IIA-CIA-Part3-CN Exam Question 81
向國外子公司銷售產品的組織希望收取能降低進口關稅的價格。下列哪一項是該組織的最佳行動方案?
Correct Answer: A
Comprehensive and Detailed In-Depth Explanation:
Transfer pricing refers to the pricing of goods, services, and intangibles transferred between related entities. In international transactions, companies often adjust transfer prices to minimize tax liabilities and import tariffs.
Decreasing the transfer price (Option A) results in a lower declared customs value, reducing import tariffs paid to the foreign country.
Increasing the transfer price (Option B) would raise import tariffs, making it less favorable.
Charging the arm's length price (Option C) ensures compliance with tax regulations but does not necessarily reduce import tariffs.
Optimal transfer pricing (Option D) is a general term that does not specifically focus on reducing tariffs.
Thus, decreasing the transfer price is the best approach.
Reference: IIA Business Acumen - Transfer Pricing Strategies
Transfer pricing refers to the pricing of goods, services, and intangibles transferred between related entities. In international transactions, companies often adjust transfer prices to minimize tax liabilities and import tariffs.
Decreasing the transfer price (Option A) results in a lower declared customs value, reducing import tariffs paid to the foreign country.
Increasing the transfer price (Option B) would raise import tariffs, making it less favorable.
Charging the arm's length price (Option C) ensures compliance with tax regulations but does not necessarily reduce import tariffs.
Optimal transfer pricing (Option D) is a general term that does not specifically focus on reducing tariffs.
Thus, decreasing the transfer price is the best approach.
Reference: IIA Business Acumen - Transfer Pricing Strategies
IIA-CIA-Part3-CN Exam Question 82
下列哪一項最能描述糾正措施的有意義的建議?
Correct Answer: D
Meaningful recommendations are those that address the root cause of the condition by comparing it to the established criteria and propose sustainable, long-term solutions. This ensures that the identified issue will not recur and strengthens the control environment.
Option A relates to symptoms (condition vs. consequence), not root causes. Option B identifies the correct gap (criteria vs. condition) but offers only short-term fixes. Option C incorrectly compares criteria to consequence, which is not a valid basis for audit recommendations.
Thus, Option D is correct.
Reference:
IIA Practice Guide - Audit Findings: Condition, Criteria, Cause, Effect, and Recommendation.
Option A relates to symptoms (condition vs. consequence), not root causes. Option B identifies the correct gap (criteria vs. condition) but offers only short-term fixes. Option C incorrectly compares criteria to consequence, which is not a valid basis for audit recommendations.
Thus, Option D is correct.
Reference:
IIA Practice Guide - Audit Findings: Condition, Criteria, Cause, Effect, and Recommendation.
IIA-CIA-Part3-CN Exam Question 83
在評估第三方服務提供者提供的幫助台服務時,下列何者可能是內部稽核師最關心的問題?
Correct Answer: D
An internal auditor's primary concern in evaluating third-party help desk services is ensuring that the provider meets Service-Level Agreement (SLA) requirements, particularly regarding response times, issue resolution, and service quality.
Correct Answer (D - Whether the provider's responses and resolutions were well defined according to the SLA) The SLA defines expected service levels, including:
Response and resolution times.
Performance metrics (e.g., first-call resolution rate).
Escalation procedures.
Compliance with contractual obligations.
The IIA Practice Guide: Auditing Third-Party Relationships states that internal auditors must assess SLA compliance as a key control in outsourcing arrangements.
Why Other Options Are Incorrect:
Option A (Whether every call was logged):
While logging all calls is good practice, the focus should be on meeting SLA requirements, not just documentation.
The IIA GTAG 7: Continuous Auditing emphasizes measuring performance, not just recording activities.
Option B (Whether a unique ID was assigned to each issue):
Issue tracking is important, but an ID alone does not guarantee service quality or SLA compliance.
Option C (Whether the provider used its own facilities):
The location of the service provider's facilities does not impact SLA compliance.
IIA Practice Guide: Auditing Third-Party Relationships - Outlines how auditors should evaluate SLAs and vendor performance.
IIA GTAG 7: Continuous Auditing - Highlights the importance of performance measurement in outsourced services.
Step-by-Step Explanation:IIA References for Validation:Thus, ensuring the provider meets SLA-defined response and resolution times (D) is the internal auditor's greatest concern.
Correct Answer (D - Whether the provider's responses and resolutions were well defined according to the SLA) The SLA defines expected service levels, including:
Response and resolution times.
Performance metrics (e.g., first-call resolution rate).
Escalation procedures.
Compliance with contractual obligations.
The IIA Practice Guide: Auditing Third-Party Relationships states that internal auditors must assess SLA compliance as a key control in outsourcing arrangements.
Why Other Options Are Incorrect:
Option A (Whether every call was logged):
While logging all calls is good practice, the focus should be on meeting SLA requirements, not just documentation.
The IIA GTAG 7: Continuous Auditing emphasizes measuring performance, not just recording activities.
Option B (Whether a unique ID was assigned to each issue):
Issue tracking is important, but an ID alone does not guarantee service quality or SLA compliance.
Option C (Whether the provider used its own facilities):
The location of the service provider's facilities does not impact SLA compliance.
IIA Practice Guide: Auditing Third-Party Relationships - Outlines how auditors should evaluate SLAs and vendor performance.
IIA GTAG 7: Continuous Auditing - Highlights the importance of performance measurement in outsourced services.
Step-by-Step Explanation:IIA References for Validation:Thus, ensuring the provider meets SLA-defined response and resolution times (D) is the internal auditor's greatest concern.
IIA-CIA-Part3-CN Exam Question 84
下列哪一種組織結構最有可能應付快速變化和不確定性?
Correct Answer: A
A decentralized organizational structure allows decision-making authority to be distributed across various levels and locations, making it more flexible and adaptable to rapid changes and uncertainties.
Why Decentralization Helps in Uncertainty?
Decentralization empowers different units or teams to make faster decisions.
It enables quick adaptation to market shifts, technological advancements, and external disruptions.
According to IIA's Organizational Governance Guidelines, decentralized structures increase agility and responsiveness, particularly in dynamic industries like technology and finance.
Characteristics of Decentralized Structures:
Autonomy at multiple levels - decisions are not centralized at the top.
Faster decision-making - local teams react quickly to changes.
Greater innovation and flexibility - promotes problem-solving without bureaucratic delays.
Why Not Other Options?
B). Centralized:
A centralized structure concentrates decision-making at the top, slowing down responsiveness to changes.
C). Departmentalized:
While departmentalization organizes work efficiently, it may restrict cross-functional collaboration, making adaptation slower.
D). Tall Structure:
Tall structures have multiple management layers, leading to bureaucracy and slower decision-making.
IIA Practice Guide: Organizational Governance
IIA Standard 2110 - Governance and Risk Management
COBIT 2019 - Enterprise Risk and Governance Framework
Step-by-Step Justification:IIA References:Thus, the correct and verified answer is A. Decentralized.
Why Decentralization Helps in Uncertainty?
Decentralization empowers different units or teams to make faster decisions.
It enables quick adaptation to market shifts, technological advancements, and external disruptions.
According to IIA's Organizational Governance Guidelines, decentralized structures increase agility and responsiveness, particularly in dynamic industries like technology and finance.
Characteristics of Decentralized Structures:
Autonomy at multiple levels - decisions are not centralized at the top.
Faster decision-making - local teams react quickly to changes.
Greater innovation and flexibility - promotes problem-solving without bureaucratic delays.
Why Not Other Options?
B). Centralized:
A centralized structure concentrates decision-making at the top, slowing down responsiveness to changes.
C). Departmentalized:
While departmentalization organizes work efficiently, it may restrict cross-functional collaboration, making adaptation slower.
D). Tall Structure:
Tall structures have multiple management layers, leading to bureaucracy and slower decision-making.
IIA Practice Guide: Organizational Governance
IIA Standard 2110 - Governance and Risk Management
COBIT 2019 - Enterprise Risk and Governance Framework
Step-by-Step Justification:IIA References:Thus, the correct and verified answer is A. Decentralized.
IIA-CIA-Part3-CN Exam Question 85
首席審計執行長 (CAE) 已被要求評估首席技術長關於外包組織 IT 部門的幾個關鍵職能的提議。下列哪一項是 CAE 確定提案是否符合組織策略的最適當的行動?
Correct Answer: A
The chief audit executive (CAE) plays a crucial role in evaluating strategic decisions, including outsourcing IT functions. The most appropriate first step is to assess whether the proposal aligns with the organization's overall strategy and verify that the supporting information is reliable and complete before making further evaluations.
Strategic Alignment:
The CAE must first determine whether outsourcing supports the organization's long-term objectives, risk tolerance, and business goals.
Reliability of Supporting Information:
Before evaluating costs, risks, or operational impacts, the CAE must ensure that management's data and assumptions are accurate and complete.
IIA Standards on Governance and Risk Management:
IIA Standard 2110 - Governance requires auditors to evaluate decision-making processes, including outsourcing.
IIA Standard 2120 - Risk Management emphasizes assessing risks associated with major decisions like outsourcing.
B). Ascertain whether governance and approval processes are transparent, documented, and completed:
While governance is important, this step comes after verifying strategic alignment.
C). Perform a due diligence review or assess management's review of provider operations:
Due diligence is a later step in outsourcing evaluation, not the first priority.
D). Identify key performance measures and data sources:
Key performance measures are useful for monitoring outsourcing after approval, but they do not determine initial alignment with strategy.
IIA Standard 2110 - Governance: Requires internal auditors to evaluate whether key decisions align with organizational objectives.
IIA Standard 2120 - Risk Management: Internal auditors must assess potential risks and verify the reliability of information used for decision-making.
COBIT Framework - IT Governance: Emphasizes strategic alignment of IT decisions, including outsourcing.
Key Reasons Why Option A is Correct:Why Other Options Are Incorrect:IIA References:Thus, the correct answer is A. Understand strategic context and evaluate whether supporting information is reliable and complete.
Strategic Alignment:
The CAE must first determine whether outsourcing supports the organization's long-term objectives, risk tolerance, and business goals.
Reliability of Supporting Information:
Before evaluating costs, risks, or operational impacts, the CAE must ensure that management's data and assumptions are accurate and complete.
IIA Standards on Governance and Risk Management:
IIA Standard 2110 - Governance requires auditors to evaluate decision-making processes, including outsourcing.
IIA Standard 2120 - Risk Management emphasizes assessing risks associated with major decisions like outsourcing.
B). Ascertain whether governance and approval processes are transparent, documented, and completed:
While governance is important, this step comes after verifying strategic alignment.
C). Perform a due diligence review or assess management's review of provider operations:
Due diligence is a later step in outsourcing evaluation, not the first priority.
D). Identify key performance measures and data sources:
Key performance measures are useful for monitoring outsourcing after approval, but they do not determine initial alignment with strategy.
IIA Standard 2110 - Governance: Requires internal auditors to evaluate whether key decisions align with organizational objectives.
IIA Standard 2120 - Risk Management: Internal auditors must assess potential risks and verify the reliability of information used for decision-making.
COBIT Framework - IT Governance: Emphasizes strategic alignment of IT decisions, including outsourcing.
Key Reasons Why Option A is Correct:Why Other Options Are Incorrect:IIA References:Thus, the correct answer is A. Understand strategic context and evaluate whether supporting information is reliable and complete.
- Other Version
- 1200IIA.IIA-CIA-Part3-CN.v2025-06-26.q187
- Latest Upload
- 140Microsoft.AB-731.v2026-07-03.q32
- 146Microsoft.AI-900-CN.v2026-07-03.q148
- 160GIAC.GICSP.v2026-07-03.q43
- 200EC-COUNCIL.212-89.v2026-07-03.q125
- 162Salesforce.Plat-Admn-201.v2026-07-02.q74
- 317AAPC.CPC.v2026-07-02.q224
- 182Cisco.820-605.v2026-07-02.q83
- 184Cisco.300-435.v2026-07-02.q95
- 138PaloAltoNetworks.XSIAM-Analyst.v2026-07-02.q35
- 250IIA.IIA-CIA-Part3-CN.v2026-07-02.q222
[×]
Download PDF File
Enter your email address to download IIA.IIA-CIA-Part3-CN.v2026-07-02.q222 Practice Test
