According to IIA guidance which of the following correctly describes the standard risk treatments outlined in the process element approach of the framework for risk management?

Risk avoidance risk sharing application of controls, risk application.

Risk avoidance risk identification application of controls risk acceptance.

Risk identification risk assessment risk avoidance risk monitoring

Risk identification risk assessment application of controls risk acceptance

According to IIA guidance which of the following statements is true regarding the internal audit charier?

The charier can be revised at the discretion of the CAE whenever 4 is determined that its content no longer supports the achievement of objectives

The charier should be revised and re-approved whenever a new chief audit executive (CAE) is appointed or at the request of the board

The charier should be re-approved every five years, in conjunction with the external quality assessment

The charier can be revised at the discretion of the CAE whenever 4 is determined that its content no longer supports the achievement of objectives

The charier should be reviewed and resubmitted for board approval annually together with the audit plan

A chief audit executive (CAE) has just joined an organization with an existing internal audit activity.Based on her review of the current organizational structure, the CAE determines that the internal audit activity lacks adequate independence. Which of the following actions is the CAE's best step to take next to move the internal audit activity toward organizational independence?

Request that the board restructure the reporting line of the internal audit activity to ensure the CAE has unrestricted access to the board.

Ensure the limitations are disclosed through communication with the board and senior management, so that the internal audit activity can continue operating under the same organizational structure.

Request that the board restructure the reporting line of the internal audit activity to ensure the CAE has unrestricted access to the board.

Rotate internal audit assignments among members of the internal audit activity to minimize the effects of the current structure.

Train internal auditors about organizational independence and have them sign an acknowledgment of understanding.

The CEO has delegated several responsibilities to the internal audit activity. Which of the following directives should concern the chief audit executive the most?

Internal auditors shall perform organization wide risk assessments

Internal auditors shall perform engagement-level risk assessments

Internal auditors shall perform risk management activities.

Internal auditors shall perform risk-based engagements

Internal auditors shall perform organization wide risk assessments

Which of the following describes an ongoing monitoring activity that could be performed as part of an internal assessment for a quality assurance and improvement program (QAIP)?

Identifying opportunities for improvement m internal audit's processes and procedures

Planning and supervising engagements

Evaluating the quality of supervision

Identifying opportunities for improvement m internal audit's processes and procedures

Determining if the objectives of QAIP are current

The head of human resources notified the internal audit activity that a key account manager was fired because he did not register a large number of contracts with clients As a result the organization was unaware of its duties and would suffer some financial loss Which of the following should be expected from a competent internal auditor who is analyzing this situation?

The ability to evaluate whether such attributes as intent and personal gain were present

The ability to apply forensic methods to obtain legally admissible evidence

The ability to conduct admission-seeking interviews with potential suspects

The ability to evaluate whether such attributes as intent and personal gain were present

The ability to retrieve concealed or deleted information from the former employee's laptop

A chief audit executive has reported to the board that the internal audit activity is lacking financial accounting knowledge for specific audit projects. Upon approval from the board which of the following hiring approaches is best in this situation?

A full-time permanent recruitment

According to IIA guidance, an internal audit charter should detail which of the following?

The nature of services that the internal audit activity will provide to external third parties

The objectives and goals of management

The process used by the CAE to manage the organization's internal controls

The nature of services that the internal audit activity will provide to external third parties

The responsibilities of the audit committee

A chief audit executive added more money to the IT training budget to ensure the organization's internal auditors were able to perform data analytics while performing an audit. Which core competency is being addressed?

Continuing professional development

After the draft engagement report is issued, the manager of the area that was reviewed is informally interviewed by the engagement supervisor regarding the audit experience. Which of the following is most likely the purpose for this interview?

Feedback from the manager will contribute to the audit team's professional development

Such an interview is performed when there is a need to dismiss an internal auditor

Feedback from the manager will contribute to the audit team's professional development

The manager's opinion will be used to form the final audit assessment and report rating.

The manager will provide insights into the audited industry's trends

Which action by senior management indicates to the internal auditor that there may be fraudulent activities occurring within the organization?

Setting unrealistic targets for staff to achieve

Granting external audit firms access to staff and records.

Automating some processes and allowing others to be performed manually

Enforcing a zero-tolerance policy for misconduct

Which of the following situations would best indicate to the chief audit executive that one of the audit team members is struggling with application of due professional care?

Audit work was completed m accordance with the established goals; however, a material misstatement was later uncovered in the audited area by another assurance provider.

The engagement supervisor requests that an auditor carry out improvements to workpapers to address numerous problems: evidence is missing, references are incorrect, and conclusions are superfluous

Audit work was completed m accordance with the established goals; however, a material misstatement was later uncovered in the audited area by another assurance provider.

According to the audit report, several control failures occurred due to irresponsible behavior of local management, who was consequently deprived of bonuses and wrote a negative feedback to the auditor

The delivery of audit results was several weeks late because the internal auditor had to spend additional time trying to understand the nature of certain transactions with derivation.

An audit client who was unsatisfied with the audit report rating called the chief audit executive (CAE) and complained that the internal auditor who performed the audit was biased because his spouse, who worked in the area under review, was on a list of employees to be terminated. Which of the following measures would be most appropriate to prevent this situation from arising?

Requiring the internal auditors to disclose any potential conflicts of interest.

Initiating an internal investigation to clarify whether a biased judgment took place.

Requiring the internal auditors to disclose any potential conflicts of interest.

Requiring that the audit client disclose any potential conflicts of interest with the auditor.

Requiring human resources manager to submit all future job applicants' data in order to identify relatives of auditors.

Which statement accurately describes the authority of the internal audit activity as outlined in the audit charter?

The internal audit team shall have full access to the organization's records, physical property, and personnel required to conduct audit engagements.

The chief audit executive (CAE) shall report directly to the board and administratively to the CEO.

The CAE shall provide senior management and the board with performance updates quarterly.

The internal audit team shall have full access to the organization's records, physical property, and personnel required to conduct audit engagements.

The internal audit activity shall maintain a quality assurance and improvement program in conformance with the Standards.

An organization has limited resources to spend on corporate social responsibility initiatives. Which is the most suitable approach to determine how these resources should be used?

Support a mix of environmental economic and social initiatives to ensure a balanced approach is taken

Survey employees and external stakeholders to see which causes are best suited to the organization.

Select corporate social responsibility initiatives that support the overall strategic goals of the organization

Conduct a financial analysis to determine where the most impact can be made with the budget available

Which of the following would be an important aspect of an internal auditor's role in fraud management?

Utilizing analytical techniques to actively discover instances of potential fraud

Conducting fraud based audits to ensure that fraud will be detected during engagements

Implementing fraud prevention controls to minimize and mitigate the risk of fraud

Reporting instances of fraud discovered during engagements to regulatory bodies

Which of the following situations would cause the greatest concern regarding impairment of internal audit objectivity?

internal auditors accepted limited access to the audit client's systems and records m accordance with the scope of the engagement

The eternal auditor reviewed the audit clients proposed procedures and standards of control and offered suggested improvements at the client's request.

The internal auditor performed nonaudit work for the audit client which was communicated to senior management and the board before the engagement was performed and restated in the audit report

internal auditors accepted limited access to the audit client's systems and records m accordance with the scope of the engagement

The internal auditor used his in-depth knowledge of systems development to assist the audit client m designing a new operational system with robust controls.

Which of the following scenarios would most likely impair the independence of an internal audit activity?

The internal audit budget is reduced by management requiring the removal of all lT-related engagements from the audit plan

A relative of an internal audit team member works m a department being reviewed

The internal audit budget is reduced by management requiring the removal of all lT-related engagements from the audit plan

An audit manager removes a finding from the draft report due to disagreements with the chief financial officer

The operating effectiveness of a control is reported as 'satisfactory." because no concerns were identified during planning

An internal auditor assessed the controls within his organization's payroll process and suspects that erroneous payments may have been made to a fraudulent bank account. What is the best course of action for the auditor to take?

Escalate the concern to the engagement supervisor.

Speak to the payroll manager so he may investigate the auditor's observations.

Continue to investigate the payments to confirm the accuracy of the observations, and determine whether further fraudulent payments have been made.

Stop the audit and report the findings to senior management immediately.

Escalate the concern to the engagement supervisor.

A chief audit executive (CAE) has been asked by the board to evaluate the effectiveness of ethical programs created by management. Which of the following would be the most appropriate action for the CAE to take?

Use employee surveys to assess whether ethical programs are achieving desired outcomes.

Compare the design of the organization's ethical programs with best practices.

Verify that a code of conduct and related policies exist and are communicated.

Use employee surveys to assess whether ethical programs are achieving desired outcomes.

Compare the cost of the ethical programs with the achieved outcomes.

To meet the resource requirements of this year's internal audit plan, the chief audit executive (CAE) has recruited additional staff auditors, including an employee who resigned as a senior supervisor from the accounts payable department two months ago. There is a scheduled accounts payable review that the CAE wants to start within the next five months. Which approach should the CAE take, knowing the expertise of his new recruit in the area intended to be audited?

Have the new internal auditor assigned to other responsibilities and not work on the accounts payable audit engagement.

Have the new internal auditor's previous boss be excused from the area during fieldwork.

Have the new internal auditor be responsible for the planning of the audit as well as the review of the audit fieldwork.

Have the new internal auditor assigned to other responsibilities and not work on the accounts payable audit engagement.

Have the new internal auditor assist with conducting the fieldwork, but ensure that her work is reviewed by the CAE.

Nine months ago, an employee who was responsible for collections in the accounts receivables department joined the internal audit team. There is an accounts receivables assurance audit scheduled as part of this year's approved audit plan, which will include a review of the collections unit. With the knowledge and experience of this individual in the area, which of the following is the best approach for the chief audit executive (CAE) to take?

Have the auditor formerly with the collections unit not participate on the audit team.

Have the auditor formerly with the collections unit assist with planning and documenting the audit field work.

Have the auditor formerly with the collections unit not participate on the audit team.

Have the auditor formerly with the collections unit conduct the fieldwork and ensure it is reviewed by the CAE.

Have the auditor formerly with the collections unit review all fieldwork done to ensure that there was adequate coverage.

A new internal auditor was recently recruited to the internal audit activity from the organization's finance department. What is likely to be the chief audit executive's greatest concern regarding assigning the new auditor to upcoming audits in the finance department?

The potential for a conflict of interest to exist or appear to exist if the new auditor undertakes these assignments.

The time it may take the new auditor to complete the assignment and report the findings to management.

The qualifications of the new auditor and whether the auditor's business knowledge is relevant to the assignment.

The potential for a conflict of interest to exist or appear to exist if the new auditor undertakes these assignments.

The knowledge the new auditor may have of control weaknesses in the finance department.

An internal auditor in a newly established internal audit activity identifies many control weaknesses and raises a number of high-priority recommendations in her first few audit engagements. The internal auditor is concerned that there seems to be a poor understanding by management of risk and control. Which of the following is the most likely reason for this?

A lack of an effective organizational framework for risk management and control.

Poor performance by individual operational managers in the areas audited.

Unrealistic expectations by the internal audit activity on the quality of risk management and control.

A lack of an effective organizational framework for risk management and control.

A failure by the internal audit activity to identify and manage the organization's risks.

Which of the following is an appropriate role for the internal audit activity?

Assisting the organization in maintaining effective controls.

Ensuring the organization's key risks are managed through appropriate controls.

Assisting the organization in maintaining effective controls.

Implementing new controls to promote continuous improvement.

Validating control assessments performed by the external auditor.

According to IIA guidance, which of the following statements is true regarding consulting engagements performed by the internal audit activity?

The scope of a consulting engagement is determined by either the engagement supervisor or chief audit executive, and it is finalized prior to beginning fieldwork.

Consulting engagements typically involve four or five parties: the internal audit activity, engagement client, senior management, board, and sometimes the external auditor.

The scope of a consulting engagement is determined by either the engagement supervisor or chief audit executive, and it is finalized prior to beginning fieldwork.

According to the Standards, internal auditors are permitted to carry out certain management functions during a consulting engagement.

A preliminary risk assessment may not be needed for consulting engagements, because the expectations and objectives of the engagement are determined by the engagement client.

According to HA guidance, if an internal auditor suspects fraud during an assurance engagement, what should the auditor do first?

Determine whether any additional audit work needs to be performed.

Recommend parties involved to be sanctioned in accordance with the organization's policy.

Determine whether any additional audit work needs to be performed.

Launch an investigation to obtain details of the fraud and parties involved.

Request that the responsible process owner remediate the issue immediately.

A new chief audit executive wants to develop a formal internal control framework for her organization. She uses globally accepted frameworks as a guide. Which of the following would she likely find critical in creating the new framework for her organization?

Business continuity and backups.

A global manufacturing company has three regional offices. The chief audit executive (CAE) is concerned about the cost of an upcoming external quality assessment of the internal audit activity. The last external assessment was performed six years ago. Recently, the internal audit staff at one of the regional offices performed an internal assessment. To ensure conformance with the Standards, what is the most appropriate action for the CAE to take?

Request that an external assessor validate the results of the internal assessment and review the remaining offices.

Request from the audit committee an additional budget and an extension so that the external assessment could be performed next year.

Review the results of the internal assessment, identify weaknesses, and implement improvements at the remaining offices.

Request the regional office that performed the internal assessment to perform an assessment of the remaining offices.

Request that an external assessor validate the results of the internal assessment and review the remaining offices.

Which of the following describes a responsibility of operating management in an organization's corporate social responsibility (CSR) efforts?

Responsible for implementing CSR principles and overseeing of CSR performance.

Responsible for performing periodic internal self-verifications of reported CSR results.

Responsible for performing analysis and comparison of CSR reports and performance.

Responsible for ongoing CSR reporting and accomplishing of performance targets.

Which of the following relates to the concept of due professional care?

An auditor demonstrates a good understanding of the steps involved in carrying out a consulting engagement.

An auditor attempts to obtain information needed to complete an assurance engagement but is denied access.

The appointment of the chief audit executive is ratified by the board.

An auditor demonstrates a good understanding of the steps involved in carrying out a consulting engagement.

The internal audit resource plan is only approved by the chief financial officer.

The same internal auditor has audited the regional purchasing department annually for the last three years. The audits have shown several significant control deficiencies that have not been corrected by management. New management is in charge of this regional purchasing department, and it is time to audit the department again. What concerns should be considered prior to assigning the audit to the same auditor?

The auditor has reviewed the department annually for the last three years, leading to familiarity, which can impact the internal audit activity's independence.

Intimidation threats may compromise the auditor's objectivity due to multiple negative audit reports completed by the auditor.

The auditor has reviewed the department annually for the last three years, leading to familiarity, which can impact the internal audit activity's independence.

A negative cognitive bias may be in place that affects the employee's objectivity due to the recent audits with uncorrected control deficiencies.

The auditor may have formed a cultural bias, as the department under review is in the auditor's geographic area.

In a small company with a small budget, the board and senior management asked the chief audit executive (CAE) to develop specific controls prompted by a new regulatory requirement affecting a specific process. The CAE was also directed to report functionally to senior management. An audit engagement on this process was already set in the internal audit plan. Which of the following represents an impairment to the internal audit activity's independence?

The development of controls by the CAE.

The audit engagement regarding this process.

The functional reporting of the CAE to senior management.

During the planning stage of an assurance engagement, a payroll clerk informed the internal auditor that he is often asked to add new employees to the payroll without any formal new-hire documentation from human resources. The auditor is concerned that this increases the risk for fraud. To complete engagement planning, which of the following is the most appropriate next step for the auditor to take?

Advise the chief audit executive of the clerk's assertion, despite the lack of supporting evidence.

Increase the sample size to be tested, ensuring a thorough review of the payroll records.

Advise the chief audit executive of the clerk's assertion, despite the lack of supporting evidence.

Ask the clerk to provide a list of any suspicious new employee names on the payroll.

Investigate the matter further to understand precisely how many payroll records were affected.

Which of the following is the internal audit activity expected to do with respect to the organization's governance processes?

Achieve agreement with the board regarding the range of activities, depth of review, and time period to include in the assessment.

Formally audit all governance activities.

Provide strategic guidance on the organizational processes to senior management.

Achieve agreement with the board regarding the range of activities, depth of review, and time period to include in the assessment.

Audit against the governance structures and practices widely used in the industry.

IIA IIA-CIA-Part1 Practice Test 15 - Free Online Exam Prep & Questions

A manufacturing organization's chief audit executive (CAE) was approached by the head of security from one of the manufacturer's third party suppliers The head of security requested internal audit records from a recent audit engagement involving the third-party supplier The head of security believed those records contained information that would enable to identify employees of the thirdparty supplier who may be involved m fraudulent activities What is the most appropriate course of action for the CAE?

Become a Premium Member for full access

Unlock Premium Member

IIA IIA-CIA-Part1 Practice Test 15

Question

IIA IIA-CIA-Part1 Practice Tests

Practice Tests