[2025年更新]IIA-CRMA試験問題集でテストエンジン練習テスト問題 [Q59-Q80]

Share

[2025年更新]IIA-CRMA試験問題集でテストエンジン練習テスト問題

合格できるIIA-CRMA試験[2025年03月08日]最新285問題


IIA-CRMA認定は、リスク管理のキャリアを促進しようとしている専門家にとって貴重な資格です。リスク管理の原則と実践、および組織内のリスクを効果的に管理するために必要なスキルを包括的に理解することができます。この認定を取得することにより、個人は自分の専門知識を実証し、リスク管理の分野でのキャリアの見通しを高めることができます。


IIA-CRMA(リスク管理保証認定)の認定試験は、リスク管理のキャリアを追求することに興味のある個人に対して、内部監査士協会(IIA)が提供する専門資格です。この認定試験は、専門家がリスク管理のスキルと知識を開発するのを支援するように設計されており、世界的に優れた基準として認められています。

 

質問 # 59
During an audit engagement, the internal auditor discussed a risk mitigation recommendation with the manager of the area under review. The manager disagreed with the risk assessment and recommendation. The two failed to come up with an alternative solution, and the auditor decided to proceed with including the original recommendation in the engagement report. Which of the following is especially important in dealing with this type of situation?

  • A. Professional qualifications and certification in internal auditing.
  • B. Technical skills in the area under review.
  • C. Confidentiality and independence.
  • D. Soft skills in communication, negotiation, and collaboration.

正解:D


質問 # 60
Which of the following factors should be considered when determining the appropriate combination of manual techniques and computer-assisted audit techniques (CAATs) to be used during an audit?
1. Acceptance of CAATs findings by entity management.
2. Computer knowledge and expertise of the auditor.
3. Time constraints.
4. Level of audit risk.

  • A. 2 and 3 only
  • B. 2, 3, and 4
  • C. 1, 2, and 3
  • D. 1 and 4

正解:B


質問 # 61
An IT contractor applied for an internal audit position at a bank. The contractor worked for the bank's IT security manager two years ago. If the audit manager interviewed the contractor and wants to extend a job offer, which of the following actions should the chief audit executive pursue?

  • A. Allow the audit manager to hire the contractor, but state that the individual is not allowed to work on IT security audits for one year.
  • B. Allow the audit manager to hire the contractor and state that the individual is free to perform IT audits, including security.
  • C. Not allow the audit manager to hire the contractor and ask the individual to apply again in one year.
  • D. Not allow the audit manager to hire the contractor, as it would be a conflict of interest.

正解:B


質問 # 62
An organization is beginning to implement an enterprise risk management program. One of the first steps is to develop a common risk language. Which of the following statements about a common risk language is true?

  • A. Internal auditors will be able to reduce their sample sizes because controls will be more consistent.
  • B. Management will be able to reduce inherent risk because they will have a better understanding of risk.
  • C. Decision makers will understand that the likelihood of missing or ineffective controls will be reduced.
  • D. Stakeholders will have more assurance that the risks are assessed consistently.

正解:D


質問 # 63
According to IIA guidance, which of the following should be formally documented in the internal audit charter?

  • A. The budgeting process for the internal audit activity.
  • B. The internal audit activity's responsibility for the organization's governance framework.
  • C. The internal audit activity's responsibility for imposing risk management processes.
  • D. The nature of consulting services provided by the internal audit activity.

正解:D


質問 # 64
According to the International Professional Practices Framework, which of the following are allowable activities for an internal auditor?
1. Advocating the establishment of a risk management function.
2. Identifying and evaluating significant risk exposures during audit engagements.
3. Developing a risk response for the organization if there is no chief risk officer.
4. Benchmarking risk management activities with other organizations.
5. Documenting risk mitigation strategies and techniques.

  • A. 4 and 5 only.
  • B. 1.2. 4. and 5 only.
  • C. 1.2, and 3 only.
  • D. 2. 3. 4. and 5 only.

正解:B


質問 # 65
According to The IIA's Code of Ethics, which of the following is true?

  • A. Confidentiality requires that auditors disclose all material facts known to them.
  • B. Integrity requires that auditors perform internal audit services in accordance with the Standards.
  • C. Objectivity requires that auditors perform their work with honesty, diligence, and responsibility.
  • D. Confidentiality requires that auditors be prudent in the use and protection of client information.

正解:D


質問 # 66
Which of the following is a requirement for an assurance engagement that may not be for a consulting engagement?

  • A. The internal audit activity must ensure management actions have been implemented effectively or risk accepted.
  • B. Auditors cannot participate in an assurance engagement of a function for which they previously performed a consulting engagement.
  • C. The scope and objective of the engagement is agreed upon based on the engagement client's needs.
  • D. The internal audit activity has to ensure team members' objectivity is not impaired.

正解:B


質問 # 67
Which of the following is an example of a risk avoidance strategy?

  • A. Limiting access to an organization's data center.
  • B. Outsourcing a high-risk activity.
  • C. Selling a nonstrategic business unit.
  • D. Hedging against exchange rate variations.

正解:C


質問 # 68
Which of the following is a valid statement about the use of visual observations during an audit engagement?
1. Visual observations can be used to detect ineffective controls, idle resources, and safety hazards.
2. Visual observations can be used during both preliminary survey and fieldwork stages of the audit engagement.
3. Visual observations can provide unsubstantiated facts to management if the internal auditor believes the information is useful.
4. Visual observations can assist an auditor in determining if a material observation should be communicated through informal means to the organization's senior management.

  • A. 2 and 3 only
  • B. 3 and 4 only
  • C. 1 and 2 only
  • D. 1 and 4 only

正解:C


質問 # 69
According to IIA guidance, which of the following statements is true?

  • A. IT risks and related controls are operational and best identified using a bottom-up approach.
  • B. Control process risks are found at multiple layers of the IT environment.
  • C. The overall focus of the framework is on significant controls in all critical IT applications.
  • D. Risks in IT processes are best mitigated by individual controls.

正解:B


質問 # 70
Given the highly technical and legal nature of privacy issues, which of the following statements best describes the internal audit activity's responsibility with regard to assessing an organization's privacy framework?

  • A. Because the audit committee is ultimately responsible for ensuring that appropriate control processes are in place to mitigate risks associated with personal information, the internal audit activity is C. required to conduct privacy assessments.
  • B. If an organization does not have a mature privacy framework, the internal audit activity should assist in developing and implementing an appropriate privacy framework.
  • C. The internal audit activity should have appropriate knowledge and competence to conduct an asses .......framework.
  • D. The internal audit activity may delegate to nonaudit IT specialists the responsibility of determining whether personal information has been secured adequately and data protection controls are sufficient.

正解:C


質問 # 71
According to IIA guidance, which of the following statements describes one of the similarities between assurance and consulting services?

  • A. Internal auditors must not provide assurance or consulting services for an activity for which they had responsibility within the previous year.
  • B. Internal auditors determine the engagement objectives, scope, and work program for both assurance and consulting services.
  • C. Both assurance and consulting services generally involve the internal auditor, the area under review, senior management, and the board.
  • D. When planning assurance and consulting engagements, internal auditors must consider the strategies and objectives of the activity being reviewed.

正解:D


質問 # 72
According to IIA guidance, which of the following must the internal auditor consider to meet the requirements for due professional care?

  • A. The training courses necessary to enhance the internal auditor's knowledge, skills, and other competencies.
  • B. The use of innovative technology and data analysis techniques.
  • C. The appropriateness of assurance procedures necessary to ensure all significant risks will be identified.
  • D. The extent of work needed to achieve the engagement's objectives.

正解:D


質問 # 73
What type of risk management strategy is being employed when an organization installs two firewalls to provide protection from unauthorized access to the network?

  • A. Diversifying the risk that network access will not be available to legitimate, authorized users.
  • B. Avoiding the risk of having a direct network connection to un-trusted networks.
  • C. Accepting the risk that there may be attempts at unauthorized access to the network.
  • D. Sharing the risk that either firewall could be compromised by hackers.

正解:A


質問 # 74
Which of the following activities best reflects the scope and status of the internal audit activity as defined in the internal audit policy statement?

  • A. The internal auditor reviews the physical access to merchandise during an inventory count.
  • B. The audit manager refrains from assigning an auditor who was a former payroll clerk to conduct a payroll audit.
  • C. The audit manager conducts an internal quality assessment of the internal audit activity's adherence to the Standards.
  • D. The board approves the annual performance evaluation of the chief audit executive.

正解:A


質問 # 75
A new director was hired to lead the internal audit activity at a small start-up company. Which of the following assignments would impair the director's independence?

  • A. Preparing the financial statements for the company's defined contribution plan.
  • B. Performing a pre-implementation review of the company's payroll application.
  • C. Reviewing the company's policy for foreign currency translation adjustments for compliance with accounting standards.
  • D. Providing the COBIT framework as a possible IT management tool.

正解:A


質問 # 76
A government agency maintains a system of internal control, according to the COSO model, and has made a change to its employee performance reviews and rewards program. This change relates to which of the following components of COSO's internal control framework?

  • A. Monitoring activities.
  • B. Information and communication.
  • C. Control activities.
  • D. Control environment.

正解:D


質問 # 77
Which of the following would be the most appropriate first step for the board to take when developing an effective system of governance?

  • A. Delegate authority to members of senior management.
  • B. Establish a governance committee.
  • C. Determine the organization's overall risk appetite.
  • D. Identify key stakeholders and their expectations.

正解:D


質問 # 78
According to the IIA guidance, who is responsible for periodically assessing the internal audit activity?

  • A. The external auditors.
  • B. The board.
  • C. Senior management.
  • D. The chief audit executive.

正解:D


質問 # 79
With regard To IT governance, which of the following is the most effective and appropriate role for the internal audit activity?

  • A. Assess whether governance activities are aligned with the organization's risk appetite and take into consideration emerging risks.
  • B. Assist management in interpreting complex IT-related privacy and security risk exposures and evaluating potential mitigation strategies.
  • C. Independently evaluate the skills and experience of potential chief information officer candidates to assess the best fit based on the organization's risk appetite.
  • D. Evaluate the organization's governance standards and assess IT-related activities to identify gaps and develop policies, ensuring alignment with the organization's risk appetite.

正解:A


質問 # 80
......

IIA IIA-CRMAリアルな2025年最新の知能問題集模擬試験問題集:https://jp.fast2test.com/IIA-CRMA-premium-file.html

IIA IIA-CRMAリアルな問題と100%カバーリアルな試験問題:https://drive.google.com/open?id=15gAkLA5O44pTmie_69MtDO5HvgbQa2zr


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어