• Home
  • Articles
  • [Nov 29, 2021] Pass CRMA Certification IIA-CRMA Exam With 285 Questions [Q135-Q157]

[Nov 29, 2021] Pass CRMA Certification IIA-CRMA Exam With 285 Questions [Q135-Q157]

Share

[Nov 29, 2021] Pass CRMA Certification IIA-CRMA Exam With  285 Questions

Ultimate Guide to Prepare Free IIA IIA-CRMA Exam Questions & Answer


IIA IIA-CRMA Exam Syllabus Topics:

TopicDetails
Topic 1
  • Setting objectives at all levels to achieve strategic initiatives
  • Review the management of key risks
Topic 2
  • Develop risk management strategy for board approval
  • Management's philosophy and operating style
Topic 3
  • Monitoring risk mitigation plans and emerging risks
  • Role, authority, responsibility, etc., for risk management
Topic 4
  • Periodic review of risk management processes to aid in continuous improvement
  • Objectives of risk management processes
Topic 5
  • Advocate for the establishment of risk management
  • Risk capacity, appetite, and tolerance of organization
Topic 6
  • Developing and implementing risk mitigation plans
  • Integrity, ethical values, and other soft controls
Topic 7
  • Coordinate risk management activities
  • Risk analysis and evaluation including correlation, inter dependencies, and prioritization
Topic 8
  • Facilitate identification and evaluation of risks
  • Management of third party business relationships
Topic 9
  • Coach management in responding to risks
  • Needs and expectations of key internal stakeholders
Topic 10
  • Maintain and develop the risk management framework
  • Documentation of governance-related decision-making

 

NEW QUESTION 135
An internal auditor wants to sample data to test an audit theory in a cost-effective way. Which of the following sampling strategies should she use?

  • A. A combination of both statistical and nonstatistical sampling.
  • B. Statistical sampling only
  • C. Nonstatistical sampling only
  • D. Neither approach to testing the audit theory would be cost effective.

Answer: C

 

NEW QUESTION 136
An IT contractor applied for an internal audit position at a bank. The contractor worked for the bank's IT security manager two years ago. If the audit manager interviewed the contractor and wants to extend a job offer, which of the following actions should the chief audit executive pursue?

  • A. Allow the audit manager to hire the contractor and state that the individual is free to perform IT audits, including security.
  • B. Allow the audit manager to hire the contractor, but state that the individual is not allowed to work on IT security audits for one year.
  • C. Not allow the audit manager to hire the contractor and ask the individual to apply again in one year.
  • D. Not allow the audit manager to hire the contractor, as it would be a conflict of interest.

Answer: A

 

NEW QUESTION 137
Which of the following would be the most appropriate first step for the board to take when developing an effective system of governance?

  • A. Identify key stakeholders and their expectations.
  • B. Establish a governance committee.
  • C. Delegate authority to members of senior management.
  • D. Determine the organization's overall risk appetite.

Answer: A

 

NEW QUESTION 138
With regard To IT governance, which of the following is the most effective and appropriate role for the internal audit activity?

  • A. Assist management in interpreting complex IT-related privacy and security risk exposures and evaluating potential mitigation strategies.
  • B. Evaluate the organization's governance standards and assess IT-related activities to identify gaps and develop policies, ensuring alignment with the organization's risk appetite.
  • C. Assess whether governance activities are aligned with the organization's risk appetite and take into consideration emerging risks.
  • D. Independently evaluate the skills and experience of potential chief information officer candidates to assess the best fit based on the organization's risk appetite.

Answer: C

 

NEW QUESTION 139
Which of the following are components of the ISO 31000 risk management process?
1. Setting the context.
2. Risk treatment.
3. Risk avoidance.
4. Communication.

  • A. 1 and 2 only.
  • B. 2 and 3.
  • C. 1,2, and 4.
  • D. 3 and 4.

Answer: A

 

NEW QUESTION 140
According to the COSO enterprise risk management framework, which of the following best describes the activity that helps ensure risk responses are carried out effectively?

  • A. Information and communication.
  • B. Event identification.
  • C. Control activities.
  • D. Objective setting.

Answer: C

 

NEW QUESTION 141
In which of the following functions would fraud be most likely to occur?

  • A. Maintaining custody of inventory records.
  • B. Preparing customer statements.
  • C. Collecting payments on accounts.
  • D. Approving changes to employee records.

Answer: C

 

NEW QUESTION 142
To fill a critical vacancy, an internal auditor is assigned temporarily to a nonaudit role in the purchasing department, where she worked previously before joining the internal audit activity. According to IIA guidance, which of the following statements is true regarding these circumstances?

  • A. The auditor should obtain the CAE's approval as to the nature and scope of the duties she is permitted to perform during her temporary assignment.
  • B. Any work performed by the auditor during her temporary assignment must conform to the internal audit charter.
  • C. The CAE may conduct audits in the purchasing department during the auditor's temporary assignment.
  • D. The chief audit executive (CAE) should review all work performed by the auditor during her temporary assignment to ensure no impairments.

Answer: A

 

NEW QUESTION 143
Management has asked the chief audit executive (CAE) to provide assurance on the organization's automated control system related to financial data. The current audit staff does not have the expertise needed to conduct this type of engagement. Which of the following would be the best response by the CAE?

  • A. Accept the assignment if the engagement is included in the current audit plan, but inform senior management that the current audit staff does not have the knowledge and skills required.
  • B. Do not accept the assignment because the internal audit activity lacks the competency to perform the engagement with due professional care.
  • C. Accept the assignment and use an external provider with the necessary knowledge and skills to perform the engagement.
  • D. Accept the assignment and use control self-assessment to complete the project.

Answer: C

 

NEW QUESTION 144
Which of the following would not be a red flag for fraud?

  • A. Several recent, large expenditures to a new vendor have not been documented.
  • B. A weak control environment has been accepted by management to encourage creativity.
  • C. A manager has bragged about multiple extravagant vacations taken within the last year, which are excessive relative to the manager's salary.
  • D. New employees occasionally fail to meet established project deadlines due to staffing shortages.

Answer: D

 

NEW QUESTION 145
Which of the following statements accurately describes an internal auditor's responsibility with regard to due professional care?

  • A. An internal auditor's opinion should be based on factual evidence.
  • B. An internal auditor's opinion should be limited to the effectiveness of internal controls.
  • C. An internal auditor should express an opinion only when consensus with top management has been achieved.
  • D. An internal auditor's opinion should be based on experience and free of all bias.

Answer: A

 

NEW QUESTION 146
According to The MA Global Internal Audit Competency Framework, which of the following areas of training would best assist the internal audit activity in improving its use of tools and techniques?

  • A. Project management.
  • B. Financial accounting.
  • C. Negotiation and conflict resolution.
  • D. Ethics and fraud.

Answer: A

 

NEW QUESTION 147
A government agency's policy states that board members' travel and hospitality expenses must be audited annually. Which of following people or groups is most appropriate to perform this audit?

  • A. The agency's chief compliance officer.
  • B. The external auditors from an accounting firm.
  • C. The government's independent auditor.
  • D. The internal audit activity.

Answer: C

 

NEW QUESTION 148
An internal auditor is using a spreadsheet application to review a cash flow forecast prepared by management.
Which of the following correctly identifies the type of evidence this information represents?

  • A. Competent, corroborative evidence of future working capital requirements.
  • B. Sufficient, circumstantial evidence of the future solvency of the organization.
  • C. Sufficient, analytical evidence of the cash flow position at a given point of time in the future.
  • D. Competent, documentary evidence of future cash flow changes within the organization.

Answer: D

 

NEW QUESTION 149
Which of the following is the most common method of fraud detection?

  • A. Analytical reviews of high-risk areas.
  • B. Unannounced audits or reviews of programs or departments.
  • C. Detective controls built into the daily processes.
  • D. Tips received from employees or citizens.

Answer: D

 

NEW QUESTION 150
Which of the following would provide the best guidance to a chief audit executive who is setting internal audit staff requirements?

  • A. Results from discussions of audit needs with executive management and the audit committee.
  • B. A review of audit staff education and training records.
  • C. The results of the audit staff's most recent performance reviews.
  • D. Information about the audit staff size and composition of comparable organizations.

Answer: A

 

NEW QUESTION 151
Which of the following factors should be considered when determining the appropriate combination of manual techniques and computer-assisted audit techniques (CAATs) to be used during an audit?
1. Acceptance of CAATs findings by entity management.
2. Computer knowledge and expertise of the auditor.
3. Time constraints.
4. Level of audit risk.

  • A. 1 and 4
  • B. 2 and 3 only
  • C. 1, 2, and 3
  • D. 2, 3, and 4

Answer: D

 

NEW QUESTION 152
Which of the following factors have the greatest influence on the independence of the internal audit activity?

  • A. Quality assessments and cultural biases of the internal audit activity.
  • B. Organizational positioning and scope control of the internal audit activity.
  • C. Employee incentives and self review of the internal audit activity.
  • D. Rotational assignments and familiarity of the internal audit activity.

Answer: B

 

NEW QUESTION 153
A multinational organization has asked the internal audit activity to assist in setting up the organization's risk management system. The chief audit executive (CAE) agrees to take on the engagement as a consultant.
Which of the following tasks is appropriate for the CAE to undertake?

  • A. Set risk indicators and mitigation plans for management to implement.
  • B. Determine the number of significant risks for management to report to the board.
  • C. Coordinate and facilitate risk workshops for management to attend.
  • D. Establish the degree of risk appetite for management to accept.

Answer: B

 

NEW QUESTION 154
Which of the following is a requirement for an assurance engagement that may not be for a consulting engagement?

  • A. Auditors cannot participate in an assurance engagement of a function for which they previously performed a consulting engagement.
  • B. The scope and objective of the engagement is agreed upon based on the engagement client's needs.
  • C. The internal audit activity has to ensure team members' objectivity is not impaired.
  • D. The internal audit activity must ensure management actions have been implemented effectively or risk accepted.

Answer: A

 

NEW QUESTION 155
Internal auditors must exercise due professional care by considering which of the following?
1. Cost of assurance in relation to potential benefits.
2. Adequacy and effectiveness of governance, risk management, and control processes.
3. Management's competency level in the area being evaluated.
4. Probability of significant errors, fraud, or noncompliance.

  • A. 1, 2, and 4 only
  • B. 2, 3, and 4 only
  • C. 1, 2, and 3 only
  • D. 1 and 2 only

Answer: A

 

NEW QUESTION 156
An internal auditor completed an audit of a bank's loan department and found all significant risks to be managed adequately through effective internal controls. Which of the following would be an appropriate conclusion to report to management?

  • A. The residual risk is higher than or equal to the risk appetite.
  • B. The inherent risk is higher than or equal to the risk tolerance.
  • C. The residual risk is lower than or equal to the risk appetite.
  • D. The inherent risk is lower than or equal to the risk tolerance.

Answer: C

 

NEW QUESTION 157
......

Certification in Risk Management Assurance (CRMA) Exam Practice Tests 2021 | Pass IIA-CRMA with confidence!: https://drive.google.com/open?id=1lPmvItxY61LAqS-JYITDZhie2bxTfvNu

Pass IIA-CRMA Tests Engine pdf - All Free Dumps: https://www.testsdumps.com/IIA-CRMA_real-exam-dumps.html

Related Articles

more
IIA IIA-CRMA Certification Practice Exam

TestsDumps is an experienced and credible website offering you the latest test questions and professional study materials which help you pass the IT test exam with higher hit-rate.

Latest Test Dump

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 TestsDumps NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy

Disclaimers:
TestsDumps material do not contain actual Business Architecture Guild Exam Questions or materials.
SAP, Microsoft, Google, Amazon, Certiport, Qualtrics are Registered Trade Mark.
TestsDumps website is not related to, affiliated with, endorsed or authorized by Amazon. Trademarks, certification & product names are used for reference only and belong to Amazon.
TestsDumps offers only Probable Questions and Answers. TestsDumps offer learning materials and practice tests created by subject matter experts to assist and help learner prepare for those exams.
All Certification Brands used on the website are owned by the respective brand owners. TestsDumps does not own or claim any ownership on any of the brands. The site www.testsdumps.com is in no way affiliated with SAP SE.