ExamGecko
Search Search Login
Home Home / IIA / IIA-CIA-Part2

IIA IIA-CIA-Part2 Practice Test - Questions Answers, Page 37

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

How should an internal auditor approach preparing a detailed risk assessment during engagement planning?
A newly promoted chief audit executive (CAE) is faced with a backlog of assurance engagement reports to review for approval. In an attempt to attach a priority for this review, the CAE scans the opinion statement on each report. According to IIA guidance, which of the following opinions would receive the lowest review priority? 1. Graded positive opinion. 2. Negative assurance opinion. 3. Limited assurance opinion. 4. Third-party opinion.
Internal audit staff lacks the expertise to perform a fraud investigation engagement stemming from a whistleblowing incident. Which of the following is the most appropriate option for the chief audit executive?
According to the MA guidance, which of the following does the engagement work program test in a review of an organizational process?
An internal auditor wanted to determine whether company vehicles were being used for personal purposes She extracted a report that listed company vehicle numbers business units to which the vehicles are allocated travel dates, travel duration and mileage She then filtered the data for weekend dates Which of the following additional information would the auditor need?
According to an internal audit observation, the organization's rules of record management require all contracts to be registered and stored in a specific electronic system. One subsidiary has thousands of client contracts on paper, which are kept in the office because there are not enough assistants to scan the contracts into the system. Which of the following component should be added to this observation?
The external auditor has identified a number of production process control deficiencies involving several departments. As a result, senior management has asked the internal audit activity to complete internal control training for all related staff. According to IIA guidance, which of the following would be the most appropriate course of action for the chief audit executive to follow?
Which of the following is an appropriate responsibility for the internal audit activity with regard to the organization's risk management program?
An examination of the accounts payable function evidenced multiple findings with respect to segregation of duties. After management's response and action plan are received and documented in the final report, which of the following is most appropriate?
Senior management wants assurance that third-party contractors are following procedures as agreed with the organization. Which type of audit would be most appropriate to achieve this objective?

Question 361

Report
Export
Collapse

Which of the following is an appropriate activity when supervising engagements?

A.
During engagement planning, the audit work program should be discussed between auditors and the engagement supervisor with the supervisor approving the work program.
A.
During engagement planning, the audit work program should be discussed between auditors and the engagement supervisor with the supervisor approving the work program.
Answers
B.
During fieldwork, scope changes made to the work program are at the auditor's discretion and should be supported adequately in the workpapers.
B.
During fieldwork, scope changes made to the work program are at the auditor's discretion and should be supported adequately in the workpapers.
Answers
C.
Engagement supervision is most critical to the fieldwork and reporting phases of the audit, as this is where the majority of the work takes place.
C.
Engagement supervision is most critical to the fieldwork and reporting phases of the audit, as this is where the majority of the work takes place.
Answers
D.
A degree of high supervision to no supervision may be provided to an auditor depending on his level of competence and the complexity of the engagement.
D.
A degree of high supervision to no supervision may be provided to an auditor depending on his level of competence and the complexity of the engagement.
Answers
Suggested answer: A

Explanation:

According to the IIA's Implementation Guide for Standard 2340 - Engagement Supervision1, one of the activities that the chief audit executive or the designated engagement supervisor should perform is to review and approve the engagement work program before the commencement of fieldwork. The engagement work program should be based on the engagement objectives, scope, and approach, and should reflect the risks and controls identified during the planning phase. The engagement work program should also be discussed with the engagement team to ensure that they understand the tasks and procedures to be performed, and to address any questions or concerns. The engagement supervisor should document the approval of the work program and any subsequent changes in the workpapers.

Question 362

Report
Export
Collapse

During an engagement in one of the subsidiaries of an organization, an internal auditor noted the following in the workpapers:

'As a subsidiary of a multinational organization in this particular country, the entity is required to register annually with the respective ministry. However, the subsidiary did not submit the required documentation for registration during the prior year. Failure to comply with internal and external regulations could lead to penalties or fines from the respective authorities. It is recommended that the management of the subsidiary ensures compliance with the relevant legislation. As a recoverable action, management should register the subsidiary in the current year as soon as possible.'

What part of this narrative represents a condition of the observation made by auditors in the final report?

A.
' ... the subsidiary did not submit required documentation for registration in the prior year.'
A.
' ... the subsidiary did not submit required documentation for registration in the prior year.'
Answers
B.
' ... the entity is required to register annually with the respective ministry.'
B.
' ... the entity is required to register annually with the respective ministry.'
Answers
C.
' ... failure to comply with internal and external regulations might lead to penalties or fines from the respective authorities.'
C.
' ... failure to comply with internal and external regulations might lead to penalties or fines from the respective authorities.'
Answers
D.
' ... management should register the subsidiary in the current year as soon as possible
D.
' ... management should register the subsidiary in the current year as soon as possible
Answers
Suggested answer: A

Explanation:

.' In internal auditing, the 'condition' of an observation refers to the specific state or situation that has been identified during the audit. It describes what is actually occurring and provides the factual basis for the observation. In this case, the statement '... the subsidiary did not submit required documentation for registration in the prior year.' explicitly describes the observed deficiency, which is the failure to submit the necessary documentation. This condition highlights the exact issue that needs to be addressed by management.

Question 363

Report
Export
Collapse

How should an internal auditor approach preparing a detailed risk assessment during engagement planning?

A.
Complete the risk assessment independently to prevent conflicts of interest with the function being reviewed.
A.
Complete the risk assessment independently to prevent conflicts of interest with the function being reviewed.
Answers
B.
Work with external auditors to ensure that the risk assessment includes items reflected on the independent auditor's report.
B.
Work with external auditors to ensure that the risk assessment includes items reflected on the independent auditor's report.
Answers
C.
Work with management of the function being reviewed, as management would be most familiar with the business objectives and related risks.
C.
Work with management of the function being reviewed, as management would be most familiar with the business objectives and related risks.
Answers
D.
Consult with the compliance department, which typically has a more comprehensive view of the organization.
D.
Consult with the compliance department, which typically has a more comprehensive view of the organization.
Answers
Suggested answer: C

Explanation:

When preparing a detailed risk assessment during engagement planning, the internal auditor should collaborate with the management of the function being reviewed. Management has the most in-depth knowledge of their business objectives, processes, and the associated risks. This cooperation ensures that the risk assessment is comprehensive, accurate, and relevant to the specific context of the function under review. It also helps in identifying any potential areas of concern that might not be evident to external parties.

IIA Standard 2201: 'Planning Considerations'

IIA Practice Guide: 'Assessing the Adequacy of Risk Management Processes'

Question 364

Report
Export
Collapse

An organization owns vehicles that are kept off-site by employees to pick up and deliver orders. An internal auditor selects a specific vehicle from the fixed asset register for testing. Which of the following would best provide sufficient, indirect evidence for the auditor to confirm the existence of the vehicle?

A.
Review logs of the vehicles assigned to employees for the delivery of goods during the engagement period.
A.
Review logs of the vehicles assigned to employees for the delivery of goods during the engagement period.
Answers
B.
Visit the home address of the specific employee to see the selected vehicle.
B.
Visit the home address of the specific employee to see the selected vehicle.
Answers
C.
Compare the registered details of the vehicle in the fixed asset register to a date-stamped photograph of the vehicle.
C.
Compare the registered details of the vehicle in the fixed asset register to a date-stamped photograph of the vehicle.
Answers
D.
Seek independent confirmation of the vehicle's details from one of the delivery employees.
D.
Seek independent confirmation of the vehicle's details from one of the delivery employees.
Answers
Suggested answer: C

Explanation:

To confirm the existence of a specific vehicle selected from the fixed asset register, the best indirect evidence would be to compare the registered details of the vehicle with a date-stamped photograph. This method provides a verifiable form of evidence that the vehicle exists and matches the details recorded in the asset register. It ensures that the vehicle is still in possession of the organization and can be indirectly verified without the need for physical presence at an off-site location.

IIA Practice Guide: 'Auditing Fixed Assets'

COSO Internal Control -- Integrated Framework

Question 365

Report
Export
Collapse

An internal audit report includes a recommendation to remove inappropriate user access to an IT application. Which of the following does the recommendation represent?

A.
An agreed action adopted by management.
A.
An agreed action adopted by management.
Answers
B.
A condition-based recommendation as an interim solution to correct a current condition.
B.
A condition-based recommendation as an interim solution to correct a current condition.
Answers
C.
A cause-based recommendation to prevent inappropriate access being granted again.
C.
A cause-based recommendation to prevent inappropriate access being granted again.
Answers
D.
A management action plan.
D.
A management action plan.
Answers
Suggested answer: C

Question 366

Report
Export
Collapse

An internal auditor used a risk and control matrix to prepare a work program for testing a software release. During the engagement planning stage, he tested the design of the release procedure as a key control and concluded that the control was not designed well. During the performance stage, he tested the operation of this control and concluded that it was implemented as designed. Which of the following statements is true regarding this scenario?

A.
The test of the control design should have occurred at the performance stage.
A.
The test of the control design should have occurred at the performance stage.
Answers
B.
The test of the operating effectiveness of the control was not necessary.
B.
The test of the operating effectiveness of the control was not necessary.
Answers
C.
A risk and control matrix is not appropriate for this type of engagement.
C.
A risk and control matrix is not appropriate for this type of engagement.
Answers
D.
The test of the operating effectiveness of the control should have occurred at the planning stage.
D.
The test of the operating effectiveness of the control should have occurred at the planning stage.
Answers
Suggested answer: B

Question 367

Report
Export
Collapse

According to the Standards, which of the following is true regarding the auditor's inclusion of management's satisfactory performance in the final audit report?

A.
Acknowledgement of satisfactory performance is encouraged but not required.
A.
Acknowledgement of satisfactory performance is encouraged but not required.
Answers
B.
There are no standards to address the inclusion of satisfactory performance.
B.
There are no standards to address the inclusion of satisfactory performance.
Answers
C.
Satisfactory performance should only be acknowledged with the advice of corporate counsel.
C.
Satisfactory performance should only be acknowledged with the advice of corporate counsel.
Answers
D.
Auditors must include satisfactory performance with the approval of the board.
D.
Auditors must include satisfactory performance with the approval of the board.
Answers
Suggested answer: A

Question 368

Report
Export
Collapse

After completing an assurance engagement, the chief audit executive (CAE) concludes that management has accepted a level of risk that may be unacceptable to the organization. What is the most appropriate first step for the CAE to take?

A.
Discuss the issue with senior management.
A.
Discuss the issue with senior management.
Answers
B.
Discuss the issue only with the CEO.
B.
Discuss the issue only with the CEO.
Answers
C.
Inform the board.
C.
Inform the board.
Answers
D.
Discuss the issue with the members of management responsible for the risk area.
D.
Discuss the issue with the members of management responsible for the risk area.
Answers
Suggested answer: A

Question 369

Report
Export
Collapse

During an entity-level controls assessment, internal auditors deploy an internal control questionnaire to test the controls. Which of the following is a major drawback of this testing method?

A.
Information obtained by this method can be repudiated.
A.
Information obtained by this method can be repudiated.
Answers
B.
Information obtained by this method is difficult to quantify.
B.
Information obtained by this method is difficult to quantify.
Answers
C.
It is an inefficient method of gathering evidence.
C.
It is an inefficient method of gathering evidence.
Answers
D.
Limited information can be gathered with this method.
D.
Limited information can be gathered with this method.
Answers
Suggested answer: A

Question 370

Report
Export
Collapse

During the preliminary survey of the procurement department, an internal auditor noted a major control weakness in the organization's ordering and receiving process. According to IIA guidance, which of the following is the most appropriate action the internal auditor should take?

A.
Issue a final report on the control weakness to senior management.
A.
Issue a final report on the control weakness to senior management.
Answers
B.
Bring the control weakness to the attention of the process owner for resolution.
B.
Bring the control weakness to the attention of the process owner for resolution.
Answers
C.
Note the control weakness for discussion during the exit meeting.
C.
Note the control weakness for discussion during the exit meeting.
Answers
D.
Carry out an investigation of the control weakness for disciplinary action.
D.
Carry out an investigation of the control weakness for disciplinary action.
Answers
Suggested answer: B
Total 461 questions
Go to page: of 47
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms