IIA IIA-CIA-Part2 Practice Test - Questions Answers, Page 26
List of questions
Related questions
Question 251
'Internal policy prohibits employees from entering into contacts with financial obligations without proper approval.
A project manager signed a change to an important service agreement without obtaining the proper approval As a result the organization is receiving $5,000 per month less for its services.''
Which of the following should be added to the observation?
Explanation:
Including the annual impact of the changed agreement on cash flows in the observation provides a clear quantification of the financial effect of the policy violation. This information is critical for understanding the significance of the issue and for decision-making regarding corrective actions. It shows the long-term implications of the unauthorized contract change, which is essential for management and the board to assess the severity of the non-compliance and its impact on the organization's financial health.
Reference:
The Institute of Internal Auditors (IIA) - Practice Guide: Formulating and Expressing Internal Audit Opinions
Question 252
As part of internal audit's assistance with an annual external audit, the internal auditors are required to do a preliminary analytical review of an bank account balances. This involves verifying the current year end balances as web as comparing the current year end balances with previous year end balances to highlight significant changes. Which of the following is the most reliable source for verification of the current year end bank balances?
Explanation:
Bank confirmations are the most reliable source for verifying the current year-end bank balances. These confirmations are direct responses from the bank to the auditor, providing independent verification of the account balances as of the end of the year. This external confirmation is considered more reliable than internal documents like bank statements, reconciliations, or general ledger balances because it comes directly from a third-party source, ensuring its accuracy and completeness.
Reference:
The Institute of Internal Auditors (IIA) - Practice Guide: External Confirmations
Auditing Standards (e.g., ISA 505 - External Confirmations)
Question 253
An audit observation states the following:
'Despite the rules of the organization there is no approved credit risk management policy in the subsidiary. The subsidiary is concluding contacts with clients who have very high credit ratings. The internal audit team tested 50 contacts and 17 showed clients with a poor credit history'
Which of the following components are missing in the observation?
Explanation:
The observation in question includes the condition ('no approved credit risk management policy' and '17 out of 50 contacts showed clients with a poor credit history') and the cause (the subsidiary concluding contacts with high-risk clients). However, it lacks the effect, which should explain the potential or actual impact of this deficiency on the organization (e.g., financial losses, increased credit risk). Additionally, it is missing the criteria, which should reference the specific rules or policies that are not being followed (e.g., the organization's credit risk management policy requirements). Including these components would provide a complete and actionable observation.
Reference:
The Institute of Internal Auditors (IIA) - Practice Guide: Audit Reports and Working Papers
Question 254
Which of the following constitutes supervisory activity undertaken during the planning phase of an assurance engagement?
Explanation:
During the planning phase of an assurance engagement, one of the key supervisory activities is approving the audit work programs. This step ensures that the planned procedures are appropriate for achieving the engagement objectives and that the audit scope is adequately covered. Supervisory activities like ensuring alignment with engagement objectives, reviewing draft reports, and ensuring workpapers support findings typically occur during the fieldwork or reporting phases. Approving the audit work programs at the planning stage helps to ensure that the engagement is well-directed and thorough.
Reference:
The Institute of Internal Auditors (IIA) - Standards for the Professional Practice of Internal Auditing, Standard 2200 - Engagement Planning
Question 255
White planning an audit engagement of a procurement card activity. which of the following actions should an internal auditor take to denary relevant risks and controls?
Explanation:
Meeting with the procurement card program administrator is a crucial step in identifying relevant risks and controls. This individual can provide detailed insights into how the procurement card program operates, potential risks, existing controls, and any issues or areas of concern. This information is vital for developing a comprehensive understanding of the program and for planning the audit engagement effectively. Actions like comparing card transaction types against policy guidelines, determining cardholder limit exceedances, and developing scope and objectives are important but are typically undertaken after initial risk and control identification.
Reference:
The Institute of Internal Auditors (IIA) - Practice Guide: Engagement Planning
Question 256
A chief audit executive (CAE) determined that management chose to accept a high-level risk that may be unacceptable lo the organization. Which is the best course of action for the CAE to Follow?
Explanation:
If the chief audit executive (CAE) determines that management has chosen to accept a high-level risk that may be unacceptable to the organization, the CAE should first discuss the matter with senior management. If senior management does not address the concern, the CAE should escalate the issue to the board. This escalation process ensures that the highest levels of governance are aware of significant risks and can take appropriate action if necessary. It also aligns with the CAE's responsibility to ensure that risks are properly managed within the organization.
Reference:
The Institute of Internal Auditors (IIA) - Standards for the Professional Practice of Internal Auditing, Standard 2600 - Communicating the Acceptance of Risks
Question 257
How do internal auditors generally determine the priority of the areas within the engagement scope?
Explanation:
Internal auditors generally determine the priority of the areas within the engagement scope by assessing the risk of those areas. This involves estimating the likelihood of a risk occurring and the potential impact of that risk on the organization. High-risk areas with a high likelihood of occurrence and significant impact are prioritized to ensure that critical risks are addressed promptly. This risk-based approach to prioritization helps ensure that the audit resources are focused on the most significant areas, enhancing the effectiveness and efficiency of the audit.
Reference:
The Institute of Internal Auditors (IIA) - Standards for the Professional Practice of Internal Auditing, Standard 2010 - Planning
Question 258
Which of the following is the best option for the chief audit executive to consider for effective coordination of assurance coverage?
Explanation:
For effective coordination of assurance coverage, the chief audit executive (CAE) should consider creating an assurance map. An assurance map provides a visual representation of the assurance activities across the organization, showing who is providing assurance, the areas covered, and the level of assurance provided. This helps to identify gaps and overlaps in assurance coverage, enabling better coordination and optimization of resources. This approach is recommended by best practices in internal auditing as it aligns assurance activities with organizational risk and ensures comprehensive coverage.
The Institute of Internal Auditors (IIA) Practice Guide: Coordinating Risk Management and Assurance.
IIA Standard 2050 - Coordination and Reliance
Question 259
An internal auditor examined a nostatistical sample of open accounts receivable balances and discovered that 10 out of 60 exceeded the approved unseated credit limit threshold defined by the organization's policy What should the auditor document in the workpapers?
Explanation:
When documenting findings from a nonstatistical sample, internal auditors should record the factual observations and quantify the results where possible. In this case, the auditor should document that 17% of the sampled accounts receivable balances exceeded the approved unsecured credit limit. This provides a clear, quantifiable basis for the finding, which is critical for accurate reporting and for management to understand the scope of the issue. Documenting this percentage also supports the auditor's conclusions and recommendations for corrective actions.
The Institute of Internal Auditors (IIA) Practice Guide: Audit Sampling.
IIA Standard 2310 - Identifying Information
Question 260
Which of the following parties is accountable for ensuring adequate support for conclusions and opinions readied by the internal audit activity while relying on external auditors' work?
Explanation:
The chief audit executive (CAE) is accountable for ensuring that adequate support exists for the conclusions and opinions formed by the internal audit activity. When relying on the work of external auditors, the CAE must ensure that the work is sufficient and appropriate to support the internal audit conclusions. This involves reviewing the external auditors' work to confirm its relevance and reliability, and integrating it into the internal audit processes as necessary.
The Institute of Internal Auditors (IIA) Standard 2050 - Coordination and Reliance.
IIA Standard 2340 - Engagement Supervision
Question