Q95. A small software development firm designs and produces custom applications for businesses. The application development team consists of employees from multiple departments who all report to a single project manager.
Which of the following organizational structures does this situation represent?

Q96. Which of the following is an example of a risk avoidance response?

Q97. Which of me following represents an inventory costing technique that can be manipulated by management to boost net income by selling units purchased at a low cost?

Q98. Which of the following are likely indicators of ineffective change management?
1) IT management is unable to predict how a change will impact interdependent systems or business processes.
2) There have been significant increases in trouble calls or in support hours logged by programmers.
3) There is a lack of turnover in the systems support and business analyst development groups.
4) Emergency changes that bypass the normal control process frequently are deemed necessary.

Q99. Which of the following should software auditors do when reporting internal audit findings related to enterprise wide resource planning?

Q100. An internal auditor reviewed Finance Department records to obtain a list of current vendor addresses The auditor then compared the vendor addresses to a record of employee addresses maintained by the Payroll Department Which of the following types of data analysis did the auditor perform?

Q101. When developing an effective risk-based plan to determine audit priorities, an internal audit activity should start by:

Q102. Which of the following types of analytics would be used by an organization to examine metrics by business units and identity the most profitable business units?

Q103. Which of the following control features consists of a set of authorization codes that distinguishes among actions such as reading, adding, and deleting records?

Q104. Which of the following types of data analytics would be used by a hospital to determine which patients are likely to require readmittance for additional treatment?

Q105. According to IIA guidance, which of the following is a typical risk associated with the tender process and contracting stage of an organization’s IT outsourcing life cycle?

Q106. A small furniture-manufacturing firm with 100 employees is located in a two-story building and does not plan to expand. The furniture manufactured is not special-ordered or custom-made. The most likely structure for this organization would be:

Q107. Which of the following is a cybersecurity monitoring activity intended to deter disruptive codes from being installed on an organization’s systems?

Q108. Which of the following application controls can be defined as controls that monitor data Being processed and in storage to ensure it remains consistent and correct?

Q109. Multinational organizations generally spend more time and effort to identify and evaluate:

Q110. Which of the following factors is most responsible for the increasing risk that unauthorized parties may obtain or tamper with personal data?

Q111. The economic order quantity can be calculated using the following formula:
Which of the following describes how the optimal order size will change if the annual demand increases by 36 percent?

Q112. New data privacy laws require an organization to use collected customer information for me sole purpose of meeting the organization’s business requirements. Which of the following best addresses the risk of the organization not complying with this objective?

Q113. Which of the following cybersecurity-related activities is most likely to be performed by the second line of defense?

Q114. A key advantage of developing a computer application by using the prototyping approach is that it:

Q115. Which of the following authentication controls combines what a user knows with the unique characteristics of the user respectively?

Q116. Which of the following IT controls includes protection for mainframe computers and workstations?

Q117. Which of the following costs would be incurred in an inventory stockout?

Q118. What must be monitored in order to manage risk of consumer product inventory obsolescence?
1) Inventory balances.
2) Market share forecasts.
3) Sales returns.
4) Sales trends.

Q119. Which of the following is an example of internal auditors applying data mining techniques for exploratory purposes?