the most effective control?
Which of the following is true regarding reporting on the quality assurance and improvement program (QAIP)?
Which of the following is true of bond financing, compared to common stock, when alJ other variables are equal?
A financial institution receives frequent and varied email requests from customers for funds to be wired out of their accounts. Which verification activity would best help the institution avoid falling victim to phishing?
All of the following are possible explanations for a significant unfavorable material efficiency variance except:
A manager at a publishing company received an email that appeared to be from one of her vendors with an attachment that contained malware embedded in an Excel spreadsheet . When the spreadsheet was opened, the cybercriminal was able to attack the company ' s network and gain access to an unpublished and highly anticipated book. Which of the following controls would be most effective to prevent such an attack?
Which of the following statements about slack time and milestones are true?
Slack time represents the amount of time a task may be delayed without delaying the entire project.
A milestone is a moment in time that marks the completion of the project ' s major deliverables.
Slack time allows the project manager to move resources from one task to another to ensure that the project is finished on time.
A milestone requires resource allocation and needs time to be completed.
Which of the following is generally considered a best practice related to data backup?
Performing full system backups on weekdays.
Storing system backups onsite in a secured location.
Testing system backup media periodically.
Verifying backup media can be retrieved within seven years.
In a final audit report, internal auditors drafted the following management action plan with a due date of the last day of the calendar year:
" Plan: A bank reconciliation template has been updated to address issues with formulas incorrectly calculating variances. "
Which critical element of the action plan is missing?
Employees at an events organization use a particular technique to solve problems and improve processes. The technique consists of five steps: define, measure, analyze,
improve, and control. Which of the following best describes this approach?
An internal auditor reviewed Finance Department records to obtain a list of current vendor addresses. The auditor then compared the vendor addresses to a record of employee addresses maintained by the Payroll Department Which of the following types of data analysis did the auditor perform?
One change control function that is required in client/server environments, but is not required in mainframe environments, is to ensure that:
Which of the following data analytics techniques is used to identify patterns among groups of data elements?
Which of the following business practices promotes a culture of high performance?
The internal audit function for a large organization has commenced this year’s scheduled accounts payable audit. The annual external audit for the organization is currently being planned. Can the external auditors place reliance on the work performed by the internal audit function?
In an effort to increase business efficiencies and improve customer service offered to its major trading partners, management of a manufacturing and distribution company established a secure network, which provides a secure channel for electronic data interchange between the company and its partners. Which of the following network types is illustrated by this scenario?
While conducting an audit of the accounts payable department, an internal auditor found that 3% of payments made during the period under review did not agree with the submitted invoices. Which of the following key performance indicators (KPIs) for the department would best assist the auditor in determining the significance of the test results?
When writing a business memorandum, the writer should choose a writing style that achieves all of the following except:
Which of the following steps should an internal auditor take during an audit of an organization ' s business continuity plans?
Evaluate the business continuity plans for adequacy and currency.
Prepare a business impact analysis regarding the loss of critical business.
Identify key personnel who will be required to implement the plans.
Identify and prioritize the resources required to support critical business processes.
Which of the following job design techniques would most likely be used to increase employee motivation through job responsibility and recognition?
For an engineering department with a total quality management program, important elements of quality management include all of the following except:
An internal auditor is auditing their organization’s termination process. A primary objective of this engagement is to verify that exit interviews were conducted for all terminated employees over the last two years. The auditor discovered that not all employees received exit interviews.
Which of the following risks could this lead to?
Which of the following is an example of a key systems development control typically found in the in-house development of an application system?
Which of the following would most likely be found in an organization that uses a decentralized organizational structure?
Which of the following statements is true regarding outsourced business processes?
Which of the following techniques is the most relevant when an internal auditor conducts a valuation of an organization ' s physical assets?
The sole internal auditor of a municipality wants to implement proper supervision over internal audit workpapers. Which of the following would be the most appropriate?
The market price is the most appropriate transfer price to be charged by one department to another in the same organization for a service provided when:
According to lIA guidance on IT, which of the following plans would pair the identification of critical business processes with recovery time objectives?
Which of the following types of data analytics would be used by a hospital to determine which patients are likely to require readmittance for additional treatment?
According to UA guidance on IT, at which of the following stages of the project life cycle would the project manager most likely address the need to coordinate project resources?
A supervisor receives a complaint from an employee who is frustrated about having to learn a new software program. The supervisor responds that the new software will enable the employee to work more efficiently and with greater accuracy. This response is an example of:
According to IIA guidance on IT auditing, which of the following would not be an area examined by the internal audit activity?
A small software development firm designs and produces custom applications for businesses. The application development team consists of employees from multiple departments who all report to a single project manager. Which of the following organizational structures does this situation represent?
An organization has an agreement with a third-party vendor to have a fully operational facility, duplicate of the original site and configured to the organization ' s needs, in order to quickly recover operational capability in the event of a disaster, Which of the following best describes this approach to disaster recovery planning?
Which of the following sites would an Internet service provider most likely use to restore operations after its servers were damaged by a natural disaster?
Which of the following is a project planning methodology that involves a complex series of required simulations to provide information about schedule risk?
Which of the following statements is true regarding internal audit methodologies?
Which of the following is a disadvantage of selecting a commercial software package rather than developing an application internally?
The head of the research arid development department at a manufacturing organization believes that his team lacks expertise in some areas, and he decides to hire more experienced researchers to assist in the development of a new product. Which of the following variances are likely to occur as the result of this decision?
1. Favorable labor efficiency variance.
2. Adverse labor rate variance.
3. Adverse labor efficiency variance.
4. Favorable labor rate variance.
An organization has recorded the following profit and expenses:
Profit before interest and tax: $200,000
Sales: $2,300,000
Purchases of materials: $700,000
Interest expenses: $30,000
If the value-added tax rate is 20 percent and the corporate tax rate is 30 percent, which of the following is the amount of VAT that the organization has to pay?
The internal audit function conducted an engagement on maintenance operations of a construction organization and identified several issues of medium importance. The head of maintenance proposed an improvement plan with deadlines and personnel responsible. The internal audit function issued the final report to senior management. Senior management was dissatisfied with the report as they believed that improvement plan deadlines should be considerably shorter. Which of the following should the internal audit function change in the reporting process?
Which of the following are likely indicators of ineffective change management?
IT management is unable to predict how a change will impact interdependent systems or business processes.
There have been significant increases in trouble calls or in support hours logged by programmers.
There is a lack of turnover in the systems support and business analyst development groups.
Emergency changes that bypass the normal control process frequently are deemed necessary.
An organization that sells products to a foreign subsidiary wants to charge a price that will decrease import tariffs. Which of the following is the best course of action for the organization?
At what point during the systems development process should an internal auditor verify that the new application ' s connectivity to the organization ' s other systems has been established correctly?
When preparing the annual internal audit plan, which of the following should the chief audit executive (CAE) consider to optimize efficiency and effectiveness?
An internal auditor identified a database administrator with an incompatible dual role. Which of the following duties should not be performed by the identified administrator?
According to IIA guidance, which of the following are typical physical and environmental IT controls?
Which of the following activities most significantly increases the risk that a bank will make poor-quality loans to its customers?
A clothing company sells shirts for $8 per shirt. In order to break even, the company must sell 25.000 shirts. Actual sales total S300.000. What is margin of safety sales for the company?
Which of the following devices best controls both physical and logical access to information systems?
Maintenance cost at a hospital was observed to increase as activity level increased. The following data was gathered:
January: 5,600 patient days; maintenance cost $7,900
February: 7,100 patient days; maintenance cost $8,500
March: 5,000 patient days; maintenance cost $7,400
April: 6,500 patient days; maintenance cost $8,200
May: 7,300 patient days; maintenance cost $9,100
June: 8,000 patient days; maintenance cost $9,800
If the cost of maintenance is expressed in an equation, what is the independent variable for this data?
According to IIA guidance on IT, which of the following best describes a logical access control?
Which of the following IT-related activities is most commonly performed by the second line of defense?
Which of the following characteristics applies to an organization that adopts a flat structure?
A rapidly expanding retail organisation continues to be tightly controlled by its original small management team. Which of the following is a potential risk in this vertically centralized organization?
According to 11A guidance on IT, which of the following are indicators of poor change management?
1. Inadequate control design.
2. Unplanned downtime.
3. Excessive troubleshooting .
4. Unavailability of critical services.
Which of the following is an example of a smart device security control intended to prevent unauthorized users from gaining access to a device’s data or applications?
Which of the following factors would reduce dissatisfaction for a management trainee but would not particularly motivate the trainee?
An internal audit engagement team found that the risk register of the project under review did not include significant risks identified by the internal audit function. The project manager explained that risk register preparations are facilitated by risk managers and that each project’s risk review follows the same set of questions. Which of the following recommendations will likely add the greatest value to the project management process of the organization?
Which of the following statements is accurate regarding the use of Secure Sockets Layer (SSL) as a control?
An organization is planning to outsource its payroll function to an external service provider. The internal auditors advised management of the risks related to outsourcing and the typical controls that should be provided by the external service provider.
Which of the following statements is true regarding the internal auditors’ advice?
An attacker, posing as a bank representative, convinced an employee to release certain, financial information that ultimately resulted in fraud. Which of the following best describes this cybersecurity risk?
Which of the following capital budgeting techniques considers the expected total net cash flows from investment?
Following an evaluation of an organization ' s IT controls, an internal auditor suggested improving the process where results are compared against the input. Which of the following IT controls would the Internal auditor recommend?
An internal auditor observed that the organization ' s disaster recovery solution will make use of a cold site in a town several miles away. Which of the following is likely to be a characteristic of this disaster recover/ solution?
Which of the following attributes of data is most likely to be compromised in an organization with a weak data governance culture?
A junk bond issued at a premium will result in which of the following entries in the general ledger?
Which of the following is useful for forecasting the required level of inventory?
Statistical modeling.
Information about seasonal variations in demand.
Knowledge of the behavior of different business cycles.
Pricing models linked to seasonal demand.
Which of the following risks would involve individuals attacking an oil company’s IT system as a sign of solidarity against drilling in a local area?
According to IIA guidance, which of the following statements is true regarding analytical procedures?
According to IIA guidance, which of the following links computers and enables them to -communicate with each other?
Which of the following situations best applies to an organisation that uses a project, rather than a process, to accomplish its business activities?
The management of working capital is most crucial for which of the following aspects of business?
An organization has adopted a bring-your-own-device (BYOD) policy, and employees can access organizational data via their smart devices.
Which of the following authentication policy requirements is the most advisable?
Which of the following statements is true regarding an organization ' s chief audit executive (CAE) when prioritizing the audit universe?
An internal auditor discovered that the organization was not in full compliance with a regulatory labeling requirement for one of its products. The responsible manager indicated that the current product labeling has been in use for several years without any problems. If discovered, this regulatory breach could result in significant fines for the organization. What should be the chief audit executive ' s next course of action?
Which of the following statements distinguishes a router from a typical switch?
The chief audit executive (CAE) and management of the area under review disagree over managing a significant risk item. According to IIA guidance, which of the following actions should the CAE take first?
Which of the following is the primary goal of an effective business impact analysis?
According to the COSO enterprise risk management framework, which of the following is not a typical responsibility of the chief risk officer?
Which of the following would be most likely found in an internal audit procedures manual?
The internal audit activity has identified accounting errors that resulted in the organization overstating its net income for the fiscal year. Which of the following is the most likely cause of this overstatement?
Which of the following actions illustrates the use of electronic data interchange?
The decision to implement enhanced failure detection and backup systems to improve data integrity is an example of which risk response?
A manager who is authorized to make purchases up to a certain dollar amount approves the set-up of a fictitious vendor and subsequently initiates purchase orders. Which of the following controls would best address this risk?
A capital investment project will have a higher net present value, everything else being equal, if it has:
If an organization has a high amount of working capital compared to the industry average, which of the following is most likely true?
Which of the following is true regarding the use of remote wipe for smart devices?
According to the Standards, the internal audit activity must evaluate risk exposures relating to which of the following when examining an organization ' s risk management process?
Organizational governance.
Organizational operations.
Organizational information systems.
Organizational structure.
The profile of an internal auditor ' s personality traits reveals that the auditor is most motivated by self-actualization needs.
Given this, which of the following is likely to serve as the best motivator for this auditor?
Which of the following best explains why an organization would enter into a capital lease contract?
An internal auditor is reviewing key phases of a software development project. Which of the following would; the auditor most likely use to measure the project team ' s performance related to how project tasks are completed?
When reviewing application controls using the four-level model, which of the following processes are associated with level 4 of the business process method?
Which of the following is most appropriate for the chief audit executive to keep in mind when establishing policies and procedures to guide the internal audit function?
Which of the following conditions could lead an organization to enter into a new business through internal development rather than through acquisition?
What is the first step an internal audit function should take to define its organizational structure, deliverables, communication protocols, and resourcing model?
Which of the following is a sound network configuration practice to enhance information security?
An internal auditor is reviewing the sales and collections processes of an e-commerce organization that is facing budget constraints. The auditor found that the accountant did not perform reconciliations of cash collections in a timely manner. The auditor determined that the reason was timing errors in the interfacing process between the customer payments portal and the accounting system. The current customer payments portal was recently implemented to replace a legacy system. The finance manager is in charge of the customer payments portal. Which of the following recommendations is the most appropriate to address the root cause of this deficiency?
Which of the following is a primary driver behind the creation and prloritteation of new strategic Initiatives established by an organization?
An organization wants to offer a standard product across all markets but also wants to differentiate the product to fit local demands in different geographic markets and to meet government regulations.
Which of the following strategies may help the organization achieve its goal?
Which of the following physical access controls often functions as both a preventive and detective control?
An organization buys equity securities for trading purposes and sells them within a short time period. Which of the following is the correct way to value and report those securities at a financial statement date?
According to IIA guidance on IT, which of the following plans would pair the identification of critical business processes with recovery time objectives?
An organization moving its sales conversion rate from 5% to 12% indicates which of the following?
An organization ' s internal audit activity is performing an audit of human resources. As part of the audit a survey of employees was conducted. The survey indicated that employees were concerned about IT security when working outside of the office. The IT department suggested implementing a network that allows employees to send and receive data as if they were connected to a private network.
Which of the following networks is IT recommending?
Which of the following security controls would be me most effective in preventing security breaches?
During which phase of the contracting process are contracts drafted for a proposed business activity?
Which of the following network types should an organization choose if it wants to allow access only to its own personnel?
A multinational organization allows its employees to access work email via personal smart devices. However, users are required to consent to the installation of mobile device management (MDM) software that will remotely wipe data in case of theft or other incidents. Which of the following should the organization ensure in exchange for the employees ' consent?
Which of the following would best prevent unauthorized external changes to an organization ' s data?
According to Maslow ' s hierarchy of needs theory, which of the following would likely have the most impact on retaining staff, if their lower-level needs are already met?
Which of the following statements is most accurate concerning the management and audit of a web server?
An organization uses radio frequency identification (RFID) technology to identify vehicles authorized to enter a gated facility. The RFID reader scans the vehicle ' s license plate number, and if the number is on a pre-authorized list, a green light flashes, indicating to the security guard that he can push a button to open the gate.
Which of the following controls should be added to ensure that a particular vehicle is authorized to enter the facility?
An organization uses the management-by-objectives method whereby employee performance is based on defined goals. Which of the following statements is true regarding this approach?
For which of the following scenarios would the most recent backup of the human resources database be the best source of information to use?
Which of the following contract concepts is typically given in exchange for the execution of a promise?
When auditing the account receivables for the first time, an internal auditor noted that the finance team had not—over many accounting periods—reviewed the accounts receivables for debts that could no longer be collected. How should the auditor proceed?
Which of the following statements is true regarding cost-volume-profit analysis?
If the chief audit executive (CAE) observes that an international wire was approved to transfer funds to a country embargoed by the government, which of the following would be the most appropriate first step for the CAE to take?
An internal audit function did not conform with the Global Internal Audit Standards in only one of many engagements, as the engagement was performed with a lack of adequate knowledge of the subject matter. Which of the following is appropriate in relation to declaring conformance with the Standards?
Which of the following is on advantage of a decentralized organizational structure, as opposed to a centralized structure?
According to Maslow’s hierarchy of needs theory, which of the following best describes a strategy where a manager offers an assignment to a subordinate specifically to support his professional growth and future advancement?
Which of the following disaster recovery plans includes recovery resources available at the site, but they may need to be configured to support the production system?
All of the following are true with regard to the first-in, first-out inventory valuation method except:
A global business organization is selecting managers to post to various international expatriate assignments. In the screening process, which of the following traits would be required to make a manager a successful expatriate?
Superior technical competence.
Willingness to attempt to communicate in a foreign language.
Ability to empathize with other people.
When using the absorption costing approach, which of the following should be categorized as a period cost?
Which of the following engagement observations would provide the least motivation for management to amend or replace an existing cost accounting system?
Which of the following is the most appropriate way lo record each partner ' s initial Investment in a partnership?
If legal or regulatory standards prohibit conformance with certain parts of The IIA ' s Standards, the auditor should do which of the following?
Which of the following statements is accurate when planning for an external quality assurance assessment of the internal audit function?
Which of the following scenarios would require the chief audit executive (CAE) to change the internal audit plan and seek approval for the changes from the board?
A major IT project is scheduled to be implemented over a three-month period during the year. The chief audit executive (CAE) scheduled significant audit resources to provide consultation. Due to technical challenges from a supplier, the project is postponed until the following year. What should the CAE do in this case?
Which of the following analytical techniques would an internal auditor use to verify that none of an organization ' s employees are receiving fraudulent invoice payments?
Which of the following lists best describes the classification of manufacturing costs?
Which of the following Issues would be a major concern for internal auditors when using a free software to analyze a third-party vendor ' s big data?
A key advantage of developing a computer application by using the prototyping approach is that it:
Which of the following accounting methods is an investor organization likely to use when buying 40 percent of the stock of another organization?
Internal audit discovered that several loads of pellets were deleted from the scaling database and consequently had no sales invoices, significantly affecting financial statements. An investigation revealed that technicians had deleted the pellet loads accidentally, with no evidence of fraud. Which of the following actions should management implement first?
In mergers and acquisitions, which of the following is an example of a horizontal combination?
At one organization, the specific terms of a contract require both the promisor and promisee to sign the contract in the presence of an independent witness. What is the primary role to the witness to these signatures?
An organization allows employees to use their personal mobile devices to access its database. Which of the following best maintains the confidentiality of different records within the database?
Capital budgeting involves choosing among various capital projects to find the one(s) that will maximize a company ' s return on its financial investment. Which of the following parties approves the capital budget?
An organization ' s chief audit executive scheduled an assurance engagement on the key processes and controls related to organizational culture. Which approach to auditing the organization ' s culture did the CAE use?
Which of the following describes the free trade zone in an e-commerce environment?
Which of the following describes a third-party network that connects an organization specifically with its trading partners?
The chief audit executive (CAE) identified an unacceptable risk and believes that the risk is not being mitigated to an acceptable level. Which of the following is the CAE ' s next step in this situation?
An analytical model determined that on Friday and Saturday nights the luxury brands stores should be open for extended hours and with a doubled number of employees
present; while on Mondays and Tuesdays costs can be minimized by reducing the number of employees to a minimum and opening only for evening hours Which of the
following best categorizes the analytical model applied?
The economic order quantity for inventory is higher for an organization that has:
An organization prepares a statement of privacy to protect customers ' personal information. Which of the following might violate the privacy principles?
Which of the following is a necessary action for an internal audit function if senior management chooses not to take action to remediate the finding and accepts the risk?
Which of the following should software auditors do when reporting internal audit findings related to enterprisewide resource planning?
Which type of bond sells at & discount from face value, then increases in value annually until it reaches maturity and provides the owner with the total payoff?
A chief audit executive (CAE) joined an organization in the middle of the financial year. A risk-based annual audit plan has been approved by the board and is already underway. However, after discussions with key stakeholders, the CAE realizes that some significant key risk areas have not been covered in the original audit plan. How should the CAE respond?
How should internal auditors respond when the manager of an area under review disagrees with a finding?
Which of the following is a product-oriented definition of a business rather than a market-oriented definition of a business?
According to Maslow ' s hierarchy of needs theory, which of the following best describes a strategy where a manager offers an assignment to a subordinate specifically to support his professional growth and future advancement?
The head of the research and development department at a manufacturing organization believes that his team lacks expertise in some areas and decides to hire more experienced researchers to assist in the development of a new product. Which of the following variances are likely to occur as the result of this decision?
Favorable labor efficiency variance
Adverse labor rate variance
Adverse labor efficiency variance
Favorable labor rate variance
An organization selected a differentiation strategy to compete at the business level. Which of the following structures best fits this strategic choice?
Which of the following items represents the first thing that should be done with obtained dote in the data analytics process?
A company records income from an investment in common stock when it does which of the following?
As it relates to the data analytics process, which of the following best describes the purpose of an internal auditor who cleaned and normalized data?
Which of the following describes the most appropriate set of tests for auditing a workstation’s logical access controls?
The chief audit executive (CAE) has embraced a total quality management approach to improving the internal audit activity ' s (lAArs) processes. He would like to reduce the time to complete audits and improve client ratings of the IAA. Which of the following staffing approaches is the CAE most likely lo select?
An organization with global headquarters in the United States has subsidiaries in eight other nations. If the organization operates with an ethnocentric attitude, which of the following statements is true?
Which of the following statements is true regarding an investee that received a dividend distribution from an entity and is presumed to have little influence over the entity?
Which of the following controls would be the most effective in preventing the disclosure of an organization ' s confidential electronic information?
An organization has outsourced its payroll function to a third-party service provider. Which of the following contract clauses is most important to include in the outsourcing agreement to ensure access to records of the third-party provider?
During which phase of disaster recovery planning should an organization identify the business units, assets, and systems that are critical to continuing an acceptable level of operations?
Which of the following key performance indicators would serve as the best measurement of internal audit innovation?
An internal auditor uses a risk and control questionnaire as part of the preliminary survey for an audit of the organization ' s anti-bribery and corruption program. What is the primary purpose of using this approach?
An organization’s income and retained earnings statement is as follows:
Sales: $3,000
Cost of goods sold: $1,600
Gross profit: $1,400
Operating expenses: $970
Operating income: $430
Interest expense: $30
Income before tax: $400
Income tax: $200
Net income: $200
Plus Jan. 1 retained earnings: $150
Less dividends: $60
Dec. 31 retained earnings: $290
Which of the following is the dividend payout ratio?
Which of the following is the most appropriate action an internal auditor would perform during an audit of his organization ' s IT change management process?
Which of the following is the best example of a compliance risk that is likely to arise when adopting a bring-your-own-device (BYOD) policy?
Which of the following attributes of data analytics relates to the growing number of sources from which data is being generated?
An organization has a declining inventory turnover but an increasing gross margin rate. Which of the following statements can best explain this situation?
A retail organization mistakenly did have include $10,000 of Inventory in the physical count at the end of the year. What was the impact to the organization ' s financial statements?
Which of the following best describes a cyberattacK in which an organization faces a denial-of-service threat created through malicious data encryption?
An employee ' s mobile device used for work was stolen in a home burglary. Which control, if already implemented by the organization, would best prevent unauthorized access to organizational data stored on the employee ' s device?
An organization produces two products, X and Y. The materials used for the production of both products are limited to 500 kilograms (kg) per month. All other resources are unlimited and their costs are fixed.
Individual product details are as follows:
Product X: Selling price per unit: $10; Materials per unit at $1/kg: 2 kg; Monthly demand: 100 units.
Product Y: Selling price per unit: $13; Materials per unit at $1/kg: 6 kg; Monthly demand: 120 units.
In order to maximize profit, how much of product Y should the organization produce each month?
Which observations should the chief audit executive include in the executive summary of the final engagement communication?
Which of the following attributes of data is the most significantly impacted by the internet of things?
A data classification policy would most likely assist in achieving which of the following control objectives?
Which of the following statements best describes the current state of data privacy regulation?
An internal auditor reviews a data population and calculates the mean, median, and range. What is the most likely purpose of performing this analytic technique?
Which of the following management approaches may help eliminate employee dissatisfaction, but would not necessarily motivate workers to high achievement levels?
A senior payroll accountant was responsible for three business units. When the number of employees increased considerably, another accountant was hired and became responsible for one of the units. However, an access rights attestation from the senior payroll accountant remained the same, despite an internal policy requiring payroll access to be restricted. Which of the following controls most likely failed?
Which of the following best describes the chief audit executive ' s responsibility for assessing the organization ' s residual risk?
Which of the following should be included in a data privacy poky?
1. Stipulations for deleting certain data after a specified period of time.
2. Guidance on acceptable methods for collecting personal data.
3. A requirement to retain personal data indefinitely to ensure a complete audit trail,
4. A description of what constitutes appropriate use of personal data.
At what stage of project integration management would a project manager and project management team typically coordinate the various technical and organizational interfaces that exist in the project?
A financial technology startup consists of self-managed teams. Although each team can make proposals to other teams, decision-making lies within each individual team.
Which of the following risks could arise from this organizational structure?
Which of the following performance measures includes both profits and investment base?
Which of the following statements is true regarding user developed applications (UDAs) and traditional IT applications?
An organization ' s account for office supplies on hand had a balance of $9,000 at the end of year one. During year two. The organization recorded an expense of $45,000 for purchasing office supplies. At the end of year two. a physical count determined that the organization has $11 ,500 in office supplies on hand. Based on this Information, what would he recorded in the adjusting entry an the end of year two?
Which of the following best describes a detective control designed to protect an organization from cyberthreats and attacks?
Which of the following would be the best indicator that the organization is saving money?
Which of the following performance measures would be appropriate for evaluating an investment center, which has responsibility for its revenues, costs, and investment base, but would not be appropriate for evaluating cost, revenue, or profit centers?
Which of the following storage options would give the organization the best chance of recovering data?
When applied to international economics, the theory of comparative advantage proposes that total worldwide output will be greatest when:
A brand manager in a consumer food products organization suspected that several days of the point-of-sale data on the spreadsheet from one grocery chain were missing. The best approach for detecting missing rows in spreadsheet data would be to: