ExamGecko
Search Search Login
Home Home / IIA / IIA-CIA-Part2

IIA IIA-CIA-Part2 Practice Test - Questions Answers, Page 27

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

How should an internal auditor approach preparing a detailed risk assessment during engagement planning?
A newly promoted chief audit executive (CAE) is faced with a backlog of assurance engagement reports to review for approval. In an attempt to attach a priority for this review, the CAE scans the opinion statement on each report. According to IIA guidance, which of the following opinions would receive the lowest review priority? 1. Graded positive opinion. 2. Negative assurance opinion. 3. Limited assurance opinion. 4. Third-party opinion.
According to an internal audit observation, the organization's rules of record management require all contracts to be registered and stored in a specific electronic system. One subsidiary has thousands of client contracts on paper, which are kept in the office because there are not enough assistants to scan the contracts into the system. Which of the following component should be added to this observation?
After the team member who specialized in fraud investigations left the internal audit team, the chief audit executive decided to outsource fraud investigations to a third party service provider on an as needed basis. Which of the following is most likely to be a disadvantage of this outsourcing decision?
What is the primary reason that audit supervision includes approval of the engagement report?
Internal audit staff lacks the expertise to perform a fraud investigation engagement stemming from a whistleblowing incident. Which of the following is the most appropriate option for the chief audit executive?
According to the MA guidance, which of the following does the engagement work program test in a review of an organizational process?
An internal auditor wanted to determine whether company vehicles were being used for personal purposes She extracted a report that listed company vehicle numbers business units to which the vehicles are allocated travel dates, travel duration and mileage She then filtered the data for weekend dates Which of the following additional information would the auditor need?
During follow-up. the internal auditor discovered that operational management did not implement effective actions to address a significant control breach If the issue is left unresolved it may result in regulatory sanctions and damage the organization's reputation What is the most appropriate next step for the chief audit executive to lake?
A code of business conduct should include which of the following to increase its deterrent effect? 1. Appropriate descriptions of penalties for misconduct. 2. A notification that code of conduct violations may lead to criminal prosecution. 3. A description of violations that injure the interests of the employer. 4. A list of employees covered by the code of conduct.

Question 261

Report
Export
Collapse

The human resources (HR) department was last reviewed three years ago and is due for an assurance engagement after undergoing recent process changes. Which of the following would the most effective option identify the HR department's risks and controls?

A.
Meet with the chief operating officer 10 obtain Information about the MR department
A.
Meet with the chief operating officer 10 obtain Information about the MR department
Answers
B.
Review the previous internal audit report and locus on key audit observations and action plans
B.
Review the previous internal audit report and locus on key audit observations and action plans
Answers
C.
Review the organization's risk strategy and risk appetite framework
C.
Review the organization's risk strategy and risk appetite framework
Answers
D.
Discuss the department's present strategies 'and objectives with the head of the HR department
D.
Discuss the department's present strategies 'and objectives with the head of the HR department
Answers
Suggested answer: D

Explanation:

The most effective way to identify the HR department's risks and controls, especially after recent process changes, is to discuss the department's present strategies and objectives with the head of the HR department. This approach allows the auditor to gain current and relevant insights directly from the person most knowledgeable about the department's current operations, risks, and controls. It ensures that the auditor understands the current environment, any new challenges, and the specific controls in place to mitigate risks. This method is more comprehensive and current compared to reviewing past reports or generalized organizational frameworks, which might not reflect recent changes accurately.

The Institute of Internal Auditors (IIA) Standard 2010 -- Planning: 'The chief audit executive must establish risk-based plans to determine the priorities of the internal audit activity, consistent with the organization's goals.'

IIA Practice Guide on 'Engaging with Stakeholders'

Question 262

Report
Export
Collapse

According to IIA guidance, when of the Mowing statements is true regarding an engagement supervisor's use of review notes?

A.
The engagement supervisor's review notes should be retained m the final documental or even after they are addressed.
A.
The engagement supervisor's review notes should be retained m the final documental or even after they are addressed.
Answers
B.
The engagement supervisor's review notes cannot be used as evidence of engagement supervision
B.
The engagement supervisor's review notes cannot be used as evidence of engagement supervision
Answers
C.
The engagement supervisor's review notes could be cleared from all final documentation after they are addressed
C.
The engagement supervisor's review notes could be cleared from all final documentation after they are addressed
Answers
D.
The engagement supervisor's review notes must be maintained in a checklist separate from tie final documentation
D.
The engagement supervisor's review notes must be maintained in a checklist separate from tie final documentation
Answers
Suggested answer: C

Explanation:

According to the IIA guidance, engagement supervisors' review notes are used during the audit process to ensure thoroughness and accuracy. Once these review notes have been addressed, they can be removed from the final documentation. This practice ensures that the final audit report is clear and concise, containing only the necessary documentation to support audit findings and conclusions. The review notes are considered part of the working papers during the review process but do not need to be retained in the final audit documentation once all issues have been resolved.

The Institute of Internal Auditors (IIA) Standard 2330 -- Documenting Information: 'Internal auditors must document relevant information to support the conclusions and engagement results.'

IIA Practice Guide on 'Audit Documentation'

Question 263

Report
Export
Collapse

Which of the following items, included in the preliminary audit communication would be most useful for management to formulate action plans in response to audit recommendations?

A.
A condition
A.
A condition
Answers
B.
An audit objectives
B.
An audit objectives
Answers
C.
An audit scope
C.
An audit scope
Answers
D.
An observation rating
D.
An observation rating
Answers
Suggested answer: A

Explanation:

In the preliminary audit communication, the condition is the most useful item for management to formulate action plans in response to audit recommendations. The condition describes the existing state or issue identified during the audit. It provides a clear and specific description of what is wrong or what needs improvement, which is essential for management to understand the problem and take appropriate corrective actions. While audit objectives, scope, and observation ratings are important, the condition directly points to the area that needs attention and improvement.

The Institute of Internal Auditors (IIA) Standard 2410 -- Criteria for Communicating: 'Communications must include the engagement's objectives and scope as well as applicable conclusions, recommendations, and action plans.'

IIA Practice Guide on 'Communicating Audit Results'

Question 264

Report
Export
Collapse

In which of following scenarios is the internal auditor performing benchmarking?

A.
The auditor compares information from one period with the same information from the poor period
A.
The auditor compares information from one period with the same information from the poor period
Answers
B.
The auditor compares new information to his general knowledge of the organization
B.
The auditor compares new information to his general knowledge of the organization
Answers
C.
The auditor compares information he collected with simmer information from another source
C.
The auditor compares information he collected with simmer information from another source
Answers
D.
The auditor compares expected outcomes with actual results
D.
The auditor compares expected outcomes with actual results
Answers
Suggested answer: C

Explanation:

Benchmarking in internal auditing involves comparing the performance or practices of the audited entity against a standard or best practice, which often involves using information from other organizations or sources as a reference. This process helps identify areas for improvement and set performance targets. Thus, comparing the collected information with similar information from another source is the correct definition of benchmarking.

The Institute of Internal Auditors (IIA) Practice Guide: Internal Audit and Organizational Performance

IIA Standard 1220 - Due Professional Care

Question 265

Report
Export
Collapse

An internal auditor is planning an engagement at a financial institution. Toe engagement objective is to identify whether loans were granted in accordance with the organization's policies. When of the following approaches would provide the auditor with the best information?

A.
Randomly select 30 cases of loans and verify whether they were repaid timely and in full
A.
Randomly select 30 cases of loans and verify whether they were repaid timely and in full
Answers
B.
Randomly select 30 cases of loans and validate them against applicable underwriting guidelines
B.
Randomly select 30 cases of loans and validate them against applicable underwriting guidelines
Answers
C.
Randomly select 30 employees to complete a survey regarding whether policies and standards are followed
C.
Randomly select 30 employees to complete a survey regarding whether policies and standards are followed
Answers
D.
Randomly select several months obtain ageing reports for these months and compare them with the poor year
D.
Randomly select several months obtain ageing reports for these months and compare them with the poor year
Answers
Suggested answer: B

Explanation:

To determine if loans were granted in accordance with the organization's policies, the most effective approach is to validate a sample of loans against the applicable underwriting guidelines. This method allows the auditor to directly assess compliance with the specific criteria set out in the organization's loan granting policies, providing clear evidence on whether the loans meet the required standards.

The Institute of Internal Auditors (IIA) Practice Guide: Auditing Credit Risk Management

IIA Standard 2210 - Engagement Objectives

Question 266

Report
Export
Collapse

An internal auditor wants to assess the completeness of sales invoices issued by the organization over a period of time Providing that at the necessary data and analytics software is which of the following types of analyse would be appropriate to satisfy the auditor's objective?

A.
Payment terms analysis
A.
Payment terms analysis
Answers
B.
Duplicates analysts
B.
Duplicates analysts
Answers
C.
Aging analysis
C.
Aging analysis
Answers
D.
Gap analysis
D.
Gap analysis
Answers
Suggested answer: D

Explanation:

A gap analysis is used to assess the completeness of sales invoices by identifying any missing records within a sequence. This technique helps in pinpointing any sales that might have been omitted or unrecorded during the invoicing process. By comparing expected sequences with actual recorded transactions, the auditor can identify discrepancies and ensure all sales are accounted for.

The Institute of Internal Auditors (IIA) Practice Guide: Data Analytics

IIA Standard 2320 - Analysis and Evaluation

Question 267

Report
Export
Collapse

Which of the following is true regarding the monitoring of internal audit activities?

A.
The form and content of monitoring policies could vary by industry
A.
The form and content of monitoring policies could vary by industry
Answers
B.
The board of directors is responsible for the establishment of monitoring polities
B.
The board of directors is responsible for the establishment of monitoring polities
Answers
C.
Both large and small audit departments must have written policies on monitoring.
C.
Both large and small audit departments must have written policies on monitoring.
Answers
D.
The chief audit executive must develop all monitoring policies related to the activity
D.
The chief audit executive must develop all monitoring policies related to the activity
Answers
Suggested answer: A

Explanation:

The form and content of monitoring policies can indeed vary depending on the industry and the specific requirements of the organization. While all internal audit activities require some level of monitoring to ensure effectiveness and compliance with standards, the specific approach and documentation may differ based on industry norms, regulatory requirements, and organizational size and complexity.

The Institute of Internal Auditors (IIA) Practice Guide: Quality Assurance and Improvement Program

IIA Standard 1300 - Quality Assurance and Improvement Program

Question 268

Report
Export
Collapse

A corporate merger decision prompts the cruel audit executive (CAE) to propose interim changes lo the existing annual audit plan to account for emerging risks. When of the following is the most appropriate action for the CAE to take regarding the changes made to the audit plan?

A.
Present the revised audit plan directly to the board for approval
A.
Present the revised audit plan directly to the board for approval
Answers
B.
Communicate with the chief financial officer and present the revised audit plan to the CEO for approval
B.
Communicate with the chief financial officer and present the revised audit plan to the CEO for approval
Answers
C.
Present the revised audit plan directly to the CEO for approval
C.
Present the revised audit plan directly to the CEO for approval
Answers
D.
Communicate with the CCO and present the revised audit plan to the board for approval
D.
Communicate with the CCO and present the revised audit plan to the board for approval
Answers
Suggested answer: A

Explanation:

According to the International Standards for the Professional Practice of Internal Auditing (Standards) issued by The Institute of Internal Auditors (IIA), the Chief Audit Executive (CAE) must communicate and obtain approval from the board for significant changes to the audit plan. A corporate merger is a significant event that introduces emerging risks, necessitating an interim adjustment to the audit plan. The CAE's responsibility includes ensuring that the board is informed and approves the revised audit plan to address these new risks adequately.

The Institute of Internal Auditors (IIA) Standard 2020 -- Communication and Approval: 'The chief audit executive must communicate the internal audit activity's plans and resource requirements, including significant interim changes, to senior management and the board for review and approval.'

Question 269

Report
Export
Collapse

Which of the following is a significant governance issue that should be reported by the chief audit executive to the board?

A.
There is no risk management and control process and risk management is solely tie responsibility of operational managers
A.
There is no risk management and control process and risk management is solely tie responsibility of operational managers
Answers
B.
The organisation's code of conduct is distributed to employees each year however employees are not required to attest that they will operate In compliance with the code.
B.
The organisation's code of conduct is distributed to employees each year however employees are not required to attest that they will operate In compliance with the code.
Answers
C.
Reconciliation of planned board meeting agendas to meeting minutes finds that one meeting was canceled, and the agenda topics were covered at the following meeting.
C.
Reconciliation of planned board meeting agendas to meeting minutes finds that one meeting was canceled, and the agenda topics were covered at the following meeting.
Answers
D.
The review of the five-year strategic plan shows that the details of the plan have not been dearly communicated to employees throughout the organization
D.
The review of the five-year strategic plan shows that the details of the plan have not been dearly communicated to employees throughout the organization
Answers
Suggested answer: A

Explanation:

A significant governance issue that must be reported to the board is the absence of a formal risk management and control process, with risk management being solely the responsibility of operational managers. Effective governance requires a structured risk management framework overseen at the highest levels of the organization. The lack of such a process indicates a critical deficiency that can have severe implications for the organization's ability to manage and mitigate risks.

The Institute of Internal Auditors (IIA) Standard 2110 -- Governance: 'The internal audit activity must assess and make appropriate recommendations to improve the organization's governance processes.'

Question 270

Report
Export
Collapse

Which of the following is one of the differences between probability-proportional-to-size (PPS) and attribute sampling?

A.
PPS sampling s used to reach conclusions regarding monetary amounts, attribute sampling is not.
A.
PPS sampling s used to reach conclusions regarding monetary amounts, attribute sampling is not.
Answers
B.
PPS sampling is used to roach conclusions regarding rates of occurrence, attribute sampling is not.
B.
PPS sampling is used to roach conclusions regarding rates of occurrence, attribute sampling is not.
Answers
C.
PPS sampling a applied within the context of testing controls attribute sampling s not.
C.
PPS sampling a applied within the context of testing controls attribute sampling s not.
Answers
D.
Attribute sampling is affected by the monetary book value of the population PPS sampling is not
D.
Attribute sampling is affected by the monetary book value of the population PPS sampling is not
Answers
Suggested answer: A

Explanation:

Probability-proportional-to-size (PPS) sampling is a technique used to reach conclusions regarding monetary amounts in a population. It is designed to handle variable sampling by focusing on monetary units, making it appropriate for testing account balances. On the other hand, attribute sampling is used to assess the rate of occurrence of a specific characteristic or attribute in a population, such as compliance with a control procedure, and does not focus on monetary amounts.

The Institute of Internal Auditors (IIA) Practice Guide on 'Audit Sampling'

Generally Accepted Auditing Standards (GAAS)

Total 461 questions
Go to page: of 47
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms