IIA-CRMA Exam Question 21

Which of the following statements accurately describes the responsibility of the internal audit activity regarding IT governance?
1. The internal audit activity does not have any responsibility because IT governance is the responsibility of the board and senior management of the organization.
2. The internal audit activity must assess whether the IT governance of the organization supports the organization's strategies and objectives.
3. The internal audit activity may assess whether the IT governance of the organization supports the organization's strategies and objectives.
4. The internal audit activity may accept requests from management to perform advisory services regarding how the IT governance of the organization supports the organization's strategies and objectives.
  • IIA-CRMA Exam Question 22

    According to IIA guidance, which of the following must the internal auditor consider to meet the requirements for due professional care?
  • IIA-CRMA Exam Question 23

    Which of the following best ensures the independence of the internal audit activity?
    1. The CEO and audit committee review and endorse any changes to the approved audit plan on an annual basis.
    2. The audit committee reviews the performance of the chief audit executive (CAE) periodically.
    3. The internal audit charter requires the CAE to report functionally to the audit committee.
  • IIA-CRMA Exam Question 24

    Which of the following professional development approaches would offer internal auditors the most opportunities to broaden their engagement experiences?
  • IIA-CRMA Exam Question 25

    An internal auditor notes that employees are able to download files from the internet. According to IIA guidance, which of the following strategies would best protect the organization from the risk of copyright infringement and licensing violations resulting from this practice?