ExamGecko
Search Search Login
Home Home / IIA / IIA-CIA-Part2

IIA IIA-CIA-Part2 Practice Test - Questions Answers, Page 23

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

How should an internal auditor approach preparing a detailed risk assessment during engagement planning?
A newly promoted chief audit executive (CAE) is faced with a backlog of assurance engagement reports to review for approval. In an attempt to attach a priority for this review, the CAE scans the opinion statement on each report. According to IIA guidance, which of the following opinions would receive the lowest review priority? 1. Graded positive opinion. 2. Negative assurance opinion. 3. Limited assurance opinion. 4. Third-party opinion.
After the team member who specialized in fraud investigations left the internal audit team, the chief audit executive decided to outsource fraud investigations to a third party service provider on an as needed basis. Which of the following is most likely to be a disadvantage of this outsourcing decision?
What is the primary reason that audit supervision includes approval of the engagement report?
Internal audit staff lacks the expertise to perform a fraud investigation engagement stemming from a whistleblowing incident. Which of the following is the most appropriate option for the chief audit executive?
According to the MA guidance, which of the following does the engagement work program test in a review of an organizational process?
An internal auditor wanted to determine whether company vehicles were being used for personal purposes She extracted a report that listed company vehicle numbers business units to which the vehicles are allocated travel dates, travel duration and mileage She then filtered the data for weekend dates Which of the following additional information would the auditor need?
According to an internal audit observation, the organization's rules of record management require all contracts to be registered and stored in a specific electronic system. One subsidiary has thousands of client contracts on paper, which are kept in the office because there are not enough assistants to scan the contracts into the system. Which of the following component should be added to this observation?
A code of business conduct should include which of the following to increase its deterrent effect? 1. Appropriate descriptions of penalties for misconduct. 2. A notification that code of conduct violations may lead to criminal prosecution. 3. A description of violations that injure the interests of the employer. 4. A list of employees covered by the code of conduct.
The external auditor has identified a number of production process control deficiencies involving several departments. As a result, senior management has asked the internal audit activity to complete internal control training for all related staff. According to IIA guidance, which of the following would be the most appropriate course of action for the chief audit executive to follow?

Question 221

Report
Export
Collapse

When a significant finding is noted early during a review of the accounts payable function, which next course of action is best for communicating the issue?

A.
Intern accounting management via an interim memorandum update
A.
Intern accounting management via an interim memorandum update
Answers
B.
Note the item in the workpapers for inclusion in the final audit report
B.
Note the item in the workpapers for inclusion in the final audit report
Answers
C.
Call a meeting and discuss me issue with the audit committee
C.
Call a meeting and discuss me issue with the audit committee
Answers
D.
Alert the CEO as soon as the issue is discovered
D.
Alert the CEO as soon as the issue is discovered
Answers
Suggested answer: A

Explanation:

When a significant finding is noted early during a review of the accounts payable function, the best course of action for communicating the issue is to inform internal accounting management via an interim memorandum update. This allows for timely communication and potential early remediation actions, ensuring that management is aware of the issue and can address it promptly before the final audit report is issued.

The Institute of Internal Auditors (IIA) Standards

Internal Audit Communication and Reporting Protocols

Question 222

Report
Export
Collapse

Which of the following manual audit approaches describes testing the validity of a document by following it backward to a previously prepared record?

A.
Tracing
A.
Tracing
Answers
B.
Reperformance
B.
Reperformance
Answers
C.
Vouching
C.
Vouching
Answers
D.
Walkthrough
D.
Walkthrough
Answers
Suggested answer: C

Explanation:

Vouching is the manual audit approach that involves testing the validity of a document by following it backward to a previously prepared record. This method helps auditors verify the authenticity and accuracy of transactions by tracing them back to their source documents, such as invoices, receipts, or purchase orders. Vouching is commonly used to detect errors or fraud.

The Institute of Internal Auditors (IIA) Standards

Auditing Techniques and Procedures

Question 223

Report
Export
Collapse

An internal auditor wants to compare performance information from one quarter to another. Which analytics procedure would the auditor use?

A.
Ratio analysis
A.
Ratio analysis
Answers
B.
Trend analysis
B.
Trend analysis
Answers
C.
Vertical analysis
C.
Vertical analysis
Answers
D.
Benchmarking analysis
D.
Benchmarking analysis
Answers
Suggested answer: B

Explanation:

Trend analysis is the analytics procedure that an internal auditor would use to compare performance information from one quarter to another. This technique involves analyzing data over a specific period to identify patterns, trends, and changes in performance metrics. Trend analysis helps auditors understand the direction of key performance indicators and assess whether performance is improving, declining, or remaining stable.

The Institute of Internal Auditors (IIA) Standards

Data Analytics Techniques in Internal Auditing

Question 224

Report
Export
Collapse

An internal auditor wanted to determine whether the organization's 200 employees are charging their work hours accurately to the correct project. The internal auditor selected a sample of 30 employee time reports for testing. Based on the testing, the internal auditor determined the following:

- 5 Time reports were incorrect.

- 21 Time reports were correct.

- 4 Time reports were not supported.

A.
The organization has significant flaws in its reporting of employee time, which could lead to the overstatement of project labor costs. The organization's failure to report accurate and complete employee time could lead to potential fraud and abuse.
A.
The organization has significant flaws in its reporting of employee time, which could lead to the overstatement of project labor costs. The organization's failure to report accurate and complete employee time could lead to potential fraud and abuse.
Answers
B.
The organization needs to ensure that all reporting of employee time is accurate and complete for each of its projects By dang so the organization can minimize potential issues related to overstating employee tames and labor project costs.
B.
The organization needs to ensure that all reporting of employee time is accurate and complete for each of its projects By dang so the organization can minimize potential issues related to overstating employee tames and labor project costs.
Answers
C.
The organization overstated project costs due to inaccurate and incomplete reporting of employee time charged to the affected accounts As a result the organization cannot ensure at protects costs are accurately reported to stakeholders
C.
The organization overstated project costs due to inaccurate and incomplete reporting of employee time charged to the affected accounts As a result the organization cannot ensure at protects costs are accurately reported to stakeholders
Answers
D.
The organization generally ensured that employee hours charged to each project were accurate and complete. However, there were instances of employee time reports that were incorrect or not supported to justify the multiple project labor coats
D.
The organization generally ensured that employee hours charged to each project were accurate and complete. However, there were instances of employee time reports that were incorrect or not supported to justify the multiple project labor coats
Answers
Suggested answer: D

Explanation:

In internal auditing, when assessing the accuracy and completeness of employee time reporting, auditors often use sampling to determine the overall compliance of the process. In this scenario, the internal auditor sampled 30 employee time reports and found 5 incorrect and 4 unsupported reports. This indicates that a majority (21 out of 30) were accurate, suggesting that the organization generally ensures accurate reporting. However, the presence of incorrect and unsupported reports indicates deficiencies that need to be addressed, but do not point to systemic fraud or abuse. Thus, option D accurately reflects the findings by acknowledging both the general accuracy and the instances of errors.

Reference:

The Institute of Internal Auditors (IIA) - Standards for the Professional Practice of Internal Auditing

COSO Framework - Control Activities and Monitoring

Question 225

Report
Export
Collapse

The chief audit executive (CAF) determined that the residual risk identified in an assurance engagement is acceptable. When should this be communicated to senior management?

A.
When the CAE reports the audit outcome to senior management.
A.
When the CAE reports the audit outcome to senior management.
Answers
B.
When the residual risk is identified before the engagement is complete.
B.
When the residual risk is identified before the engagement is complete.
Answers
C.
Immediately, as residual risk should be communicated as soon as possible
C.
Immediately, as residual risk should be communicated as soon as possible
Answers
D.
When management of the area under review has resolved and mitigated the residual risk
D.
When management of the area under review has resolved and mitigated the residual risk
Answers
Suggested answer: A

Explanation:

The chief audit executive (CAE) has the responsibility to communicate audit results, including residual risks, to senior management. According to IIA Standard 2410 - Criteria for Communicating, the CAE should communicate the engagement's objectives, scope, conclusions, recommendations, and action plans. Residual risk, being a part of the audit outcome, should be reported at the same time as the audit results to ensure that senior management is fully informed of all aspects of the engagement. This allows senior management to understand the remaining risks after control measures have been applied.

Reference:

The Institute of Internal Auditors (IIA) - Standards for the Professional Practice of Internal Auditing, Standard 2410 - Criteria for Communicating

Question 226

Report
Export
Collapse

Which of the following information is most appropriate for the chief audit executive to share when coordinating audit plans with other internal and external assurance providers?

A.
Objectives scope and timing at a high level to support coordination while adhering to confidentiality requirements
A.
Objectives scope and timing at a high level to support coordination while adhering to confidentiality requirements
Answers
B.
The area and timing of the audit engagement to ensure confidentially and avoid conflict of interest.
B.
The area and timing of the audit engagement to ensure confidentially and avoid conflict of interest.
Answers
C.
All plan information, including risk assessments, planned tests and past results to maximize the opportunity for coordination with internal and external providers.
C.
All plan information, including risk assessments, planned tests and past results to maximize the opportunity for coordination with internal and external providers.
Answers
D.
No information should be shared with internal and external provider as it could introduce bias into the engagement results.
D.
No information should be shared with internal and external provider as it could introduce bias into the engagement results.
Answers
Suggested answer: A

Explanation:

Coordinating audit plans with other internal and external assurance providers is critical to ensure coverage and avoid duplication of efforts. According to IIA Practice Advisory 2050-1, sharing high-level information such as objectives, scope, and timing supports effective coordination and minimizes the risk of conflicts of interest, while still maintaining confidentiality. Detailed sharing of risk assessments, planned tests, and past results might breach confidentiality and independence standards.

Reference:

The Institute of Internal Auditors (IIA) - Practice Advisory 2050-1: Coordination of Internal and External Audit Activities

Question 227

Report
Export
Collapse

An internal auditor s testing tor proper authorization of contracts and finds that the rate of deviations discovered in the sample is equal to the tolerable deviation rate. When of the following is the most appropriate conclusion for the internal auditor to make based on this result?

A.
The internal auditor concludes that management may be placing undue reliance on me specified control
A.
The internal auditor concludes that management may be placing undue reliance on me specified control
Answers
B.
The internal auditor concludes that the specified control is more effective than it really is.
B.
The internal auditor concludes that the specified control is more effective than it really is.
Answers
C.
The internal auditor concludes that the specified control is acceptably effective
C.
The internal auditor concludes that the specified control is acceptably effective
Answers
D.
The internal auditor concludes that additional testing will be required to evaluate the specified control
D.
The internal auditor concludes that additional testing will be required to evaluate the specified control
Answers
Suggested answer: C

Explanation:

When the rate of deviations discovered in the sample equals the tolerable deviation rate, it means that the control is functioning at the level deemed acceptable by the auditor's predefined criteria. This does not necessarily imply that the control is flawless, but rather that its effectiveness meets the minimum standards set by the audit plan. Therefore, the internal auditor can conclude that the control is acceptably effective, but should also note the potential need for improvement.

Reference:

The Institute of Internal Auditors (IIA) - Standards for the Professional Practice of Internal Auditing, Standard 2320 - Analysis and Evaluation

COSO Framework - Control Activities

Question 228

Report
Export
Collapse

According to IIA guidance, which of the following would be considered necessary for a one-person audit function?

A.
A formalized technical audit manual
A.
A formalized technical audit manual
Answers
B.
A written administrative audit manual
B.
A written administrative audit manual
Answers
C.
A memorandum stating policies and procedures
C.
A memorandum stating policies and procedures
Answers
D.
A comprehensive policy and procedure manual
D.
A comprehensive policy and procedure manual
Answers
Suggested answer: C

Explanation:

For a one-person audit function, the primary focus is on ensuring that there is a clear understanding of the audit policies and procedures without the need for extensive documentation. According to the IIA's guidance, a memorandum stating the policies and procedures would suffice for a one-person audit function, providing a concise yet comprehensive outline of the necessary protocols to follow. This approach ensures that the sole auditor has clear directives while avoiding the administrative burden of maintaining a more extensive manual that might be necessary for larger audit teams.

Reference:

The Institute of Internal Auditors (IIA) - Practice Advisory 2040-1: Policies and Procedures

Question 229

Report
Export
Collapse

During the planning phase of an assurance engagement, an internal auditor seeks to gam an understanding of now when the area under review is accomplishing its objectives When of the

Following information-gathering techniques is the auditor most likely to use?

A.
A review of the key performance indicators of me area under review.
A.
A review of the key performance indicators of me area under review.
Answers
B.
A walkthrough of the key processes of the area under review.
B.
A walkthrough of the key processes of the area under review.
Answers
C.
An interview with the manager regarding the area's business plan.
C.
An interview with the manager regarding the area's business plan.
Answers
D.
A review of previous audit and follow- up results of the area under review
D.
A review of previous audit and follow- up results of the area under review
Answers
Suggested answer: A

Explanation:

During the planning phase of an assurance engagement, gaining an understanding of how the area under review is accomplishing its objectives is crucial. Reviewing key performance indicators (KPIs) is a primary technique because KPIs are directly tied to the objectives and provide measurable data on performance. This review helps the auditor understand whether the objectives are being met effectively and highlights areas that may require further investigation.

Reference:

The Institute of Internal Auditors (IIA) - Standards for the Professional Practice of Internal Auditing, Standard 2201 - Planning Considerations

Question 230

Report
Export
Collapse

What is the purpose of an internal control questionnaire?

A.
To gather information from a sample of people who are geographically dispersed
A.
To gather information from a sample of people who are geographically dispersed
Answers
B.
To assess risks that could prevent an audited area from achieving its objectives.
B.
To assess risks that could prevent an audited area from achieving its objectives.
Answers
C.
To evaluate tie level of compliance of remote offices with centrally designed procedures
C.
To evaluate tie level of compliance of remote offices with centrally designed procedures
Answers
D.
To perform testing of controls more frequently
D.
To perform testing of controls more frequently
Answers
Suggested answer: B

Explanation:

An internal control questionnaire (ICQ) is a tool used by auditors to gather detailed information about the internal control system of an audited area. The primary purpose of an ICQ is to identify and assess risks that could prevent the area from achieving its objectives. By systematically covering various control points, the questionnaire helps the auditor evaluate the adequacy and effectiveness of controls in place and identify areas where controls may be lacking or need improvement.

Reference:

The Institute of Internal Auditors (IIA) - Practice Guide: Internal Control Questionnaire

Total 461 questions
Go to page: of 47
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms