← Back to exam page

IIA-CIA-Part3-3P CIA Exam Part Three: Business Knowledge for Internal Auditing

Loading demo links...

Showing 16–18 of 20 questions

Question 16 (Exam Pool B)

A rapidly expanding retail organization continues to be tightly controlled by its original small management team. Which of the following is a potential risk in this vertically centralized organization?

Select an option, then click Submit answer.

  • Lack of coordination among different business units.

  • Operational decisions are inconsistent with organizational goals.

  • Suboptimal decision-making.

  • Duplication of business activities.
Question 17 (Exam Pool A)

In order to provide useful information for an organization's risk management decisions, which of the following factors is least important to assess?

Select an option, then click Submit answer.

  • The underlying causes of the risk.

  • The impact of the risk on the organization's objectives.

  • The risk levels of current and future events.

  • The potential for eliminating risk factors.
Question 18 (Exam Pool B)

Which of the following best describes a detective control designed to protect an organization from cyberthreats and attacks?

Select an option, then click Submit answer.

  • A list of trustworthy good traffic and a list of unauthorized blocked traffic.

  • Monitoring for vulnerabilities based on industry intelligence

  • Comprehensive service level agreements with vendors.

  • Firewall and other network penmeter protection tools.