ExamGecko
Search Search Login
Home Home / IIA / IIA-CIA-Part2

IIA IIA-CIA-Part2 Practice Test - Questions Answers, Page 31

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

How should an internal auditor approach preparing a detailed risk assessment during engagement planning?
A newly promoted chief audit executive (CAE) is faced with a backlog of assurance engagement reports to review for approval. In an attempt to attach a priority for this review, the CAE scans the opinion statement on each report. According to IIA guidance, which of the following opinions would receive the lowest review priority? 1. Graded positive opinion. 2. Negative assurance opinion. 3. Limited assurance opinion. 4. Third-party opinion.
After the team member who specialized in fraud investigations left the internal audit team, the chief audit executive decided to outsource fraud investigations to a third party service provider on an as needed basis. Which of the following is most likely to be a disadvantage of this outsourcing decision?
Internal audit staff lacks the expertise to perform a fraud investigation engagement stemming from a whistleblowing incident. Which of the following is the most appropriate option for the chief audit executive?
According to the MA guidance, which of the following does the engagement work program test in a review of an organizational process?
An internal auditor wanted to determine whether company vehicles were being used for personal purposes She extracted a report that listed company vehicle numbers business units to which the vehicles are allocated travel dates, travel duration and mileage She then filtered the data for weekend dates Which of the following additional information would the auditor need?
According to an internal audit observation, the organization's rules of record management require all contracts to be registered and stored in a specific electronic system. One subsidiary has thousands of client contracts on paper, which are kept in the office because there are not enough assistants to scan the contracts into the system. Which of the following component should be added to this observation?
A code of business conduct should include which of the following to increase its deterrent effect? 1. Appropriate descriptions of penalties for misconduct. 2. A notification that code of conduct violations may lead to criminal prosecution. 3. A description of violations that injure the interests of the employer. 4. A list of employees covered by the code of conduct.
The external auditor has identified a number of production process control deficiencies involving several departments. As a result, senior management has asked the internal audit activity to complete internal control training for all related staff. According to IIA guidance, which of the following would be the most appropriate course of action for the chief audit executive to follow?
Which of the following is an appropriate responsibility for the internal audit activity with regard to the organization's risk management program?

Question 301

Report
Export
Collapse

An internal audit team leader is having difficulties completing the planning phase of an assurance engagement because the business unit lacks a system of internal controls. Which of the following is the most appropriate course of action for the internal audit team leader?

A.
Defer the engagement until a system of internal control has been established
A.
Defer the engagement until a system of internal control has been established
Answers
B.
Change the scheduled engagement from assurance to consulting to help correct the shortcomings
B.
Change the scheduled engagement from assurance to consulting to help correct the shortcomings
Answers
C.
Add a consulting component to the already scheduled assurance engagement
C.
Add a consulting component to the already scheduled assurance engagement
Answers
D.
Seek the involvement of the external auditor to assist with improving the internal controls
D.
Seek the involvement of the external auditor to assist with improving the internal controls
Answers
Suggested answer: C

Explanation:

When an internal audit team leader encounters difficulties due to the lack of a system of internal controls, the most appropriate course of action is to add a consulting component to the scheduled assurance engagement. This approach allows the internal audit team to provide advice and recommendations on establishing internal controls while still fulfilling their assurance responsibilities. By integrating consulting activities, the auditors can help the business unit improve its control environment, which can then be assessed in the assurance engagement.

The Institute of Internal Auditors (IIA) Practice Guide: Consulting Engagements

IIA Standard 1130 - Impairment to Independence or Objectivity

Question 302

Report
Export
Collapse

The head of customer service asked the chief audit executive (CAE) whether internal auditors could assist her staff with conducting a risk self-assessment in the customer service department The CAE promised to meet with customer service managers analyze relevant business processes and come up with a proposal Who is most likely to be the final approver of the engagement objectives and scope?

A.
Senior management of the organization
A.
Senior management of the organization
Answers
B.
The chief audit executive
B.
The chief audit executive
Answers
C.
The head of customer service
C.
The head of customer service
Answers
D.
The board of directors
D.
The board of directors
Answers
Suggested answer: B

Explanation:

The chief audit executive (CAE) is responsible for the approval of the engagement objectives and scope. While the head of customer service and other stakeholders may provide input, it is ultimately the CAE's responsibility to ensure that the engagement aligns with the internal audit plan and meets the organization's overall objectives. The CAE's approval ensures the independence and objectivity of the internal audit function.

The Institute of Internal Auditors (IIA) Standard 2010 - Planning

IIA Standard 2200 - Engagement Planning

Question 303

Report
Export
Collapse

According to IIA guidance which of the following best describes reliable information?

A.
Reliable information is factual adequate, and convincing so that a prudent informed person would reach the same conclusions as the internal auditor
A.
Reliable information is factual adequate, and convincing so that a prudent informed person would reach the same conclusions as the internal auditor
Answers
B.
Reliable information is the best attainable information through the use of appropriate engagement techniques
B.
Reliable information is the best attainable information through the use of appropriate engagement techniques
Answers
C.
Reliable information supports engagement observations and recommendations and is consistent with the objectives for the engagement
C.
Reliable information supports engagement observations and recommendations and is consistent with the objectives for the engagement
Answers
D.
Reliable information helps the organization and the internal audit activity meet its goals
D.
Reliable information helps the organization and the internal audit activity meet its goals
Answers
Suggested answer: A

Explanation:

According to IIA guidance, reliable information must be factual, adequate, and convincing to ensure that a prudent and informed person would reach the same conclusions as the internal auditor. This means that the information should be supported by sufficient and appropriate evidence that can be independently verified and substantiated. Reliability of information is crucial for the credibility of audit findings and for making informed decisions based on those findings.

The Institute of Internal Auditors (IIA) Standard 2310 -- Identifying Information: 'Internal auditors must identify sufficient, reliable, relevant, and useful information to achieve the engagement's objectives.'

IIA Practice Guide on 'Audit Evidence'

Question 304

Report
Export
Collapse

Which of the following statements is true regarding the audit objective for an assurance engagement?

A.
Operational management must determine the audit objective in cooperation with the internal auditor
A.
Operational management must determine the audit objective in cooperation with the internal auditor
Answers
B.
The audit objective may be adjusted after the start of an engagement and it does not need to align with the assessed risks
B.
The audit objective may be adjusted after the start of an engagement and it does not need to align with the assessed risks
Answers
C.
The audit objective must consider the possibility of fraud and noncompliance
C.
The audit objective must consider the possibility of fraud and noncompliance
Answers
D.
The audit objective may or may not consider the possibility of fraud depending on the assessed likelihood and impact
D.
The audit objective may or may not consider the possibility of fraud depending on the assessed likelihood and impact
Answers
Suggested answer: C

Explanation:

According to IIA guidance, the audit objective for an assurance engagement must consider the possibility of fraud and noncompliance. This consideration is essential for ensuring that the audit adequately addresses potential risks that could impact the organization. Assessing the possibility of fraud and noncompliance helps in identifying areas where controls might be deficient and where significant risks might be present, thus enabling the internal audit activity to provide meaningful and relevant recommendations.

The Institute of Internal Auditors (IIA) Standard 2120 -- Risk Management: 'The internal audit activity must evaluate the potential for the occurrence of fraud and how the organization manages fraud risk.'

IIA Practice Guide on 'Fraud Risk Assessment'

Question 305

Report
Export
Collapse

Which of the following best exemplifies having effective risk management and internal control processes?

A.
Relevant risk indicators and mitigation plans are in place
A.
Relevant risk indicators and mitigation plans are in place
Answers
B.
All risks are identified and assessed
B.
All risks are identified and assessed
Answers
C.
Business profitability is likely to be achieved
C.
Business profitability is likely to be achieved
Answers
D.
Risk information is communicated to customers and suppliers
D.
Risk information is communicated to customers and suppliers
Answers
Suggested answer: A

Explanation:

Effective risk management and internal control processes are best exemplified by having relevant risk indicators and mitigation plans in place. This demonstrates that the organization not only identifies and assesses risks but also actively monitors and manages these risks through appropriate mitigation strategies. The presence of risk indicators and mitigation plans indicates a proactive approach to risk management, ensuring that potential issues are addressed before they can impact the organization significantly.

The Institute of Internal Auditors (IIA) Standard 2100 -- Nature of Work: 'The internal audit activity must evaluate and contribute to the improvement of governance, risk management, and control processes using a systematic and disciplined approach.'

COSO Enterprise Risk Management Framework

Question 306

Report
Export
Collapse

Which of the following best describes external benchmarking using trend analysis for a subsidiary of an international company?

A.
Comparing the current ratio of the subsidiary with the current ratio of another company for the same period
A.
Comparing the current ratio of the subsidiary with the current ratio of another company for the same period
Answers
B.
Comparing common-size financial statements of the subsidiary with the averages of the industry for the last two periods
B.
Comparing common-size financial statements of the subsidiary with the averages of the industry for the last two periods
Answers
C.
Comparing the sales of the subsidiary with the sales of another subsidiary for the last two periods.
C.
Comparing the sales of the subsidiary with the sales of another subsidiary for the last two periods.
Answers
D.
Comparing the sales of the subsidiary with the budgeted figures for the last two periods
D.
Comparing the sales of the subsidiary with the budgeted figures for the last two periods
Answers
Suggested answer: B

Explanation:

External benchmarking using trend analysis involves comparing a company's performance metrics with industry standards or averages over a certain period to identify trends and areas for improvement. Comparing common-size financial statements of the subsidiary with the averages of the industry for the last two periods allows for a normalized comparison by expressing financial statement items as a percentage of a common base figure (e.g., total assets or sales). This method highlights the subsidiary's financial structure and performance trends in relation to industry norms, facilitating a comprehensive analysis.

Reference:

'Internal Auditing: Assurance & Advisory Services' (The Institute of Internal Auditors)

'Benchmarking: An Essential Tool for Assessment, Improvement, and Market Leadership' (Michael J. Spendolini)

Question 307

Report
Export
Collapse

An internal auditor discovered that sales contracts with business clients were not stored in the electronic document management database instead they were scanned and saved in a nonsystematic manner to server folders Which of the following would be an appropriate consequence for the internal auditor to include in the documented observation?

A.
The document management policy requires business client data to be stored in a specific management database
A.
The document management policy requires business client data to be stored in a specific management database
Answers
B.
Sales contracts were stored improperly because the office manager was not trained to use the electronic database and prefers to avoid it
B.
Sales contracts were stored improperly because the office manager was not trained to use the electronic database and prefers to avoid it
Answers
C.
if the organization becomes subject to litigation the agreed pricing terms and conditions of the contracts may be difficult to prove
C.
if the organization becomes subject to litigation the agreed pricing terms and conditions of the contracts may be difficult to prove
Answers
D.
All staff should be appropriately trained and required to follow the organization's established policies and procedures pertaining to document management
D.
All staff should be appropriately trained and required to follow the organization's established policies and procedures pertaining to document management
Answers
Suggested answer: C

Explanation:

The key issue here is the risk associated with non-compliance to document management policies, particularly in terms of legal exposure. If sales contracts are not stored systematically in the electronic document management database, it can lead to difficulties in retrieving these documents, especially in the case of litigation. This can pose significant legal risks because the organization might struggle to prove the agreed pricing terms and conditions, which could potentially result in financial losses or legal penalties. The consequence highlighted in option C directly addresses this critical risk.

Reference:

'Internal Auditing: Assurance & Advisory Services' (The Institute of Internal Auditors)

'Document Management in Internal Auditing: Best Practices' (The Institute of Internal Auditors)

Question 308

Report
Export
Collapse

The audit committee has asked the chief audit executive (CAE) to conduct an ad hoc forensic investigation of the purchasing department within a month due to the significance and urgency of a recently discovered risk The internal audit activity currently has no available staff with relevant experience or qualifications Which of the following is the CAE's best option for fulfilling the internal audit activity's responsibilities in this case?

A.
Outsource the investigation to independent professional consultants
A.
Outsource the investigation to independent professional consultants
Answers
B.
Select certain internal auditors and remove them from their current assignments so that they can begin a forensic investigation course
B.
Select certain internal auditors and remove them from their current assignments so that they can begin a forensic investigation course
Answers
C.
Recruit additional internal auditors possessing relevant qualification and experience
C.
Recruit additional internal auditors possessing relevant qualification and experience
Answers
D.
Decline the engagement at this time
D.
Decline the engagement at this time
Answers
Suggested answer: A

Explanation:

Given the urgency and the lack of internal expertise in forensic investigation, the most effective and immediate solution is to outsource the investigation to independent professional consultants. This approach ensures that the investigation is conducted by individuals with the necessary skills and experience, thereby maintaining the integrity and quality of the investigation. Training internal staff or recruiting new auditors would take time and may not address the immediate need, while declining the engagement would not fulfill the audit committee's request.

Reference:

'Internal Auditing: Assurance & Advisory Services' (The Institute of Internal Auditors)

'Forensic Accounting and Fraud Investigation for Non-Experts' (Howard Silverstone and Michael Sheetz)

Question 309

Report
Export
Collapse

Which of the following statements is true regarding a drawback of using internal control questionnaires (ICQs)?

A.
When internal auditors need to cover many control procedures using ICQs is generally less efficient than conducting observations and inspections
A.
When internal auditors need to cover many control procedures using ICQs is generally less efficient than conducting observations and inspections
Answers
B.
It is generally difficult for internal auditors lo compile appropriate ICQs for business activities that are governed by standardized operating procedures
B.
It is generally difficult for internal auditors lo compile appropriate ICQs for business activities that are governed by standardized operating procedures
Answers
C.
ICQs are inadequate to provide effective assurance on how organizational processes are executed in practice.
C.
ICQs are inadequate to provide effective assurance on how organizational processes are executed in practice.
Answers
D.
It is generally difficult for internal auditors to process completed questionnaires, because ICQs frequently elicit detailed comments and long answers from management
D.
It is generally difficult for internal auditors to process completed questionnaires, because ICQs frequently elicit detailed comments and long answers from management
Answers
Suggested answer: A

Explanation:

A drawback of using Internal Control Questionnaires (ICQs) is that they can be less efficient than conducting observations and inspections when many control procedures need to be covered. ICQs can be time-consuming to complete and may not provide the depth of understanding that direct observation and inspection can achieve. They often require follow-up to clarify responses, which can further increase the time and resources needed to obtain the necessary assurance.

The Institute of Internal Auditors (IIA) Practice Guide on 'Audit Evidence Collection'

IIA Standard 2310 -- Identifying Information: 'Internal auditors must identify sufficient, reliable, relevant, and useful information to achieve the engagement's objectives.'

Question 310

Report
Export
Collapse

While conducting a review of the logistics department the internal audit team identified a crucial control weakness. The chief audit executive (CAE) decided to prepare an audit memorandum for management of the logistics department followed by an informal meeting What is the most likely reason the CAE decided to prepare the audit memorandum?

A.
To report up-to-date audit progress to management
A.
To report up-to-date audit progress to management
Answers
B.
To ensure that the internal audit team and the CAE are aligned with regard to the identified weakness
B.
To ensure that the internal audit team and the CAE are aligned with regard to the identified weakness
Answers
C.
To allow management to address the identified weakness timely
C.
To allow management to address the identified weakness timely
Answers
D.
To obtain management's agreement with regard to the identified weakness
D.
To obtain management's agreement with regard to the identified weakness
Answers
Suggested answer: C

Explanation:

The most likely reason the Chief Audit Executive (CAE) decided to prepare an audit memorandum for management of the logistics department is to allow management to address the identified weakness timely. An audit memorandum serves as a formal communication that highlights the issue and provides management with the necessary details to understand and address the control weakness promptly. This approach facilitates immediate corrective action, thereby reducing the risk associated with the identified weakness.

The Institute of Internal Auditors (IIA) Standard 2420 -- Quality of Communications: 'Communications must be accurate, objective, clear, concise, constructive, complete, and timely.'

IIA Practice Guide on 'Engagement Communication'

Total 461 questions
Go to page: of 47
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms