Exam IIA-CIA-Part3 All QuestionsBrowse all questions from this exam
Go to Exam
Question 29

Which of the following statements accurately describes the responsibility of the internal audit activity (IAA) regarding IT governance?

1. The IAA does not have any responsibility because IT governance is the responsibility of the board and senior management of the organization.

2. The IAA must assess whether the IT governance of the organization supports the organizations strategies and objectives.

3. The IAA may assess whether the IT governance of the organization supports the organizations strategies and objectives.

4. The IAA may accept requests from management to perform advisory services regarding how the IT governance of the organization supports the organizations strategies and objectives.

    Correct Answer: C

    The internal audit activity (IAA) has a responsibility to assess whether the IT governance of the organization supports the organization's strategies and objectives. Additionally, the IAA can provide advisory services upon request from management. Thus, statement 2 is mandatory and statement 4 is conditional, making option C (2 and 4) the correct choice.

Discussion
jicabratmeOption: C

#2 is "must", #3 is "may"

5016636409

what is difference between #2 and #3? :)