IIA-CIA-Part3-CN Exam Question 121
一年後到期的債券面額為 250,000 新元,票面金額為 30,000 美元。如果債券的市場價格為 5265,000,則下列哪一項是市場利率?
Correct Answer: C
The market interest rate (yield to maturity, YTM) is calculated using the following formula:
YTM=Coupon Payment+(Face Value#Market PriceYears to Maturity)Face Value+Market Price2YTM = \frac
{\text{Coupon Payment} + \left( \frac{\text{Face Value} - \text{Market Price}}{\text{Years to Maturity}}
\right)}{\frac{\text{Face Value} + \text{Market Price}}{2}}
YTM=2Face Value+Market PriceCoupon Payment+(Years to MaturityFace Value#Market Price) Given:
* Face Value (F) = $250,000
* Coupon Payment (C) = $30,000
* Market Price (P) = $265,000
* Time to Maturity = 1 year
* Calculate the Yield to Maturity (YTM) using the Approximation Formula:
Step-by-Step Calculation:YTM=30,000+(250,000#265,0001)250,000+265,0002YTM = \frac{30,000 + \left(
\frac{250,000 - 265,000}{1} \right)}{\frac{250,000 + 265,000}{2}}YTM=2250,000+265,00030,000+ (1250,000#265,000) YTM=30,000+(#15,000)250,000+265,0002YTM = \frac{30,000 + (-15,000)}{\frac
{250,000 + 265,000}{2}}YTM=2250,000+265,00030,000+(#15,000) YTM=15,000257,500YTM = \frac
{15,000}{257,500}YTM=257,50015,000 YTM=0.0583 or 5.83% (Current Yield)YTM = 0.0583 \text{ or }
5.83\% \text{ (Current Yield)}YTM=0.0583 or 5.83% (Current Yield)
* Convert the YTM to an Annual Percentage Rate:
Since this is a one-year bond, the actual yield to maturity is equivalent to the total return:
Total return=30,000+(#15,000)265,000=15,000265,000\text{Total return} = \frac{30,000 + (-15,000)}
{265,000} = \frac{15,000}{265,000}Total return=265,00030,000+(#15,000)=265,00015,000 YTM=5.66%
+250,000#265,000265,000=12.26%YTM = 5.66\% + \frac{250,000 - 265,000}{265,000} = 12.26\%YTM=5.
66%+265,000250,000#265,000=12.26%
Final Answer:Since 12.26% falls between 12.01% and 12.50%, option (C) is correct.
* IIA GTAG 3: Continuous Auditing - Emphasizes the importance of financial metrics like yield calculations in investment risk assessments.
* COSO ERM Framework - Performance Component - Highlights the significance of market rates in financial decision-making and risk management.
* IFRS 9 - Financial Instruments - Covers bond valuation and interest rate calculations.
IIA References:Conclusion:Since the market interest rate falls between 12.01% and 12.50%, option (C) is the correct answer.
YTM=Coupon Payment+(Face Value#Market PriceYears to Maturity)Face Value+Market Price2YTM = \frac
{\text{Coupon Payment} + \left( \frac{\text{Face Value} - \text{Market Price}}{\text{Years to Maturity}}
\right)}{\frac{\text{Face Value} + \text{Market Price}}{2}}
YTM=2Face Value+Market PriceCoupon Payment+(Years to MaturityFace Value#Market Price) Given:
* Face Value (F) = $250,000
* Coupon Payment (C) = $30,000
* Market Price (P) = $265,000
* Time to Maturity = 1 year
* Calculate the Yield to Maturity (YTM) using the Approximation Formula:
Step-by-Step Calculation:YTM=30,000+(250,000#265,0001)250,000+265,0002YTM = \frac{30,000 + \left(
\frac{250,000 - 265,000}{1} \right)}{\frac{250,000 + 265,000}{2}}YTM=2250,000+265,00030,000+ (1250,000#265,000) YTM=30,000+(#15,000)250,000+265,0002YTM = \frac{30,000 + (-15,000)}{\frac
{250,000 + 265,000}{2}}YTM=2250,000+265,00030,000+(#15,000) YTM=15,000257,500YTM = \frac
{15,000}{257,500}YTM=257,50015,000 YTM=0.0583 or 5.83% (Current Yield)YTM = 0.0583 \text{ or }
5.83\% \text{ (Current Yield)}YTM=0.0583 or 5.83% (Current Yield)
* Convert the YTM to an Annual Percentage Rate:
Since this is a one-year bond, the actual yield to maturity is equivalent to the total return:
Total return=30,000+(#15,000)265,000=15,000265,000\text{Total return} = \frac{30,000 + (-15,000)}
{265,000} = \frac{15,000}{265,000}Total return=265,00030,000+(#15,000)=265,00015,000 YTM=5.66%
+250,000#265,000265,000=12.26%YTM = 5.66\% + \frac{250,000 - 265,000}{265,000} = 12.26\%YTM=5.
66%+265,000250,000#265,000=12.26%
Final Answer:Since 12.26% falls between 12.01% and 12.50%, option (C) is correct.
* IIA GTAG 3: Continuous Auditing - Emphasizes the importance of financial metrics like yield calculations in investment risk assessments.
* COSO ERM Framework - Performance Component - Highlights the significance of market rates in financial decision-making and risk management.
* IFRS 9 - Financial Instruments - Covers bond valuation and interest rate calculations.
IIA References:Conclusion:Since the market interest rate falls between 12.01% and 12.50%, option (C) is the correct answer.
IIA-CIA-Part3-CN Exam Question 122
關於變革管理,下列哪一項敘述是正確的?
Correct Answer: D
Change management is a structured approach to transitioning individuals, teams, and organizations from a current state to a desired future state while minimizing risk and disruption.
* Definition of Change Management:
* Change management ensures that all modifications to IT systems, processes, and applications are controlled and documented.
* As per the IIA GTAG on Change Management, an effective change management process should be repeatable, defined, and predictable to reduce errors and system failures.
* Why Change Management Must Be Structured?
* Uncontrolled changes increase risks such as security vulnerabilities, data loss, and system downtime.
* Best practices (e.g., ITIL, COBIT) require organizations to follow a consistent change management process to protect the production environment.
* A structured approach includes:
* Documenting change requests
* Testing in non-production environments
* Gaining approvals before deployment
* Why Not Other Options?
* A. The degree of risk associated with a proposed change determines whether the change request requires authorization:
* All changes should require authorization, not just high-risk ones.
* B. Program changes generally are developed and tested in the production environment:
* Changes should never be tested in production due to risk exposure. Best practice is to test in a development or staging environment first.
* C. Changes are only required by software programs:
* Change management applies broadly to IT infrastructure, business processes, security protocols, and governance frameworks, not just software.
* IIA GTAG - Change Management Controls
* COBIT 2019 - Change Management Best Practices
* ITIL Change Management Framework
* IIA Standard 2120 - Risk Management
Step-by-Step Justification:IIA References:Thus, the correct and verified answer is D. To protect the production environment, changes must be managed in a repeatable, defined, and predictable manner.
* Definition of Change Management:
* Change management ensures that all modifications to IT systems, processes, and applications are controlled and documented.
* As per the IIA GTAG on Change Management, an effective change management process should be repeatable, defined, and predictable to reduce errors and system failures.
* Why Change Management Must Be Structured?
* Uncontrolled changes increase risks such as security vulnerabilities, data loss, and system downtime.
* Best practices (e.g., ITIL, COBIT) require organizations to follow a consistent change management process to protect the production environment.
* A structured approach includes:
* Documenting change requests
* Testing in non-production environments
* Gaining approvals before deployment
* Why Not Other Options?
* A. The degree of risk associated with a proposed change determines whether the change request requires authorization:
* All changes should require authorization, not just high-risk ones.
* B. Program changes generally are developed and tested in the production environment:
* Changes should never be tested in production due to risk exposure. Best practice is to test in a development or staging environment first.
* C. Changes are only required by software programs:
* Change management applies broadly to IT infrastructure, business processes, security protocols, and governance frameworks, not just software.
* IIA GTAG - Change Management Controls
* COBIT 2019 - Change Management Best Practices
* ITIL Change Management Framework
* IIA Standard 2120 - Risk Management
Step-by-Step Justification:IIA References:Thus, the correct and verified answer is D. To protect the production environment, changes must be managed in a repeatable, defined, and predictable manner.
IIA-CIA-Part3-CN Exam Question 123
網路安全控制措施主要旨在保護下列哪些資料屬性?
Correct Answer: B
Cybersecurity controls are primarily designed to protect the Confidentiality, Integrity, and Availability (CIA) of data. These are the three fundamental principles of cybersecurity and are essential for protecting organizational information assets. Let's analyze each option:
Option A: Veracity, velocity, and variety.
Incorrect. These attributes are commonly associated with big data and data analytics rather than cybersecurity.
Cybersecurity controls focus on ensuring that data is secure, rather than on its volume, speed, or diversity.
IIA Reference: Cybersecurity risk management frameworks emphasize the CIA triad over big data attributes.
(IIA GTAG: Auditing Cybersecurity Risk)
Option B: Integrity, availability, and confidentiality.
Correct. These three principles are at the core of cybersecurity:
Confidentiality: Ensures that sensitive information is only accessible to authorized individuals.
Integrity: Protects data from unauthorized modifications or corruption.
Availability: Ensures that data and systems are accessible when needed.
IIA Reference: The IIA's guidance on IT governance highlights the CIA triad as the foundation of cybersecurity. (IIA GTAG: Information Security Governance) Option C: Accessibility, accuracy, and effectiveness.
Incorrect. While these attributes are important in data management and usability, they do not directly define cybersecurity controls.
Option D: Authorization, logical access, and physical access.
Incorrect. While these are essential security components, they fall under broader IT security measures rather than forming the fundamental principles of cybersecurity.
Option A: Veracity, velocity, and variety.
Incorrect. These attributes are commonly associated with big data and data analytics rather than cybersecurity.
Cybersecurity controls focus on ensuring that data is secure, rather than on its volume, speed, or diversity.
IIA Reference: Cybersecurity risk management frameworks emphasize the CIA triad over big data attributes.
(IIA GTAG: Auditing Cybersecurity Risk)
Option B: Integrity, availability, and confidentiality.
Correct. These three principles are at the core of cybersecurity:
Confidentiality: Ensures that sensitive information is only accessible to authorized individuals.
Integrity: Protects data from unauthorized modifications or corruption.
Availability: Ensures that data and systems are accessible when needed.
IIA Reference: The IIA's guidance on IT governance highlights the CIA triad as the foundation of cybersecurity. (IIA GTAG: Information Security Governance) Option C: Accessibility, accuracy, and effectiveness.
Incorrect. While these attributes are important in data management and usability, they do not directly define cybersecurity controls.
Option D: Authorization, logical access, and physical access.
Incorrect. While these are essential security components, they fall under broader IT security measures rather than forming the fundamental principles of cybersecurity.
IIA-CIA-Part3-CN Exam Question 124
下列哪一項在專案管理的所有三個階段中均有使用?
Correct Answer: D
Comprehensive and Detailed In-Depth Explanation:
A Project Management Information System (PMIS) is a centralized tool used throughout a project's planning, execution, and monitoring phases. It helps track schedules, costs, and risks.
Option A (EVM) - Used primarily in monitoring and control phases, not all three.
Option B (Organizational procedures) - Provides guidance but is not actively used in all project phases.
Option C (Performance measurement) - Important in monitoring, but not central to planning or execution.
Since PMIS is used throughout the project lifecycle, Option D is correct.
Reference: IIA Project Management - Tools & Techniques
A Project Management Information System (PMIS) is a centralized tool used throughout a project's planning, execution, and monitoring phases. It helps track schedules, costs, and risks.
Option A (EVM) - Used primarily in monitoring and control phases, not all three.
Option B (Organizational procedures) - Provides guidance but is not actively used in all project phases.
Option C (Performance measurement) - Important in monitoring, but not central to planning or execution.
Since PMIS is used throughout the project lifecycle, Option D is correct.
Reference: IIA Project Management - Tools & Techniques
IIA-CIA-Part3-CN Exam Question 125
下列哪一項是使用分層控制結構的特性?
Correct Answer: B
A hierarchical control structure is a traditional organizational framework where decision-making authority flows from top management down through various levels of hierarchy. It is characterized by centralized control, strict policies, formal procedures, and well-defined roles. This structure impacts organizational commitment and employee behavior in several ways:
Centralized Decision-Making:
Employees have limited autonomy in decision-making, leading to reduced job satisfaction and lower commitment to the organization.
Decisions are made at higher levels, and lower-level employees often feel disconnected from strategic goals.
Strict Policies and Procedures:
While hierarchical structures emphasize control, they often result in excessive bureaucracy, reducing employees' sense of ownership.
Employees may perceive rigid rules as restrictive rather than empowering, diminishing their commitment.
Emphasis on Extrinsic Rewards:
In hierarchical organizations, extrinsic motivators such as salaries, promotions, and benefits are emphasized more than intrinsic motivation factors like personal growth, autonomy, or recognition.
This focus can lead to employees feeling less engaged or committed.
Higher Turnover Risk:
Employees with lower organizational commitment may seek opportunities elsewhere, increasing turnover rates.
Research indicates that organizations with rigid hierarchical structures tend to have higher turnover compared to flexible, participative structures.
Option A (Less use of policies and procedures): Incorrect. Hierarchical control structures rely heavily on policies and procedures to maintain control and consistency.
Option C (Less emphasis on extrinsic rewards): Incorrect. Hierarchical structures often focus more on extrinsic rewards such as salary, promotions, and bonuses to motivate employees.
Option D (Less employee turnover): Incorrect. Due to decreased organizational commitment, hierarchical structures often experience higher turnover rather than lower.
IIA Standard 1100 - Independence and Objectivity: Hierarchical structures can impact the independence and objectivity of internal auditors due to rigid reporting lines.
IIA's Global Perspectives & Insights Report - "The Future of Work": Discusses how traditional hierarchical structures may reduce employee engagement and commitment.
COSO Internal Control - Integrated Framework: Highlights the importance of organizational structure in shaping control environments and employee commitment.
Why Other Options Are Incorrect:IIA References:Thus, the correct answer is B. Less organizational commitment by employees.
Centralized Decision-Making:
Employees have limited autonomy in decision-making, leading to reduced job satisfaction and lower commitment to the organization.
Decisions are made at higher levels, and lower-level employees often feel disconnected from strategic goals.
Strict Policies and Procedures:
While hierarchical structures emphasize control, they often result in excessive bureaucracy, reducing employees' sense of ownership.
Employees may perceive rigid rules as restrictive rather than empowering, diminishing their commitment.
Emphasis on Extrinsic Rewards:
In hierarchical organizations, extrinsic motivators such as salaries, promotions, and benefits are emphasized more than intrinsic motivation factors like personal growth, autonomy, or recognition.
This focus can lead to employees feeling less engaged or committed.
Higher Turnover Risk:
Employees with lower organizational commitment may seek opportunities elsewhere, increasing turnover rates.
Research indicates that organizations with rigid hierarchical structures tend to have higher turnover compared to flexible, participative structures.
Option A (Less use of policies and procedures): Incorrect. Hierarchical control structures rely heavily on policies and procedures to maintain control and consistency.
Option C (Less emphasis on extrinsic rewards): Incorrect. Hierarchical structures often focus more on extrinsic rewards such as salary, promotions, and bonuses to motivate employees.
Option D (Less employee turnover): Incorrect. Due to decreased organizational commitment, hierarchical structures often experience higher turnover rather than lower.
IIA Standard 1100 - Independence and Objectivity: Hierarchical structures can impact the independence and objectivity of internal auditors due to rigid reporting lines.
IIA's Global Perspectives & Insights Report - "The Future of Work": Discusses how traditional hierarchical structures may reduce employee engagement and commitment.
COSO Internal Control - Integrated Framework: Highlights the importance of organizational structure in shaping control environments and employee commitment.
Why Other Options Are Incorrect:IIA References:Thus, the correct answer is B. Less organizational commitment by employees.
- Other Version
- 1200IIA.IIA-CIA-Part3-CN.v2025-06-26.q187
- Latest Upload
- 140Microsoft.AB-731.v2026-07-03.q32
- 151Microsoft.AI-900-CN.v2026-07-03.q148
- 160GIAC.GICSP.v2026-07-03.q43
- 205EC-COUNCIL.212-89.v2026-07-03.q125
- 162Salesforce.Plat-Admn-201.v2026-07-02.q74
- 321AAPC.CPC.v2026-07-02.q224
- 182Cisco.820-605.v2026-07-02.q83
- 184Cisco.300-435.v2026-07-02.q95
- 138PaloAltoNetworks.XSIAM-Analyst.v2026-07-02.q35
- 263IIA.IIA-CIA-Part3-CN.v2026-07-02.q222
[×]
Download PDF File
Enter your email address to download IIA.IIA-CIA-Part3-CN.v2026-07-02.q222 Practice Test
