IIA-CRMA-ADV IIA Certification in Risk Management Assurance exact Exam Questions

Certification in Risk Management Assurance

Last Update 19 hours ago Total Questions : 283

The Certification in Risk Management Assurance content is now fully updated, with all current exam questions added 19 hours ago. Deciding to include IIA-CRMA-ADV practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our IIA-CRMA-ADV exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these IIA-CRMA-ADV sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any Certification in Risk Management Assurance practice test comfortably within the allotted time.

Question # 31

A medical insurance provider uses an electronic claims-submission process and suspects that a number of physicians have submitted claims for treatments that were not performed. Which of the following control procedures would be most effective to detect this type of fraud?

Require the physician to submit a signed statement attesting that the treatments had been performed.

Send confirmations to the physicians, requesting them to verify the exact nature of the claims submitted to the insurance provider.

Develop an integrated test facility and submit false claims to verify that the system is detecting such claims on a consistent basis.

Use computer software to identify abnormal claims based on the insured's age and medical history.

Question # 32

Which of the following best describes the details that must be included in the quality assurance and improvement program (QAIP) report to senior management and the board?

The scope and frequency of internal and external assessments as well as the qualifications and independence of the assessor.

The scope and cost of the QAIP. frequency of internal and external assessments, and conclusions of the assessor.

The scope, findings, risks, recommendations, and agreed-upon improvement actions.

The number and types of people involved in the assessment, costs, and duration of the QAIP

Question # 33

According to IIA guidance, which of the following statements is true?

Risks in IT processes are best mitigated by individual controls.

The overall focus of the framework is on significant controls in all critical IT applications.

IT risks and related controls are operational and best identified using a bottom-up approach.

Control process risks are found at multiple layers of the IT environment.

Question # 34

A chief audit executive (CAE) learns that the brother-in-law of a senior auditor who audits the procurement process was hired as the head of the procurement department six months prior. Which of the following is the most appropriate action for the CAE to take?

The CAE should not interfere because there is no evidence that a conflict of interest has occurred.

The CAE should remind the senior auditor of his obligation to be objective and impartial.

The CAE should change the senior auditor's assignment and take corrective action for the auditor's failure to disclose the conflict of interest.

The CAE should require the senior auditor to disclose the relationship in writing before continuing his responsibility for monitoring procurement.

Question # 35

Which of the following would provide the best evidence of errors in the quantities of items received from suppliers?

Suppliers' reports of over shipments.

Warehouse receiving logs.

Purchase requisitions and purchase orders.

Observation and inspection of inventory.

Question # 36

Which of the following does not need to be defined in the internal audit charter?

The audit engagements to be performed during the upcoming year.

The internal audit activity's position within the organization.

The scope of internal audit activities.

Management and the board of directors' agreement regarding the roles and responsibilities of the internal audit activity.

Question # 37

An organization's chief audit executive (CAE) determines that the internal audit staff does not have the requisite skills to conduct an audit of the financial derivatives area. Which of the following would be the best course of action for the CAE to follow?

Outsource the audit engagement to a qualified external auditing firm without burdening the audit committee with the decision.

Determine the requisite knowledge needed, and obtain the proper training for auditors, even if the training will significantly push back the project's timeframe as outlined by the audit committee.

Notify the audit committee of the problem, and assign the most competent auditors on staff to perform the audit engagement.

Employ the skills of a financial derivatives expert to consult on the project, and supplement the consulting with a local seminar on financial derivatives.

Question # 38

Which of the following is an example of a transaction-level control?

Human resource policies.

Tone at the top.

Reconciliations of primary accounts.

Inventory counts.

Question # 39

An organization has implemented a new automated payroll system that contains a table of pay rates that are matched to employee job classifications. Which control should an internal auditor suggest in order to ensure that the table is updated correctly, and is used only for valid pay changes?

Restrict data-table access from management and line supervisors who have the authority to determine pay rates.

Require a supervisor in the department, who has the ability to change the table, to compare the changes to a signed management authorization.

Ensure that adequate edit and reasonableness checks are built into the automated system.

Require a manager, who is independent of the system and who cannot change the table, to authorize and sign-off on any employee pay changes.