A chief audit executive (CAE) was asked to participate in the selection of an external auditor. Which of the following would not be a typical responsibility for the CAE?
An organization is considering the outsourcing of its business processes related to payroll and information technology functions. Which of the following is the most significant area of concern for management regarding this proposed agreement?
Senior management has decided to implement the Three Lines of Defense model for risk management. Which of the following best describes senior management's duties with regard to this model?
Which mindset promotes the most comprehensive risk management strategy?
Within an enterprise, IT governance relates to the:
1) Alignment between the enterprise's IT long term plan and the organization's objectives.
2) Organizational structures of the company that are designed to ensure that IT supports the organization's strategies and objectives.
3) Operational plans established to support the IT strategies and objectives.
4) Role of the company's leadership in ensuring IT supports the organization's strategies and objectives.
In order to provide useful information for an organization's risk management decisions, which of the following factors is least important to assess?