• Home
  • Articles
  • [Q13-Q35] Use the best ways of preparing for IIA-CRMA Exam Dumps with ITExamDownload IIA IIA-CRMA PDF Dumps [2021]

[Q13-Q35] Use the best ways of preparing for IIA-CRMA Exam Dumps with ITExamDownload IIA IIA-CRMA PDF Dumps [2021]

Share

Use the best ways of preparing for IIA-CRMA Exam Dumps with ITExamDownload IIA IIA-CRMA dump PDF [2021]

IIA IIA-CRMA exam candidates will surely pass the Exam if they consider the IIA-CRMA dumps learning material presented by ITExamDownload.

NEW QUESTION 13
According to the COSO enterprise risk management (ERM) framework, which of the following is not part of the new paradigm in ERM?

  • A. Assessing the risk factors.
  • B. Enhancing risk response decisions.
  • C. Aligning risk appetite and strategy.
  • D. Reducing operational surprises and losses.

Answer: A

 

NEW QUESTION 14
Forty-five percent of an organization's customer payments are submitted online. Eight percent of online payments are rejected. Executive management decides to outsource its online payment services to a contractor that will assume 75 percent of the total value of rejected payments. The organization estimates $1.25 million customer payments due during the contract period.
Which of the following represents the organization's residual risk for online customer payments due?

  • A. $11, 250
  • B. $33, 750
  • C. $25, 000
  • D. $45, 000

Answer: A

 

NEW QUESTION 15
According to IIA guidance, which of the following must internal auditors consider to conform with the requirements for due professional care during a consulting engagement?
1. The cost of the engagement, as it pertains to audit time and expenses in relation to the potential benefits.
2. The needs and expectation of clients, including the nature, timing, and communication of engagement results.
3. The application of technology-based audit and other data analysis techniques, where appropriate.
4. The relative complexity and extent of work needed to achieve the engagement's objectives.

  • A. 1, 3, and 4
  • B. 2, 3, and 4
  • C. 1, 2, and 3
  • D. 1, 2, and 4

Answer: D

 

NEW QUESTION 16
Which of the following techniques would provide the most compelling evidence that a safety hazard exists within a manufacturing facility?

  • A. Analysis of facility operating reports, focusing on instances when breakdowns occurred.
  • B. Questioning of facility management, including the facility safety officer.
  • C. Review of records involving safety violations, filed by facility production employees.
  • D. Observation of the facility during operations.

Answer: D

 

NEW QUESTION 17
During an engagement, an internal auditor decided to use variance analysis as an auditing techniques. Which of the following steps should the auditor pursue if he discovers unexpected deviations of actual results from budget?

  • A. Conclude that the budget was unreasonably set and accept the deviations.
  • B. Gather additional information to determine the cause of the deviations.
  • C. Report the deviations immediately to the audit committee.
  • D. Perform alternative forms of analytical procedures which provide no deviations.

Answer: B

 

NEW QUESTION 18
Which of the following is an example of a management control technique?

  • A. The board of directors.
  • B. A budget.
  • C. A risk assessment.
  • D. The control environment.

Answer: B

 

NEW QUESTION 19
Which of the following offers the best evidence that the internal audit activity has achieved organizational independence?

  • A. The chief audit executive reports both functionally and administratively to the CEO.
  • B. The mission statement and strategy of the internal audit activity demonstrates alignment to organizational objectives.
  • C. An independent third party has assessed the organization's system of internal controls to be adequate and effective.
  • D. The internal audit charter is drafted properly and approved by the appropriate parties.

Answer: A

 

NEW QUESTION 20
According to IIA guidance, which of the following is ultimately responsible for seeing that the internal control system of an organization's social responsibility program is effective?

  • A. Internal audit activity.
  • B. Senior management.
  • C. Board of directors.
  • D. All employees.

Answer: C

 

NEW QUESTION 21
A former line supervisor from the Financial Services Department has completed six months of a two-year development opportunity with the internal audit activity (IAA). She is assigned to a team that will audit the organization's payroll function, which is managed by the Human Resources Department. Which of the following statements is most relevant regarding her independence and objectivity with respect to the payroll audit?

  • A. She may participate, but only after she has completed one year with the IAA.
  • B. She may participate for training purposes, to build her knowledge of the IAA.
  • C. She may participate, because she did not previously work in the Human Resources Department.
  • D. She may participate, but she must be supervised by the auditor in charge.

Answer: C

 

NEW QUESTION 22
According to IIA guidance, which of the following best describes processes and tools typically used in ongoing internal assessments?

  • A. Benchmarking of the internal audit activity's practices and performance.
  • B. Analysis of performance metrics such as cycle times.
  • C. Self-assessments and surveys of stakeholder groups.
  • D. Report of internal assessment results, response plans, and outcomes.

Answer: B

 

NEW QUESTION 23
Which of the following best describes the assessment of risks?

  • A. Assess the likelihood and/or impact of risk on the achievement of organizational objectives.
  • B. Assess the actions necessary to reduce the likelihood and/or impact of risk to tolerable levels.
  • C. Assess the amount of risk an organization can accept while pursuing its objectives.
  • D. Assess alternative strategies to reduce or eliminate major risks.

Answer: A

 

NEW QUESTION 24
Given the highly technical and legal nature of privacy issues, which of the following statements best describes the internal audit activity's responsibility with regard to assessing an organization's privacy framework?

  • A. The internal audit activity may delegate to nonaudit IT specialists the responsibility of determining whether personal information has been secured adequately and data protection controls are sufficient.
  • B. If an organization does not have a mature privacy framework, the internal audit activity should assist in developing and implementing an appropriate privacy framework.
  • C. Because the audit committee is ultimately responsible for ensuring that appropriate control processes are in place to mitigate risks associated with personal information, the internal audit activity is C. required to conduct privacy assessments.
  • D. The internal audit activity should have appropriate knowledge and competence to conduct an asses .......framework.

Answer: D

 

NEW QUESTION 25
Which of the following is not one of the 10 core competencies identified in the IIA Competency Framework?

  • A. Governance, risk, and control.
  • B. Business acumen.
  • C. Internal audit delivery.
  • D. Performance management.

Answer: D

 

NEW QUESTION 26
According to IIA guidance, which of the following statements about working papers is false?

  • A. They provide support for communication to third parties.
  • B. They assist in the implementation of recommendations.
  • C. They contribute to development of the internal audit staff.
  • D. They demonstrate compliance with auditing standards.

Answer: B

 

NEW QUESTION 27
Faced with a complex, highly technical construction audit engagement, the chief audit executive (CAE) considered complementing the current internal audit resources by engaging the services of a civil engineer.
Which of the following should the CAE consider in determining whether the engineer possesses the necessary skills to perform the engagement?
1. Professional certification, license, or other recognition of the engineer's competence in the relevant discipline.
2. Experience of the engineer in the type of work being considered.
3. Compensation or other incentives that the engineer may receive.
4. The extent of other ongoing services that the engineer may be performing for the organization.

  • A. 1, 2, and 4 only
  • B. 2 and 3 only
  • C. 1 and 4 only
  • D. 3 and 4 only

Answer: A

 

NEW QUESTION 28
Which of the following would be considered a preventive control?

  • A. A password lock on a server.
  • B. A review of exception reports.
  • C. A software scan of financial records for irregularities.
  • D. A library control log.

Answer: A

 

NEW QUESTION 29
In which of the following scenarios would the chief audit executive (CAE) be required to decline the assignment?

  • A. There is no available expertise on the internal audit team to perform a consulting engagement.
  • B. There is no expertise within the internal audit team for detecting and investigating fraud.
  • C. The CAE would need to procure external services to deliver the internal audit assurance program.
  • D. There is no expertise within the internal audit team for auditing an IT engagement.

Answer: B

 

NEW QUESTION 30
Which of the following is an example of a directive control?

  • A. Incentive compensation plans.
  • B. Exception reports.
  • C. Automated reconciliations.
  • D. Segregation of duties.

Answer: A

 

NEW QUESTION 31
An internal auditor is evaluating techniques management uses to mitigate risks within a particular product division. Which of the following is an example of risk reduction?

  • A. Management sells the product division to a competitor.
  • B. Management allows the product division to remain unchanged.
  • C. Management outsources the product division to a third party.
  • D. Management modifies the product division to minimize errors.

Answer: D

 

NEW QUESTION 32
An internal auditor in a small broadcasting organization was assigned to review the revenue collection process.
The auditor discovered that some checks from three customers were never recorded in the organization's financial records. Which of the following documents would be the least useful for the auditor to verify the finding?

  • A. Customer confirmation letters.
  • B. Bank statements.
  • C. Copies of sales invoices.
  • D. Copies of deposit slips.

Answer: D

 

NEW QUESTION 33
A snow removal company is conducting a scenario planning exercise where participating employees consider the potential impacts of a significant reduction in annua snowfall for the coming winter. Which of the following best describes this type of risk?

  • A. Inherent.
  • B. Net.
  • C. Residual.
  • D. Accepted.

Answer: A

 

NEW QUESTION 34
Which of the following scenarios best illustrates a rationalization as the root cause of potential fraud?

  • A. The organization is slowly phasing out three mature products that produce the highest commissions for the sales staff.
  • B. The controller at a nationwide manufacturing company recently opted to no longer require two-week mandatory vacations for accounting staff.
  • C. Managers who have been with the organization for several decades become aware that newly hired, younger managers are being moved more quickly into senior positions.
  • D. Security cameras that monitor cash handling at the register are not functioning.

Answer: B

 

NEW QUESTION 35
......

Full IIA-CRMA Practice Test and 285 unique questions with explanations waiting just for you, get it now: https://drive.google.com/open?id=1rzQHi_jmBaDuJvlURpGQxG18yJP2l-pS

Accurate & Verified Answers As Seen in the Real Exam here: https://www.itexamdownload.com/IIA-CRMA-valid-questions.html

Related Articles

more
IIA IIA-CRMA Certification Practice Exam

Copyright © 2026 ITExamDownload NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy