Certified Internal Auditor (CIA) Part 1: Business Acumen — Question 231

According to IIA guidance, which of the following activities would typically be examined when using the maturity model approach for assessing an organization’s risk management program?

Answer options

• A. Monitor and review.
• B. Performance measurement.
• C. Setting the context.
• D. Communication.

Correct answer: B

Explanation

The correct answer is B, as performance measurement is a critical aspect of evaluating the effectiveness of a risk management program. The other options, while important, do not directly pertain to the measurement of performance in the context of the maturity model approach.