Free IIA IIA-CIA-Part3 Practice Questions 2026 - Page 11

Which type of bond sells at & discount from face value, then increases in value annually until it reaches maturity and provides the owner with the total payoff?

A. High-yield bonds

B. Commodity-backed bonds

C. Zero coupon bonds

D. Junk bonds

Which of the following can be classified as debt investments?

A. Investments in the capital stock of a corporation

B. Acquisition of government bonds.

C. Contents of an investment portfolio,

D. Acquisition of common stock of a corporation

An investor has acquired an organization that has a dominant position in a mature. slewgrowth Industry and consistently creates positive financial income.
Which of the following terms would the investor most likely label this investment in her portfolio?

A. A star

B. A cash cow

C. A question mark

D. A dog

According to IIA guidance on IT, which of the following would be considered a primary control for a spreadsheet to help ensure accurate financial reporting?

A. Formulas and static data are locked or protected.

B. The spreadsheet is stored on a network server that is backed up daily.

C. The purpose and use of the spreadsheet are documented.

D. Check-in and check-out software is used to control versions.

Which of the following disaster recovery plans includes recovery resources available at the site, but they may need to be configured to support the production system?

A. Warm site recovery plan.

B. Hot site recovery plan.

C. Hot site recovery plan.

D. Cold site recovery plan.

Which of the following would be the strongest control to prevent unauthorized wireless network access?

A. Allowing access to the organization's network only through a virtual private network.

B. Logging devices that access the network, including the date. time, and identity of the user.

C. Tracking all mobile device physical locations and banning access from non-designated areas.

D. Permitting only authorized IT personnel to have administrative control of mobile devices.

Which of the following principles s shared by both hierarchies and open organizational structures?
1. A superior can delegate the authority to make decisions but cannot delegate the ultimate responsibility for the results of those decisions.
2. A supervisor's span of control should not exceed seven subordinates.
3. Responsibility should be accompanied by adequate authority.
4. Employees at all levels should be empowered to make decisions.

A. 1 and 3 only

B. 1 and 4 only

C. 2 and 3 only

D. 3 and 4 only

An internal auditor reviewed Finance Department records to obtain a list of current vendor addresses. The auditor then compared the vendor addresses to a record of employee addresses maintained by the Payroll Department Which of the following types of data analysis did the auditor perform?

A. Duplicate testing.

B. Joining data sources.

C. Gap analysis.

D. Classification

An IT auditor is evaluating IT controls of a newly purchased information system. The auditor discovers that logging is not configured al database and application levels.
Operational management explains that they do not have enough personnel to manage the logs and they see no benefit in keeping logs. Which of the fallowing responses best explains risks associated with insufficient or absent logging practices?

A. The organization will be unable to develop preventative actions based on analytics.

B. The organization will not be able to trace and monitor the activities of database administers.

C. The organization will be unable to determine why intrusions and cyber incidents took place.

D. The organization will be unable to upgrade the system to newer versions.

Which of the following statements is true regarding cost-volume-profit analysis?

A. Contribution margin is the amount remaining from sales revenue after fixed expenses have been deducted.

B. Breakeven point is the amount of units sold to cover variable costs.

C. Breakeven occurs when the contribution margin covers fixed costs.

D. Following breakover1, he operating income will increase by the excess of fixed costs less the variable costs per units sold.