ExamGecko
Question list
Search
Search

List of questions

Search

Related questions











Question 90 - IIA-CIA-Part2 discussion

Report
Export

An organization has a health and safety division that conducts audits to meet regulatory requirements. The chief health and safety officer reports directly to the CEO. Which of the following describes an appropriate role for the chief audit executive (CAE) with regard to the organization's health and safety program?

A.
The CAE has no role to play, because the chief health and safety officer reports to a senior executive.
Answers
A.
The CAE has no role to play, because the chief health and safety officer reports to a senior executive.
B.
The CAE should coordinate with, and review the work of, the chief health and safety officer to gain an understanding of whether risks related to health and safety are managed properly.
Answers
B.
The CAE should coordinate with, and review the work of, the chief health and safety officer to gain an understanding of whether risks related to health and safety are managed properly.
C.
The CAE should give periodic reports directly to the regulator regarding health and safety issues, as it is the appropriate regulatory oversight body.
Answers
C.
The CAE should give periodic reports directly to the regulator regarding health and safety issues, as it is the appropriate regulatory oversight body.
D.
The CAE should hire an independent external specialist to conduct an annual assessment and provide assurance over the effectiveness of the health and safety program and the reliability of its reports.
Answers
D.
The CAE should hire an independent external specialist to conduct an annual assessment and provide assurance over the effectiveness of the health and safety program and the reliability of its reports.
Suggested answer: B

Explanation:

The role of the CAE includes ensuring that all significant risks, including those related to health and safety, are properly managed. Even though the chief health and safety officer reports directly to the CEO, the CAE should still coordinate with and review the work of this officer to understand and evaluate the management of health and safety risks. This helps ensure a comprehensive risk management approach within the organization and supports the overall assurance framework. It is not appropriate for the CAE to have no role (Option A), report directly to the regulator (Option C), or hire an external specialist annually without internal coordination (Option D).

Reference:

IIA Standard 2010: Planning.

IIA Practice Guide on Coordinating Risk Management and Assurance.

asked 18/09/2024
Yuwadee Srisathan
40 questions
User
Your answer:
0 comments
Sorted by

Leave a comment first