Certified Internal Auditor (CIA) Part 3: Business Knowledge for Internal Auditing — Question 174

Which of the following are typical audit considerations for a review of authentication?
1. Authentication policies and evaluation of controls transactions.
2. Management of passwords, independent reconciliation, and audit trail.
3. Control self-assessment tools used by management.
4. Independent verification of data integrity and accuracy.

Answer options

• A. 1, 2, and 3
• B. 1, 2, and 4
• C. 1, 3, and 4
• D. 2, 3, and 4

Correct answer: A

Explanation

The correct answer is A because items 1, 2, and 3 all relate directly to authentication policies and their controls. Option B includes independent verification from option 4, which is less relevant to authentication specifically. Options C and D include items that do not focus as closely on authentication processes as required.