We provide real IIA-CIA-Part3 exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass IIA IIA-CIA-Part3 Exam quickly & easily. The IIA-CIA-Part3 PDF type is available for reading and printing. You can print more and practice many times. With the help of our IIA IIA-CIA-Part3 dumps pdf and vce product and material, you can easily pass the IIA-CIA-Part3 exam.

Q196. Quality control programs employ many tools for problem definition and analysis. A scatter diagram is one of these tools. The objective of a scatter diagram is to: 

A. Display a population of items for analysis. 

B. Show frequency distribution in graphic form. 

C. Divide a universe of data into homogeneous groups. 

D. Show the vital trend and separate trivial items. 



The objective of a scatter diagram is to depict degrees of correlation. Each observation is represented by a dot on a graph corresponding to specific values of x (the independent variable) and y (the dependent variable). 

Q197. A company is formulating its plans for the coming year, including the preparation of its cash budget. Historically. 30% of the company's sales are cash sales. The remaining 70% are credit sales with the following collection pattern: 

Sales for the first 5 months of the coming year are forecast as follows: 

For the month of April, the total cash receipts from sales and collections on account would be: 

A. US$3,729,968 

B. US$3,781,600 

C. US$4,025,200 

D. US$4,408,000 



The cash receipts for April equal April's cash sales (US $4,000,000 * 30% = US $1.200, 000), 40% of April's credit sales, and 58% of March's credit sales. Consequently, total cash receipts equal US $3,781,600 [$1,200,000 + ($4,000,000 * 40% x 70%) + ($3,600,000 x 58% x 70%)]. 

Q198. Which of the following represents the greatest exposure to the integrity of electronic funds transfer data transmitted from a remote terminal? 

A. Poor physical access controls over the data center. 

B. Network viruses. 

C. Poor system documentation. 

D. Leased telephone circuits. 


Explanation: Leased telephone circuits represent a direct exposure to the risk of breached data 


They use public lines that c. an be easily identified and tapped. 

Q199. A validation check used to determine if a quantity ordered field contains only numbers is an example of a(n): 

A. Input control. 

B. Audit trail control. 

C. Processing control. 

D. Data security control. 



A validation check at data entry verifying that a quantity field contains only numbers is an example of a programmatic means of ensuring the accuracy of an input value. Thus, it is an input control. 

Q200. During the past few years, Wilder Company has experienced the following average number of power outages: Each power outage results in out-of-pocket costs of US $800. For US $1,000 per month, Wilder can lease a generator to provide power during outages. If Wilder leases a generator in the coming year, the estimated savings (or additional expense) for the year will be 

A. US $(15,200) 

B. US $(1,267) 

C. US$3,200 

D. US$7,200 



Each outage costs US $800, but this expense can be avoided by paying US $1,000 per month (US $12,000 for the year). The expected-value approach uses the probability distribution derived from past experience to determine the average expected outages per month. 

3/12x0 = 0.0 2/12x1 = 0.16667 4/12x2 = 0.66667 3/12x3 = 0.75000 1.58334 

The company can expect to have, on average. 1.58334 outages per month. At US $800 per outage, the expected cost is US $1,266.67. Thus, paying US $1.000 to avoid an expense of US $1,266.67 saves US $266.67 per month, or US $3,200 per year. 

Q201. A manufacturer uses a materials requirements planning 1RP) system to track inventory, orders, and raw material requirements. A preliminary audit assessment indicates that the organization's inventory is understated. Using audit software, what conditions should the auditor search for in the MRP database to support this hypothesis? 

I. Item cost set at zero. 

II. Negative quantities on hand. 

III. Order quantity exceeding requirements. 


 Inventory lead times exceeding delivery schedule. 


I and II only. 


I and I only. 


II and I only. 


III and I only. 


Explanation: If there is no monetary amount in the database for existing inventory, inventory will be understated. Moreover, inadequate edit checks or uncontrolled borrow/paybacks could cause negative quantities to be reported. This condition would cause inventory to be understated. If the amount ordered exceeds requirements, the result is an increase in inventory. However, by itself, this condition would not cause inventory to be understated or overstated. Also, if lead times are longer than delivery times, the effect is an increase in inventory but not necessarily a misstatement. 

Q202. A company manufactures banana hooks for retail sale. The bill of materials for this item and the parts inventory for each material required are as follows: 

An incoming order calls for deliver," of 2,000 banana hooks in 2 weeks. The company has 

200 finished banana hooks in current inventory. If no safety stocks are required for inventory, what are the company's net requirements for swag hooks and screws needed to fill this order? 

A. Option A 

B. Option B 

C. Option C 

D. Option D 



The company needs 1,800 banana hooks 2,000 — 200) and therefore 1,800 swag hooks 1 1,800) and 3,600 wood screws 2 1,800). Given that 300 swag hooks and 400 wood screws are on hand, the company must obtain 1,500 swag hooks 1,800 — 300) and 3,200 wood screws 3,600 400). 

Q203. The cost of statistical quality control in a product quality cost system is categorized as a(n): 

A. Internal failure cost. 

B. Training cost. 

C. External failure cost. 

D. Appraisal cost. 


Explanation:The following are the four categories of quality costs: prevention, appraisal, internal failure, and external failure (lost opportunity). Appraisal costs include quality control programs, inspection, and testing. However, some authorities regard statistical quality and process control as preventive activities because they not only detect faulty work but also allow for adjustment of processes to avoid future defects. 

Q204. The e-commerce project that an auditor is most likely to assess as having the lowest risk is one that: 

A. Has a business plan that covers the integration of the planning, design, and implementation of the e- commerce system with the strategies of the organization. 

B. Considers governmental and regulatory requirements, and other external factors in its risk assessment. 

C. Calls for using outside vendors to provide hosting services. 

D. Addresses the security of the software and the accuracy of transaction processing. 



The following are a few issues that an internal auditor should consider when undertaking an e- commerce engagement and assessing risks: 


 Is there a business plan for the e-commerce project or program? 


 Does the plan cover the integration of the planning, design, and implementation of the commerce system with the strategies of the organization? 


 Have governmental and regulatory requirements been analyzed and considered? 


 How secure is the hardware and software, and will they prevent or detect unauthorized access, inappropriate use, and other harmful effects and losses? 


 Will transaction processing be current, accurate, complete, and indisputable? . Does the risk assessment include internal and external forces? 


 If outside vendors are used, has a "going concern" evaluation been conducted by a trusted third party who is qualified to certify the vendor? 


 If vendors provide hosting services, do they have a tested business contingency plan? Have they provided a recent SAS-70 report? Also, have privacy issues been resolved? Based on how well the e-commerce project addresses these questions, the project likely to receive the lowest risk assessment is one that has a business plan that covers the integration of the planning, design, and implementation of the e-commerce system with the strategies of the 


Q205. To avoid invalid data input, a bank added an extra number at the end of each account number and subjected the new number to an algorithm. This technique is known as: 

A. Sequence check. 

B. A check digit. 

C. Cross-footing. 

D. Field check. 



Self-checking digits may be used to detect incorrect identification numbers. A check digit is an extra reference number that follows an identification code and bears a mathematical relationship to the other digits. The extra digit is input with the data. The identification code can be subjected to an algorithm and compared to the check digit. 

Q206. Assuming that the real rate of interest is the same in both countries, if Country A has a higher nominal interest rate than Country B, the currency of Country A will likely be selling at a: 

A. Forward discount relative to the currency of Country B. 

B. Forward premium relative to the currency of Country B. 

C. Spot discount relative to the currency of Country B. 

D. Spot premium relative to the currency of Country B. 


Explanation: If the real rates of interest are equal, the country with the higher nominal interest rate is expected to experience a higher rate of inflation. A higher rate of inflation is associated with a devaluing currency, so the currency of the country with the higher nominal interest rate will likely be selling at a forward discount. 

Q207. Which of the following is not one of the seven elements of risk? 

A. Frequency 

B. Timing. 

C. ROI analysis. 

D. Uncertainty. 



The seven elements of risk are threat events, single loss exposure value, frequency, uncertainty. safeguards and controls, safeguard and control costs, and cost/benefit or ROI analysis. Timing, which is not a risk element, is when a risk may occur_ It is different from frequency, which is how often an uncertain event might occur. 

Q208. A company is deciding whether to purchase an automated machine to manufacture one of its products. Expected net cash flows from this decision depend on several factors, interactions among those factors, and the probabilities associated with different levels of those factors. The method that the company should use to evaluate the distribution of net cash flows from this decision and changes in net cash flows resulting from changes in levels of various factors is: 

A. Simulation and sensitivity analysis. 

B. Linear programming. 

C. Correlation analysis. 

D. Differential analysis. 



Simulation is a technique for experimenting with logical and mathematical models using a computer. Sensitivity analysis examines how the model's outcomes change as the parameters change. 

Q209. Which type of risks assumed by management are often drivers of organizational activities? 

A. Opportunity risks 

B. Inherent risks. 

C. General project management risks. 

D. Control risks. 



Risk can be defined as the uncertainty of an event occurring that could have a negative impact on the achievement of objectives. Risk is inherent to every business or government entity. Opportunity risks assumed by management are often drivers of organizational activities. Beyond these opportunities may be threats and other dangers that are not clearly understood or fully evaluated and are too easily accepted as part of doing business. 

Q210. Unauthorized alteration of online records can be prevented by employing: 

A. Key verification. 

B. Computer sequence checks. 

C. Computer matching. 

D. Database access controls. 



Users can gain access to databases from terminals only through established recognition and authorization procedures: thus, unauthorized access is prevented.