ExamGecko
Search Search Login
Home Home / IIA / IIA-CIA-Part2

IIA IIA-CIA-Part2 Practice Test - Questions Answers, Page 11

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

How should an internal auditor approach preparing a detailed risk assessment during engagement planning?
A newly promoted chief audit executive (CAE) is faced with a backlog of assurance engagement reports to review for approval. In an attempt to attach a priority for this review, the CAE scans the opinion statement on each report. According to IIA guidance, which of the following opinions would receive the lowest review priority? 1. Graded positive opinion. 2. Negative assurance opinion. 3. Limited assurance opinion. 4. Third-party opinion.
Internal audit staff lacks the expertise to perform a fraud investigation engagement stemming from a whistleblowing incident. Which of the following is the most appropriate option for the chief audit executive?
According to the MA guidance, which of the following does the engagement work program test in a review of an organizational process?
An internal auditor wanted to determine whether company vehicles were being used for personal purposes She extracted a report that listed company vehicle numbers business units to which the vehicles are allocated travel dates, travel duration and mileage She then filtered the data for weekend dates Which of the following additional information would the auditor need?
According to an internal audit observation, the organization's rules of record management require all contracts to be registered and stored in a specific electronic system. One subsidiary has thousands of client contracts on paper, which are kept in the office because there are not enough assistants to scan the contracts into the system. Which of the following component should be added to this observation?
An examination of the accounts payable function evidenced multiple findings with respect to segregation of duties. After management's response and action plan are received and documented in the final report, which of the following is most appropriate?
Senior management wants assurance that third-party contractors are following procedures as agreed with the organization. Which type of audit would be most appropriate to achieve this objective?
According to IIA guidance which of the following statements is true regarding heat maps?
An internal auditor wants to identity potential ghost employees in the organization's payroll system The auditor extracts the following data - Human resources data with employees' names addresses employment conditions and identification codes - Payroll data - Logs from entrance systems With this data, which of the following types of ghost employees will the auditor be able to identify?

Question 101

Report
Export
Collapse

According to IIA guidance, which of the following accurately describes the responsibilities of the chief audit executive with respect to the final audit report?

1. Coordinate post-engagement conferences to discuss the final audit report with management.

2. Include management's responses in the final audit report.

3. Review and approve the final audit report.

4. Determine who will receive the final audit report.

A.
1 and 2
A.
1 and 2
Answers
B.
1 and 4
B.
1 and 4
Answers
C.
2 and 3
C.
2 and 3
Answers
D.
3 and 4
D.
3 and 4
Answers
Suggested answer: D

Explanation:

According to IIA guidance, the chief audit executive (CAE) is responsible for reviewing and approving the final audit report and determining who will receive it. The CAE ensures that the report is complete, accurate, and disseminated to appropriate parties. Including management's responses in the final report and coordinating post-engagement conferences with management, while important, are not the CAE's primary responsibilities.

IIA Standards: 2440 - Disseminating Results

IIA Practice Guide: Communicating Results to Management and the Board

Question 102

Report
Export
Collapse

According to IIA guidance, which of the following factors should the auditor in charge consider when determining the resource requirements for an audit engagement?

A.
The number, experience, and availability of audit staff as well as the nature, complexity, and time constraints of the engagement.
A.
The number, experience, and availability of audit staff as well as the nature, complexity, and time constraints of the engagement.
Answers
B.
The appropriateness and sufficiency of resources and the ability to coordinate with external auditors.
B.
The appropriateness and sufficiency of resources and the ability to coordinate with external auditors.
Answers
C.
The number, proficiency, experience, and availability of audit staff as well as the ability to coordinate with external auditors.
C.
The number, proficiency, experience, and availability of audit staff as well as the ability to coordinate with external auditors.
Answers
D.
The appropriateness and sufficiency of resources as well as the nature, complexity, and time constraints of the engagement.
D.
The appropriateness and sufficiency of resources as well as the nature, complexity, and time constraints of the engagement.
Answers
Suggested answer: A

Explanation:

According to IIA guidance, the auditor in charge should consider the number, experience, and availability of audit staff as well as the nature, complexity, and time constraints of the engagement when determining resource requirements. These factors ensure that the engagement is staffed appropriately and that the audit team has the necessary skills and time to perform the audit effectively.

IIA Standards: 2230 - Engagement Resource Allocation

IIA Practice Guide: Coordination and Reliance: Developing an Assurance Map

Question 103

Report
Export
Collapse

According to IIA guidance, which of the following is least likely to be a key financial control in an organization's accounts payable process?

A.
Require the approval of additions and changes to the vendor master listing, where the inherent risk of false vendors is high.
A.
Require the approval of additions and changes to the vendor master listing, where the inherent risk of false vendors is high.
Answers
B.
Monitor amounts paid each period and compare them to the budget to identify potential issues.
B.
Monitor amounts paid each period and compare them to the budget to identify potential issues.
Answers
C.
Compare employee addresses to vendor addresses to identify potential employee fraud.
C.
Compare employee addresses to vendor addresses to identify potential employee fraud.
Answers
D.
Monitor customer quality complaints compared to the prior period to identify vendor issues.
D.
Monitor customer quality complaints compared to the prior period to identify vendor issues.
Answers
Suggested answer: D

Explanation:

According to IIA guidance, monitoring customer quality complaints compared to the prior period to identify vendor issues is least likely to be a key financial control in an organization's accounts payable process. Key financial controls in accounts payable typically focus on preventing and detecting fraud and errors in the payment process, such as requiring approval for vendor changes, monitoring payment amounts, and comparing employee and vendor addresses to prevent fraud. Monitoring customer quality complaints is more relevant to quality control and vendor management rather than financial control.

IIA Standards: 2130 - Control

IIA Practice Guide: Auditing the Accounts Payable Process

Question 104

Report
Export
Collapse

Which of the following is an appropriate role for the internal audit activity with regard to the organization's risk management program?

A.
Identify and manage risks in line with the organization's risk appetite.
A.
Identify and manage risks in line with the organization's risk appetite.
Answers
B.
Ensure that a proper and effective risk management process exists.
B.
Ensure that a proper and effective risk management process exists.
Answers
C.
Attain an adequate understanding of the organization's key risk mitigation strategies.
C.
Attain an adequate understanding of the organization's key risk mitigation strategies.
Answers
D.
Identify and ensure that appropriate controls exist to mitigate risks.
D.
Identify and ensure that appropriate controls exist to mitigate risks.
Answers
Suggested answer: C

Explanation:

According to IIA guidance, an appropriate role for the internal audit activity with regard to the organization's risk management program is to attain an adequate understanding of the organization's key risk mitigation strategies. This enables internal auditors to evaluate the effectiveness of risk management processes and provide assurance on the adequacy of risk controls. Identifying and managing risks, ensuring risk management processes exist, and ensuring controls exist to mitigate risks are responsibilities of management, not internal audit.

IIA Standards: 2120 - Risk Management

IIA Practice Guide: Internal Audit's Role in Risk Management

Question 105

Report
Export
Collapse

Which of the following would not be a typical activity for the chief audit executive to perform following an audit engagement?

A.
Report follow-up activities to senior management.
A.
Report follow-up activities to senior management.
Answers
B.
Implement follow-up procedures to evaluate residual risk.
B.
Implement follow-up procedures to evaluate residual risk.
Answers
C.
Determine the costs of implementing the recommendations.
C.
Determine the costs of implementing the recommendations.
Answers
D.
Evaluate the extent of improvements.
D.
Evaluate the extent of improvements.
Answers
Suggested answer: C

Explanation:

The chief audit executive (CAE) typically performs several activities following an audit engagement, including reporting follow-up activities to senior management, implementing follow-up procedures to evaluate residual risk, and evaluating the extent of improvements. These activities are crucial to ensure that audit recommendations are properly addressed and that any residual risks are managed effectively. However, determining the costs of implementing the recommendations is not typically a responsibility of the CAE. This task is usually handled by the management of the area being audited, as they have the detailed operational knowledge necessary to accurately estimate these costs.

Reference:

The IIA's International Standards for the Professional Practice of Internal Auditing (Standards), specifically Standard 2500 - Monitoring Progress.

The IIA's Practice Guide on Follow-up Processes.

Question 106

Report
Export
Collapse

During an audit of the accounts receivable (AR) process, an internal auditor noted that reconciliations are still not performed regularly by the AR staff, a recommendation that was made following a previous audit. Monitoring by the financial reporting function has failed to detect the shortcoming. Both the financial reporting function and AR report to the controller, who is responsible for implementing action plans. Which of the following supports the internal auditor's decision to combine both observations into one reported finding?

A.
The observation was made during the same audit, and the action plan has a common owner.
A.
The observation was made during the same audit, and the action plan has a common owner.
Answers
B.
The observation relates to the same control activity within a common process.
B.
The observation relates to the same control activity within a common process.
Answers
C.
The observation has a common control, and it was noted in a prior audit.
C.
The observation has a common control, and it was noted in a prior audit.
Answers
D.
The observation has a common process, and the action plan for the observation has a common owner.
D.
The observation has a common process, and the action plan for the observation has a common owner.
Answers
Suggested answer: A

Explanation:

Combining observations into one reported finding can be appropriate when they were noted during the same audit and the action plan has a common owner. In this case, the failure of both the financial reporting function and the AR staff to perform reconciliations regularly is interconnected and points to a systemic issue under the responsibility of the controller. Addressing these issues together can provide a more comprehensive view of the control deficiencies and facilitate more effective remediation.

Reference:

The IIA's International Standards for the Professional Practice of Internal Auditing (Standards), specifically Standard 2410 - Criteria for Communicating.

The IIA's Practice Advisory on Communicating Results.

Question 107

Report
Export
Collapse

A chief audit executive (CAE) received a detailed internal report of senior management's internal control assessment. Which of the following subsequent actions by the CAE would provide the greatest assurance over management's assertions?

A.
Assert whether the described and reported control processes and systems exist.
A.
Assert whether the described and reported control processes and systems exist.
Answers
B.
Assess whether senior management adequately supports and promotes the internal control culture described in the report.
B.
Assess whether senior management adequately supports and promotes the internal control culture described in the report.
Answers
C.
Evaluate the completeness of the report and management's responses to identified deficiencies.
C.
Evaluate the completeness of the report and management's responses to identified deficiencies.
Answers
D.
Determine whether management's operating style and the philosophy described in the report reflect the effective functioning of internal controls.
D.
Determine whether management's operating style and the philosophy described in the report reflect the effective functioning of internal controls.
Answers
Suggested answer: C

Explanation:

The greatest assurance over management's assertions would be provided by evaluating the completeness of the report and management's responses to identified deficiencies. This involves ensuring that all relevant control processes and deficiencies have been identified, and that management has provided appropriate and comprehensive responses to each issue. This step ensures that the internal control assessment is thorough and that management is actively addressing any weaknesses.

Reference:

The IIA's International Standards for the Professional Practice of Internal Auditing (Standards), specifically Standard 2130 - Control.

The IIA's Practice Guide on Assessing the Adequacy of Internal Controls.

Question 108

Report
Export
Collapse

Which of the followings statements describes a best practice regarding assurance engagement communication activities?

A.
All assurance engagement observations should be communicated to the audit committee.
A.
All assurance engagement observations should be communicated to the audit committee.
Answers
B.
All assurance engagement observations should be included in the main section of the engagement communication.
B.
All assurance engagement observations should be included in the main section of the engagement communication.
Answers
C.
During the 'communicate' phase of an assurance engagement, it is best to define the methods and timing of engagement communications.
C.
During the 'communicate' phase of an assurance engagement, it is best to define the methods and timing of engagement communications.
Answers
D.
A detailed escalation process should be developed during the planning stage of an assurance engagement.
D.
A detailed escalation process should be developed during the planning stage of an assurance engagement.
Answers
Suggested answer: C

Explanation:

Best practices for assurance engagement communication activities include defining the methods and timing of engagement communications during the 'communicate' phase. This ensures that all stakeholders are aware of how and when they will receive information about the engagement, facilitating clear and effective communication. While it is important to communicate significant observations to relevant parties, including the audit committee if necessary, and to escalate issues as appropriate, the method and timing of these communications are crucial for maintaining clarity and coordination throughout the engagement.

Reference:

The IIA's International Standards for the Professional Practice of Internal Auditing (Standards), specifically Standard 2420 - Quality of Communications.

The IIA's Practice Guide on Communicating Assurance Engagement Results.

Question 109

Report
Export
Collapse

An engagement team is being assembled to audit of one of the organization's vendors Which of the following statements best applies to this scenario?

A.
The engagement team should include internal auditors who have expertise in investigating vendor fraud
A.
The engagement team should include internal auditors who have expertise in investigating vendor fraud
Answers
B.
The engagement team should be composed of certified accountants who are proficient In financial statement analysis and local accounting principles
B.
The engagement team should be composed of certified accountants who are proficient In financial statement analysis and local accounting principles
Answers
C.
To preserve independence and objectivity, an auditor who worked for the vendor two years prior may not participate on the engagement team
C.
To preserve independence and objectivity, an auditor who worked for the vendor two years prior may not participate on the engagement team
Answers
D.
The engagement team may include an auditor who lacks knowledge of the industry in which the vendor operates
D.
The engagement team may include an auditor who lacks knowledge of the industry in which the vendor operates
Answers
Suggested answer: A

Explanation:

According to IIA guidance, when assembling an engagement team to audit a vendor, it is crucial to include internal auditors who have expertise in investigating vendor fraud. This expertise is essential for identifying and assessing fraud risks associated with the vendor and ensuring a thorough and effective audit. While proficiency in financial statement analysis and local accounting principles is valuable, the specific context of vendor fraud requires specialized knowledge in that area.

IIA Standards: 1210.A2 - Proficiency

IIA Practice Guide: Auditing Third-Party Risk Management

Question 110

Report
Export
Collapse

When me internal audit activity does not have sufficient time to complete its usual root cause analysis which c4 the following is most appropriate?

A.
The chief audit executive may recommend that management conduct further work to identify the root cause and address the issue
A.
The chief audit executive may recommend that management conduct further work to identify the root cause and address the issue
Answers
B.
Internal auditors should finish the engagement without conducting the root cause analysis and draft the audit report, though the report would not be considered complete until the analysis is concluded
B.
Internal auditors should finish the engagement without conducting the root cause analysis and draft the audit report, though the report would not be considered complete until the analysis is concluded
Answers
C.
internal auditors must adjust their future engagement schedule to ensure that the root cause analysis is always performed before the engagement is concluded
C.
internal auditors must adjust their future engagement schedule to ensure that the root cause analysis is always performed before the engagement is concluded
Answers
D.
Internal auditors should Instead perform a Pareto rule analysis
D.
Internal auditors should Instead perform a Pareto rule analysis
Answers
Suggested answer: A

Explanation:

According to IIA guidance, if the internal audit activity does not have sufficient time to complete its usual root cause analysis, the chief audit executive (CAE) may recommend that management conduct further work to identify the root cause and address the issue. This approach ensures that the root cause is still identified and addressed without delaying the audit report, maintaining the integrity and usefulness of the audit findings while leveraging management's resources.

IIA Standards: 2410.A1 - Criteria for Communicating

IIA Practice Guide: Root Cause Analysis

Total 461 questions
Go to page: of 47
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms