Weekend Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: pass65

IIA-CIA-Part2 Practice of Internal Auditing Questions and Answers

Questions 4

According to IIA guidance which of the following best describes reliable information?

Options:

A.

Reliable information is factual adequate, and convincing so that a prudent informed person would reach the same conclusions as the internal auditor

B.

Reliable information is the best attainable information through the use of appropriate engagement techniques

C.

Reliable information supports engagement observations and recommendations and is consistent with the objectives for the engagement

D.

Reliable information helps the organization and the internal audit activity meet its goals

Buy Now
Questions 5

Which of the following is a primary reason for an internal auditor to use a risk and control questionnaire when auditing financial processes?

Options:

A.

To gam an understanding of the control environment

B.

To collect as much financial data as possible before engagement fieldwork begins.

C.

To test the effectiveness of financial controls in an efficient and relatively inexpensive way

D.

To facilitate the quantification of financial data obtained

Buy Now
Questions 6

A corporate merger decision prompts the chief audit executive (CAE) lo propose interim changes to the existing annual audit plan to account for emerging risks Which of the following is the most appropriate action for the CAE to take regarding the changes made to the audit plan''

Options:

A.

Present the revised audit plan directly to the board for approval.

B.

Communicate with the chief financial officer and present the revised audit plan to the CEO tor approval

C.

Present the revised audit plan directly to the CEO for approval

D.

Communicate with the CEO and present the revised audit plan to the board for approval.

Buy Now
Questions 7

Which of the following is an example of internal benchmarking?

Options:

A.

Book value per common share ratio is lower than that of the prior year.

B.

Staff turnover ratio is higher than the comparable organization in the same industry.

C.

Utilities expense of the sales unit is higher than that of the customer service unit.

D.

Sales are significantly higher than the industry’s average for five years.

Buy Now
Questions 8

While planning for an accounts payable audit an internal auditor performs an entity level controls analysis. Which of the following statements is true regarding me approach used by the auditor?

Options:

A.

It enables the auditor to identify the inherent risks to the effective operation of accounts payable process controls.

B.

It enables the auditor to understand the framework of the activities and associated accounts payable subprocesses

C.

it enables the auditor to understand the accounts payable process and its flow, including key steps and systems.

D.

It enables the auditor to categorize the population of transactions within the accounts payable process

Buy Now
Questions 9

An internal auditor is conducting an assessment of the purchasing department. She has worked the full amount of hours budgeted for the engagement; however, the audit objectives are not yet complete. According to IIA guidance, which of the following are appropriate options available to the chief audit executive?

1. Allow the auditor to decide whether to extend the audit engagement.

2. Determine whether the work already completed is sufficient to conclude the engagement.

3. Provide the auditor feedback on areas of improvement for future engagements.

4. Provide the auditor with instructions and directions to complete the audit.

Options:

A.

1, 2, and 3

B.

1, 2, and 4

C.

1, 3, and 4

D.

2, 3, and 4

Buy Now
Questions 10

A large investment organization hired a chief risk officer (CRO) to be responsible for the organization's risk management processes. Which of the following people should prioritize risks to be used for the audit plan?

Options:

A.

Operational management, because they are responsible for the day-to-day management of the operational risks.

B.

The CRO, because he is responsible for coordinating and project managing risk activities based on his specialized skills and knowledge.

C.

The chief audit executive, although he is not accountable for risk management in the organization.

D.

The CEO, because he has ultimate responsibility for ensuring that risks are managed within the agreed tolerance limits set by the board.

Buy Now
Questions 11

An internal auditor is conducting an initial risk assessment of an audit area and wants to assess management's compliance with privacy laws for safeguarding customer information stored on the organization's servers. Which course of action is appropriate for this phase of the engagement?

Options:

A.

Solicit the services of a specialist information systems auditor

B.

Obtain the most current approved copies of the organization's privacy policy

C.

Consult with legal counsel about new privacy laws to establish appropriate criteria

D.

Consider the detection risk of noncompliance with the laws

Buy Now
Questions 12

Which of the following statements generally true regarding audit engagement planning?

Options:

A.

The best source tor detailed process information is senior management

B.

Audit objectives should be general and do not change.

C.

Computer-assisted audit techniques are typically not useful during engagement planning

D.

Internal auditors should prepare a dented audit program for testing controls

Buy Now
Questions 13

According to IIA guidance, which of the following activities are typically primary objectives of engagement supervision?

Options:

A.

Enable training and development of staff, identify engagement objectives, and assign responsibilities to individual auditors.

B.

Identify engagement objectives, assign responsibilities to individual auditors, and approve the engagement program.

C.

Assign responsibilities to individual auditors, approve the engagement program, and enable training and development of staff.

D.

Approve the engagement program, enable training and development of staff, and identify engagement objectives.

Buy Now
Questions 14

While conducting an information security audit, an internal auditor learns that the existing disaster recovery plan is four years old and untested. The auditor also learns that in the four years since the recovery plan was implemented, the information systems have undergone extensive changes. Which of the following actions is most appropriate for the auditor to take?

Options:

A.

Inform management and request that the plan be tested immediately.

B.

Update the recovery plan for management, as part of the review.

C.

Evaluate the recovery plan and report weaknesses to management.

D.

Recommend that management and users update and test the recovery plan.

Buy Now
Questions 15

An internal auditor completed a test of 30 randomly selected accounts. For five of the accounts selected, the auditor was unable to find supporting documentation in the normal place of storage. Which of the following next steps would be most appropriate for the internal auditor to take?

Options:

A.

Conclude that the test failed because at least 17 percent of the sample items were not supported.

B.

Select five new accounts to replace the ones that were missing supporting documentation.

C.

Expand the sample size to 60 to determine whether the error rate remains the same.

D.

Contact management to determine whether the supporting documentation can be located elsewhere.

Buy Now
Questions 16

In which of the following populations would the internal auditor most likely choose to use a stratified sampling approach?

Options:

A.

Inventory comprised of the same items stored in different warehouses

B.

Batches of materials that must be confirmed as meeting quality standards

C.

Revenue that is earned by an organization through cash receipts or as receivable.

D.

Tax reports submitted to meet the requirements of the local taxation authority

Buy Now
Questions 17

An internal auditor is preparing for an auditor of newly implemented software that is used by 3,000 employees in South America and Europe. What would be the best way for the auditor to gather relevant feedback?

Options:

A.

interview IT management in both regions

B.

Inspect regional user software training records

C.

Interview propel management and the vendor responsible for implementation

D.

Distribute surveys to software users in both regions

Buy Now
Questions 18

Which of the following reasonably represents best practices regarding what should be the level of internal audit resource investment in monitoring and following up on engagement outcomes?

Options:

A.

Limited resources should be employed since the actual engagement is already completed and the onus of corrective actions rests with management

B.

No resources should be exclusively deployed for that at all rather it should be planned as part of future engagements in the same area

C.

Resources should only be provided towards this if doing so does not result in depletion of resources for new engagements planned in the current period

D.

Resources should be allocated to this without conditions as long as doing so meets the expectations of management and the judgment of the chief audit executive.

Buy Now
Questions 19

Which of the following statements is true regarding internal control questionnaires?

Options:

A.

Internal control questionnaires are useful m evaluating the effectiveness of standard operating procedures

B.

internal control questionnaires provide reliable documents allowing internal auditors to cover many control procedures in little time

C.

Internal control questionnaires can be used by internal auditors as an interview guide

D.

Internal control questionnaires provide direct audit evidence which may need corroboration

Buy Now
Questions 20

After the team member who specialized in fraud investigations left the internal audit team, the chief audit executive decided to outsource fraud investigations to a third party service provider on an as needed basis. Which of the following is most likely to be a disadvantage of this outsourcing decision?

Options:

A.

Cost.

B.

Independence.

C.

Familiarity.

D.

Flexibility.

Buy Now
Questions 21

An internal auditor developed a list of internal and external risk considerations across the organization's processes, developed a scale to assess each risk and allocated the relative importance of each risk. When of the following approaches did the auditor take?

Options:

A.

Top-down approach

B.

Process-Metrix approach

C.

Risk-factor approach

D.

Bottom up approach

Buy Now
Questions 22

According to HA guidance, which of the following statements regarding audit workpapers is true?

Options:

A.

Audit reports should include the workpapers as a reference for the audit conclusions.

B.

The internal auditor's workpapers are the primary reference for reported control deficiencies.

C.

Ad-hoc communications with management of the area under review should be excluded from the workpapers.

D.

Both draft and final versions of workpapers should be saved at the end of the engagement

Buy Now
Questions 23

An audit client responded to recommendations from a recent consulting engagement. The client indicated that several recommended process improvements would not be implemented. Which of the following actions should the internal audit activity take in response?

Options:

A.

Escalate the unresolved issues to the board, because they could pose significant risk exposures to the organization.

B.

Confirm the decision with management and document this decision in the audit file.

C.

Document the issue in the audit file and follow up until the issues are resolved.

D.

Initiate an assurance engagement on the unresolved issues.

Buy Now
Questions 24

Which of the following analytical procedures should an internal auditor use to determine whether monthly expenses for the accounting department are reasonable?

Options:

A.

Review year-over-year trending of total dollars spent in each period.

B.

Review changes to the vendor master file for suspicious activity.

C.

Review the percentage of on-time payments against prior periods.

D.

Review total expenses for accounting against other department expenses in the organization.

Buy Now
Questions 25

An internal auditor was reviewing the procurement department's tender documentation for completeness He documented all discrepancies but the procurement manager disagreed with his findings Upon further review, the internal auditor noted that all discrepancies had been corrected in the tender database. Which of the following courses of action would have prevented this situation?

Options:

A.

The auditor should have ensured the preservation of audit evidence by taking screenshots or extracting tender documents

B.

The auditor should have extracted a list of logs and identified any actions that were executed in the database during the audit

C.

The auditor should have instructed procurement workers that changes to the database during the course of the audit were strictly forbidden

D.

The internal auditor should have created a more thorough work program, which would address audit criteria and potential causes in more detail

Buy Now
Questions 26

Which of the following behaviors could represent a significant ethical risk if exhibited by an organization's board?

1. Intervening during an audit involving ethical wrongdoing.

2. Discussing periodic reports of ethical breaches.

3. Authorizing an investigation of an unsafe product.

4. Negotiating a settlement of an employee claim for personal damages.

Options:

A.

1 and 2

B.

1 and 4

C.

2 and 3

D.

3 and 4

Buy Now
Questions 27

The head of customer service asked the chief audit executive (CAE) whether internal auditors could assist her staff with conducting a risk self-assessment in the customer service department The CAE promised to meet with customer service managers analyze relevant business processes and come up with a proposal Who is most likely to be the final approver of the engagement objectives and scope?

Options:

A.

Senior management of the organization

B.

The chief audit executive

C.

The head of customer service

D.

The board of directors

Buy Now
Questions 28

As part of internal audit's assistance with an annual external audit, the internal auditors are required to do a preliminary analytical review of an bank account balances. This involves verifying the current year end balances as web as comparing the current year end balances with previous year end balances to highlight significant changes. Which of the following is the most reliable source for verification of the current year end bank balances?

Options:

A.

Bank confirmations

B.

Internal bonk statements

C.

Bank reconciliations as of the end of the year

D.

Bank account general ledger balancer as of the end of the year

Buy Now
Questions 29

During an engagement in one of the subsidiaries of an organization, an internal auditor noted the following in the workpapers:

"As a subsidiary of a multinational organization in this particular country, the entity is required to register annually with the

respective ministry. However, the subsidiary did not submit the required documentation for registration during the prior year. Failure

to comply with internal and external regulations could lead to penalties or fines from the respective authorities. It is recommended

that the management of the subsidiary ensures compliance with the relevant legislation. As a recoverable action, management

should register the subsidiary in the current year as soon as possible."

What part of this narrative represents a condition of the observation made by auditors in the final report?

Options:

A.

" ... the subsidiary did not submit required documentation for registration in the prior year."

B.

" ... the entity is required to register annually with the respective ministry."

C.

" ... failure to comply with internal and external regulations might lead to penalties or fines from the respective authorities."

D.

" ... management should register the subsidiary in the current year as soon as possible."

Buy Now
Questions 30

Internal control questionnaires are used to achieve which of the following objectives?

Options:

A.

To ascertain the operating effectiveness of a procedure

B.

To verify the accuracy of Information in a report

C.

To assess the controls mitigating major risks

D.

To determine whether specified contra procedures are in place

Buy Now
Questions 31

Which of the following is the best option for the chief audit executive to consider for effective coordination of assurance coverage?

Options:

A.

Create an assurance map to illustrate each provider's level of assurance and planned activities for each area of the organization

B.

LIMIT© ricks inventory to identify the risks and controls in place and the relevant control owners.

C.

Rely on the risk and control and management testing information maintained for compliance with the regulatory framework

D.

Prepare a risk likelihood and impact heal map to prioritize assurance coverage coordination.

Buy Now
Questions 32

According to IIA guidance, which of the following is true when the internal audit activity is asked to investigate potential ethics violations in a foreign subsidiary?

Options:

A.

Communication of any internal ethics violations to external parties may occur with appropriate safeguards.

B.

Cultural impacts are less critical where the organization practices uniform polices around the globe.

C.

Cross-cultural differences should always be handled by the staff of the same cultural background.

D.

Local law enforcement should be involved as they are more familiar with the applicable local laws.

Buy Now
Questions 33

Which of the following methodologies consists of the internal auditor holding individual meetings with different people, asking them the same questions, and aggregating the results?

Options:

A.

Facilitated workshops.

B.

Surveys.

C.

Structured interviews.

D.

Elicitation.

Buy Now
Questions 34

An internal auditor recommended that an organization implement computerized controls in its sales system in order to prevent sales representatives from executing contracts in excess of their delegated authority levels A follow-up review found that the sales system had not been modified, but a process had been implemented to obtain written approval by the vice president of sales for all contracts in excess of S1 million The chief audit executive (CAE) would be justified in reporting this situation to the organization's board under which of the tollowing circumstances'?

1. In the opinion of the CAE the level of residual risk assumed by senior management is too high

2. Testing of compliance with the new process finds that all new contracts in excess of $1 million have been approved by the vice president of sales

3. The cost of modifying the sales system to include a preventive control is less than S100.000

Options:

A.

1 only

B.

3 only

C.

1 and 3 only

D.

1, 2, and3

Buy Now
Questions 35

Which type of engagement would be the most appropriate to assess the maturity and rigor of the organizationwide risk management process of a target entity that

management is considering acquiring?

Options:

A.

A due diligence engagement.

B.

An operational audit engagement.

C.

A feasibility study engagement.

D.

A risk and control self-assessment engagement.

Buy Now
Questions 36

Which of the following evaluation criteria would be the most useful to help the chief audit executive determine whether an external service provider possesses the knowledge, skills, and other competencies needed to perform a review?

Options:

A.

The financial interest the service provider may have in the organization.

B.

The relationship the service provider may have had with the organization or the activities being reviewed.

C.

Compensation or other incentives that may be applicable to the service provider.

D.

The service provider's experience in the type of work being considered.

Buy Now
Questions 37

When setting the scope for the identification and assessment of key risks and controls in a process, which of the following would be the least appropriate approach?

Options:

A.

Develop the scope of the audit based on a bottom-up perspective to ensure that all business objectives are considered.

B.

Develop the scope of the audit to include controls that are necessary to manage risk associated with a critical business objective.

C.

Specify that the auditors need to assess only key controls, but may include an assessment of non-key controls if there is value to the business in providing such assurance.

D.

Ensure the audit includes an assessment of manual and automated controls to determine whether business risks are effectively managed.

Buy Now
Questions 38

Considering the five-attribute approach to documenting deficiencies in an area under review which of the following answers the question. "What should be in place?’’

Options:

A.

Action plan

B.

Recommendation

C.

Condition

D.

Criteria

Buy Now
Questions 39

During an audit of the human resources department, an internal auditor adopts benchmarking to test the employee turnover rate. How should the internal auditor apply this technique?

Options:

A.

Compare turnover m the organization to published turnover rates of peer organizations.

B.

Compare turnover in one period with turnover in the previous period in the organization

C.

Compare turnover in the period to total employees in the organization

D.

Compare turnover with the auditor's general knowledge of the organization

Buy Now
Questions 40

During the review of an organization's retail fraud deterrence program, an employee mentions that an expensive fraud surveillance information system is rarely used. The internal auditor concludes that additional staff are required to properly utilize the system to its full potential. According to IIA guidance, which criteria for evidence is most lacking to reach this conclusion?

Options:

A.

Sufficiency.

B.

Reliability.

C.

Relevancy.

D.

Usefulness.

Buy Now
Questions 41

An internal auditor plans to conduct a walk-through to evaluate the control design of a process. Which of the following techniques is the auditor most likely to use?

Options:

A.

Observation and inspection.

B.

Inquiry and observation.

C.

Inspection and reperformance.

D.

Inquiry and reperformance.

Buy Now
Questions 42

Which of the following would not be a typical activity for the chief audit executive to perform following an audit engagement?

Options:

A.

Report follow-up activities to senior management.

B.

Implement follow-up procedures to evaluate residual risk.

C.

Determine the costs of implementing the recommendations.

D.

Evaluate the extent of improvements.

Buy Now
Questions 43

Acceding to MA guidance, when of the Mowing strategies would like provide the most assurance to the chief audit executive (CAE) that the internal audit activity's recommendations are being acted upon?

Options:

A.

The CAF obtains a formal response from senior management regarding the corrective actions they plan to take w address the recommendations.

B.

The CAE develops a tracking system to monitor the stains of engagement recommendations reported to management for action

C.

The CAE communicates with impacted department managers to determine whether corrective actions have addressed engagement recommendations

D.

The CAE works with the engagement supervisor to monitor the recommendations issued to management for corrective action

Buy Now
Questions 44

An internal audit team was conducting an assurance engagement to review segregation of duties in the purchasing function. The internal auditors reviewed a sample of purchase orders from the past two year and discovered that 2 percent were signed by employees who were operating in a designated acting capacity due to employee absence. According to IIA guidance, which of the following attributes of information would most likely assist the auditor in deciding whether to report this finding?

Options:

A.

Sufficiency

B.

Reliability

C.

Relevance

D.

Usefulness

Buy Now
Questions 45

An internal auditor and engagement client are deadlocked over the auditor's differing opinion with management on the adequacy of access controls for a major system. Which of the following strategies would be the most helpful in resolving this dispute?

Options:

A.

Conduct a joint brainstorming session with management.

B.

Ask the chief audit executive to mediate.

C.

Disclose the client's differing opinion in the final report.

D.

Escalate the issue to senior management for a decision.

Buy Now
Questions 46

An internal audit manager is planning a contract compliance audit Which of the following should be done prior to developing the audit work program?

Options:

A.

Select a sample of invoices for substantive testing

B.

Review the contract for evidence of authorization

C.

Document underlying reasons for noncompliance

D.

Assess the inherent risk of paying duplicate invoices

Buy Now
Questions 47

During the preliminary survey of the procurement department, an internal auditor noted a major control weakness in the organization's ordering and receiving process. According to IIA guidance, which of the following is the most appropriate action the internal auditor should take?

Options:

A.

Issue a final report on the control weakness to senior management.

B.

Bring the control weakness to the attention of the process owner for resolution.

C.

Note the control weakness for discussion during the exit meeting.

D.

Carry out an investigation of the control weakness for disciplinary action.

Buy Now
Questions 48

Senior IT management requests the internal audit activity to perform an audit of a complex IT area. The chief audit executive (CAE) knows that the internal audit activity lacks the expertise to perform the engagement. Which of the following is the most appropriate action for the CAE to take?

Options:

A.

Decline the audit engagement, because the Standards prohibit internal auditors from performing engagements where they lack the necessary competencies.

B.

Accept the audit engagement and use the engagement as an opportunity to develop the audit team's IT expertise while performing the audit work.

C.

Temporarily hire an experienced and knowledgeable IT analyst from the organization's IT department to lead the audit.

D.

Outsource the audit engagement to a reputable IT audit consulting firm.

Buy Now
Questions 49

According to IIA guidance, when of the Mowing statements is true regarding an engagement supervisor's use of review notes?

Options:

A.

The engagement supervisor's review notes should be retained m the final documental or even after they are addressed.

B.

The engagement supervisor's review notes cannot be used as evidence of engagement supervision

C.

The engagement supervisor's review notes could be cleared from all final documentation after they are addressed

D.

The engagement supervisor's review notes must be maintained in a checklist separate from tie final documentation

Buy Now
Questions 50

Which of the following would present the most critical external risk to an organization?

Options:

A.

The organization experiences a merger, and the management team is reorganized and redistributed globally

B.

The organization launches a product into new global markets

C.

After minimal testing, the organization implements a new system to replace a legacy system

D.

Regulators announce broad legislative reforms applicable to the industry within which the organization operates

Buy Now
Questions 51

In which of the following ways can the internal audit activity new engagement opportunities?

Options:

A.

By defining activities by business processes.

B.

By looking external factors such as product complaints.

C.

By looking at activities by businesses cost centers.

D.

By defining activities by the organization chart.

Buy Now
Questions 52

Which of the following is one of the five attributes that internal auditors include when documenting a deficiency?

Options:

A.

The criteria used to make the evaluation

B.

The methodology used to analyze data

C.

The proposed follow-up engagement work to be performed

D.

The scope of work performed during the engagement

Buy Now
Questions 53

An internal auditor for a regional bank suspects that the head of commercial lending has been granting loans without the required collateral Which of the following sampling techniques will be most effective for investigating the auditor's suspicion?

Options:

A.

Variables sampling

B.

Dollar-unit sampling

C.

Judgmental sampling

D.

Discovery sampling

Buy Now
Questions 54

While reviewing the workpapers and draft report from an audit engagement, the chief audit executive (CAE) found that an important compensating control had not been considered adequately by the audit team when it reported a major control weakness. Therefore, the CAE returned the documentation to the auditor in charge for correction. Based on this information, which of the following sections of the workpapers most likely would require changes?

Effect of the control weakness.

Cause of the control weakness.

Conclusion on the control weakness.

Recommendation for the control weakness.

Options:

A.

1, 2, and 3.

B.

1, 2, and 4.

C.

1, 3, and 4.

D.

2, 3, and 4.

Buy Now
Questions 55

Upon the completion of an audit engagement an audit manager performs a review of a staff auditor's workpapers. Which of the following actions by the manager is the most appropriate this review''

Options:

A.

Communicate the workpaper review results to management of fie area under review to validate the final report

B.

Update the final report in the file with any necessary corrections based on the workpaper review.

C.

Discuss the workpaper review results with the staff auditor where appropriate as a leaning opportunity

D.

Add the manager's review notes to the final documentation following the review

Buy Now
Questions 56

A chief audit executive (CAE) received a detailed internal report of senior management's internal control assessment. Which of the following subsequent actions by the CAE would provide the greatest assurance over management's assertions?

Options:

A.

Assert whether the described and reported control processes and systems exist.

B.

Assess whether senior management adequately supports and promotes the internal control culture described in the report.

C.

Evaluate the completeness of the report and management's responses to identified deficiencies.

D.

Determine whether management's operating style and the philosophy described in the report reflect the effective functioning of internal controls.

Buy Now
Questions 57

An internal auditor discovered that equipment used to monitor air quality was not maintained according to the established maintenance schedule. If the issue is not addressed, the equipment may not provide accurate information on pollutant levels, which could result in regulatory sanctions and reputational damage. The auditor discussed the issue with both the manager in charge and the CEO, who explained that they understand the risk, but it has become too expensive to maintain the equipment as scheduled. In this situation, what should the chief audit executive do?

Options:

A.

Add value to the organization by taking initiative and implementing corrective actions to mitigate the identified risks.

B.

Communicate to the board the current situation, including the risk exposure to the organization.

C.

Discuss the matter with external auditors and request that they persuade management to address the issue.

D.

Contact the regulatory agency and inform them of the risk exposure.

Buy Now
Questions 58

An audit identified a number of weaknesses in the configuration of a critical client/server system. Although some of the weaknesses were corrected prior to the issuance of the audit report, correction of the rest will require between 6 and 18 months for completion. Consequently, management has developed a detailed action plan, with anticipated completion dates, for addressing the weaknesses. What is the most appropriate course of action for the chief audit executive to take?

Options:

A.

Assess the status of corrective action during a follow-up audit engagement after the action plan has been completed.

B.

Assess the effectiveness of corrections by reviewing statistics related to unplanned system outages, and denials of service.

C.

Reassign information systems auditors to assist in implementing management's action plan.

D.

Evaluate the ability of the action plan to correct the weaknesses and monitor key dates and deliverables.

Buy Now
Questions 59

Which of the following recommendation types is most likely to propose the most long-term solutions?

Options:

A.

Condition-based recommendations

B.

Cause-based recommendations

C.

Effect-based recommendations

D.

Root cause-based recommendations

Buy Now
Questions 60

According to IIA guidance, which of the following individuals should receive the final audit report on a compliance engagement for the organization's cash disbursements process?

Options:

A.

The accounts payable supervisor, accounts payable manager, and controller.

B.

The accounts payable manager, purchasing manager, and receiving manager.

C.

The accounts payable supervisor, controller, and treasurer.

D.

The accounts payable manager, chief financial officer, and audit committee.

Buy Now
Questions 61

An internal auditor wanted to determine whether company vehicles were being used for personal purposes She extracted a report that listed company vehicle numbers business units to which the vehicles are allocated travel dates, travel duration and mileage She then filtered the data for weekend dates Which of the following additional information would the auditor need?

Options:

A.

Names and work titles of employees

B.

Description of responsibilities of business units.

C.

Average fuel consumption data of vehicles

D.

Location and route data of vehicles

Buy Now
Questions 62

Which of the following engagement supervision activities should be performed first?

Options:

A.

Ensure that internal audit recommendations are practical, cost-effective, and value-added

B.

Ensure that internal audit conclusions am based on sufficient and reliable evidence

C.

Ensure that risks to the timely completion of the engagement are assessed

D.

Ensure that performance assessments are completed for audit team members

Buy Now
Questions 63

An internal auditor is planning to audit the organization's payroll function, which was recently outsourced. Which of the following is the most appropriate first step for the auditor?

Options:

A.

Review management's organ nationwide risk assessment

B.

Understand the objectives and strategies of the new arrangement

C.

Revise the scope of the audit engagement

D.

Form objectives for the audit engagement

Buy Now
Questions 64

When developing the scope of an audit engagement, which of the following would the internal auditor typically not need to consider?

Options:

A.

The need and availability of automated support.

B.

The potential impact of key risks.

C.

The expected outcomes and deliverables.

D.

The operational and geographic boundaries.

Buy Now
Questions 65

After finalizing an assurance engagement concerning safety operations in the oil mining process, the audit team concluded that no key controls were compromised. However, some opportunities for improvement were noted. Which of the following would be the most appropriate way for the chief audit executive (CAE) to report these results?

Options:

A.

The CAE should send the final report to operational and senior management and the audit committee.

B.

The CAE should send the final report to operational management only, as there is no need to communicate this information to higher levels.

C.

The CAE should notify operational and senior management that the audit engagement was completed with no significant findings to report.

D.

The CAE should send the final report to operational management and notify senior management and the audit committee that no significant findings were identified.

Buy Now
Questions 66

Which of the following is the most important concept to be included in a consulting engagement agreement?

Options:

A.

Define the duties and responsibilities needed from management to perform the engagement.

B.

Disclose the fact that auditors who perform the work may not be subject matter experts in the topic of the review.

C.

Clarify that matters discovered during the engagement may also be reported to senior management and the audit committee.

D.

Disclose the fact that follow-up reviews may be conducted to ensure that recommendations are implemented adequately.

Buy Now
Questions 67

Which of the following actives is an internal auditor most likely to perform when establishing the objectives of an assurance engagement?

Options:

A.

Discuss the internal audit risk assessment including applicable risks and objectives with internal audit management

B.

Perform a walk-through of the process under review to determine whether control wore operating, effectively

C.

Identify when controls will be tested and the sampling method to be used based on control risk

D.

Meet with operational management to team about any areas of concern and to agree on the engagement objectives

Buy Now
Questions 68

Which of the following statement is consistent with IIA guidance the use of mentoring for internal auditors?

Options:

A.

The member and the internal auditor should opt for informal meetings even if it means that no formal documentation will be created.

B.

The mentor relationship is usually not suitable for internal audit staff, as it does not leas to professional development.

C.

The value of mentoring is derived primarily from the personal relationship between the two parties involved, and the mentor’s level of relevant experience should not be a key factor.

D.

The mentor should be the internal auditor’s supervisor to ensure that the auditor performance is assessed in a relevant and meaningful context.

Buy Now
Questions 69

A manufacturer is under contract to produce and deliver a number of aircraft to a major airline. As part of the contract, the manufacturer is also providing training to the airline's pilots. At the time of the audit, the delivery of the aircraft had fallen substantially behind schedule while the training had already been completed. If half of the aircraft under contract have been delivered, which of the following should the internal auditor expect to be accounted for in the general ledger?

Options:

A.

Training costs allocated to the number of aircraft delivered, and the cost of actual production hours completed to date.

B.

All completed training costs, and the cost of actual production hours completed to date.

C.

Training costs allocated to the number of aircraft delivered, and 50% of contracted production costs.

D.

All completed training costs, and 50% of the contracted production costs.

Buy Now
Questions 70

Which of the following is not a primary purpose for conducting a walk-through during the initial stages of an assurance engagement?

Options:

A.

To help develop process maps.

B.

To determine segregation of duties.

C.

To identify residual risks.

D.

To test the adequacy of controls.

Buy Now
Questions 71

Upon concluding the engagement fieldwork an internal auditor discusses the audit findings with operational management There is a greater likelihood that the auditor will obtain a responsive action plan from management when both parties agree on which of the following attributes of the audit finding?

Options:

A.

Criteria

B.

Condition

C.

Cause

D.

Effect

Buy Now
Questions 72

The engagement supervisor would like lo change the audit program's scope poor to beginning fieldwork According to IIA guidance before any change is implemented what is the most important action that should be undertaken?

Options:

A.

Document in the engagement workpapers the rationale for changing the scope.

B.

Confirm that the scope change would align to the organization's objectives and goals

C.

Confirm that the internal audit activity continues to have the necessary knowledge and skills

D.

Seek approval from the chief audit executive for the proposed scope change

Buy Now
Questions 73

Which of the following actions is the most appropriate response for an internal auditor to take when a significant risk is identified during a consulting engagement?

Options:

A.

Report the risk identified from the consulting engagement to senior management.

B.

Do not include the risk in the assessment of risk management processes, as that is management's responsibility.

C.

Do not report the risk, as it is out of scope for the consulting engagement.

D.

Include the risk identified from the consulting engagement in the next annual risk assessment only if it is part of the consulting engagement objectives.

Buy Now
Questions 74

The chief audit executive (CAE) determined that the internal audit activity lacks the resources needed to complete the internal audit plan Which of the following would be the most appropriate action tor the CAE to take?

Options:

A.

Use guest auditors from within the organization, and leverage their experience by assigning them to lead engagements m areas where they previously worked

B.

Outsource some of the audits to the organization s external auditor who is already familiar with the organization

C.

Invite nonauditors to join the internal audit activity for a two-year rotational position, and assign them to join audit teams that are reviewing areas where they have no previous management responsibility

D.

Recruit recent college graduates and employ them as audit interns with an aim to offer permanent employment

Buy Now
Questions 75

Upon completing a follow-up audit engagement, the chief audit executive (CAE) noted that management has not implemented any mitigation measures to address the high

risks that were reported in the initial audit report. What initial step must the CAE take to address this situation?

Options:

A.

Communicate the issue to senior management.

B.

Discuss the issue with members of management responsible for the risk area.

C.

Report the situation to the external auditors.

D.

Escalate the issue to the board.

Buy Now
Questions 76

During a consulting engagement an internal auditor wants to determine whether all principal stakeholders are involved in a project. Which tool should the auditor use?

Options:

A.

RACI (responsible, accountable, consult and inform) chart

B.

Flowchart

C.

SWOT{strengths. weaknesses opportunities, and threats) analysis

D.

Workflow analysis

Buy Now
Questions 77

According to IIA guidance, which of the following objectives was most likely formulated for a non-assurance engagement?

Options:

A.

The internal audit activity will assess the effects of changes in maintenance strategy on the availability of production equipment.

B.

The internal audit activity will inform management on the possible risks of moving the data warehouse to a cloud server maintained by a third party.

C.

The internal audit activity will ascertain whether the data center security arrangements are compliant with agreed terms.

D.

The internal audit activity will ensure equipment downtime risks have been managed in accordance with internal policy.

Buy Now
Questions 78

An internal auditor is preparing an internal control questionnaire for the procurement department as part of a preliminary survey. Which of the following would provide the best source of information for questions?

Options:

A.

A relevant procurement law or regulation.

B.

A list of the company's vendors.

C.

A review of a sample of tenders during the audited period.

D.

A summary of the company's expenditures and their categories.

Buy Now
Questions 79

For an action plan to be effective, it should be designed primarily to address which of the following elements of an observation?

Options:

A.

Condition

B.

Root cause

C.

Criteria

D.

Recommendation

Buy Now
Questions 80

An internal auditor s testing tor proper authorization of contracts and finds that the rate of deviations discovered in the sample is equal to the tolerable deviation rate. When of the following is the most appropriate conclusion for the internal auditor to make based on this result?

Options:

A.

The internal auditor concludes that management may be placing undue reliance on me specified control

B.

The internal auditor concludes that the specified control is more effective than it really is.

C.

The internal auditor concludes that the specified control is acceptably effective

D.

The internal auditor concludes that additional testing will be required to evaluate the specified control

Buy Now
Questions 81

In an organization with a large internal audit activity that has several audit teams performing engagements simultaneously which of the following tasks is an engagement supervisor most likely to perform during the planning phase of a new engagement?

Options:

A.

Establish a means for resolving any professional judgment differences over ethical issues that may arise during the engagement.

B.

Approve the engagement work program to ensure the program is designed to achieve the engagement objectives

C.

Evaluate whether the testing and results support the engagement results and conclusion

D.

Review the sample testing results for exceptions.

Buy Now
Questions 82

In which of the following situations would an internal control questionnaire best suit the internal auditor's purpose?

Options:

A.

The auditor wants to receive mid-level management insight on how to improve hiring practices

B.

The auditor wants to obtain information on whether adherence to approval matrices is actually taking place in different maintenance units.

C.

The auditor wants to gain assurance that inventory counts are conducted in accordance with established procedures.

D.

The auditor wants to assess whether different subsidiaries apply centrally established procurement rules in the same manner

Buy Now
Questions 83

The chief audit executive (CAE) of a small internal audit activity (IAA) plans to test conformance with the Standards through a quality assurance review. According to the Standards, which of the following are acceptable practice for this review?

1. Use an external service provider.

2. Conduct a self-assessment with independent validation.

3. Arrange for a review by qualified employees outside of the IAA.

4. Arrange for reciprocal peer review with another CAE.

Options:

A.

1 and 2

B.

2 and 4

C.

1, 2, and 3

D.

2, 3, and 4

Buy Now
Questions 84

While performing fieldwork for an assurance engagement, a member of the internal audit team identified a key control that was not identified during the planning phase of the engagement Which of the following actions by the internal auditor would be most appropriate?

Options:

A.

Promptly adjust the audit work program to include tests that address the newly identified control and notify the other audit team members of the change

B.

Proceed with the current audit work program because the engagement scope has already been finalized but plan to address the newly identified control as part of the follow up engagement

C.

Adjust the audit work program to account for the new control, but only with approval from the engagement supervisor

D.

Discuss the control with management of the area under review and seek their approval prior to including the control in the current audit engagement

Buy Now
Questions 85

Which of the following describes (he primary reason why a preliminary risk assessment is conducted during engagement planning?

Options:

A.

To identify the greatest risks organizationwide

B.

To ensure that the engagement work program covers all risk areas

C.

To ensure that risks identified during previous audits of the area have been adequately addressed

D.

To ensure that significant risks are included in the engagement scope

Buy Now
Questions 86

Which method of examining entity-level controls involves gathering information from work groups that represent different levels in an organization?

Options:

A.

Questionnaires.

B.

Surveys.

C.

Structured interviews

D.

Facilitated team workshops

Buy Now
Questions 87

Due to price risk from the foreign currency purchase of aviation fuel, an airliner has purchased forward contracts to hedge against fluctuations in the exchange rate. When recalculating the exchange losses from individual purchases of jet fuel, which of the following details does the internal auditor need to validate?

1. The hedge documentation designating the hedge.

2. The spot exchange rate on the transaction date.

3. The terms of the forward contract.

4. The amount of fuel purchased.

Options:

A.

1 and 2

B.

1 and 4

C.

2 and 3

D.

3 and 4

Buy Now
Questions 88

Where should internal auditor focus their attention when identify and assessing key risks during the planning stage of an assurance engagement?

Options:

A.

Sampling risk.

B.

Audit risk.

C.

Residual risk.

D.

Inherent risk

Buy Now
Questions 89

The internal audit activity (IAA) wants to measure its performance related to the quality of audit recommendations. Which of the following client survey questions would best help the IAA meet this objective?

Options:

A.

Were audit findings relevant and useful to management?

B.

Does the audit report format present issues clearly and concisely?

C.

Does the IAA work with a high degree of professionalism and objectivity?

D.

Were the findings reported in a timely manner?

Buy Now
Questions 90

Which of the following is the primary purpose of implementing a program whereby employees are rotated from other parts of the organization into the internal audit activity?

Options:

A.

It provides the internal audit activity with more resourcing options to meet the audit plan

B.

It offers internal auditors the opportunity to learn more about other work areas.

C.

It gives nonauditors a better understanding of the control environment.

D.

It provides an opportunity for the recruitment of employees as permanent internal auditors

Buy Now
Questions 91

As part of the preliminary survey, an internal auditor sent an internal control questionnaire to the accounts payable function Based on the questionnaire responses, the auditor determines that there is no established procedure for adding and approving new vendors. What would the auditor do next?

Options:

A.

Determine that this situation is acceptable and focus on more significant issues

B.

Document the issue m the draft audit report

C.

Document the observation for further follow up when testing the operating effectiveness of controls

D.

Interview the personnel associated with this observation.

Buy Now
Questions 92

During an assurance engagement, an internal auditor noted that the time staff spent accessing customer information in large Excel spreadsheets could be reduced significantly through the use of macros. The auditor would like to train staff on how to use the macros. Which of the following is the most appropriate course of action for the internal auditor to take?

Options:

A.

The auditor must not perform the training, because any task to improve the business process could impact audit independence.

B.

The auditor must create a new, separate consulting engagement with the business process owner prior to performing the improvement task.

C.

The auditor should get permission to extend the current engagement, and with the process owner's approval, perform the improvement task.

D.

The auditor may proceed with the improvement task without obtaining formal approval, because the task is voluntary and not time-intensive.

Buy Now
Questions 93

An internal auditor observes a double payment transaction on a supplier invoice during an accounts payable engagement. Which of the following steps would be the most effective in helping the auditor determine whether fraud exists?

Options:

A.

Switch the existing assurance engagement into a fraud investigation engagement

B.

Extend the audit scope and perform additional testing of controls on other related areas

C.

Review the poor year's transaction volume and amounts paid compared to the poor year's budget

D.

Perform data analytics on the supplier's information, invoiced amounts, and payments performed

Buy Now
Questions 94

Which of the following is the next step in understanding a business process once an internal auditor has identified the process?

Options:

A.

Determine process outputs.

B.

Determine process inputs.

C.

Determine process activities.

D.

Determine process goals.

Buy Now
Questions 95

Which of the following represents the best method for confirming that vendor invoices were for authorized purchases?

Options:

A.

Vouching vendor invoices to payments made.

B.

Sorting invoices by purchase orders and comparing for successive duplicate invoices.

C.

Comparing a random sample of vendor invoices to purchase orders.

D.

Sorting payments by invoice to detect successive duplicate invoices.

Buy Now
Questions 96

An organization s inventory is stored m multiple warehouses. During an inventory audit which of the following activities would most benefit from the use of computerized audit tools?

Options:

A.

Verifying the existence of inventory items in each warehouse

B.

Assigning the tolerable deviation rate to determine the sample size

C.

Valuating the obsolete Inventory from all the warehouse locations

D.

Confirming that the purchased items are recorded In the correct period

Buy Now
Questions 97

An organization's healthcare insurance costs have been rising approximately 10 percent per year for several years. Which of the following analytical review procedures would best evaluate the reasonableness of the increase in healthcare costs?

Options:

A.

Develop a comparison of the costs incurred with similar costs incurred by other organizations.

B.

Obtain the government index of healthcare costs for the comparable period of time and compare the rate of increase with that of the cost per employee incurred by the organization.

C.

Obtain a bid from another healthcare administrator to provide the same administrative services as the current healthcare administrator.

D.

Review all claims and compare with appropriate procedures to ensure that overpayments have not occurred.

Buy Now
Questions 98

If observed during fieldwork by an internal auditor, which of the following activities is least important to communicate formally to the chief audit executive?

Options:

A.

Acts that may endanger the health or safety of individuals.

B.

Acts that favor one party to the detriment of another.

C.

Acts that damage or have an adverse effect on the environment.

D.

Acts that conceal inappropriate activities in the organization.

Buy Now
Questions 99

Which of the following is an advantage of an internal audit activity coordinating with a management-defined risk universe?

Options:

A.

Increased completeness, including risk categories like political, supplier, and social media.

B.

Business managers can identify and assess risks that occur within each category.

C.

The internal audit activity can rely on management's risk assessment.

D.

Organizationwide audits are required since risk events within categories occur in many different ways.

Buy Now
Questions 100

Which of the following sources of testimonial evidence would be considered the most reliable regarding whether a process is effectively performed according to its design?

Options:

A.

The person responsible for performing the task

B.

Two or more people that work in the area

C.

The supervisor in charge of the process

D.

The manager that wrote the steps to be followed

Buy Now
Questions 101

When a significant finding is noted early during a review of the accounts payable function, which next course of action is best for communicating the issue?

Options:

A.

Intern accounting management via an interim memorandum update

B.

Note the item in the workpapers for inclusion in the final audit report

C.

Call a meeting and discuss me issue with the audit committee

D.

Alert the CEO as soon as the issue is discovered

Buy Now
Questions 102

Which of the following statements is true regarding a drawback of using internal control questionnaires (ICQs)?

Options:

A.

When internal auditors need to cover many control procedures using ICQs is generally less efficient than conducting observations and inspections

B.

It is generally difficult for internal auditors lo compile appropriate ICQs for business activities that are governed by standardized operating procedures

C.

ICQs are inadequate to provide effective assurance on how organizational processes are executed in practice.

D.

It is generally difficult for internal auditors to process completed questionnaires, because ICQs frequently elicit detailed comments and long answers from management

Buy Now
Questions 103

According to MA guidance, which of the following factors should an internal auditor consider when assessing the likelihood of fraud risk1?

Options:

A.

The effect on the organization's reputation

B.

Any potential damage to the organization's relationship with customers.

C.

Past fraud allegations and actual occurrences

D.

The potential and realized financial impacts

Buy Now
Questions 104

During an assurance engagement, an internal auditor discovered that a sales manager approved numerous sales contracts for values exceeding his authorization limit. The auditor reported the finding to the audit supervisor, noting that the sales manager had additional new contracts under negotiation. According to IIA guidance, which of the following would be the most appropriate next step?

Options:

A.

The audit supervisor should include the new contracts in the finding for the final audit report.

B.

The audit supervisor should communicate the finding to the supervisor of the sales manager through an interim report.

C.

The audit supervisor should remind the sales manager of his authority limit for the contracts under negotiation.

D.

The auditor should not reference the new contracts, because they are not yet signed and therefore cannot be included in the final report.

Buy Now
Questions 105

After concluding a preliminary assessment, the engagement supervisor prepared a draft work program According to HA guidance which of the following would be tested by this program?

Options:

A.

The process objectives.

B.

The process risks

C.

The process controls

D.

The process scope

Buy Now
Questions 106

Which of the following internal audit procedures commonly involves sampling?

Options:

A.

Confirmation and financial statement analysis

B.

Reperformance and inspection

C.

Vouching and tracing

D.

Trend analysis and benchmarking

Buy Now
Questions 107

An internal auditor completed a consulting engagement covering a recent advertising campaign. The audit client asked the auditor to forward a copy of the report to one of the three advertising agencies used by the organization. According to IIA guidance, which of the following statements is true regarding this request?

Options:

A.

The internal auditor may communicate the results to the advertising agency as instructed by the audit client, with approval from the chief audit executive.

B.

The internal auditor may not communicate the results to this external party regardless of the engagement client's instruction.

C.

The internal auditor may send the report and is required to include instructions for the advertising agency to limit further distribution and the use of results.

D.

The internal auditor may only communicate the results verbally to the advertising agency and should not provide a hard copy.

Buy Now
Questions 108

Which of the following would help the internal audit activity assess compliance with the organization's standard operating procedures for bank deposits during a preliminary survey?

Options:

A.

Issue an internal control questionnaire to select branch customers.

B.

Issue an internal control questionnaire to the president of the organization.

C.

Issue an internal control questionnaire to the director of bank operations.

D.

Issue an internal control questionnaire to select branch managers.

Buy Now
Questions 109

The board of directors expressed concerns about potential external risks that could impact the organization s ability to meet its annual objectives and goals The board requested consulting services from the internal audit activity to gain insight regarding the external risks Which of the following engagement objectives would be appropriate to fulfill this request?

Options:

A.

Assess the organization's ability to minimize potential external risks

B.

Assess the organization's process of vetting vendors that provide necessary services to the organization

C.

Assess the organization's risk impacts from the markets in which it operates

D.

Assess the organization's controls implemented that would help minimize risks

Buy Now
Questions 110

According to the IIA guidance, which of the following foes the engagement work test in a review in a review of an organization al process?

Options:

A.

Process objectives

B.

Process risks

C.

Process controls

D.

Process scope

Buy Now
Questions 111

According to IIA guidance, which of the following statements best justifies a chief audit executive's request for external consultants to complement internal audit activity (IAA) resources?

Options:

A.

The organization's audit universe is extensive and diverse.

B.

There has been an increase in unanticipated requests for advisory work.

C.

Previous work provided by the external service provider has been of great quality and value.

D.

A recent benchmarking study found that using external service providers is a common practice of similarly-sized IAAs in other organizations.

Buy Now
Questions 112

Which of the following situations would justify the removal of a finding from the final audit report?

Options:

A.

Management disagrees with the report findings and conclusions in their responses.

B.

Management has already satisfactorily completed the recommended corrective action.

C.

Management has provided additional information that contradicts the findings.

D.

Management believes that the finding is insignificant and unfairly included in the report.

Buy Now
Questions 113

An engagement team is being assembled to audit of one of the organization's vendors Which of the following statements best applies to this scenario?

Options:

A.

The engagement team should include internal auditors who have expertise in investigating vendor fraud

B.

The engagement team should be composed of certified accountants who are proficient In financial statement analysis and local accounting principles

C.

To preserve independence and objectivity, an auditor who worked for the vendor two years prior may not participate on the engagement team

D.

The engagement team may include an auditor who lacks knowledge of the industry in which the vendor operates

Buy Now
Questions 114

Which of the following constitutes supervisory activity undertaken during the planning phase of an assurance engagement?

Options:

A.

Ensuring the process owner with the engagement objectives

B.

Reviewing engagement draft reports

C.

Ensuring workpapers support audit findings

D.

Approving audit work programs

Buy Now
Questions 115

According to IIA guidance, which of the following would be considered necessary for a one-person audit function?

Options:

A.

A formalized technical audit manual

B.

A written administrative audit manual

C.

A memorandum stating policies and procedures

D.

A comprehensive policy and procedure manual

Buy Now
Questions 116

The chief audit executive can illustrate the value of the internal audit activity by reporting which of the following to the board?

Options:

A.

The overall performance resulting from the internal audit balanced scorecard

B.

The number of outstanding and overdue management actions

C.

The experience of the organization's internal auditors

D.

The number of audits in the annual audit plan relative to similar organizations

Buy Now
Questions 117

Which of the following is not a direct benefit of control self-assessment (CSA)?

Options:

A.

CSA allows management to have input into the audit plan.

B.

CSA allows process owners to identify, evaluate, and recommend improving control deficiencies.

C.

CSA can improve the control environment.

D.

CSA increases control consciousness.

Buy Now
Questions 118

An employee in the sales department completes a purchase requisition and forwards it to the purchaser. The purchaser places competitive bids and orders the requested items using approved purchase orders. When the employee receives the ordered items, she forwards the packing slips to the accounts payable department. The invoice for the ordered items is sent directly to the sales department, and an administrative assistant in the sales department forwards the invoices to the accounts payable department for payment. Which of the following audit steps best addresses the risk of fraud in the cash receipts process?

Options:

A.

Verify that approvals of purchasing documents comply with the authority matrix.

B.

Observe whether the purchase orders are sequentially numbered.

C.

Examine whether the sales department supervisor approves invoices for payment.

D.

Determine whether the accounts payable department reconciles all purchasing documents prior to payment.

Buy Now
Questions 119

The chief audit executive of an international organization is planning an audit of the treasury function located at the organization's headquarters. The current internal audit team at headquarters lacks expertise in the area of financial markets which is needed tor the engagement When of the following would be the most approbate solution considering the time constraint?

Options:

A.

Outsource the engagement 10 tie organization's external auditor who has expertise in the area of financial markets

B.

Hire additional internal auditors who have expertise in the area of financial markets.

C.

Invite a guest auditor from one of the organization's affiliates who has expertise m the area of financial markets.

D.

Limit the scope of the engagement to the knowledge and skills possessed by the internal audit team.

Buy Now
Questions 120

A chief audit executive (CAE) following up on action plans from previously completed audits identifies that management has determined that certain action plans are no longer necessary If the CAE disagrees with management's decision, which of the following is the most appropriate next step for the CAE to take?

Options:

A.

The CAE must discuss the matter with senior management

B.

The CAE must discuss the matter with key shareholders

C.

The CAE must discuss the matter with legal counsel

D.

The CAE must discuss the matter with the board

Buy Now
Questions 121

According to IIA guidance, which of the following statements is true regarding the authority of the chief audit executive (CAE) to release previous audit reports to outside parties?

Options:

A.

The CAE can release prior internal audit reports with the approval of the board and senior management.

B.

The CAE can employ judgment and release prior audit results as they deem appropriate and necessary.

C.

The CAE can only release prior information outside the organization when mandated by legal or statutory requirements.

D.

The CAE can release prior information provided it is as originally published and distributed within the organization.

Buy Now
Questions 122

A large retail organization, which sells most of its products online, experiences a computer hacking incident. The chief IT officer immediately investigates the incident and concludes that the attempt was not successful. The chief audit executive (CAE) learns of the attack in a casual conversation with an IT auditor. Which of the following actions should the CAE take?

1. Meet with the chief IT officer to discuss the report and control improvements that will be implemented as a result of the security breach, if any.

2. Immediately inform the chair of the audit committee of the security breach, because thus far only the chief IT officer is aware of the incident.

3. Meet with the IT auditor to develop an appropriate audit program to review the organization's Internet-based sales process and key controls.

4. Include the incident in the next quarterly report to the audit committee.

Options:

A.

1 and 2

B.

1 and 3

C.

2 and 4

D.

3 and 4

Buy Now
Questions 123

An internal auditor tested whether purchase orders were supported by appropriately approved purchase requisitions She sampled a population of purchase documents and identified instances where purchase requisitions were missing However, she did not notice that n some cases purchase requisitions were approved by an unauthorized person Which of the following risks most appropriately describes this situation?

Options:

A.

Nonsampling risk

B.

Sampling risk

C.

Inherent risk

D.

Due diligence risk

Buy Now
Questions 124

Which of the following is an appropriate documentation of proper engagement supervision?

Options:

A.

A completed engagement workpaper review checklist.

B.

The supervisor's review notes on engagement workpapers.

C.

The email exchanges between the audit team and the supervisor.

D.

A supervisor's approval of resources allocated to the engagement

Buy Now
Questions 125

An internal auditor wants to compare performance information from one quarter to another. Which analytics procedure would the auditor use?

Options:

A.

Ratio analysis

B.

Trend analysis

C.

Vertical analysis

D.

Benchmarking analysis

Buy Now
Questions 126

According to IIA guidance which of the following statements is true regarding the annual audit plan?

Options:

A.

The annual audit plan should only be adjusted in response to problems with resourcing, scope, and data availability.

B.

The chief audit executive (CAE) may incorporate risk information, including risk appetite levels from management for the audit plan at her discretion.

C.

In an immature risk management environment it is preferable for the CAE to rely solely on her judgment regarding risk identification and assessment to develop the audit plan.

D.

The CAE may make adjustments to the annual audit plan as needed without senior management or board approval.

Buy Now
Questions 127

Which of the following parties is accountable for ensuring adequate support for conclusions and opinions readied by the internal audit activity while relying on external auditors' work?

Options:

A.

Board of directors

B.

External auditors

C.

Chief audit executive

D.

Senior management

Buy Now
Questions 128

What is the primary reason that audit supervision includes approval of the engagement report?

Options:

A.

To ensure the objectives of the area under review are met.

B.

To ensure senior management supports the report's conclusions.

C.

To ensure report style and grammar are appropriate.

D.

To ensure report findings are substantiated.

Buy Now
Questions 129

What is the best course of action for a chief audit executive if an internal auditor identifies in the early stage of an audit that some employees have inappropriate access to a key system?

Options:

A.

Contact the audit committee chair to discuss the finding

B.

Obtain verbal assurance from management that the inappropriate access will be removed

C.

Issue an interim audit report so that management can implement action plans

D.

Ask the auditor to create a ticket with the IT help desk requesting to revoke the inappropriate access

Buy Now
Questions 130

Which of the blowing is an example of a compliance assurance engagement?

Options:

A.

Proving in-house training to senior management regarding applicable laws and regulations

B.

Proving an assessment of the design adequacy of controls related to consumer privacy and confidentially.

C.

Providing an assessment of customer satisfaction with customer service provided by the organization

D.

Providing testing on the operating effectiveness of controls ever the reliability of financial reporting

Buy Now
Questions 131

Which of the following best describes the manual audit procedure known as vouching?

Options:

A.

Testing the validity of information by following it backward to a previously prepared record

B.

Testing the accuracy of the control by reperforming the task or process required

C.

Soliciting and obtaining written verification of the accuracy from an independent third party

D.

Testing the completeness of information forward from a record to a subsequently prepared document

Buy Now
Questions 132

According to IIA guidance, which of the following statements are true regarding the internal audit plan?

1. The audit plan is based on an assessment of risks to the organization.

2. The audit plan is designed to determine the effectiveness of the organization's risk management process.

3. The audit plan is developed by senior management of the organization.

4. The audit plan is aligned with the organization's goals.

Options:

A.

1 and 2 only

B.

3 and 4 only

C.

1, 2, and 4

D.

1, 3, and 4

Buy Now
Questions 133

An internal auditor is using attributes sampling to test internal controls. Under which of the following circumstances would the auditor increase the original sample size to estimate error occurrence at a given precision and confidence level?

Options:

A.

The sample rate of occurrence plus the precision exceeds the acceptable error rate.

B.

The sample rate of occurrence is less than the acceptable error rate.

C.

The acceptable rate of occurrence less the precision exceeds the sample rate of occurrence.

D.

The sample rate of occurrence plus the precision equals the acceptable error rate.

Buy Now
Questions 134

Which of the following is the primary reason a chief audit executive should network with an organization’s executives?

Options:

A.

To better understand and influence executives' planning.

B.

To make executives aware of the benefits that the internal audit activity can provide.

C.

To assist executives in setting the organization’s risk appetite.

D.

To have a better understanding of the training needed to strengthen the audit team.

Buy Now
Questions 135

Which of the following is the most important determinant of the objectives and scope of assurance engagements?

Options:

A.

The organizational chart, business objectives and policies and procedures of the area to be reviewed.

B.

The most recent risk assessment conducted by management of the area to be reviewed.

C.

The requests of operational and senior management throughout the organization.

D.

The preliminary risk assessment performed by internal auditors planning the engagement

Buy Now
Questions 136

Which informal ion- gathering method would be most efficient for an internal auditor to determine whether specified control procedures are in place?

Options:

A.

Interviews

B.

Observations

C.

Reperformance

D.

Internal control questionnaires

Buy Now
Questions 137

Acceding to IIA guidance, when of the Mowing is an assurance service commonly performed by the internal audit activity?

Options:

A.

Proposing fine item recommendation lot the annual financial budget of the accounting department

B.

Making recommendations regarding financial approval authority limits for the operations department

C.

Validating whether employees are following established policies and procedures in the procurement department

D.

Generating expense report metrics for employees in the finance department

Buy Now
Questions 138

Which of the following factors should be considered when determining the staff requirements for an audit engagement?

    The internal audit activity's time constraints.

    The nature and complexity of the area to be audited.

    The period of time since the area was last audited.

    The auditors’ preference to audit the area.

    The results of a preliminary risk assessment of the activity under review.

Options:

A.

1 and 4 only.

B.

1, 2, and 5 only.

C.

2, 3, and 5 only.

D.

1, 2, 3, 4, and 5.

Buy Now
Questions 139

An internal auditor performed a test of controls and found that a statistically selected representative sample of recorded transactions within the account receivables ledger had an error rate that was within management expectations. The associated revenue account was outside the scope of the audit engagement. How should the conclusion to this engagement be reported?

Options:

A.

The auditor should state that the error rate was within the selected confidence level.

B.

Negative assurance should be provided, as the associated revenue account was not examined.

C.

The auditor should state that controls over the recording of transactions in the revenue account are operating effectively.

D.

Positive assurance could be provided for the effectiveness of the accounts receivable controls.

Buy Now
Questions 140

Which of the following statements is false regarding roles and responsibilities pertaining to risk management and control?

Options:

A.

Senior management is charged with overseeing the establishment risk management and control processes.

B.

The chief audit executive is responsible for overseeing the evaluation risk management and control processes.

C.

Operating managers are responsible for assessing risks and controls in their departments.

D.

Internal auditors provide assurance about risk management and control process effectiveness.

Buy Now
Questions 141

Which of the following is a significant governance issue that should be reported by the chief audit executive to the board?

Options:

A.

There is no risk management and control process and risk management is solely tie responsibility of operational managers

B.

The organisation’s code of conduct is distributed to employees each year however employees are not required to attest that they will operate In compliance with the code.

C.

Reconciliation of planned board meeting agendas to meeting minutes finds that one meeting was canceled, and the agenda topics were covered at the following meeting.

D.

The review of the five-year strategic plan shows that the details of the plan have not been dearly communicated to employees throughout the organization

Buy Now
Questions 142

In which of following scenarios is the internal auditor performing benchmarking?

Options:

A.

The auditor compares information from one period with the same information from the poor period

B.

The auditor compares new information to his general knowledge of the organization

C.

The auditor compares information he collected with simmer information from another source

D.

The auditor compares expected outcomes with actual results

Buy Now
Questions 143

An internal auditor is conducting a preliminary survey of the investments area, and sends an internal control questionnaire to the management of the function. (An extract of the survey is provided below).

IIA-CIA-Part2 Question 143

1. Are there any restrictions for any company's investments?

2. Are there any written policies and procedures that document the flow of investment processing?

3. Are investment purchases recorded in the general ledger on the date traded?

4. Is the documentation easily accessible to an persons who need in to perform their job?

Which of the following is a drawback of testing methods like this?

Options:

A.

They ore kitted as they do not allow the auditor to test many controls.

B.

They do not highlight control gaps

C.

They are not useful for identifying areas on which the auditor should locus.

D.

They are limited as there is a risk that management may not answer fairly.

Buy Now
Questions 144

According to IIA guidance, which of the following accurately describes the responsibilities of the chief audit executive with respect to the final audit report?

1. Coordinate post-engagement conferences to discuss the final audit report with management.

2. Include management's responses in the final audit report.

3. Review and approve the final audit report.

4. Determine who will receive the final audit report.

Options:

A.

1 and 2

B.

1 and 4

C.

2 and 3

D.

3 and 4

Buy Now
Exam Code: IIA-CIA-Part2
Exam Name: Practice of Internal Auditing
Last Update: Dec 7, 2024
Questions: 482

PDF + Testing Engine

$57.75  $164.99

Testing Engine

$43.75  $124.99
buy now IIA-CIA-Part2 testing engine

PDF (Q&A)

$36.75  $104.99
buy now IIA-CIA-Part2 pdf