IIA IIA-CIA-Part1 Practice Test - Questions Answers, Page 63
Question list
List of questions
Related questions
According to HA guidance, which of the following would best support the internal auditor's conclusion that the organization's risk management processes are effective?
The organization has identified all applicable operational and financial risks.
The organization has documented its strategic and business objectives.
The organization has selected risk responses aligned with its risk appetite.
The organization has documented risk information pertinent to its business.
According to HA guidance, which of the following is true regarding independence and objectivity for small internal audit activities?
The chief audit executive (CAE) may consider including a disclaimer on independence in audit reports.
The CAE may consider greater involvement of those with suitable knowledge of audit practice.
Conformance with this Standard is not dependent upon the size of the internal audit activity.
Due to the small size of the internal audit activity, having an external assessment once every seven years is acceptable.
A subsidiary of the organization was preparing for an initial public offering (IPO). Af the request of the audit committee, the chief audit executive (CAE) and all senior audit staff were actively involved in the process by helping collect and validate financial data, conducting assessments, and participating in meetings with IPO advisors. Six months later, it became obvious that the IPO had to be canceled. Newly appointed audit committee members requested an assurance engagement that v/ould assess the IPO preparation process. Which of the following would be the best course of action for the chief audit executive (CAE) to take?
The decision to involve auditors in the IPO was made by former audit committee members; therefore, the CAE is not responsible and can proceed with the new assignment.
The CAE should reject the assignment, as such engagements are beyond the scope of auditors who are usually not familiar with root cause analysis methodology.
The engagement should be undertaken by audit assistants and other junior staff members who were not involved in the IPO process.
The CAE should disclose objectivity limitations to the audit committee and suggest alternatives, such as outsourcing the engagement.
What would be the proper sequence of steps for an internal auditor to take in order to draw a conclusion on internal control effectiveness and adequacy after ascertaining the key controls?
Evaluate the adequacy of the controls and then test the controls for effectiveness.
Test the controls for effectiveness and then evaluate the adequacy of the controls.
Identify risks and then evaluate the controls for effectiveness.
Evaluate the controls for effectiveness and then assess the risks in the area.
Which statement is accurate regarding reporting on the quality assurance and improvement program (OAIP) to conform with the International Standards for the Professional Practice of Internal Auditing?
The chief audit executive (CAE) should report all stages of the OAlP's development and key milestones.
The CAE should report only corrective action plans that meet external assessor or stakeholder requirements.
The CAE should establish the form and content of program communication so that it is in alignment with the internal audit activity charter.
The CAE should disclose program details only after both internal and external assessments have been completed.
Which of the following statements best describes a functional difference between external auditors and internal auditors?
Internal auditors evaluate past achievements to understand whether controls are operating effectively, and external auditors focus on the accuracy of financial reporting.
Internal auditors provide assurance about the sufficiency of controls to manage risks. Including risks of failure to achieve future goals, and external auditors evaluate the accuracy and understandability of financial reporting.
internal auditors are always employed by the organization, rather than outsourced, and external auditors are never employed by the organization but contracted independently.
Internal auditors are most directly concerned with the detection of fraud, while external auditors are most directly concerned with the prevention of fraud.
Which of the following is a control that is used mainly to check the integrity of data entered into a business application, whether the data is entered directly by staff, remotely by a business partner, or through a web-enabled application?
General IT control.
Processing control.
Input control
Integrity control
Which of the following should play a leading role in overseeing ihe ethical atmosphere of an organization?
Internal audit activity.
Operating management.
Senior management.
Board of directors.
Senior management and the board have expressed concerns about the length of engagements and whether their outcome aligns with the organization's strategies and objectives. Which of the following actions, if taken by the chief audit executive, could address these concerns?
Communicating to internal audit staff instructions for completing engagements within shorter time periods.
Requesting additional funding from the board to train internal audit staff on time and resource management.
Implementing the use of agile auditing during engagements to meet expectations.
Encouraging internal audit staff to participate in workshops to further develop their understanding of the organization's strategies.
When the chief audit executive Is responsible for risk management in an organization, which of the following parties is responsible for overseeing the internal audit activity's assurance over risk management?
The chief audit executive.
A member of the compliance function.
A party outside of the internal audit activity.
A member of the risk management function.
Question