Valid IIA-CIA-Part3 Dumps shared by EduDump.com for Helping Passing IIA-CIA-Part3 Exam! EduDump.com now offer the newest IIA-CIA-Part3 exam dumps, the EduDump.com IIA-CIA-Part3 exam questions have been updated and answers have been corrected get the newest EduDump.com IIA-CIA-Part3 dumps with Test Engine here:
The board is considering outsourcing the internal audit function to an external service provider. Which of the following would always remain the responsibility of the organization?
Correct Answer: D
Even if the internal audit activity is outsourced, the organization's senior management and the board retain overall responsibility for governance, risk management, and control processes. Specifically, management must ensure that an annual risk assessment is performed to identify and prioritize organizational risks. This forms the basis of the internal audit plan. While the external service provider may assist in planning and execution, the assessment of risks to the organization cannot be delegated away because accountability for risk management remains with the organization itself. Activities such as quality assurance programs or audit scope discussions can be supported or executed by the service provider, but responsibility for risk assessment is always with management and the board. Reference: IIA Standards - Standard 2070: External Service Provider and Organizational Responsibility for Internal Auditing.