IIA-CIA-Part3-3P Exam Dumps - CIA Exam Part Three: Business Knowledge for Internal Auditing

Star network.

Bus network.

Token ring network.

Mesh network.

Interviewing the organization's employees.

Observing the organization's operations.

Reading the board's minutes.

Inspecting manuals and documents.

Filtering.

Communication overload.

Similar frames of reference.

Lack of source credibility.

Establishing risk category definitions and a common risk language for likelihood and impact measures.

Defining ERM roles and responsibilities.

Providing the board with an independent, objective risk perspective on financial reporting.

Guiding integration of ERM with other management activities.

Access is approved by the supervising manager.

User accounts specify expiration dates and are based on services provided.

Administrator access is provided for a limited period.

User accounts are deleted when the work is completed.

Determine the optimal amount of resources for the organization to invest in CSR.

Align CSR program objectives with the organization's strategic plan.

Integrate CSR activities into the organization's decision-making process.

Determine whether the organization has an appropriate policy governing its CSR activities.

Costs are affected by changes in activity only.

The behavior of costs and revenues is inverse.

When more than one type of product is sold, the sales mix changes.

Only variable costs have to be classified accurately.

All personal information, by definition is considered to be sensitive, requiring specialized controls.

Information is not considered personal if it can only be linked to or used to identify an individual indirectly.

Individuals who provide personal information to organizations share in the risk of inappropriate

disclosure.

Good protection controls remove any restrictions on the quantity of personal information that can be collected