ExamGecko
Search Search Login
Home Home / IIA / IIA-CIA-Part2

IIA IIA-CIA-Part2 Practice Test - Questions Answers, Page 29

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

How should an internal auditor approach preparing a detailed risk assessment during engagement planning?
A newly promoted chief audit executive (CAE) is faced with a backlog of assurance engagement reports to review for approval. In an attempt to attach a priority for this review, the CAE scans the opinion statement on each report. According to IIA guidance, which of the following opinions would receive the lowest review priority? 1. Graded positive opinion. 2. Negative assurance opinion. 3. Limited assurance opinion. 4. Third-party opinion.
After the team member who specialized in fraud investigations left the internal audit team, the chief audit executive decided to outsource fraud investigations to a third party service provider on an as needed basis. Which of the following is most likely to be a disadvantage of this outsourcing decision?
What is the primary reason that audit supervision includes approval of the engagement report?
Internal audit staff lacks the expertise to perform a fraud investigation engagement stemming from a whistleblowing incident. Which of the following is the most appropriate option for the chief audit executive?
According to the MA guidance, which of the following does the engagement work program test in a review of an organizational process?
An internal auditor wanted to determine whether company vehicles were being used for personal purposes She extracted a report that listed company vehicle numbers business units to which the vehicles are allocated travel dates, travel duration and mileage She then filtered the data for weekend dates Which of the following additional information would the auditor need?
According to an internal audit observation, the organization's rules of record management require all contracts to be registered and stored in a specific electronic system. One subsidiary has thousands of client contracts on paper, which are kept in the office because there are not enough assistants to scan the contracts into the system. Which of the following component should be added to this observation?
A code of business conduct should include which of the following to increase its deterrent effect? 1. Appropriate descriptions of penalties for misconduct. 2. A notification that code of conduct violations may lead to criminal prosecution. 3. A description of violations that injure the interests of the employer. 4. A list of employees covered by the code of conduct.
The external auditor has identified a number of production process control deficiencies involving several departments. As a result, senior management has asked the internal audit activity to complete internal control training for all related staff. According to IIA guidance, which of the following would be the most appropriate course of action for the chief audit executive to follow?

Question 281

Report
Export
Collapse

Which of the following statements is true regarding the chief audit executive's (CAT$) responsibilities after completing an assurance or consulting engagement?

A.
The CAE must establish a follow-up process tor both assurance and consulting engagements to monitor that management actions have been effectively implemented to address observations
A.
The CAE must establish a follow-up process tor both assurance and consulting engagements to monitor that management actions have been effectively implemented to address observations
Answers
B.
The CAE must communicate the results of assurance and consulting engagements lo whoever can ensure that the results are given due consideration.
B.
The CAE must communicate the results of assurance and consulting engagements lo whoever can ensure that the results are given due consideration.
Answers
C.
The CAE must acknowledge satisfactory performance when communicating the results of assurance and consulting engagements
C.
The CAE must acknowledge satisfactory performance when communicating the results of assurance and consulting engagements
Answers
D.
The CAE may delegate the responsibility for communicating the results of consulting engagements although this responsibility cannot be delegated for assurance engagements
D.
The CAE may delegate the responsibility for communicating the results of consulting engagements although this responsibility cannot be delegated for assurance engagements
Answers
Suggested answer: B

Explanation:

According to the International Standards for the Professional Practice of Internal Auditing, the Chief Audit Executive (CAE) has a responsibility to ensure that the results of both assurance and consulting engagements are communicated to the appropriate parties. This ensures that the observations and recommendations are acknowledged and acted upon by those who have the authority to implement necessary changes or take corrective actions. This communication is crucial for ensuring that the findings of the internal audit are effectively utilized to improve governance, risk management, and control processes.

The Institute of Internal Auditors (IIA) Standard 2440 -- Disseminating Results: 'The chief audit executive must communicate results to the appropriate parties.'

IIA Practice Guide on 'Communicating Results'

Question 282

Report
Export
Collapse

Which of the following would most Holy reflect the best possible engagement objectives?

A.
Engagement objectives derived from risk assessment results from a company's risk function experts.
A.
Engagement objectives derived from risk assessment results from a company's risk function experts.
Answers
B.
Engagement objectives derived from senior management's risk assessment results
B.
Engagement objectives derived from senior management's risk assessment results
Answers
C.
Engagement objectives derived from the mental audit activity's own risk assessment results
C.
Engagement objectives derived from the mental audit activity's own risk assessment results
Answers
D.
Engagement objectives derived from risk assessment results from both senior management and the company's risk function experts
D.
Engagement objectives derived from risk assessment results from both senior management and the company's risk function experts
Answers
Suggested answer: D

Explanation:

The best possible engagement objectives are those derived from a comprehensive risk assessment that incorporates inputs from both senior management and the company's risk function experts. This approach ensures that the internal audit objectives are aligned with the organization's strategic priorities and risk landscape. By combining insights from senior management with the technical expertise of risk function experts, the internal audit activity can develop well-rounded and relevant engagement objectives that address the most significant risks facing the organization.

The Institute of Internal Auditors (IIA) Standard 2010 -- Planning: 'The chief audit executive must establish risk-based plans to determine the priorities of the internal audit activity, consistent with the organization's goals.'

IIA Practice Guide on 'Internal Audit Planning'

Question 283

Report
Export
Collapse

Which of the following risk assessment approaches involves gathering data from work team representing different levels of an organisation?

A.
Surveys
A.
Surveys
Answers
B.
Management produced analysis 0
B.
Management produced analysis 0
Answers
C.
Facilitated team workshops
C.
Facilitated team workshops
Answers
D.
Weighted risk factors
D.
Weighted risk factors
Answers
Suggested answer: C

Explanation:

Facilitated team workshops are a risk assessment approach that involves gathering data from work teams representing different levels of an organization. This method encourages collaboration and open discussion among team members, allowing for a comprehensive identification and evaluation of risks from various perspectives within the organization. It helps in capturing a wide range of insights and facilitates consensus on risk priorities, making it a valuable tool for effective risk assessment.

The Institute of Internal Auditors (IIA) Practice Guide on 'Risk Assessment in Audit Planning'

COSO Enterprise Risk Management Framework

Question 284

Report
Export
Collapse

A senior internal auditor is hired within the internal audit activity for a period of two years before advancing to an operations manager role within the business operations team. When staffing arrangement is being used in this scenario?

A.
Comer of competence
A.
Comer of competence
Answers
B.
Career model
B.
Career model
Answers
C.
Rotational model
C.
Rotational model
Answers
D.
Cosourcing agreement
D.
Cosourcing agreement
Answers
Suggested answer: C

Explanation:

The rotational model refers to a staffing arrangement where employees, such as internal auditors, are rotated into different roles within the organization, often for a fixed period. In this scenario, a senior internal auditor is hired within the internal audit activity for two years before transitioning to an operations manager role. This model helps in developing a deeper understanding of the organization, broadening skill sets, and fostering cross-functional expertise. It benefits both the internal audit activity and the broader organization by facilitating knowledge transfer and career development.

The Institute of Internal Auditors (IIA) Practice Guide on 'Implementing a Rotational Internal Audit Program'

IIA Standard 1210 -- Proficiency: 'Internal auditors must possess the knowledge, skills, and other competencies needed to perform their individual responsibilities.'

Question 285

Report
Export
Collapse

The head of customer service asked the chief audit executive (CAE) whether eternal auditors could assist her staff with conducting a risk self-assessment in the customer service department. The CAE promised to meet with customer service managers analyze relevant business processes, and come up with a proposal. Who is most likely to be the final approver of the engagement objectives and scope?

A.
Senior management of the organization
A.
Senior management of the organization
Answers
B.
The chief audit executive
B.
The chief audit executive
Answers
C.
The head of customer service
C.
The head of customer service
Answers
D.
The board of directors
D.
The board of directors
Answers
Suggested answer: B

Explanation:

The chief audit executive (CAE) is responsible for the approval of the engagement objectives and scope in internal auditing. While senior management, the head of customer service, and the board of directors may provide input and have interests in the audit engagement, it is ultimately the CAE who has the final authority to approve the objectives and scope. This ensures that the internal audit activity remains independent and that the engagement aligns with the overall audit plan and organizational priorities.

The Institute of Internal Auditors (IIA) Standard 2010 - Planning

IIA Standard 2200 - Engagement Planning

Question 286

Report
Export
Collapse

An internal auditor is conducting a preliminary survey of the investments area, and sends an internal control questionnaire to the management of the function. (An extract of the survey is provided below).

1. Are there any restrictions for any company's investments?

2. Are there any written policies and procedures that document the flow of investment processing?

3. Are investment purchases recorded in the general ledger on the date traded?

4. Is the documentation easily accessible to an persons who need in to perform their job?

Which of the following is a drawback of testing methods like this?

A.
They ore kitted as they do not allow the auditor to test many controls.
A.
They ore kitted as they do not allow the auditor to test many controls.
Answers
B.
They do not highlight control gaps
B.
They do not highlight control gaps
Answers
C.
They are not useful for identifying areas on which the auditor should locus.
C.
They are not useful for identifying areas on which the auditor should locus.
Answers
D.
They are limited as there is a risk that management may not answer fairly.
D.
They are limited as there is a risk that management may not answer fairly.
Answers
Suggested answer: D

Explanation:

One of the primary drawbacks of using internal control questionnaires is the risk that management may not provide honest or accurate answers. This can occur due to a variety of reasons, including a lack of knowledge, intentional deception, or a misunderstanding of the questions. As a result, the responses may not accurately reflect the true state of the controls, leading to incomplete or misleading audit conclusions.

The Institute of Internal Auditors (IIA) Practice Guide: Assessing the Adequacy of Risk Management Using ISO 31000

IIA Standard 2310 - Identifying Information

Question 287

Report
Export
Collapse

Internal control questionnaires are used to achieve which of the following objectives?

A.
To ascertain the operating effectiveness of a procedure
A.
To ascertain the operating effectiveness of a procedure
Answers
B.
To verify the accuracy of Information in a report
B.
To verify the accuracy of Information in a report
Answers
C.
To assess the controls mitigating major risks
C.
To assess the controls mitigating major risks
Answers
D.
To determine whether specified contra procedures are in place
D.
To determine whether specified contra procedures are in place
Answers
Suggested answer: D

Explanation:

Internal control questionnaires are used to determine whether specific control procedures are in place within an organization. They help auditors identify the existence and implementation of controls designed to mitigate risks. These questionnaires can provide a preliminary understanding of the control environment and identify areas that may require further detailed testing.

The Institute of Internal Auditors (IIA) Practice Guide: Using Internal Control Questionnaires to Assess Risk

IIA Standard 2130 - Control

Question 288

Report
Export
Collapse

Acceding to IIA guidance, which of the following statements is true regarding the risk assessment process performed by the internal audit activity?

A.
The assessment of high-level risks is typically a linear process.
A.
The assessment of high-level risks is typically a linear process.
Answers
B.
Management should create the preliminary risk matrix
B.
Management should create the preliminary risk matrix
Answers
C.
The analysis should begin with ne identification of objectives
C.
The analysis should begin with ne identification of objectives
Answers
D.
Likelihood should receive greater consideration than impact
D.
Likelihood should receive greater consideration than impact
Answers
Suggested answer: C

Question 289

Report
Export
Collapse

According to IIA guidance, when would an interim report typically be produced?

A.
During a standard audit engagement when management wants to address an issue before the final report is drafted.
A.
During a standard audit engagement when management wants to address an issue before the final report is drafted.
Answers
B.
Following each workshop conducted during a consulting engagement.
B.
Following each workshop conducted during a consulting engagement.
Answers
C.
During lengthy audit engagements involving several organizational units.
C.
During lengthy audit engagements involving several organizational units.
Answers
D.
Following management's update tor actions taken on outstanding recommendations.
D.
Following management's update tor actions taken on outstanding recommendations.
Answers
Suggested answer: C

Explanation:

According to IIA guidance, interim reports are typically produced during lengthy audit engagements that involve several organizational units. These reports help keep management informed about the progress of the audit, highlight any significant issues identified early on, and allow for timely corrective actions. Interim reports facilitate communication between the internal audit activity and management, ensuring that any critical issues are addressed promptly rather than waiting for the final report.

The Institute of Internal Auditors (IIA) Practice Guide on 'Audit Reports'

IIA Standard 2410 -- Criteria for Communicating: 'Interim reports may be used to communicate information and issues that require immediate attention.'

Question 290

Report
Export
Collapse

Acceding to IIA guidance, when of the Mowing is an assurance service commonly performed by the internal audit activity?

A.
Proposing fine item recommendation lot the annual financial budget of the accounting department
A.
Proposing fine item recommendation lot the annual financial budget of the accounting department
Answers
B.
Making recommendations regarding financial approval authority limits for the operations department
B.
Making recommendations regarding financial approval authority limits for the operations department
Answers
C.
Validating whether employees are following established policies and procedures in the procurement department
C.
Validating whether employees are following established policies and procedures in the procurement department
Answers
D.
Generating expense report metrics for employees in the finance department
D.
Generating expense report metrics for employees in the finance department
Answers
Suggested answer: C

Explanation:

According to IIA guidance, a common assurance service performed by the internal audit activity is validating whether employees are following established policies and procedures in various departments, such as procurement. Assurance services involve assessing evidence and providing conclusions regarding the effectiveness of governance, risk management, and control processes. Ensuring compliance with established policies and procedures is a fundamental assurance activity that helps organizations maintain control and mitigate risks.

The Institute of Internal Auditors (IIA) Standard 2130 -- Control: 'The internal audit activity must assist the organization in maintaining effective controls by evaluating their effectiveness and efficiency and by promoting continuous improvement.'

IIA Practice Guide on 'Assurance Engagements'

Total 461 questions
Go to page: of 47
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms