Examice

Exam IIA-CIA-Part2 All QuestionsBrowse all questions from this exam

Question 215

Which of the following is an appropriate responsibility for the internal audit activity with regard to the organization's risk management program?

Identifying and managing risks in line with the entity's risk appetite.

Ensuring that a proper and effective risk management process exists.

Attaining an adequate understanding of the entity's key mitigation strategies.

Identifying and ensuring that appropriate controls exist to mitigate risks.

Correct Answer: B

The appropriate responsibility for the internal audit activity with regard to the organization's risk management program is to ensure that a proper and effective risk management process exists. Internal auditors are tasked with evaluating the effectiveness of risk management processes, not with identifying and managing risks or ensuring controls directly. They are there to review and ensure that the processes themselves are robust and functioning as intended.

Discussion

ZoeLeeOption: B

Standard 2120 – RISK MANAGEMENT "The internal audit activity must evaluate the effectiveness and contribute to the improvement of risk management processes." IIA must evaluate... Not ensuring ... exist

KonradKOption: B

Why not B??

crow913Option: D

D?? why?

LeHso

Management ensure availability of controls, not auditors