ExamGecko
Search Search Login
Home Home / IIA / IIA-CIA-Part2

IIA IIA-CIA-Part2 Practice Test - Questions Answers, Page 20

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

How should an internal auditor approach preparing a detailed risk assessment during engagement planning?
A newly promoted chief audit executive (CAE) is faced with a backlog of assurance engagement reports to review for approval. In an attempt to attach a priority for this review, the CAE scans the opinion statement on each report. According to IIA guidance, which of the following opinions would receive the lowest review priority? 1. Graded positive opinion. 2. Negative assurance opinion. 3. Limited assurance opinion. 4. Third-party opinion.
After the team member who specialized in fraud investigations left the internal audit team, the chief audit executive decided to outsource fraud investigations to a third party service provider on an as needed basis. Which of the following is most likely to be a disadvantage of this outsourcing decision?
Internal audit staff lacks the expertise to perform a fraud investigation engagement stemming from a whistleblowing incident. Which of the following is the most appropriate option for the chief audit executive?
According to the MA guidance, which of the following does the engagement work program test in a review of an organizational process?
An internal auditor wanted to determine whether company vehicles were being used for personal purposes She extracted a report that listed company vehicle numbers business units to which the vehicles are allocated travel dates, travel duration and mileage She then filtered the data for weekend dates Which of the following additional information would the auditor need?
According to an internal audit observation, the organization's rules of record management require all contracts to be registered and stored in a specific electronic system. One subsidiary has thousands of client contracts on paper, which are kept in the office because there are not enough assistants to scan the contracts into the system. Which of the following component should be added to this observation?
A code of business conduct should include which of the following to increase its deterrent effect? 1. Appropriate descriptions of penalties for misconduct. 2. A notification that code of conduct violations may lead to criminal prosecution. 3. A description of violations that injure the interests of the employer. 4. A list of employees covered by the code of conduct.
The external auditor has identified a number of production process control deficiencies involving several departments. As a result, senior management has asked the internal audit activity to complete internal control training for all related staff. According to IIA guidance, which of the following would be the most appropriate course of action for the chief audit executive to follow?
Which of the following is an appropriate responsibility for the internal audit activity with regard to the organization's risk management program?

Question 191

Report
Export
Collapse

An internal auditor collected several employee testimonials Which of the following is the best action for the internal auditor to take before drawing a conclusion?

A.
Ensure the testimonials are well documented
A.
Ensure the testimonials are well documented
Answers
B.
Substantiate the testimonials with physical or documentary evidence
B.
Substantiate the testimonials with physical or documentary evidence
Answers
C.
Corroborate testimonials with the results from other soft control techniques
C.
Corroborate testimonials with the results from other soft control techniques
Answers
D.
Review the testimonials with the interviewed employees
D.
Review the testimonials with the interviewed employees
Answers
Suggested answer: B

Explanation:

Internal auditors must corroborate employee testimonials with tangible evidence to ensure the reliability and validity of the findings. Relying solely on testimonials without supporting evidence can lead to inaccurate conclusions. Standard 2310 -- Identifying Information of the International Standards for the Professional Practice of Internal Auditing emphasizes that sufficient, reliable, relevant, and useful information should be obtained to achieve the engagement's objectives.

Reference:

Institute of Internal Auditors (IIA), International Standards for the Professional Practice of Internal Auditing (Standards), Standard 2310 -- Identifying Information.

Question 192

Report
Export
Collapse

Which of the following statements concerning workpapers is the most accurate?

A.
The organization and the format of workpapers is the same for all engagements
A.
The organization and the format of workpapers is the same for all engagements
Answers
B.
The extent of what is included in workpapers is a matter of professional judgment
B.
The extent of what is included in workpapers is a matter of professional judgment
Answers
C.
Workpapers should be complete so that every conceivable question that can be raised should be answered
C.
Workpapers should be complete so that every conceivable question that can be raised should be answered
Answers
D.
Copies of operational managements records should not be included, but referenced so that they can be located
D.
Copies of operational managements records should not be included, but referenced so that they can be located
Answers
Suggested answer: B

Explanation:

The organization and content of workpapers should be based on the professional judgment of the internal auditor. Workpapers should provide sufficient detail to support the audit findings and conclusions but do not need to answer every conceivable question. Standard 2330 -- Documenting Information states that internal auditors must document relevant information to support the conclusions and engagement results. This allows for flexibility and professional judgment in determining what is necessary and appropriate to include.

Reference:

Institute of Internal Auditors (IIA), International Standards for the Professional Practice of Internal Auditing (Standards), Standard 2330 -- Documenting Information.

Question 193

Report
Export
Collapse

Which of the following reasonably represents best practices regarding what should be the level of internal audit resource investment in monitoring and following up on engagement outcomes?

A.
Limited resources should be employed since the actual engagement is already completed and the onus of corrective actions rests with management
A.
Limited resources should be employed since the actual engagement is already completed and the onus of corrective actions rests with management
Answers
B.
No resources should be exclusively deployed for that at all rather it should be planned as part of future engagements in the same area
B.
No resources should be exclusively deployed for that at all rather it should be planned as part of future engagements in the same area
Answers
C.
Resources should only be provided towards this if doing so does not result in depletion of resources for new engagements planned in the current period
C.
Resources should only be provided towards this if doing so does not result in depletion of resources for new engagements planned in the current period
Answers
D.
Resources should be allocated to this without conditions as long as doing so meets the expectations of management and the judgment of the chief audit executive.
D.
Resources should be allocated to this without conditions as long as doing so meets the expectations of management and the judgment of the chief audit executive.
Answers
Suggested answer: D

Explanation:

Best practices in internal auditing emphasize the importance of follow-up on engagement outcomes to ensure that agreed-upon actions are implemented and effective. According to Standard 2500 -- Monitoring Progress, the chief audit executive must establish and maintain a system to monitor the disposition of results communicated to management. This ensures that corrective actions are taken and that the internal audit function fulfills its role in improving the organization's governance, risk management, and control processes. Allocating resources for follow-up is crucial to maintain accountability and support continuous improvement.

Reference:

Institute of Internal Auditors (IIA), International Standards for the Professional Practice of Internal Auditing (Standards), Standard 2500 -- Monitoring Progress.

Question 194

Report
Export
Collapse

An internal audit manager is planning a contract compliance audit Which of the following should be done prior to developing the audit work program?

A.
Select a sample of invoices for substantive testing
A.
Select a sample of invoices for substantive testing
Answers
B.
Review the contract for evidence of authorization
B.
Review the contract for evidence of authorization
Answers
C.
Document underlying reasons for noncompliance
C.
Document underlying reasons for noncompliance
Answers
D.
Assess the inherent risk of paying duplicate invoices
D.
Assess the inherent risk of paying duplicate invoices
Answers
Suggested answer: B

Explanation:

Before developing the audit work program, it is essential to review the contract for evidence of authorization. This step ensures that the contract is valid and approved by the appropriate parties, forming a critical basis for the compliance audit. By confirming authorization, the auditor can ascertain that the contract is legitimate and enforceable, and understand its key terms and conditions, which is necessary for planning and executing the audit effectively. Other steps, such as selecting a sample or assessing risks, are important but should follow after understanding the contract's validity and scope.

Reference:

Institute of Internal Auditors (IIA), International Standards for the Professional Practice of Internal Auditing (Standards), Standard 2201 -- Planning Considerations.

Question 195

Report
Export
Collapse

Which of the following best describes how an internal auditor would use a flowchart during engagement planning?

A.
To prepare for testing the effectiveness of controls
A.
To prepare for testing the effectiveness of controls
Answers
B.
To plan for evaluating potential losses
B.
To plan for evaluating potential losses
Answers
C.
To prepare a sampling plan for the engagement
C.
To prepare a sampling plan for the engagement
Answers
D.
To evaluate the design of controls
D.
To evaluate the design of controls
Answers
Suggested answer: D

Explanation:

During engagement planning, an internal auditor uses a flowchart to evaluate the design of controls. A flowchart visually represents the processes and controls within the organization, helping the auditor identify control points, weaknesses, and potential risks. This understanding is critical for planning the audit, as it allows the auditor to design tests that effectively assess whether the controls are properly designed and implemented to mitigate risks.

Reference:

Institute of Internal Auditors (IIA), International Standards for the Professional Practice of Internal Auditing (Standards), Standard 2210 -- Engagement Objectives.

Question 196

Report
Export
Collapse

A chief audit executive (CAE) reviews the supervision of an internal audit engagement Which of the following would most likely assure the CAE that the engagement had adequate supervision?

A.
The engagement supervisor has an open door pokey for audit team members to discuss concerns
A.
The engagement supervisor has an open door pokey for audit team members to discuss concerns
Answers
B.
The supervisor reviews weekly progress reports from the audit team members
B.
The supervisor reviews weekly progress reports from the audit team members
Answers
C.
The supervisor reviews and initials internal audit workpapers for the engagement
C.
The supervisor reviews and initials internal audit workpapers for the engagement
Answers
D.
The supervisor meets periodically with management in the reviewed area to get feedback during the engagement.
D.
The supervisor meets periodically with management in the reviewed area to get feedback during the engagement.
Answers
Suggested answer: C

Explanation:

Reviewing and initialing internal audit workpapers ensures that the engagement has adequate supervision. This practice demonstrates that the supervisor has reviewed the work performed by the audit team, verified the accuracy and completeness of the documentation, and provided necessary guidance. It is a critical step in the quality assurance process, ensuring that the audit findings and conclusions are supported by sufficient and appropriate evidence.

Reference:

Institute of Internal Auditors (IIA), International Standards for the Professional Practice of Internal Auditing (Standards), Standard 2340 -- Engagement Supervision.

Question 197

Report
Export
Collapse

Which of the following would present the most critical external risk to an organization?

A.
The organization experiences a merger, and the management team is reorganized and redistributed globally
A.
The organization experiences a merger, and the management team is reorganized and redistributed globally
Answers
B.
The organization launches a product into new global markets
B.
The organization launches a product into new global markets
Answers
C.
After minimal testing, the organization implements a new system to replace a legacy system
C.
After minimal testing, the organization implements a new system to replace a legacy system
Answers
D.
Regulators announce broad legislative reforms applicable to the industry within which the organization operates
D.
Regulators announce broad legislative reforms applicable to the industry within which the organization operates
Answers
Suggested answer: D

Explanation:

Broad legislative reforms present the most critical external risk to an organization because they can fundamentally change the regulatory environment in which the organization operates. Such changes can impact compliance requirements, operational processes, and strategic planning. The organization must quickly adapt to remain compliant and avoid penalties or legal issues. This type of risk is external and largely uncontrollable, making it particularly critical compared to internal changes or new market entries.

Reference:

Institute of Internal Auditors (IIA), International Standards for the Professional Practice of Internal Auditing (Standards), Standard 2120 -- Risk Management.

Question 198

Report
Export
Collapse

Which of the following computerized audit tools or techniques should be used if the internal auditor wants to extract specific files and records in the database?

A.
An expert or decision support system
A.
An expert or decision support system
Answers
B.
Generalized audit software
B.
Generalized audit software
Answers
C.
A system utility program
C.
A system utility program
Answers
D.
An integrated test facility
D.
An integrated test facility
Answers
Suggested answer: B

Explanation:

Generalized audit software (GAS) is specifically designed to assist auditors in performing various audit tasks, including extracting specific files and records from databases. GAS tools, such as ACL and IDEA, allow auditors to import data from various systems, query databases, perform data analysis, and generate reports. This makes them ideal for tasks that require the extraction and examination of specific records or data sets within a database. Other options, such as expert systems or system utility programs, do not offer the same targeted capabilities for data extraction relevant to auditing tasks.

Reference:

Institute of Internal Auditors (IIA), Global Technology Audit Guide (GTAG) -- Generalized Audit Software (GAS).

Question 199

Report
Export
Collapse

In which of the following situations would an internal control questionnaire best suit the internal auditor's purpose?

A.
The auditor wants to receive mid-level management insight on how to improve hiring practices
A.
The auditor wants to receive mid-level management insight on how to improve hiring practices
Answers
B.
The auditor wants to obtain information on whether adherence to approval matrices is actually taking place in different maintenance units.
B.
The auditor wants to obtain information on whether adherence to approval matrices is actually taking place in different maintenance units.
Answers
C.
The auditor wants to gain assurance that inventory counts are conducted in accordance with established procedures.
C.
The auditor wants to gain assurance that inventory counts are conducted in accordance with established procedures.
Answers
D.
The auditor wants to assess whether different subsidiaries apply centrally established procurement rules in the same manner
D.
The auditor wants to assess whether different subsidiaries apply centrally established procurement rules in the same manner
Answers
Suggested answer: B

Explanation:

An internal control questionnaire (ICQ) is designed to gather detailed information about the operation of specific controls within an organization. It is particularly useful for understanding whether controls, such as adherence to approval matrices, are being followed consistently across different units. ICQs provide a structured way to collect this information from respondents, ensuring that all relevant aspects of the control environment are considered. This method is effective for assessing compliance with established procedures and identifying areas for improvement.

Reference:

Institute of Internal Auditors (IIA), Practice Guide -- Internal Control Questionnaire.

Question 200

Report
Export
Collapse

Which of the following is a disadvantage of using flowcharts during a risk assessment?

A.
People cannot quickly understand the processes via flowcharts
A.
People cannot quickly understand the processes via flowcharts
Answers
B.
Flowcharts are not applicable for evaluating the design of controls
B.
Flowcharts are not applicable for evaluating the design of controls
Answers
C.
Some serious risks that are not part of the linear process can be missed
C.
Some serious risks that are not part of the linear process can be missed
Answers
D.
Flowcharts do not enable auditors to identify missing controls
D.
Flowcharts do not enable auditors to identify missing controls
Answers
Suggested answer: C

Explanation:

One disadvantage of using flowcharts during a risk assessment is that they may not capture serious risks that are not part of the linear process flow. Flowcharts are excellent tools for visualizing processes and identifying control points within a structured workflow. However, they might overlook risks that arise from non-linear interactions, external factors, or complex interdependencies that are not easily represented in a flowchart format. This limitation can result in an incomplete risk assessment if the auditor relies solely on flowcharts without considering other methods to identify all potential risks.

Reference:

Institute of Internal Auditors (IIA), Practice Guide -- Auditing the Control Environment.

Total 461 questions
Go to page: of 47
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms