A healthcare organization's chief audit executive (CAE) noted that the organization's IT team relies heavily...

IIA IIA-CIA-Part2 Question Answer

A healthcare organization's chief audit executive (CAE) noted that the organization's IT team relies heavily on a vendor. Therefore an IT vendor assessment review was added to the annual audit plan. During the review, the audit team discovered that the vendor had not been performing proper monitoring to ensure that the subcontractors it hired comply with the organization requirements. The organization's chief information officer (ClO) does not agree with the audit team's recommendation for the IT team to monitor the compliance level of vendor subcontractors. How should the audit team proceed to resolve this situation?

Write a risk acceptance memo for the CIO to sign acknowledging the observation and indicating a willingness to accept the risk.

Provide an example of the attestation form that vendors must use. Then, recommend that the IT team require vendors to submit the attestation form on a regular basis.

Escalate the issue to the audit committee, as the CIO is unwilling to implement the recommended action plan.

Escalate the issue to the CAE to assess whether the ClO's reasoning is acceptable.

IIA IIA-CIA-Part2 View All Questions

IIA IIA-CIA-Part2 Summary

Vendor: IIA
Product: IIA-CIA-Part2
Update on: Jul 25, 2025
Questions: 495

Price: $52.5 ~~$149.99~~

Buy Now IIA-CIA-Part2 PDF + Testing Engine Pack

According to IIA guidance, which of the following strategies would add the least value to...

According to IIA guidance, which of the following is true regarding audit supervision?

Weekend Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmasmnth

A healthcare organization's chief audit executive (CAE) noted that the organization's IT team relies heavily...

The Answer Is:

Explanation:

IIA IIA-CIA-Part2 Summary

Payments We Accept

Contact Us