ExamGecko
Search Search Login
Home Home / IIA / IIA-CIA-Part2

IIA IIA-CIA-Part2 Practice Test - Questions Answers, Page 26

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

How should an internal auditor approach preparing a detailed risk assessment during engagement planning?
A newly promoted chief audit executive (CAE) is faced with a backlog of assurance engagement reports to review for approval. In an attempt to attach a priority for this review, the CAE scans the opinion statement on each report. According to IIA guidance, which of the following opinions would receive the lowest review priority? 1. Graded positive opinion. 2. Negative assurance opinion. 3. Limited assurance opinion. 4. Third-party opinion.
According to an internal audit observation, the organization's rules of record management require all contracts to be registered and stored in a specific electronic system. One subsidiary has thousands of client contracts on paper, which are kept in the office because there are not enough assistants to scan the contracts into the system. Which of the following component should be added to this observation?
After the team member who specialized in fraud investigations left the internal audit team, the chief audit executive decided to outsource fraud investigations to a third party service provider on an as needed basis. Which of the following is most likely to be a disadvantage of this outsourcing decision?
What is the primary reason that audit supervision includes approval of the engagement report?
Internal audit staff lacks the expertise to perform a fraud investigation engagement stemming from a whistleblowing incident. Which of the following is the most appropriate option for the chief audit executive?
According to the MA guidance, which of the following does the engagement work program test in a review of an organizational process?
An internal auditor wanted to determine whether company vehicles were being used for personal purposes She extracted a report that listed company vehicle numbers business units to which the vehicles are allocated travel dates, travel duration and mileage She then filtered the data for weekend dates Which of the following additional information would the auditor need?
During follow-up. the internal auditor discovered that operational management did not implement effective actions to address a significant control breach If the issue is left unresolved it may result in regulatory sanctions and damage the organization's reputation What is the most appropriate next step for the chief audit executive to lake?
A code of business conduct should include which of the following to increase its deterrent effect? 1. Appropriate descriptions of penalties for misconduct. 2. A notification that code of conduct violations may lead to criminal prosecution. 3. A description of violations that injure the interests of the employer. 4. A list of employees covered by the code of conduct.

Question 251

Report
Export
Collapse

'Internal policy prohibits employees from entering into contacts with financial obligations without proper approval.

A project manager signed a change to an important service agreement without obtaining the proper approval As a result the organization is receiving $5,000 per month less for its services.''

Which of the following should be added to the observation?

A.
The reason for not following the internal policy
A.
The reason for not following the internal policy
Answers
B.
A description of what constitutes proper approval
B.
A description of what constitutes proper approval
Answers
C.
The annual impact of the changed agreement on cash flows
C.
The annual impact of the changed agreement on cash flows
Answers
D.
Details regarding when the change to the agreement was signed
D.
Details regarding when the change to the agreement was signed
Answers
Suggested answer: C

Explanation:

Including the annual impact of the changed agreement on cash flows in the observation provides a clear quantification of the financial effect of the policy violation. This information is critical for understanding the significance of the issue and for decision-making regarding corrective actions. It shows the long-term implications of the unauthorized contract change, which is essential for management and the board to assess the severity of the non-compliance and its impact on the organization's financial health.

Reference:

The Institute of Internal Auditors (IIA) - Practice Guide: Formulating and Expressing Internal Audit Opinions

Question 252

Report
Export
Collapse

As part of internal audit's assistance with an annual external audit, the internal auditors are required to do a preliminary analytical review of an bank account balances. This involves verifying the current year end balances as web as comparing the current year end balances with previous year end balances to highlight significant changes. Which of the following is the most reliable source for verification of the current year end bank balances?

A.
Bank confirmations
A.
Bank confirmations
Answers
B.
Internal bonk statements
B.
Internal bonk statements
Answers
C.
Bank reconciliations as of the end of the year
C.
Bank reconciliations as of the end of the year
Answers
D.
Bank account general ledger balancer as of the end of the year
D.
Bank account general ledger balancer as of the end of the year
Answers
Suggested answer: A

Explanation:

Bank confirmations are the most reliable source for verifying the current year-end bank balances. These confirmations are direct responses from the bank to the auditor, providing independent verification of the account balances as of the end of the year. This external confirmation is considered more reliable than internal documents like bank statements, reconciliations, or general ledger balances because it comes directly from a third-party source, ensuring its accuracy and completeness.

Reference:

The Institute of Internal Auditors (IIA) - Practice Guide: External Confirmations

Auditing Standards (e.g., ISA 505 - External Confirmations)

Question 253

Report
Export
Collapse

An audit observation states the following:

'Despite the rules of the organization there is no approved credit risk management policy in the subsidiary. The subsidiary is concluding contacts with clients who have very high credit ratings. The internal audit team tested 50 contacts and 17 showed clients with a poor credit history'

Which of the following components are missing in the observation?

A.
Cause and effect.
A.
Cause and effect.
Answers
B.
Effect and criteria
B.
Effect and criteria
Answers
C.
Condition and cause
C.
Condition and cause
Answers
D.
Criteria and condition.
D.
Criteria and condition.
Answers
Suggested answer: B

Explanation:

The observation in question includes the condition ('no approved credit risk management policy' and '17 out of 50 contacts showed clients with a poor credit history') and the cause (the subsidiary concluding contacts with high-risk clients). However, it lacks the effect, which should explain the potential or actual impact of this deficiency on the organization (e.g., financial losses, increased credit risk). Additionally, it is missing the criteria, which should reference the specific rules or policies that are not being followed (e.g., the organization's credit risk management policy requirements). Including these components would provide a complete and actionable observation.

Reference:

The Institute of Internal Auditors (IIA) - Practice Guide: Audit Reports and Working Papers

Question 254

Report
Export
Collapse

Which of the following constitutes supervisory activity undertaken during the planning phase of an assurance engagement?

A.
Ensuring the process owner with the engagement objectives
A.
Ensuring the process owner with the engagement objectives
Answers
B.
Reviewing engagement draft reports
B.
Reviewing engagement draft reports
Answers
C.
Ensuring workpapers support audit findings
C.
Ensuring workpapers support audit findings
Answers
D.
Approving audit work programs
D.
Approving audit work programs
Answers
Suggested answer: D

Explanation:

During the planning phase of an assurance engagement, one of the key supervisory activities is approving the audit work programs. This step ensures that the planned procedures are appropriate for achieving the engagement objectives and that the audit scope is adequately covered. Supervisory activities like ensuring alignment with engagement objectives, reviewing draft reports, and ensuring workpapers support findings typically occur during the fieldwork or reporting phases. Approving the audit work programs at the planning stage helps to ensure that the engagement is well-directed and thorough.

Reference:

The Institute of Internal Auditors (IIA) - Standards for the Professional Practice of Internal Auditing, Standard 2200 - Engagement Planning

Question 255

Report
Export
Collapse

White planning an audit engagement of a procurement card activity. which of the following actions should an internal auditor take to denary relevant risks and controls?

A.
Compare card transaction types against procurement card policy guidelines.
A.
Compare card transaction types against procurement card policy guidelines.
Answers
B.
Develop the scope and objectives of the engagement
B.
Develop the scope and objectives of the engagement
Answers
C.
Determine how many cardholders exceeded their daily limit.
C.
Determine how many cardholders exceeded their daily limit.
Answers
D.
Meet with the procurement card program administrator
D.
Meet with the procurement card program administrator
Answers
Suggested answer: D

Explanation:

Meeting with the procurement card program administrator is a crucial step in identifying relevant risks and controls. This individual can provide detailed insights into how the procurement card program operates, potential risks, existing controls, and any issues or areas of concern. This information is vital for developing a comprehensive understanding of the program and for planning the audit engagement effectively. Actions like comparing card transaction types against policy guidelines, determining cardholder limit exceedances, and developing scope and objectives are important but are typically undertaken after initial risk and control identification.

Reference:

The Institute of Internal Auditors (IIA) - Practice Guide: Engagement Planning

Question 256

Report
Export
Collapse

A chief audit executive (CAE) determined that management chose to accept a high-level risk that may be unacceptable lo the organization. Which is the best course of action for the CAE to Follow?

A.
Include using in a subsequent audit to determine if the risks are still present
A.
Include using in a subsequent audit to determine if the risks are still present
Answers
B.
Discuss the matter with senior management and it not reserved with the board
B.
Discuss the matter with senior management and it not reserved with the board
Answers
C.
Require that management implement controls to mitigate lie risks
C.
Require that management implement controls to mitigate lie risks
Answers
D.
Report the risks to the process owners so that they can modify their process
D.
Report the risks to the process owners so that they can modify their process
Answers
Suggested answer: B

Explanation:

If the chief audit executive (CAE) determines that management has chosen to accept a high-level risk that may be unacceptable to the organization, the CAE should first discuss the matter with senior management. If senior management does not address the concern, the CAE should escalate the issue to the board. This escalation process ensures that the highest levels of governance are aware of significant risks and can take appropriate action if necessary. It also aligns with the CAE's responsibility to ensure that risks are properly managed within the organization.

Reference:

The Institute of Internal Auditors (IIA) - Standards for the Professional Practice of Internal Auditing, Standard 2600 - Communicating the Acceptance of Risks

Question 257

Report
Export
Collapse

How do internal auditors generally determine the priority of the areas within the engagement scope?

A.
By calculating the period of time when the area was last audited try internal auditors
A.
By calculating the period of time when the area was last audited try internal auditors
Answers
B.
By totaling the monetary value of the processes within the organization in the scope of the engagement
B.
By totaling the monetary value of the processes within the organization in the scope of the engagement
Answers
C.
By counting the number of red flags indicating the potential fraudulent activities within the area.
C.
By counting the number of red flags indicating the potential fraudulent activities within the area.
Answers
D.
By estimating the likelihood of a risks occurring and the potential impact of that risk on the organization
D.
By estimating the likelihood of a risks occurring and the potential impact of that risk on the organization
Answers
Suggested answer: D

Explanation:

Internal auditors generally determine the priority of the areas within the engagement scope by assessing the risk of those areas. This involves estimating the likelihood of a risk occurring and the potential impact of that risk on the organization. High-risk areas with a high likelihood of occurrence and significant impact are prioritized to ensure that critical risks are addressed promptly. This risk-based approach to prioritization helps ensure that the audit resources are focused on the most significant areas, enhancing the effectiveness and efficiency of the audit.

Reference:

The Institute of Internal Auditors (IIA) - Standards for the Professional Practice of Internal Auditing, Standard 2010 - Planning

Question 258

Report
Export
Collapse

Which of the following is the best option for the chief audit executive to consider for effective coordination of assurance coverage?

A.
Create an assurance map to illustrate each provider's level of assurance and planned activities for each area of the organization
A.
Create an assurance map to illustrate each provider's level of assurance and planned activities for each area of the organization
Answers
B.
LIMIT ricks inventory to identify the risks and controls in place and the relevant control owners.
B.
LIMIT ricks inventory to identify the risks and controls in place and the relevant control owners.
Answers
C.
Rely on the risk and control and management testing information maintained for compliance with the regulatory framework
C.
Rely on the risk and control and management testing information maintained for compliance with the regulatory framework
Answers
D.
Prepare a risk likelihood and impact heal map to prioritize assurance coverage coordination.
D.
Prepare a risk likelihood and impact heal map to prioritize assurance coverage coordination.
Answers
Suggested answer: A

Explanation:

For effective coordination of assurance coverage, the chief audit executive (CAE) should consider creating an assurance map. An assurance map provides a visual representation of the assurance activities across the organization, showing who is providing assurance, the areas covered, and the level of assurance provided. This helps to identify gaps and overlaps in assurance coverage, enabling better coordination and optimization of resources. This approach is recommended by best practices in internal auditing as it aligns assurance activities with organizational risk and ensures comprehensive coverage.

The Institute of Internal Auditors (IIA) Practice Guide: Coordinating Risk Management and Assurance.

IIA Standard 2050 - Coordination and Reliance

Question 259

Report
Export
Collapse

An internal auditor examined a nostatistical sample of open accounts receivable balances and discovered that 10 out of 60 exceeded the approved unseated credit limit threshold defined by the organization's policy What should the auditor document in the workpapers?

A.
Credit limit over drafts are not monitored in accordance with the organizations policy
A.
Credit limit over drafts are not monitored in accordance with the organizations policy
Answers
B.
Seventeen percent of customers' open balances in the sample exceed their approved unsecured credit rent
B.
Seventeen percent of customers' open balances in the sample exceed their approved unsecured credit rent
Answers
C.
The threshold for credit limits defined by the organization's policy is not adequate
C.
The threshold for credit limits defined by the organization's policy is not adequate
Answers
D.
Management should perform monthly monitoring of open customer balances
D.
Management should perform monthly monitoring of open customer balances
Answers
Suggested answer: B

Explanation:

When documenting findings from a nonstatistical sample, internal auditors should record the factual observations and quantify the results where possible. In this case, the auditor should document that 17% of the sampled accounts receivable balances exceeded the approved unsecured credit limit. This provides a clear, quantifiable basis for the finding, which is critical for accurate reporting and for management to understand the scope of the issue. Documenting this percentage also supports the auditor's conclusions and recommendations for corrective actions.

The Institute of Internal Auditors (IIA) Practice Guide: Audit Sampling.

IIA Standard 2310 - Identifying Information

Question 260

Report
Export
Collapse

Which of the following parties is accountable for ensuring adequate support for conclusions and opinions readied by the internal audit activity while relying on external auditors' work?

A.
Board of directors
A.
Board of directors
Answers
B.
External auditors
B.
External auditors
Answers
C.
Chief audit executive
C.
Chief audit executive
Answers
D.
Senior management
D.
Senior management
Answers
Suggested answer: C

Explanation:

The chief audit executive (CAE) is accountable for ensuring that adequate support exists for the conclusions and opinions formed by the internal audit activity. When relying on the work of external auditors, the CAE must ensure that the work is sufficient and appropriate to support the internal audit conclusions. This involves reviewing the external auditors' work to confirm its relevance and reliability, and integrating it into the internal audit processes as necessary.

The Institute of Internal Auditors (IIA) Standard 2050 - Coordination and Reliance.

IIA Standard 2340 - Engagement Supervision

Total 461 questions
Go to page: of 47
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms