Summer Certification Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: best70

IIA-CIA-Part1 Internal Audit Fundamentals Questions and Answers

Questions 4

According to IIA guidance, which of the following threats to objectivity is described as familiarity ' ?

Options:

A.

An internal auditor is a close friend or relative of the manager or an employee of the audit client

B.

An internal auditor has a long-term business relationship with the audit client.

C.

An internal auditor has an economic stake in the performance of the organization

D.

An internal auditor is exposed to or perceived to be exposed to pressures from external parties

Buy Now
Questions 5

Anew internal auditor suspects fraud is taking place. Which action should the new auditor take?

Options:

A.

Collect relevant audit evidence and begin working with management of the area to investigate the fraud.

B.

Inform the chief audit executive and meet with the suspect to determine whether the person committed fraud.

C.

Document supporting information and recommend an investigation to the appropriate audit management.

D.

Evaluate existing controls and implement new procedures to mitigate the opportunity for fraud.

Buy Now
Questions 6

Which of the following controls would be most useful to prevent an employee from using the organization ' s funds for inappropriate expenditures and falsifying financial records to conceal the fraud?

Options:

A.

Segregating duties in the payroll processes.

B.

Confirming receipt of goods or services.

C.

Performing background checks on newly hired employees.

D.

Requiring management approval for expenses.

Buy Now
Questions 7

Which of the following is a true statement regarding whistleblowing?

Options:

A.

Whistleblowing is one of several possible ethical structures an organization can undertake to encourage ethical behavior.

B.

Whistleblowing programs help employees deal with ethical questions and instill ethical values into everyday behavior

C.

Whistleblowers are current or former employees who are disgruntled and looking to retaliate.

D.

Whistleblowers should inform the organization about actual criminal circumstances, not assumed allegations

Buy Now
Questions 8

According to NA guidance, which of the following is true regarding typical fraud schemes?

1. A diversion occurs when an employee has an undisclosed personal economic interest in a transaction that adversely affects

the organization.

2. Tax evasion is intentional reporting of false or misleading information on a tax return by an organization to reduce taxes owed.

3. Skimming involves stealing cash or assets from the organization and is normally concealed by adjusting the organization’s

records.

4, Disbursement fraud occurs when a person causes the organization to issue a payment for fictitious goods or services.

Options:

A.

1 and 3.B.

B.

1 and 4.

C.

2 and 3.

D.

2 and 4.

Buy Now
Questions 9

Which of the following offers the best evidence that the internal audit activity has achieved organizational independence?

Options:

A.

An independent third party has assessed the organization ' s system of internal controls to be adequate and effective,

B.

The chief audit executive reports both functionally and administratively to the CEO.

C.

The internal audit charter is drafted properly and approved by the appropriate parties.

D.

The mission statement and strategy of the internal audit activity demonstrates alignment to organizational objectives.

Buy Now
Questions 10

Which of the following techniques should an internal auditor use in order to conduct an effective interview?

Options:

A.

Use technical language to establish credibility with the employee being interviewed

B.

Avoid straightforward questions to make the person being interviewed think before answering

C.

Prepare the next question while the interviewee is responding to demonstrate preparedness

D.

Appear confident but not arrogant during the interview to show professionalism

Buy Now
Questions 11

Of all the common characteristics of frauds, which of the following can the organization influence the most?

Options:

A.

Pressure or incentive.

B.

Rationalization

C.

Opportunity

D.

Commitment.

Buy Now
Questions 12

Which of the following scenarios demonstrates nonconformance with the Standards?

Options:

A.

An internal auditor failed to expand the engagement and include managements preferences when determining the scope of an upcoming assurance engagement.

B.

An internal audit activity lacks the skills need to perform a high-risk security engagement included on the annual audit plan.

C.

A chief audit executive fated to perform a risk assessment prior to preparing the audit plan

D.

An internal audit activity has existed for two years and has not undergone external quality assessment

Buy Now
Questions 13

Which of the following is a limitation of detective internal controls in fraud management?

Options:

A.

Implementation costs tend to be higher than the expected benefits.

B.

They tend to be easy for fraudsters to circumvent.

C.

They are not designed to improve efficiency of operations.

D.

They are not effective in preventing fraud.

Buy Now
Questions 14

Which of the following organizations has reached the most mature level of corporate social responsibility?

Options:

A.

An organization that is able to provide goods and services society needs and thus maximizes profit to its owners.

B.

An organization that ensures compliance to legal frameworks of the countries in which it operates and sells its products.

C.

An organization that is willing to make contributions not mandated by law or economics and expects no payback.

D.

An organization that requires its decision makers to act with equity, fairness, and respect for the rights of individuals.

Buy Now
Questions 15

According to IIA guidance, which policy, established by the chief audit executive, would most likely ensure internal audits are conducted with due professional care?

Options:

A.

The initial review of workpapers should be conducted after the final engagement report is issued.

B.

Independent internal assessments of the internal audit activity should be performed by entry-level staff as part of on-the-job training.

C.

Internal audit staff should be informed regularly of changes to policies and procedures.

D.

Training documents should be destroyed at the end of the year to create space for the next year ' s training documents.

Buy Now
Questions 16

According to IIA guidance, which of the following is true of the internal audit activity’s quality assurance and improvement program?

1 Monitoring the internal audit activity’s performance must be ongoing

2 All aspects of the internal audit activity should be evaluated

3 The requirement for external assessments can be satisfied through self-assessments that are validated by an independent external party

4 The review of assurance services should be the primary focus

Options:

A.

1 and 2 only

B.

2 and 3 only

C.

1, 2 and 3

D.

1 3 and 4

Buy Now
Questions 17

Which of the following statements best describes how the internal audit activity obtains reasonable assurance that significant risks in the organization are identified and assessed?

Options:

A.

The internal auditors review the organization ' s strategic plan, business plan, and policies, and have discussions with the board and senior management.

B.

The internal auditors evaluate the adequacy and timeliness of management ' s reporting of risk management results.

C.

The internal auditors interview staff at various levels and determine whether the organization ' s objectives, significant risks, and risk appetite are articulated sufficiently.

D.

The internal auditors review recently completed risk assessments and related reports issued by senior management, external auditors, and other sources.

Buy Now
Questions 18

Which of the following situations is most likely to heighten an internal auditor ' s professional skepticism regarding potential fraud?

Options:

A.

A procurement manager does not have the expected academic credentials for his position.

B.

A salesperson frequently complains about the organization ' s policy on sales commissions.

C.

The accounts payable supervisor has requested advances against her monthly salary on several occasions.

D.

A financial accountant is absent from work frequently due to regular medical procedures.

Buy Now
Questions 19

Which of the following is the primary engagement responsibility of an entry-level internal auditor?

Options:

A.

Leadership.

B.

Documentation.

C.

Analysis.

D.

Reporting.

Buy Now
Questions 20

According to IIA guidance, which of the following statements is true of assurance services provided by the internal audit activity?

Options:

A.

Internal auditors cannot assess an operation for which they were responsible within the previous year.

B.

Management of the area under review must agree with the engagement objectives, scope, and techniques.

C.

The engagement results will vary in form and content depending upon the needs and wishes of the engagement client.

D.

The only parties involved in the engagement are the internal auditor and management of the area under review.

Buy Now
Questions 21

Which of the following fraud prevention measures is most likely to trigger undesired adverse behavior if improperly designed?

Options:

A.

Disclosure of outside business activities

B.

Ethics training programs

C.

Compensation programs

D.

Exit interviews

Buy Now
Questions 22

According to IIA guidance, which of the following actions by a new chief audit executive would be most appropriate to gain an understanding of the current level of knowledge, skills, and competencies required by an internal audit activity to fulfill its responsibilities?

Options:

A.

Identify gaps in the activity’s proficiency, based on criteria defined by a widely accepted competency framework.

B.

Have a quality assessment review performed by an expert external entity.

C.

Identify a mature internal audit activity to serve as a benchmark for measuring the internal audit activity’s competence.

D.

Assess whether members of the internal audit activity understand and apply the 11As mandatory guidance.

Buy Now
Questions 23

Which of the following is a consulting service the internal audit activity can perform with respect to the organization ' s risk management?

Options:

A.

Delivering assurance on the risk management system

B.

Facilitating risk assessment workshops

C.

Evaluating principal risk reporting

D.

Deciding on the appropriate risk response

Buy Now
Questions 24

Internal controls belong to which risk response category?

Options:

A.

Reduction.

B.

Avoidance.

C.

Sharing.

D.

Acceptance.

Buy Now
Questions 25

According to IIA guidance, which of the following statements is true regarding proficiency?

Options:

A.

The globally accepted Certified Internal Auditor designation is mandatory at chief audit executive levels.

B.

Internal auditors are encouraged to obtain appropriate professional designations.

C.

Specialty designations are required for those who perform specialized audit and consulting work.

D.

Studies for professional designations are the preferred source of continuing professional education

Buy Now
Questions 26

The internal audit activity is asked to review the effectiveness of controls around the disposal of chemical waste. However, the internal auditors on staff lack the necessary skills to conduct this review. Which of the following would be the most appropriate approach?

Options:

A.

An internal auditor who recently attended a three-day workshop on chemical waste disposal, and therefore has the most knowledge on the topic, should lead the engagement.

B.

A team of available internal auditors should be assembled and should consult with an external nonaudit expert on chemical waste disposal to plan and conduct the engagement.

C.

A team of the most knowledgeable auditors could be assembled and use the engagement work program from the previous year to gather additional insight regarding recommended audit procedures.

D.

A nonaudit employee from the chemical disposal area may share his expertise with the audit team, provided the internal audit manager conducts a detailed review of all engagement work performed.

Buy Now
Questions 27

According to IIA guidance, which of the following actions is a chief audit executive required to take with regard to reporting the results of the quality assurance and improvement program?

Options:

A.

Report external assessments upon completion of such assessments

B.

Report external assessments at least annually

C.

Report ongoing monitoring quarterly

D.

Report post-engagement reviews at least once every five years

Buy Now
Questions 28

An organization employs ongoing monitoring and is considering implementing periodic evaluations to assess the continuing effectiveness of its risk management process. Which of the following statements Is true with regard to such periodic evaluations?

Options:

A.

Periodic evaluations are considered to be less objective than ongoing monitoring.

B.

Periodic evaluations can be more effective than ongoing monitoring.

C.

Periodic evaluation frequency may depend on the results of ongoing monitoring.

D.

Periodic evaluations frequently identify problems more quickly than ongoing monitoring.

Buy Now
Questions 29

Which of the following best describes organizational governance processes?

Options:

A.

Processes employed by internal and external assurance providers to authorize, direct, and provide oversight to management to better enable the meeting of organizational objectives

B.

Processes employed by the board of directors to authorize and provide guidance and oversight to management to promote the achievement of organizational objectives.

C.

Processes employed by the board of directors and senior management to mitigate risks to acceptable levels.

D.

Processes employed by risk owners to mitigate risks to acceptable levels within the organization ' s risk appetite

Buy Now
Questions 30

Which of the following is a primary responsibility of senior management with respect to ethical violations?

Options:

A.

Senior management provides oversight for the organization ' s ethical climate.

B.

Senior management promotes an ethical culture in the organization.

C.

Senior management assesses the effectiveness of the organization’s ethical programs.

D.

Senior management reviews major ethical policies in the organization for compliance

Buy Now
Questions 31

Which of the following is a responsibility of the internal audit activity as it relates to risk and risk management?

Options:

A.

Evaluating and suggesting improvements to the risk management process.

B.

Establishing the organization ' s risk appetite.

C.

Determining whether the risk attitude is aligned with shareholder interests.

D.

Ensuring an adequate risk management system is in place.

Buy Now
Questions 32

A chief audit executive (CAE) recruited a few new internal auditors to reduce the resource gaps identified in this year ' s internal audit plan. One of the new recruits has several years of experience with the organization. Ten months ago. she served as a senior supervisor in the finance department. However, for the past 10 months, she has been helping the organization with implementing a new IT system. What approach should the CAE take for the upcoming financial statement controls audit?

Options:

A.

Assign the new auditor to assist with conducting the fieldwork. but ensure that her work is reviewed by the CAE.

B.

Assign the new auditor to assist with developing the audit program, but ensure that the audit program is executed by other audit staff.

C.

Ensure that the new auditor ' s previous manager, and other close former coworkers, are excused during the audit.

D.

Ensure that the new auditor is responsible only for the supervisory review, but not the execution of the audit field work.

Buy Now
Questions 33

A subsidiary of the organization was preparing for an initial public offering (IPO). Af the request of the audit committee, the chief audit executive (CAE) and all senior audit staff were actively involved in the process by helping collect and validate financial data, conducting assessments, and participating in meetings with IPO advisors. Six months later, it became obvious that the IPO had to be canceled. Newly appointed audit committee members requested an assurance engagement that v/ould assess the IPO preparation process. Which of the following would be the best course of action for the chief audit executive (CAE) to take?

Options:

A.

The decision to involve auditors in the IPO was made by former audit committee members; therefore, the CAE is not responsible and can proceed with the new assignment.

B.

The CAE should reject the assignment, as such engagements are beyond the scope of auditors who are usually not familiar with root cause analysis methodology.

C.

The engagement should be undertaken by audit assistants and other junior staff members who were not involved in the IPO process.

D.

The CAE should disclose objectivity limitations to the audit committee and suggest alternatives, such as outsourcing the engagement.

Buy Now
Questions 34

According to IIA guidance, which of the following activities would typically be examined when using the maturity model approach for assessing an organization ' s risk management program?

Options:

A.

Monitor and review.

B.

Performance measurement.

C.

Setting the context.

D.

Communication.

Buy Now
Questions 35

Which of the following best describes why a chief audit executive might obtain the services of a fraud specialist to assist in a major fraud investigation?

Options:

A.

Fraud specialists are better at using computer-assisted audit techniques.

B.

Fraud specialists are better equipped to act as an expert witness in court.

C.

Fraud specialists are better able to properly apply due professional care.

D.

Fraud specialists are better at using crime scene investigation techniques.

Buy Now
Questions 36

When a plant manager from within the organization is hired as a rotational internal auditor within the internal audit activity which area should he most likely be trained for immediately?

Options:

A.

Industry knowledge

B.

Project management

C.

Leadership skills

D.

Risk assessments

Buy Now
Questions 37

Which of the following actions should the organization ' s governing body perform to provide the most effective governance over the organization ' s culture?

Options:

A.

Coordinate control activities.

B.

Provide direction.

C.

Design key controls.

D.

Deliver assurance.

Buy Now
Questions 38

Which of the following best demonstrates conformance with IIA standards related to continuing professional development?

Options:

A.

Retaining evidence of training in the form of continuing education credits

B.

Seeking guidance regarding internal audit best practices from The IIA

C.

Retaining supervisory reviews conducted on the basis of the development plan

D.

Giving consideration to certain areas of specialization as part of development planning

Buy Now
Questions 39

Which of the following activities should the chief audit executive perform to ensure compliance with an organization ' s code of conduct?

Options:

A.

Act as an advisor to the committee responsible for reviewing violations of the code.

B.

Review and adjudicate all violations of the code of conduct.

C.

Lead the committee responsible for the oversight of the code.

D.

Implement a system of procedures to inform all employees of the code.

Buy Now
Questions 40

During an audit engagement of a large retail store, internal auditors noted significant discrepancies between available inventory and sales and suspect an abuse of cash register refunds and voids. Which of the following would be the most effective preventative control to reduce these losses?

Options:

A.

Ensure that returned merchandise is restocked to shelves or sent to the manufacturer by an independent employee.

B.

Call a sample of customers who returned merchandise to test the legitimacy of the returns and check refund amounts.

C.

Require that a manager use a reserved register code to approve voids or refunds.

D.

Analyze voids and refunds by employee, credit card number, and amount for unusual numbers, amounts, or patterns.

Buy Now
Questions 41

Under which of the following circumstances should the final audit report include a disclosure of nonconformance with the Standards?

Options:

A.

An external quality assessment of the internal audit activity is performed only once every five years.

B.

The internal auditor provided negative assurance, because he found no evidence of misconduct.

C.

The annual internal audit plan includes some consulting engagements that are based on opportunities rather than risks to the organization.

D.

A new internal auditor moved into the internal audit activity from the payroll department and was immediately assigned to the payroll audit.

Buy Now
Questions 42

Management decided to post the organization ' s newly established code of conduct on its website. This decision is primarily intended to mitigate which of the following risks?

Options:

A.

Accountability risk.

B.

Communication risk.

C.

Knowledge risk.

D.

Cultural risk.

Buy Now
Questions 43

When the chief audit executive Is responsible for risk management in an organization, which of the following parties is responsible for overseeing the internal audit activity ' s assurance over risk management?

Options:

A.

The chief audit executive.

B.

A member of the compliance function.

C.

A party outside of the internal audit activity.

D.

A member of the risk management function.

Buy Now
Questions 44

Which of the following would be considered a violation of The HAfs mandatory guidance on independence?

Options:

A.

The chief audit executive (CAE) reports functionally to the board and administratively to the chief financial officer.

B.

The board seeks senior management ' s recommendation before approving the annual salary adjustment of the CAE.

C.

The CAE confirms to the board, at least once every five years, the organizational independence of the internal audit activity,

D.

The CAE updates the internal audit charter and presents it to the board for approval periodically, not on a specific timeline

Buy Now
Questions 45

The chief audit executive (CAE) of a new internal audit activity is creating an internal audit charter According to IIA guidance, which of the following terms is most likely to

be included in the charter?

Options:

A.

Senior management will be present whenever the CAE interacts with the board, to ensure effective communication among all three parties.

B.

Internal auditors will advise on the design of control policies and procedures in any area where the organization does not possess the requisite expertise,

C.

Internal auditors will demonstrate competence, concern, and the dedication expected of a professional,

D.

Internal auditors will receive performance-based compensation, including bonuses for reporting more than a stipulated number of observations.

Buy Now
Questions 46

Which of the following scenarios is a characterize of an organization with a highly effective ethical culture?

Options:

A.

An organization implements and communicates to staff a formal and comprehensive code of conduct, which is clear and understandable.

B.

An organization waives reference and background checks when hiring for certain sensitive positions in order to not violate potential employees ' rights to privacy.

C.

An organization punishes senior management more harshly for ethics violations than it would for lower-level staff to send a message throughout the organization.

D.

An organization conducts surveys of employees, suppliers, and customers once every five years to determine the slate of the ethical climate in the organization.

Buy Now
Questions 47

Which of the following statements is the most appropriate example of the internal audit activity exercising due professional care during an audit of the payroll department?

Options:

A.

Internal auditors ensure that the work program is appropriately designed in order to identify all of the risks surrounding the payroll process.

B.

Internal auditors determine whether the policies, procedures, and practices of the payroll department are operating in accordance with relevant laws.

C.

Internal auditors verify whether the board of directors has implemented effective internal controls over the processes used by the payroll department.

D.

Internal auditors ask the organization ' s risk manager to determine whether the degree of work planned is sufficient to determine whether payroll payments were complete and accurate.

Buy Now
Questions 48

Which of the following statements is true regarding organizational independence of the internal audit activity (IAA)?

Options:

A.

Reporting to a higher level within the organization reduces the potential scope of engagements that can be undertaken by the IAA.

B.

The benefit of the IAA ' s organizational independence is realized primarily via reduced costs for the external auditor.

C.

Independence is impaired when the scope of the IAA is subject to changes required by senior management.

D.

Inadequate organizational independence can result in the chief audit executive being able to fire staff without consulting the audit committee.

Buy Now
Questions 49

According to MA guidance, which of the following is the most accurate statement regarding the internal audit charter?

Options:

A.

The IIA ' s Code of Ethics must exist outside of the charter to maintain independence.

B.

The charter must be approved by both senior management and the board.

C.

The nature of consulting services does not need to be defined in the Internal audit charter.

D.

The charter provides a framework for performing a broad range of value-added audit services.

Buy Now
Questions 50

Which of the following would be the best choice for a continuing professional development requirement for a newly created internal audit activity?

Options:

A.

Require all internal auditors to create a training plan based on a competency self-assessment.

B.

Require internal auditors to complete all of their training through webinars, to increase efficiency and avoid traveling

C.

Require all internal auditors to become a member of The Institute of Internal Auditors.

D.

Require internal auditors to create a training plan based on their areas of interest

Buy Now
Questions 51

Which of the following could increase risks to the organization’s control environment?

Options:

A.

Strong board of directors oversight.

B.

Incentive-based compensation structures.

C.

Lower than average employee turnover.

D.

Implementation of a fraud hotline.

Buy Now
Questions 52

Which of the following statements is true regarding corporate social responsibility (CSR)?

Options:

A.

Many of the areas explored by CSR are normally included in an audit universe or annual audit plan

B.

Despite significant corporate resources spent on CSR reporting investors generally do not rely on CSR information

C.

Unlike many other areas of reporting responsibilities impacting stakeholders, CSR is largely voluntary

D.

Typically operating management does not have a major role to play based on the public nature of reporting

Buy Now
Questions 53

Which of the following scenarios would most significantly restrict the areas where internal audit could perform assurance services?

Options:

A.

Regulators mandate specific audit engagements to be included in the audit plan.

B.

The internal audit activity reports functionally to the chief financial officer

C.

The internal audit activity reports administratively to the CEO and functionally to the audit committee.

D.

The internal audit activity reports administratively to the chief financial officer.

Buy Now
Questions 54

Which of the following frauds is most likely to occur in the accounts payable function?

Options:

A.

Factitious vendors are entered into the system, possibly resulting in improper disbursements.

B.

Bad debt expense is intentionally omitted from the financial statements.

C.

Certain costs are capitalized, rather than expensed.

D.

A related party receives benefits not appropriate in an arm ' s-length transaction.

Buy Now
Questions 55

Which of the following would a chief audit executive most likely use to identify a need for improvement in a staff internal auditor ' s business acumen?

Options:

A.

A quality assessment review.

B.

An internal audit client survey.

C.

A control self-assessment.

D.

A peer review of the internal audit activity.

Buy Now
Questions 56

An internal auditor wants to compare her organization’s governance processes to those of a well-known governance model. Which of the following approaches would the auditor take for this purpose?

Options:

A.

Perform a gap analysis to assess me differences between the approaches

B.

Assess the governance processes using computerized modeling techniques

C.

identify any differences between the processes using a variance analysis

D.

Benchmark the governance processes using a capability maturity modal

Buy Now
Questions 57

An audit client who was unsatisfied with the audit report rating called the chief audit executive (CAE) and complained that the internal auditor who performed the audit was biased because his spouse, who worked in the area under review, was on a list of employees to be terminated. Which of the following measures would be most appropriate to prevent this situation from arising?

Options:

A.

Initiating an internal investigation to clarify whether a biased judgment took place.

B.

Requiring the internal auditors to disclose any potential conflicts of interest.

C.

Requiring that the audit client disclose any potential conflicts of interest with the auditor.

D.

Requiring human resources manager to submit all future job applicants ' data in order to identify relatives of auditors.

Buy Now
Questions 58

According to IIA guidance, which of the following actions by the chief audit executive (CAE) best demonstrates the organizational independence of the internal audit activity?

Options:

A.

The CAE seeks senior management approval of the internal audit charter

B.

The CAE obtains senior management ' s approval to hire staff

C.

The CAE reports significant issues to the organization ' s CEO

D.

The CAE provides the board with an annual budget for approval

Buy Now
Questions 59

The organization s procurement manager asks the internal auditor to deliver training to the procurement team on the organization’s third-party risk management process. Which of the following is the most appropriate response?

Options:

A.

The internal auditor should reject the request it she previously worked in the procurement area to maintain objectivity

B.

The internal auditor should reject the request if the internal audit team does not have the requisite expertise.

C.

The internal auditor should accept the request and in fact she may assume some management responsibilities temporarily if the result is a relevant training benefit

D.

The internal auditor may accept the request only if she defines the scope to ensure conformance with the Code of Ethics

Buy Now
Questions 60

According to IIA guidance, which of the following corporate social responsibility {CSR) evaluation activities may be performed by the internal audit activity?

1. Consult on CSR program design and implementation

2. Serve as an advisor on CSR governance and risk management.

3. Review third parties for contractual compliance with CSR terms.

4. Identify and mitigate risks to help meet the CSR program objectives.

Options:

A.

1,2, and 3.

B.

1,2, and 4.

C.

1, 3, and 4.

D.

2, 3, and 4

Buy Now
Questions 61

Which of the following actions is a chief audit executive most likely to take in order to identify gaps in the internal audit activity’s knowledge, skills, and competencies?

Options:

A.

Complete a skills assessment of the internal audit activity based on. The IIA Global Internal Audit Competency Framework.

B.

Develop a competency assessment tool for the internal audit activity based on The IIA Global Internal Audit Competency Framework.

C.

Incorporate the basic criteria for competency of the internal audit activity into the job descriptions of potential internal auditors,

D.

Develop an internal audit activity plan for training internal auditors to perform required assurance and consulting activities.

Buy Now
Questions 62

Which of the following would best preserve the organizational independence of the internal audit activity?

Options:

A.

The internal audit charter is approved by the chief audit executive (CAE).

B.

The CAE reports functionally to the CEO.

C.

The CAE ' s internal audit plan is endorsed by the board.

D.

The chief financial officer determines the appointment of the CAE.

Buy Now
Questions 63

Which of the following statements is true regarding the role of the internal audit activity in the organization ' s risk management process?

Options:

A.

The internal audit activity should not be responsible for developing the organization ' s risk management framework, even with appropriate safeguards.

B.

The internal audit activity is typically responsible for alerting operational management to emerging risks and changes in regulatory scenarios

C.

The internal audit activity may coach management on risk response scenarios if safeguards have been implemented.

D.

The internal audit activity should avoid giving assurance regarding the accuracy of risk evaluations if safeguards have not been implemented.

Buy Now
Questions 64

Which of the following policies promotes internal audit objectivity?

Options:

A.

The chief audit executive (CAE) reports functionally to the CEO

B.

The CAE s compensation is approved by the chief financial officer

C.

The CAF ' s appointment is determined by the CEO

D.

The CAE reports administratively to the chief operating officer

Buy Now
Questions 65

Which of the following should catch the internal auditor ' s attention as a potential red flag for fraud?

Options:

A.

The accounting unit keeps detailed records and preserves supporting documentation in excess of company requirements

B.

One of the subsidiaries has more bank accounts than any other comparable subsidiary

C.

The same external audit firm has been with the company for three years without rotation

D.

The arithmetic median tenure of employees working at production facilities is 15 years

Buy Now
Questions 66

Which of the following is the most appropriate way to ensure that a newly formed internal audit activity remains free from undue influence by management?

Options:

A.

Appoint the chief audit executive as a member of the board.

B.

Adopt written policies and procedures for the internal audit activity, approved by the board.

C.

Ensure the chief audit executive reports administratively to the audit committee.

D.

Establish the internal audit activity’s position within the organization in an audit charter.

Buy Now
Questions 67

In which of the following situations may the internal audit activity report conformance with the Standards?

Options:

A.

An internal audit activity has been in existence at least five years and has not completed an external assessment,

B.

An internal auditor was assigned to an audit engagement but did not meet individual objectivity requirements.

C.

The internal audit activity prepared an internal audit plan that was not risk-based.

D.

The internal audit activity has been in existence fewer than five years, but periodic self-assessments were conducted.

Buy Now
Questions 68

The internal audit activity is performing an assessment of an organization ' s ethics program, and the engagement scope specifies a focus on the training program ' s design. According to IIA guidance, which of the following questions would be the most relevant?

1. Does the training include situations that require an ethical decision?

2. What percentage of employees have taken the training?

3. What are the results of the employee assessment of the organization ' s ethical climate?

4. Does the instructor provide feedback on the thought process to reach an ethical resolution?

Options:

A.

1 and 2.

B.

1 and 4.

C.

2 and 3.

D.

3 and 4.

Buy Now
Questions 69

Senior management has decided to adopt the key principles approach of the ISO 31000 risk management framework. According to IIA guidance, which of the following principles is most appropriate when implementing the risk management process in a dynamic agency?

Options:

A.

Everyone in the agency has a primary responsibility for identifying and managing risks as part of the risk management process.

B.

The risk management process, while evaluating risk, should develop a mechanism to rank the relative importance of each risk.

C.

The risk management process should be regularly reviewed and respond to changes in the environment, to remain relevant.

D.

The risk management process should use a formal technique to consider the consequence and likelihood of each risk.

Buy Now
Questions 70

Management would like to self-assess the overall effectiveness of the controls in place for its 200-person manufacturing department. Which of the following client-facilitated approaches is likely to be the most efficient way to accomplish this objective?

Options:

A.

Workshops.

B.

Surveys.

C.

Interviews.

D.

Observation.

Buy Now
Questions 71

According to IIA guidance, which of the following is required of an internal audit activity?

Options:

A.

The internal audit activity should refrain from conducting an assurance engagement for which it lacks the necessary competencies or skills

B.

The chief audit executive must decline a consulting engagement or obtain competent advice and assistance if internal auditors lack the necessary competencies or skills

C.

The audit committee should ensure that the internal audit activity continuously improves its knowledge and skills in order to fulfill its responsibilities

D.

In today ' s business climate which is dominated by technology and big data, it is imperative that each staff internal auditor has detailed knowledge about IT risks and technology-based audit techniques

Buy Now
Questions 72

Which of the following should be implemented to promote independence of the internal audit activity?

Options:

A.

Internal auditors do not review an area where they previously worked

B.

The internal audit charter is reviewed and updated annually

C.

The chief audit executive reports functionally to the board

D.

Management does not influence the consulting services provided by the internal audit activity

Buy Now
Questions 73

Which of the following would best serve to deter unethical behavior and encourage internal auditors to be objective in their work?

Options:

A.

A requirement that internal auditors undergo objectivity training periodically

B.

Periodic communications reminding internal auditors of Standards requirements

C.

A review of the final audit report by the audit committee

D.

Ongoing monitoring and periodic internal quality assessments

Buy Now
Questions 74

The organization ' s internal audit charter was last updated six years ago. To update the charter, which of the following actions is most appropriate for the chief audit executive to take?

Options:

A.

Wait for the next external assessment and address all of the missing information in the charter based on the recommendations from the external assessment team.

B.

Perform a review of IIA guidance to become acquainted with the latest mandatory elements prior to updating the charter

C.

Use an internal audit charter template from another organization that operates within the same industry.

D.

Identify an individual within the internal audit activity who has in-depth knowledge of mandatory IIA guidance elements to address any gaps or areas of the current version of the charter that could be improved.

Buy Now
Questions 75

According to IIA guidance, which of the following is an appropriate role for the internal audit activity?

Options:

A.

Coaching management in responding to risks.

B.

Implementing risk responses on management’s behalf.

C.

Imposing risk management processes.

D.

Setting the risk appetite.

Buy Now
Questions 76

An engagement supervisor noticed that a newly hired internal auditor struggles with large data samples because he appears reluctant to apply available spreadsheet statistical functions and tends to perform testing of transactions manually In which of the following areas does the internal auditor most likely need training?

Options:

A.

Critical thinking.

B.

International Professional Practices Framework

C.

Professional ethics

D.

Business acumen

Buy Now
Questions 77

Which of the following is most likely to result in the impairment of independence for the internal audit activity?

Options:

A.

The chief audit executive (CAE) has a dual reporting relationship within the organization.

B.

The CAE performs an audit of a functional area that is also under the CAE ' s oversight.

C.

The CAE has unrestricted access to information throughout the organization and to the board.

D.

The board is involved in decisions to hire or remove the CAE and in drafting and approving an internal audit charter.

Buy Now
Questions 78

An internal audit of an organization ' s disbursement department revealed that multiple payments were made to legitimate vendors bearing fraudulent banking information belonging lo employees in the department. These vendors were initially set up with accurate banking information but were subsequently modified by disbursement officers with access to the vendor management system. Which of the following controls would have likely prevented the fraudulent modification of vendors ' banking information?

Options:

A.

Management periodically reviews and verifies the information in the vendor master Tile.

B.

Management ' s approval is required for update to vendors ' banking information.

C.

Management randomly audits a sample of payments to verify the accuracy of vendors ' banking information.

D.

Management ' s approval is required before payments can be processed.

Buy Now
Questions 79

An organization opened its warehouse to sell written-off surplus and outdated office furniture to the general public. Prices were negotiable, and customers could pay by cash, check, or credit card. Receipts were available upon request, and were issued by the inventory manager upon collection of payment. At the end of the day, the manager forwarded all of the funds he had collected to the finance department for deposit. Which of the following types of fraud is most likely to occur under these circumstances?

Options:

A.

Asset misappropriation.

B.

Bribery.

C.

Falsifying records.

D.

Skimming

Buy Now
Questions 80

Which of the following is a preventive control the organization could implement to mitigate fraudulent activity in the accounts payable department?

Options:

A.

Delivering fraud awareness training to employees in the department.

B.

Segregating duties between employees in the department.

C.

Requesting the internal audit activity perform an independent evaluation of fraud risk in the department.

D.

Requiring accounts payable employees to sign a code of conduct awareness confirmation.

Buy Now
Questions 81

An engagement supervisor noted that an internal auditor ' s personal relationship with a process owner resulted in the auditor providing a favorable and partial assessment during an audit within that process owner ' s area. According to MA guidance, which of the following should be used to manage this impairment?

Options:

A.

An internal audit charter.

B.

An employee disciplinary policy.

C.

A functional audit committee.

D.

A functional reporting placement.

Buy Now
Questions 82

Which of the following statements is true with regard to the quality assurance and improvement program (GAIP)?

Options:

A.

As the head of the organization, the CEO selects and appoints the external quality assessment team to perform the OAIP reviews.

B.

The chief audit executive determines the scope and frequency of both internal and external quality assessments based on the availability and capacity of resources in accordance with the annual internal audit plan.

C.

Minutes of meetings held with senior management and the board to discuss the scope and frequency of internal and external assessments support the OAIP reporting requirement.

D.

The internal audit activity needs to assess whether each engagement on the annual internal audit plan is conducted in conformance with the Standards.

Buy Now
Questions 83

Which of the following disclosures must the chief audit executive (CAE) include when communicating the results of the quality assurance and improvement program to senior management and the board?

Options:

A.

Authority and responsibility of the internal audit activity

B.

Hours and sources of continuing professional education

C.

Scope and frequency of both the internal and external assessments

D.

independence and objectivity impairments of the CAE

Buy Now
Questions 84

During an audit of a foreign subsidiary an internal audit team discovered that products were sold to a prohibited country due to sanctions. What is the best course of action for the internal audit team?

Options:

A.

Include the facts m the engagement communications

B.

Inform me external auditors of the violation.

C.

Report the violation to the government regulators

D.

Consult with the legal department

Buy Now
Questions 85

Which of the following statements best describes a functional difference between external auditors and internal auditors?

Options:

A.

Internal auditors evaluate past achievements to understand whether controls are operating effectively, and external auditors focus on the accuracy of financial reporting.

B.

Internal auditors provide assurance about the sufficiency of controls to manage risks. Including risks of failure to achieve future goals, and external auditors evaluate the accuracy and understandability of financial reporting.

C.

internal auditors are always employed by the organization, rather than outsourced, and external auditors are never employed by the organization but contracted independently.

D.

Internal auditors are most directly concerned with the detection of fraud, while external auditors are most directly concerned with the prevention of fraud.

Buy Now
Questions 86

Which of the following is the best reason why the engagement supervisor should take care in explaining to local management the criteria that will be used to measure the effectiveness of the control environment?

Options:

A.

The assessment will cover soft controls and company values.

B.

The assessment will focus on the policy for a particular process.

C.

The assessment will lack a defined scope

D.

The assessment will probably uncover fraud risks.

Buy Now
Questions 87

The internal audit activity conducted an organization wide risk assessment. One of the most significant risks identified is associated with the oil price market. The chief audit executive (CAE) is considering including in the annual audit plan an assessment of the effectiveness of oil price risk management. The manager responsible commented that the assessment was not needed, as market risks were regularly addressed by the financial risk committee. If the CAE decides to include this activity in the annual audit plan anyway, how should it be recorded?

Options:

A.

A consulting engagement independent of the financial risk committee ' s review.

B.

A risk assessment.

C.

An assurance engagement.

D.

A joint consulting engagement with input from the financial risk committee.

Buy Now
Questions 88

Which of the following resources would be most effective for an organization that would like to improve how it informs stakeholders of its social responsibility performance?

Options:

A.

ISO 26000.

B.

Global Reporting Initiative.

C.

Open Compliance and Ethics Group.

D.

COSO’s enterprise risk management framework

Buy Now
Questions 89

Which of the following statements is true regarding the quality assurance and improvement program (QAIP)?

Options:

A.

Reporting on the QAIP to the board should occur at least once every five years

B.

The responsibility for the selection of an external assessor rests with the board

C.

The qualifications of the assessors must be communicated to the board

D.

The reporting of outcomes of the QAIP can be delegated to senior audit staff

Buy Now
Questions 90

Which of the following threatens internal audit objectivity ' ?

Options:

A.

Internal auditors are expected by senior management to identify a minimum of five major control weaknesses in each area audited

B.

Internal auditors are prevented from accessing information necessary to undertake their audit engagements

C.

The chief audit executive reports directly to the chief financial officer who previously led the internal audit activity

D.

The CEO requests the internal audit activity develop a charter that clearly delineates its purpose and responsibilities within the organization

Buy Now
Questions 91

An accounts payable clerk has recently transferred Into the internal audit activity and has been assigned to an engagement related to accounts payable processes for which he was previously responsible Which of the following is the best action for the new internal auditor to take?

Options:

A.

If it is an assurance engagement accept the assignment because direct knowledge of the existing accounts payable processes will provide depth and add more value

B.

If it is a consulting engagement decline the assignment and ask to be reassigned, because in a consulting engagement the auditor must not assess operations for areas in which they were previously responsible

C.

If it is a consulting engagement accept the assignment because direct knowledge of the existing accounts payable processes will provide depth and add more value

D.

If it is an assurance engagement accept the assignment becausethe chief audit executive had knowledge of the internal auditor ' s previous role when this engagement was assigned

Buy Now
Questions 92

Which of the following documents most directly describes the guidelines for and importance of the objectivity of internal auditors?

Options:

A.

Internal audit quality assessments.

B.

Internal audit charter.

C.

Internal audit plan.

D.

Internal audit reporting.

Buy Now
Questions 93

Which of the following situations would best indicate to the chief audit executive that one of the audit team members is struggling with application of due professional care?

Options:

A.

The engagement supervisor requests that an auditor carry out improvements to workpapers to address numerous problems: evidence is missing, references are incorrect, and conclusions are superfluous

B.

Audit work was completed m accordance with the established goals; however, a material misstatement was later uncovered in the audited area by another assurance provider.

C.

According to the audit report, several control failures occurred due to irresponsible behavior of local management, who was consequently deprived of bonuses and wrote a negative feedback to the auditor

D.

The delivery of audit results was several weeks late because the internal auditor had to spend additional time trying to understand the nature of certain transactions with derivation.

Buy Now
Questions 94

Which of the following best illustrates the application of due professional care during an audit of the procurement department?

Options:

A.

The internal auditor began checking purchase requisitions for proper authorizations. He stopped when he discovered an instance of noncompliance. and he concluded the controls were ineffective.

B.

The internal auditor discovered an instance where management did not follow the standard bidding processes. The auditor assessed the validity of management’sreasons for deviating from standard practice and the supporting documentation, and determined that the deviation was acceptable.

C.

The internal auditor selected a sample of purchase orders with amounts greater than S5.000, the threshold at which the organization requires a bidding process. The auditor obtained documentation of the bidding process for each purchase order in the sample.

D.

The internal auditor analyzed bidding documents provided by management. Management indicated that the documents were purchase orders issued to a sole-source vendor Based on the analysis and management ' s declaration, the internal auditor determined that the procurement process was effective.

Buy Now
Questions 95

According to MA guidance, which of the following statements is true regarding internal auditors ' use of technology-based techniques?

Options:

A.

Auditors must consider using technology if it advances the engagement, even when implementation costs exceed the benefits.

B.

Auditors must considering using technology to reduce the organization ' s risk by detecting all instances of fraud.

C.

Auditors must consider using technology only when the Implementation cost does not exceed benefits.

D.

Auditors must consider using technology in a variety of engagements to ensure that their work is substantiated and infallible.

Buy Now
Questions 96

Which of the following statements best represents the duo professional care that is required of internal auditor’s?

Options:

A.

Internal auditors should perform assurance procedures to ensure that all significant risks are identified.

B.

Internal auditor should not perform consulting engagements for operations for which they had previous responsibilities.

C.

Internal auditors should consider the cost of assurance in relation to the potential benefits.

D.

Internal auditors should device internal audit programs to confirm that the results are accurate.

Buy Now
Questions 97

According to IIA guidance, which of the following statements is true regarding the internal audit activity’s responsibilities in providing consulting services?

Options:

A.

The chief audit executive is responsible for deciding the priority of consulting services in the internal audit plan

B.

The scope of consulting services is determined primarily by the internal auditor with input from management of the area under review

C.

The board defines the internal audit activity’s responsibilities over consulting activities

D.

Adding value to an organization requires the internal audit activity to initiate a consulting engagement

Buy Now
Questions 98

Considering the concepts of organization wide risk management and the system of internal controls, the internal audit activity as a whole can be considered which of the following types of control?

Options:

A.

Transaction-level control.

B.

Management-oversight control.

C.

Governance control.

D.

Process-level control.

Buy Now
Questions 99

According to IIA guidance which of the following statements is true regarding the internal audit charier?

Options:

A.

The charier should be revised and re-approved whenever a new chief audit executive (CAE) is appointed or at the request of the board

B.

The charier should be re-approved every five years, in conjunction with the external quality assessment

C.

The charier can be revised at the discretion of the CAE whenever 4 is determined that its content no longer supports the achievement of objectives

D.

The charier should be reviewed and resubmitted for board approval annually together with the audit plan

Buy Now
Questions 100

Which of the following strategies for professional development best demonstrates an internal auditor’s competency ' ?

Options:

A.

Completed education credits

B.

Membership in professional organizations

C.

Subscriptions to sources of relevant professional information

D.

Professional development and training plans

Buy Now
Questions 101

The manager of the payroll department requested a review of the payroll process, but only wants the engagement to include processes related to approval of time worked. What type of activity is this?

Options:

A.

Financial assurance engagement.

B.

Operational consulting engagement.

C.

Compliance assurance engagement.

D.

Risk management consulting engagement.

Buy Now
Questions 102

An internal audit team received the following feedback from operational management via a post-engagement survey " Management agrees with all audit findings However, the audit team did not consider our input on the best way to resolve the issues”

This feedback is an indication that the internal audit activity may need to improve which of the following interpersonal skills?

Options:

A.

Leadership

B.

Conflict management

C.

Communication

D.

Influence

Buy Now
Questions 103

Which of the following statements is true regarding internal controls?

Options:

A.

Strategic objectives are prerequisites to establishing internal controls.

B.

Internal controls eliminate process breakdowns caused by human errors.

C.

Well-established internal controls cannot be overridden.

D.

Robust internal controls ensure business success.

Buy Now
Questions 104

With regard to governance, which of the following is a board-level responsibility rather than a management responsibility?

Options:

A.

Obtaining assurance on external financial, regulatory, and internal audits.

B.

Complying with laws, regulations, and codes.

C.

Assigning authority and responsibilities organization wide.

D.

Monitoring and measuring performance.

Buy Now
Questions 105

An internal auditor is finalizing an audit report on the effectiveness of the organization ' s overall system of internal control. Several audit tests were performed, and the only issue identified was that the CEO frequently asks employees to make exceptions or bypass the organization ' s standard written policies and procedures. Which of the following conclusions is most appropriate for the auditor to report?

Options:

A.

The auditor should indicate that the system of internal control is not effective.

B.

The auditor should indicate that the system of internal control is generally effective, except for the minor issue identified.

C.

The auditor should indicate that the system of internal control is effective.

D.

The auditor cannot express a conclusive opinion in the audit report.

Buy Now
Questions 106

Internal audit is performing an engagement to determine whether there were indications of questionable bidding on a city s infrastructure project. As part of the engagement the internal audit activity became aware that certain firms tend to receive the contracts for large city projects. How should the internal audit activity proceed with the engagement and identify questionable bidding practices?

Options:

A.

Obtain the city s vendor listing to determine whether there was an adequate number of firms available to solicit bids for protects

B.

Obtain at of the city s financial records to identify any firms that received payments for contracted goods and services.

C.

Obtain the city ' s contracting files to determine whether the city demonstrated efforts to solicit bids from various interested firms.

D.

Obtain the city’s official public meeting minutes to determine whether there were concerns about the contracting practices

Buy Now
Questions 107

An internal auditor is assessing the effectiveness of the organization ' s risk management practices She checks to see whether risk management is an intégrai part of decision making and whether risk management is transparent, responsive to change and addresses uncertainty. According to HA guidance on risk management frameworks, which of the following approaches is the auditor most likely using?

Options:

A.

Maturity model approach

B.

Process element approach

C.

Key principles approach

D.

Key performance indicators approach.

Buy Now
Questions 108

To assure that the technical proficiency of internal auditors is appropriate for the audit engagements to be performed, a chief audit executive should:

Options:

A.

Consider the scope of work and level of responsibility when establishing criteria for education and experience in filling internal audit positions.

B.

Ensure that each newly hired auditor is qualified in all of the disciplines needed to accomplish the department’s audit mission.

C.

Oversee a training program that matches the actual training provided with the interests of individual auditors.

D.

Require all of the audit staff to pursue a minimum number of continuing professional education hours each year

Buy Now
Questions 109

Which of the following statements is true regarding organizational culture and an audit of the control environment?

Options:

A.

For multinational organizations it is important to ensure that the organizational culture is consistent at all locations

B.

Because the chief audit executive (CAE) is part of the organizational culture, external auditors should be engaged to evaluate the control environment

C.

If there are unresolved scope restrictions, the CAE should consider whether to pursue the audit and note the scope restrictions in the audit report

D.

Because it will create a conflict of interest relating to the control environment, senior management should not be consulted during the audit

Buy Now
Questions 110

Which of the following statements is true regarding the independent peer review process undertaken to fulfill the requirement for an external quality assessment?

Options:

A.

Two individuals in the same internal audit activity may perform an independent peer review as long as they do not report to the same audit manager

B.

Individuals from a separate but related organization such as an affiliate may perform peer reviews

C.

Individuals working in separate internal audit activities may be considered independent as long as do not report to the same chief audit executive

D.

Peer reviews are generally less cost-effective than hiring an external quality assessor

Buy Now
Questions 111

The management at a national consumer goods organization implements a fair work and pay practice as well as a policy to treat employees equitably and consistently.

Which common characteristics of fraud will the practice and policy most likely reduce?

Options:

A.

Pressure or incentive.

B.

Opportunity.

C.

Rationalization.

D.

Commitment.

Buy Now
Questions 112

Which of the following is true regarding the use of a formal risk management framework?

1. It facilitates a methodical approach to risk mitigation.

2. It defines and standardizes the terminology used in risk communication.

3. It establishes the risk tolerance levels to be accommodated in the strategy.

4. It facilitates the alignment of risk mitigation strategies with management priorities.

Options:

A.

1. 2. and 3.

B.

1.2. and 4.

C.

1.3. and 4.

D.

2. 3, and 4.

Buy Now
Questions 113

After the draft engagement report is issued, the manager of the area that was reviewed is informally interviewed by the engagement supervisor regarding the audit experience. Which of the following is most likely the purpose for this interview?

Options:

A.

Such an interview is performed when there is a need to dismiss an internal auditor

B.

Feedback from the manager will contribute to the audit team ' s professional development

C.

The manager ' s opinion will be used to form the final audit assessment and report rating.

D.

The manager will provide insights into the audited industry ' s trends

Buy Now
Questions 114

An internal auditor is reviewing the results of an employee survey at a mining company. Which of the following would alert the auditor to a potential ethics issue?

Options:

A.

Women account for 20% of the total number of employees in the company.

B.

Thirty percent of employees feel confident in raising concerns without a fear of retaliation.

C.

Most employees believe that transparent and fair decision-making forms the basis of business ethics.

D.

Employees with longer work experience believe that they deserve more privileges than new hires.

Buy Now
Questions 115

With regard to the internal audit activity ' s quality assurance and improvement program, which of the following must be reported to the board?

Options:

A.

A statement of independence of the organization ' s internal auditors.

B.

Meeting minutes with the assessment team, if key risks were identified and discussed.

C.

Frequency of the quality assessments being performed.

D.

Summary of previous internal assessments undertaken.

Buy Now
Questions 116

According to NA guidance, which of the following practices by the chief audit executive (CAE) best enhances the organizational independence of the internal audit activity?

Options:

A.

CAE reviews and approves the annual audit plan,

B.

CAE meets privately with the CEO at least annually.

C.

CAE meets privately with the board at least annually,

D.

CAE reports to the board regarding audit staff performance evaluation and compensation.

Buy Now
Questions 117

Which of the following actions is the internal audit activity best positioned within the organization to perform?

Options:

A.

Determine organizational risk tolerances

B.

Monitor the organization ' s risk mitigations

C.

Determine the likelihood and impact of risks

D.

Advise the board on risk management issues

Buy Now
Questions 118

A technology company recently hired an entry-level internal auditor. To achieve conformance with the Standards, which of the following must the newly hired internal auditor possess?

Options:

A.

An understanding of fraud and fraud risk.

B.

IT audit expertise.

C.

Industry-specific knowledge

D.

At least one audit-related certification

Buy Now
Questions 119

The internal audit activity completed its analysis of sample transactions to determine occurrences of double billings According to If A guidance, which of the following best demonstrates that internal auditors exercised due professional care during the review?

Options:

A.

Internal auditors found no instances of double billing and concluded there were no significant risks in this area.

B.

Internal auditors documented the scope and methodology of the data testing.

C.

Internal auditors discussed with management how data is safeguarded.

D.

Internal auditors received formal performance feedback from the engagement supervisor.

Buy Now
Questions 120

Which of the following is considered to be a threat to the internal auditor ' s objectivity?

Options:

A.

The auditor drafted the operational procedures of the area that she is currently auditing.

B.

The auditor received a bonus that was approved by the board of directors.

C.

The assigned auditor recommended operational procedures for the organization.

D.

The assigned auditor rotated out of the same business activity three years ago

Buy Now
Questions 121

To comply with the proficiency standard which of the following would the chief audit executive likely consider as the primary hiring criterion when choosing a new internal auditor?

Options:

A.

The length and consistency of the auditor ' s work experience

B.

The auditor ' s demonstrated problem-solving skills

C.

The auditor ' s skills compared to those already possessed by other audit staff

D.

The auditor ' s ability to be self motivated and a good team player

Buy Now
Questions 122

Which of the following statements best represents the due professional care that is required of internal auditors?

Options:

A.

Internal auditors should perform assurance procedures to ensure that all significant risks are identified.

B.

Internal auditors should not perform consulting engagements for operations for which they had previous responsibilities.

C.

Internal auditors should consider the cost of assurance in relation to the potential benefits.

D.

Internal auditors should devise internal audit programs to confirm that the results are accurate.

Buy Now
Questions 123

Which of the following scenarios violates The IIA ' s standard regarding internal audit independence?

Options:

A.

The chief audit executive (CAE) reports on the internal audit activity ' s day-to-day tasks and responsibilities to the CEO.

B.

An assessment of the risk management function is reviewed by an outside consulting firm because the CAE is temporarily fulfilling the role of risk manager.

C.

The CAE regularly meets with the organization ' s chief risk officer, who validates all reported audit findings and dictates which will be Included In the package to the audit committee.

D.

The internal audit activity will experience staffing shortages for the next six months due to planned and unplanned leaves of absence; therefore the CAE proposed including fewer audits in the annual audit plan compared to the previous financial year.

Buy Now
Questions 124

Which of the following is an example of a risk reduction strategy?

Options:

A.

Outsourcing the payroll function.

B.

Absorbing the cost of losses.

C.

Insuring fixed assets.

D.

Installing cameras around the plant

Buy Now
Questions 125

An organization ' s board has approved an expansion plan into a new market. The board acknowledged that if the expansion is not successful, the organization would encounter large monetary losses consisting of legal fees, research and development costs, rent expenses, and labor fees. Which of the following has the board approved?

Options:

A.

The risk response.

B.

The risk tolerance.

C.

The residual risk.

D.

The inherent risk.

Buy Now
Questions 126

What is expected of internal auditors in regards to due professional care?

Options:

A.

Auditors perform assurance services without regard to cost

B.

Auditors perform assurance services effectively to identify all risks

C.

Auditors perform assurance services needed to achieve the engagement ' s objectives

D.

Auditors perform assurance services to guarantee all significant risks will be addressed

Buy Now
Questions 127

Which of the following is the most effective way for internal auditors to determine whether ethical values are followed throughout the organization?

Options:

A.

Review the organization ' s ethical value structure and reporting procedures.

B.

Review what the organization considers to be ethical behavior, such as the employee code of conduct.

C.

Review employee survey responses and follow up on those that suggest weaknesses in the ethical climate.

D.

Review the organization ' s records to ensure all employees have signed statements that they will follow ethical practices.

Buy Now
Questions 128

Due to the increased operational responsibility of the CEO the chief audit executive (CAE) of an organization currently reports to the chief financial officer (CFO) What is the likely impact of such a situation?

Options:

A.

There may be limitation in the scope of engagements that can be undertaken

B.

The CFO could provide expert advice when auditing areas under his purview

C.

The internal audit activity is adequately positioned when the CAE reports to a member of executive management

D.

The expertise of finance staff can be called upon during an audit of finance-related areas

Buy Now
Questions 129

The chief audit executive of an organization assigns audit resources to undertake a consulting engagement requested by senior management the previous year, and a scheduled assurance audit of the procurement process Which of the following appropriately differentiates the two engagements?

Options:

A.

The details of assurance services are expected to be included in the risk-based audit plan; this is not the case for consulting services.

B.

The objectivity of assurance services is impaired when undertaken by internal auditors who have had recent prior responsibility in the area under review; this is not the case for consulting services

C.

The performance of assurance services may be outsourced for competency gaps: this is not the case for consulting services.

D.

The results of assurance services are required to be monitored; this is not the case for consulting services

Buy Now
Questions 130

Which of the following scenarios best illustrates a rationalization as the root cause of potential fraud?

Options:

A.

Managers who have been with the organization for several decades become aware that newly hired, younger managers are being moved more quickly into senior positions.

B.

The controller at a nationwide manufacturing company recently opted to no longer require two-week mandatory vacations for accounting staff.

C.

Security cameras that monitor cash handling at the register are not functioning.

D.

The organization is slowly phasing out three mature products that produce the highest commissions for the sales staff

Buy Now
Questions 131

Which of the following tools would be most useful to an internal auditor performing an assessment of the effectiveness of the organization ' s risk responses?

Options:

A.

Heat map.

B.

Risk and control matrix.

C.

Risk register.

D.

Process map.

Buy Now
Questions 132

Due to unfavorable economic conditions management decided to postpone new investments for the next year. Which of the following best describes the risk management strategy used to address this situation?

Options:

A.

Risk mitigation

B.

Risk avoidance

C.

Risk reduction

D.

Risk transfer

Buy Now
Questions 133

During an assurance engagement, an internal auditor uses benchmarking research to support preparation of a report to stakeholders that contains significant findings about control deficiencies. Which of the following skills did the auditor demonstrate?

Options:

A.

Internal audit management.

B.

Conflict negotiation.

C.

Critical thinking.

D.

Persuasion and collaboration.

Buy Now
Questions 134

To meet the resource requirements of this year’s internal audit plan, the chief audit executive (CAE) has recruited additional staff auditors, including an employee who resigned as a senior supervisor from the accounts payable department two months ago. There is a scheduled accounts payable review that the CAE wants to start within the next five months. Which approach should the CAE take, knowing the expertise of his new recruit in the area intended to be audited?

Options:

A.

Have the new internal auditor’s previous boss be excused from the area during fieldwork.

B.

Have the new internal auditor be responsible for the planning of the audit as well as the review of the audit fieldwork.

C.

Have the new internal auditor assigned to other responsibilities and not work on the accounts payable audit engagement.

D.

Have the new internal auditor assist with conducting the fieldwork, but ensure that her work is reviewed by the CAE.

Buy Now
Questions 135

If an internal auditor suspects fraud during an engagement which of the following is expected of the auditor?

Options:

A.

Evaluate the suspected activities to determine whether a forma! investigation is warranted,

B.

Immediately inform senior management and the board of the suspected fraud.

C.

Ascertain the level of resources needed to formally investigate the fraud, and proceed with the investigation if resources permit,

D.

Include in the engagement documentation all possible effects and the potential impact of the fraud to the organization

Buy Now
Questions 136

Which of the following are considered root causes of fraud?

Options:

A.

Rationalization and corruption

B.

Corruption and opportunity

C.

Opportunity and perceived need

D.

Perceived need and weak internal controls

Buy Now
Questions 137

According to IIA guidance which of the following statements regarding ethics is true?

Options:

A.

Business ethics may vary within an organization with both domestic and foreign operations

B.

Business ethics are universal n nature and organizations across the world are expected to comply with smear standards

C.

A business ethics policy for an organization s established solely to direct me behavior and expectations of employees

D.

Business ethics of an organization must remain independent torn those of supplier’s customers and business partners

Buy Now
Questions 138

A newly hired chief audit executive is reviewing available documentation to provide evidence of conformance with the standard for continuing professional development. Which of the following documents is the most reliable source for this purpose?

Options:

A.

The organization ' s training policy.

B.

A list of auditors who requested to attend the next audit conference.

C.

Self-assessments against an internally developed audit benchmark

D.

In house training manual

Buy Now
Questions 139

Which of the following skills is most important for an internal auditor who facilitates control self-assessment workshops to possess?

Options:

A.

Groupthink.

B.

Collaboration skills.

C.

Process analysis skills.

D.

Project management skills.

Buy Now
Questions 140

Which of the following is the most appropriate reason for a chief audit executive to conduct an external assessment more frequently than five years?

Options:

A.

Significant changes in the organization ' s accounting policies or procedures would warrant timely analysis and feedback.

B.

More frequent external assessments can serve as an equivalent substitute for internal assessments.

C.

The parent organization ' s internal audit activity agreed to perform biennial reciprocal external assessments to provide greater assurance at a reduced cost.

D.

A change in senior management or internal audit leadership may change expectations and commitment to conformance.

Buy Now
Questions 141

An organization is implementing a new cybersecurity policy and has established a committee to ensure stakeholder alignment across the organization ' s infrastructure, network, and security teams. The head of the committee has asked the chief audit executive if the internal audit activity could play a role in these efforts. According to HA guidance, which of the following is the most appropriate response?

Options:

A.

It is not appropriate for the internal audit activity to play a role because its independence must be protected.

B.

The internal audit activity should not participate because there are no IT auditors on staff.

C.

The internal audit activity is knowledgeable about risk and therefore should prioritize the organization ' s responses and control activities for the committee.

D.

The internal audit activity may assist the committee and consult with management on the organization ' s responses and control activities.

Buy Now
Questions 142

There is a growing perception that employees generally evade their responsibilities. What impact will an internal auditor most likely see during an engagement?

Options:

A.

Supervisors are likely to reduce their level of supervision and increase span of control.

B.

Employees are likely to be supervised closely and given little freedom.

C.

Peer employees are likely to trust one another, but distrust management.

D.

Employees are likely to join forces to accomplish their duties as teams.

Buy Now
Questions 143

Which of the following describes an ongoing monitoring activity that could be performed as part of an internal assessment for a quality assurance and improvement program (QAIP)?

Options:

A.

Planning and supervising engagements

B.

Evaluating the quality of supervision

C.

Identifying opportunities for improvement m internal audit ' s processes and procedures

D.

Determining if the objectives of QAIP are current

Buy Now
Questions 144

Which of the following statements best illustrates why internal auditors assess soft controls?

Options:

A.

Assessing soft controls are an effective method of assessing risk related to personnel.

B.

Assessing soft controls, as opposed to hard controls, makes it easier to evaluate operating effectiveness.

C.

Assessing soft controls can help internal auditors in undertaking root-cause analysis.

D.

Assessing soft controls provides more objective information than assessing hard controls.

Buy Now
Questions 145

Wi ch of the following circumstances would most likely be considered a potential red flag for fraud by the internal audit activity?

Options:

A.

The monthly payroll reports are not vetted to ensure terminated employees have been removed from the payroll system

B.

The volume of nonroutine journal entries has steadily increased over time.

C.

The database of approved suppliers has not been reviewed the last year

D.

The recent employee survey indicates that some employees remain unaware of the organization’s whistieblower hotline.

Buy Now
Questions 146

Which of the following describes a responsibility of operating management in an organization ' s corporate social responsibility (CSR) efforts?

Options:

A.

Responsible for implementing CSR principles and overseeing of CSR performance.

B.

Responsible for performing periodic internal self-verifications of reported CSR results.

C.

Responsible for performing analysis and comparison of CSR reports and performance.

D.

Responsible for ongoing CSR reporting and accomplishing of performance targets.

Buy Now
Questions 147

Which of the following is an appropriate role for the internal audit activity?

Options:

A.

Ensuring the organization ' s key risks are managed through appropriate controls.

B.

Assisting the organization in maintaining effective controls.

C.

Implementing new controls to promote continuous improvement.

D.

Validating control assessments performed by the external auditor.

Buy Now
Questions 148

Which of the following scenarios demonstrates an impairment to internal audit independence?

Options:

A.

The internal auditor s denied access to partner information from management of me area under review

B.

The internal auditor tarts to disclose a potential conflict of interest relationship with management of the area under review

C.

The internal auditor concludes that controls operate effectively, although he did not gather supporting evidence

D.

The internal auditor was assigned to an assurance review of an area for which he previously had responsibilities

Buy Now
Questions 149

A chief audit executive (CAE) is concerned that the internal audit activity is not receiving adequate training and continuing education. Which of the following approaches should the CAE take?

Options:

A.

Implement a uniform professional development plan for the internal audit activity.

B.

Create a formal development agreement with each individual staff auditor.

C.

Require each internal auditor to obtain the same professional certifications.

D.

Require training and developmental activities that are sponsored by The HA.

Buy Now
Questions 150

Which of the following statements is true regarding occupational fraud?

Options:

A.

An employee who diverts the organization ' s purchases for personal use is demonstrating asset misappropriation

B.

An employee who intentionally omits negative information in the financial statement disclosures is demonstrating an example of corruption

C.

An employee who made an error in estimating losses may have committed fraud even if the error was not intentional

D.

An employee who creates a denial of service in the organization’s computer systems is committing asset misappropriation

Buy Now
Questions 151

During an audit of company expenses, the internal auditor performed a test using data analytics and identified a violation of the company ' s expenses policy. The auditor who discovered the issue considered it a potential fraudulent transaction and informed the chief financial officer (CFO). The CFO dismissed the concern because he did not understand the data analytics test that was performed and the transaction was of a low value. Given this situation, which skills or competencies should this internal auditor seek to improve?

Options:

A.

Skills in evaluating the risk of fraud.

B.

Knowledge of key IT risks and controls

C.

Soft skills such as communication and negotiation.

D.

Knowledge and understanding of the company ' s expenses policy

Buy Now
Questions 152

What is the primary reason a chief audit executive should dedicate time and resources to support continuing professional development of internal audit staff?

Options:

A.

To ensure that internal audit staff maintains high overall job satisfaction.

B.

To ensure that internal audit staff acquired continuing professional education credits timely.

C.

To ensure that top risks are mitigated to an acceptance level.

D.

To ensure that internal audit staff have the competency to address high-priority risks.

Buy Now
Questions 153

Upon joining the internal audit activity, each new auditor receives a copy of the audit handbook. Which of the following handbook policies has the greatest risk of compromising audit objectivity?

Options:

A.

Internal auditors should obtain 80 hours of continuing professional education every two years, 20 of which should be audit-related, and the remainder may be operations-related.

B.

Internal auditors should rotate to other areas of the organization for nonaudit assignments to gain an understanding of the organization ' s operations.

C.

Internal auditors should have direct and unrestricted access to personnel and information throughout the organization and the governing board.

D.

Internal auditors should undergo annual performance appraisals conducted by the chief audit executive, who reports administratively to the chief financial officer.

Buy Now
Questions 154

According to NA guidance, which of the following conditions would enhance the independence of the internal audit activity?

Options:

A.

The organizational culture rewards critical and objective thinking.

B.

The quality of work performed by the internal audit activity is periodically reviewed,

C.

The organization establishes effective governing body oversight,

D.

Audit assignments are rotated among internal audit staff

Buy Now
Questions 155

Which of the following is a primary benefit of implementing a governance risk management and compliance framework within an organization?

Options:

A.

Fewer internal audits

B.

More effective interviews

C.

Automated risk management strategy tools

D.

Reduced assurance costs

Buy Now
Questions 156

Which of the following actions by an internal auditor would be the most relevant to determine the effectiveness of controls?

Options:

A.

Participate in a fraud risk-assessment session as an in-house facilitator.

B.

Send regular written updates to senior management on new control-related regulations.

C.

Lead a seminar on internal controls and provide numerous examples to the audience.

D.

Conduct a surprise inventory count at the raw materials warehouse.

Buy Now
Questions 157

Regarding assurance and consulting services provided by the internal audit activity which of the following statements is correct?

Options:

A.

The nature and scope of a consulting engagement are determined by the internal audit activity based on its risk assessment

B.

The nature and scope of an assurance engagement are subject to agreement with management of the area under review

C.

Both assurance services and consulting services can be focused on controls or performance or both

D.

The assurance engagement process ends with reporting

Buy Now
Questions 158

Which of the following specifications in an internal audit charter is the most important factor in the internal audit activity’s independence?

Options:

A.

Description of internal audit activity ' s responsibilities

B.

Definition of internal auditing

C.

Statement of internal audit activity ' s authority

D.

Description of internal audit activity ' s reporting structure

Buy Now
Questions 159

Which of the following situations best describes an internal auditor who may have violated the IIA Code of Ethics principle of confidentiality?

Options:

A.

The auditor intentionally omitted from his resume that he was fired from his previous job for fraud allegations,

B.

The auditor decided not to notify her supervisor that her brother-in-law was responsible for the project the auditor was expected to evaluate.

C.

The auditor asked the audit client to copy requested files to her personal unencrypted memory stick because it was faster and more convenient.

D.

The auditor was assigned to analyze the organization ' s incentive program and spent long hours reviewing other employees’ bonuses,

Buy Now
Questions 160

An electrician visits a client to assess the scope of work. After the visit, the sales office compiles and sends the client a proposal based on the electrician ' s estimation and approved price list. The internal auditor notices that in the last six months, the number of cancelled proposals has increased substantially. Which of the following is a fraud risk scenario that the auditor should consider in this situation?

Options:

A.

Some electricians may be offering clients opportunities for reduced fees if they pay with cash.

B.

There is a new competitor in the area who offers better prices.

C.

Sales representatives may be manipulating the proposals to include additional costs.

D.

An unauthorized person may be modifying client data and cancelling the proposals.

Buy Now
Questions 161

When testing a sample of payroll records during an engagement, an internal auditor suspects mat fraud has been committed. What should be the next step?

Options:

A.

The auditor should increase the sample size to determine the extent ol the fraud.

B.

The suspicions should be communicated to the chief audit executive.

C.

The testing should be completed with the results reported in the final audit report.

D.

A fraud investigator should examine the evidence and report back to the auditor.

Buy Now
Questions 162

Which of the following describes two duties that should not be performed by the same person?

Options:

A.

Posting cash receipts and cash payments to the general ledger.

B.

Posting bad debt write-offs and reconciling the accounts payable subsidiary ledger.

C.

Distributing payroll checks and approving sales returns for credit.

D.

Recording cash receipts and preparing bank reconciliations.

Buy Now
Questions 163

Which of the followIng would permit an internal audit activity to use the statement " conducted m conformance with the International Standards for the Professional Practice of Internal Auditing m audit reports?

Options:

A.

The result of a quality assurance and improvement program confirm there are no material issues.

B.

Engagement workpapers are retained by the internet audit activity according to the retention and deletion policy.

C.

The internal audit activity receives positive feedback from the managers of the areas that were under review.

D.

internal auditors demonstrate proficiency by maintaining professional internal audit certifications

Buy Now
Questions 164

Which of the following represents an example of an ethical issue that the organization should address ' ?

Options:

A.

An employee discovered that there is no personal protective equipment at a temporary construction site

B.

An employee saw that a group of other employees were smoking in close proximity to petrol distribution tanks

C.

A supervisor insists that an employee complete time sheets regularly

D.

An employee received concert tickets from a vendor and asked whether she could keep them

Buy Now
Questions 165

Which of the following drivers of fraud is directly controllable by an organization?

Options:

A.

Pressure

B.

Rationalization

C.

Opportunity

D.

Incentive

Buy Now
Questions 166

According to IIA guidance, which of the following actions best demonstrates due professional care by an internal auditor when she discovers a number of fraud-related red flags during an audit engagement?

Options:

A.

Conclude the engagement and inform management that fraud has occurred

B.

Perform further testing to verify the existence of fraud.

C.

Suspend the engagement and undertake a formal fraud investigation.

D.

Notify the board of the possible fraud immediately

Buy Now
Questions 167

A new chief audit executive realized that the internal audit charter has not been updated in five years and only includes the Core Principles for the Professional Practice of Internal Auditing, the Code of Ethics, and the Standards. What mandatory component is missing?

Options:

A.

Statement of Independence.

B.

Operating Procedures of Internal Auditing.

C.

Definition of Internal Auditing.

D.

Attestation of Quality Assurance.

Buy Now
Questions 168

Which of the following situations would cause the greatest concern regarding impairment of internal audit objectivity?

Options:

A.

The eternal auditor reviewed the audit clients proposed procedures and standards of control and offered suggested improvements at the client’s request.

B.

The internal auditor performed nonaudit work for the audit client which was communicated to senior management and the board before the engagement was performed and restated in the audit report

C.

internal auditors accepted limited access to the audit client ' s systems and records m accordance with the scope of the engagement

D.

The internal auditor used his in-depth knowledge of systems development to assist the audit client m designing a new operational system with robust controls.

Buy Now
Questions 169

Which of the following situations is most likely to prompt the internal audit activity to disclose its nonconformance with the Standards?

Options:

A.

One of the organization ' s senior internal auditors owns a side business, though to date, no sales have been made to this business.

B.

The annual internal audit plan includes performance audits of main business processes, but reviews of high-risk development projects were not considered.

C.

The internal audit activity committed to carrying out an audit of documentation on investment hed ging, and a hedging expert was contracted to assist with the engagement.

D.

A periodic quality self-assessment of the internal audit activity identified a number of improvement areas with regard to key performance indicators.

Buy Now
Questions 170

An internal audit team was assigned to review the organization ' s information security protocol. After fieldwork was completed, an internal auditor identified an error in the review of security access. The error could affect the overall results of the engagement. Which of the following is the most appropriate course of action for the internal auditor?

Options:

A.

Proceed with addressing the error and report any corrections to the engagement supervisor during the scheduled exit meeting.

B.

Issue the audit report to senior management on schedule but include a disclaimer about the error.

C.

Proceed with the scheduled closing of the engagement without consideration of the identified error.

D.

Inform the engagement supervisor of the error and allow the supervisor to determine the appropriate action to take.

Buy Now
Questions 171

Which of the following best demonstrates that the internal audit activity is using due professional care?

Options:

A.

The internal audit activity reports directly to the board on the engagements it performs.

B.

Internal auditors undertake the necessary training to complete their audit work.

C.

The completion of engagements is based on the assumption that fraudulent activities may exist.

D.

Internal auditors consider the use of technology-based audit and other data analysts techniques

Buy Now
Questions 172

An internal auditor is reviewing employee travel expenses from the previous six months for fraud. Which of the following tests would best detect instances where personal travel has been claimed?

Options:

A.

Verifying whether claims have been properly authorized for payment

B.

Verifying whether claims are properly supported by invoices or other documents.

C.

Confirming that all claims are within the limits of the organization ' s travel policy.

D.

Reconciling claims against business the requests that were approved by supervisors

Buy Now
Questions 173

Which of the following fraud schemes is often an off-book fraud*?

Options:

A.

Payroll fraud

B.

Disbursement fraud

C.

Corruption

D.

Information misrepresentation

Buy Now
Questions 174

Operational management in the IT department has developed key performance indicator reports, which are reviewed in detail during monthly staff meetings. This activity is designed to prevent which of the following conditions?

Options:

A.

Knowledge/skills gap,

B.

Monitoring gap.

C.

Accountability/reward failure,

D.

Communication failure.

Buy Now
Questions 175

What is the ultimate goal of establishing a robust risk management framework in an organization?

Options:

A.

To support the organization ' s risk culture, involving employees at all levels.

B.

To ensure that the organization attains a better financial position.

C.

To assist the organization in identifying and mitigating key risks.

D.

To facilitate the organization ' s achievement of business goals and objectives.

Buy Now
Questions 176

Which of the following statements is most accurate with respect to the required elements of the quality assurance and improvement program?

Options:

A.

Internal assessments provide sufficient objectivity to provide evidence to the board that the internal audit activity understands the organization’s control processes.

B.

Quality assessments focus on the internal audit activity ' s structure, relationships with stakeholders, compliance with the Standards, and internal audit staff proficiency.

C.

In order to comply with the Standards, the internal audit activity must obtain an objective assessment of its processes and function at least once a year.

D.

Internal auditors completing internal assessments must demonstrate certification to perform quality assessments.

Buy Now
Questions 177

Which of the following approaches will internal audit utilize when developing a set of performance standards to measure an organization’s risk management process against?

Options:

A.

Key principles approach

B.

Process elements approach

C.

Holistic approach

D.

Maturity model approach

Buy Now
Questions 178

Which of the following would be addressed in the internal audit charter?

Options:

A.

Expertise requirements for internal auditors

B.

Functional and administrative reporting lines for the chief audit executive

C.

Audit engagements to be completed in the next fiscal year

D.

Budget requirements for each engagement

Buy Now
Questions 179

Which of the following written documents typically offers the best evidence that internal auditors exercise due professional care in conformance with the Standards?

Options:

A.

Internal audit charter.

B.

Workpaper.

C.

Audit report.

D.

Code of ethics.

Buy Now
Questions 180

What should the chief audit executive do when the internal audit activity is found to be in nonconformance with the Code of Ethics or the Standards?

Options:

A.

Assign competent staff to the area under audit to remediate the nonconformance.

B.

Determine how the deviation impacted the overall scope of the internal audit activity.

C.

Meet with the board to gam an understanding of the board ' s expectations.

D.

Communicate the matter to the board at the time of the next external assessment.

Buy Now
Questions 181

According to MA guidance, which of the following is true with regard to the internal audit charter?

1. It specifies the minimum resources needed for assurance engagements.

2. It requires final approval from senior management.

3. It defines the internal audit activity ' s authority and responsibilities.

4. It describes the expectations for communicating the results of a quality assurance and Improvement program.

Options:

A.

1 and 4 only.

B.

3 and 4 only.

C.

1.2. and 4.

D.

2. 3. and 4.

Buy Now
Questions 182

A large commercial bank was fined by regulators for fraudulent practices when employees, over a period of time, opened thousands of new accounts for existing clients without the clients ' consent. It was later found that employees were given unrealistic new account targets and were aggressively monitored by management on a daily basis.

Which of the following controls would have most likely reduced the likelihood of the fraudulent practice from occurring?

Options:

A.

An evaluation of the current performance and compensation program.

B.

The performance of background investigations on all existing employees.

C.

The availability of fraud training to all employees.

D.

The availability of an employee whistleblower hotline

Buy Now
Questions 183

Tr» chiet audit executive (CAE) of large organization is preparing job descriptions to hire five new general internal audit staff, two new IT auditors and a senior auditer how is the CAE likely to describe IT requirements for me general internal audit statt positions?

Options:

A.

The candidate must be able to apply data analytics tolls methodologies

B.

The candidate must be able to evaluate IT governance and cybersecurity frameworks.

C.

The candidate must be able to understand IT-elated risk and general controls

D.

The candidate must be able to execute web servers, applications, and databases testing procedures.

Buy Now
Questions 184

In order for an internal auditor to assess the opportunity for fraud to occur in an organization, which of the following does the auditor first need to understand?

Options:

A.

Fraud prevention.

B.

Fraud detection.

C.

Corporate culture.

D.

Forensic analysis techniques.

Buy Now
Questions 185

An internal auditor assessed the controls within his organization ' s payroll process and suspects that erroneous payments may have been made to a fraudulent bank account. What is the best course of action for the auditor to take?

Options:

A.

Speak to the payroll manager so he may investigate the auditor ' s observations.

B.

Continue to investigate the payments to confirm the accuracy of the observations, and determine whether further fraudulent payments have been made.

C.

Stop the audit and report the findings to senior management immediately.

D.

Escalate the concern to the engagement supervisor.

Buy Now
Questions 186

While auditing an organization ' s credit approval process, an internal auditor learns that the organization has made a large loan to another auditor ' s relative. Which course of action should the auditor take?

Options:

A.

Proceed with the audit engagement, but do not include the relative ' s information.

B.

Have the chief audit executive and management determine whether the auditor should continue with the audit engagement.

C.

Disclose in the engagement final communication that the relative is a customer.

D.

Immediately withdraw from the audit engagement.

Buy Now
Questions 187

Which risk management activity would cause the internal auditor to assume a management responsibility?

Options:

A.

Assessing management ' s acceptance of risk.

B.

Reviewing a cybersecurity risk report issued by management.

C.

Developing a list of emerging risks for management.

D.

Prioritizing risks for management.

Buy Now
Questions 188

An organization’s senior management team is awarding substantial bonuses if employees meet financial targets. Which of the following motivators to potentially commit fraud would become most likely in this scenario?

Options:

A.

Opportunity

B.

Pressure

C.

Rationalization

D.

Justification

Buy Now
Questions 189

A new internal audit activity is considering the adoption of a risk and control framework. Which of the following is the most appropriate consideration during this process?

Options:

A.

The framework should not be developed by the internal audit activity

B.

The framework should apply to individual projects rather than the organization as a whole

C.

The framework should always be tailored to the organization

D.

The framework should require fewer resources to implement

Buy Now
Questions 190

According to IIA guidance, which of the following activities would typically be examined when using the maturity model approach for assessing an organization ' s risk management program?

Options:

A.

Monitor and review

B.

Performance measurement.

C.

Setting the context.

D.

Communication.

Buy Now
Questions 191

An organization is in the process of hiring a new chief audit executive (CAE). Which of the following can the potential candidates expect to be a part of the recruiting process or in place when the CAE is hired?

Options:

A.

There are checks to determine the existence of any potential conflict of interest.

B.

The CAE reports functionally to the highest level of management, the CEO.

C.

The CAE’s compensation depends on the performance of the organizational departments.

D.

Hiring and termination of the CAE is dependent on the decision of senior executives.

Buy Now
Questions 192

According to IIA guidance, which of the following actions best demonstrates that due professional care has been considered by the internal audit activity when conducting a review of an organization ' s assets?

Options:

A.

Determining whether any opportunity exists for senior executives to misappropriate property or funds

B.

Planning and executing fieldwork In a complete and timely manner to identify all significant risks

C.

Verifying whether the board of directors has implemented effective internal controls

D.

Having senior management determine whether the degree of work planned is sufficient to meet engagement objectives

Buy Now
Questions 193

What is the main difference between a consulting engagement versus an assurance engagement?

Options:

A.

The nature of services provided are defined in the internal audit charter.

B.

Internal auditors must maintain objectivity while performing their work.

C.

The objectives and scope of the engagement typically are directed by management.

D.

Internal auditors may assume management responsibilities.

Buy Now
Questions 194

Which of the following best demonstrates the board of directors ' governance over internal control?

Options:

A.

The board bears direct responsibility for developing and implementing the internal control system.

B.

The majority of board members are experienced and qualified members of the organization ' s executive management team.

C.

The board may be assisted by an audit committee, chaired by the chief audit executive.

D.

The board is responsible for succession planning for the CEO and other key members of the executive management team.

Buy Now
Questions 195

During the audit of taxation processes in the organization internal auditors have verified that all employees of the finance department received training on taxation guidelines. The training is mandatory and is automatically assigned via email invitation to all new employees in the department. Which type of controls have the auditors tested?

Options:

A.

Directive

B.

Preventive

C.

Detective

D.

Automatic

Buy Now
Questions 196

Which of the following is a primary benefit of implementing a governance, risk management, and compliance framework within an organization?

Options:

A.

Fewer internal audits.

B.

More effective interviews.

C.

Automated risk management strategy tools.

D.

Reduced assurance costs.

Buy Now
Questions 197

Which of the following is a greater consideration for internal auditors when they are performing a consulting engagement than when they are performing an assurance engagement ' ?

Options:

A.

The relative complexity of the engagement

B.

The cost of the engagement relative to its benefits

C.

The extent of work needed to achieve the engagement ' s objective

D.

The needs and expectations of the engagement client

Buy Now
Questions 198

Which of the following best describes the board’s role in establishing effective organizational governance?

Options:

A.

The board is involved in approving operational policy

B.

The board monitors key processes and procedures

C.

The board has oversight responsibility for organizational resources

D.

The board approves management ' s detailed plans and objectives

Buy Now
Questions 199

Which of the following is an indicator of ineffective third-party risk management?

Options:

A.

Sourcing of third parties does not follow public procurement law.

B.

Violations of service conditions trigger either fines or termination.

C.

Due diligence of third parties is conducted only after contract signing.

D.

The right-to-audit clause is limited by personal data protection regulations.

Buy Now
Questions 200

What is the primary purpose of The IIA ' s Code of Ethics?

Options:

A.

Communicate specific activities appropriate to the performance of internal auditing

B.

Promote ethical culture within corporations and other business organizations

C.

Establish mandatory standards of competence for the practice of internal auditing

D.

Establish principles and expectations governing behavior of individuals and organizations in the conduct of internal auditing

Buy Now
Questions 201

An internal audit activity includes in its audit reports the assertion that its work is performed in conformance with the International Standards for the Professional Practice of Internal Auditing ( Standards). A recent external quality assessment concluded that the internal audit activity had substantial deficiencies that impact its overall operations.

According to IIA guidance, which of the following is the most appropriate action for issuing future audit reports?

Options:

A.

Refrain from indicating that the internal audit activity operates in conformance with the Standards until the chief audit executive confirms that the internal audit activityhas addressed all areas of nonconformance and the audit committee has been notified.

B.

Refrain from indicating that the internal audit activity operates in conformance with the Standards until another external assessment confirms that the significant areas of nonconformance have been addressed.

C.

Indicate that the internal audit activity operates in partial conformance with the Standards t as the internal audit activity has a quality assurance and improvement program in place to address deficiencies and has met the requirement for conducting an external assessment.

D.

Update and reissue previous audit reports, removing the assertion that the internal audit activity operates in conformance with the Standards, and distribute them to ail parties who received the original reports.

Buy Now
Questions 202

Who is responsible for setting the risk appetite?

Options:

A.

External auditors.

B.

Chief risk officer.

C.

Operations management.

D.

Board of directors.

Buy Now
Questions 203

During an assurance engagement, an internal auditor identified that a developer of the organization ' s enterprise resource planning (ERP) system had intentionally modified the production code to commit a fraudulent transaction. Which control activity should be implemented to prevent such issues in the future?

Options:

A.

Segregate duties between code development and migrating changes into production.

B.

Conduct fraud training for the IT team responsible for the ERP system.

C.

Penalize the developer who committed the fraud by terminating employment.

D.

Restrict developers ' access to the ERP system ' s test environment.

Buy Now
Questions 204

An internal auditor was offered expensive tickets to a sporting event by the manager of an area that she was currently auditing. The auditor politely declined. Which of the following fundamental principles of the MA Code of Ethics did she display?

Options:

A.

Confidentiality.

B.

Independence.

C.

Competency.

D.

Objectivity

Buy Now
Questions 205

Which of the following would be included in quality assurance and improvement program (QAIP) reporting?

Options:

A.

Descriptions of standardized work practices.

B.

Outcomes of internal audit key performance indicators.

C.

Conformance of individual engagements with the Standards,

D.

Annual summaries of consulting and audit engagements.

Buy Now
Questions 206

In the context of an internal control framework, organizational structure and assignment of authority and responsibility is related to which of the following?

Options:

A.

Control activities.

B.

Information and communication.

C.

Risk assessment.

D.

Control environment.

Buy Now
Questions 207

How should the internal audit activity promote continuous improvement of organizational controls?

Options:

A.

By assessing implementation of controls m individual processes during audit engagements

B.

By identifying the most significant business processes and designing effective controls for those processes

C.

By implementing an internationally accepted internal control framework across the organization

D.

By facilitating control self-assessment sessions for managers responsible for business processes

Buy Now
Questions 208

Which of the following would be the most effective fraud prevention control?

Options:

A.

Email alert sent to management for checks issued over $100,000.

B.

Installation of a video surveillance system in a warehouse prone to inventory loss.

C.

New hire training to explain fraud and employee misconduct.

D.

Daily report that identifies unsuccessful system log-in attempts

Buy Now
Questions 209

Which of the following best describes a responsibility of the board of directors with regard to risk management throughout the organization?

Options:

A.

Monitor the organization ' s overall risk activities in relation to its risk appetite and other risk criteria.

B.

Guide the integration of risk management with other business planning and management activities.

C.

Review the portfolio of risk of the organization in relation to its risk appetite.

D.

Assume responsibility for the effectiveness and success of the risk management framework

Buy Now
Questions 210

Which of the following best describes the type of risk that an adequately designed and effectively operating system of internal controls should mitigate?

Options:

A.

Net.

B.

Controllable.

C.

inherent,

D.

Residual.

Buy Now
Questions 211

According to MA guidance, which of the following statements is true regarding an effective governance process?

Options:

A.

It stipulates that risk needs to be considered when making strategic decisions.

B.

It encourages strict segregation of the risk management and internal control processes.

C.

It relies on effective risk management when establishing the organization ' s risk appetite.

D.

It relies on the board to devise ways to communicate the effectiveness of internal controls.

Buy Now
Questions 212

Which type(s) of assessments in an internal audit activity’s quality assurance and improvement program requires ongoing monitoring to evaluate internal audit activity ' s efficiency and effectiveness?

Options:

A.

Neither internal nor external assessment

B.

internal assessment

C.

Both internal and external assessment

D.

External assessment

Buy Now
Questions 213

Which of the following best demonstrates internal auditors performing their work with proficiency?

Options:

A.

Internal auditors meet with operational management at each phase of the audit process.

B.

Internal auditors adhere to The IIA’s Code of Ethics.

C.

Internal auditors work collaboratively with their engagement team.

D.

Internal auditors complete a program of continuing professional development.

Buy Now
Questions 214

A series of incidents over the past year reveals several members of senior management possess a limited understanding of the concept and impact of fraud. Which of the following would be the most effective way to approach this issue?

Options:

A.

The board should ask the internal audit activity to perform additional assurance engagements.

B.

A comprehensive fraud risk assessment and management program should be carried out.

C.

The organization should conduct training sessions on fraud, which should be attended by senior management and staff.

D.

Anti-fraud and whistleblowing policies should be implemented and their importance should be clearly stated.

Buy Now
Questions 215

Which of the following is the primary benefit of an effective professional development program for internal auditors?

Options:

A.

An effective program may enhance internal auditors ' business acumen

B.

An effective program may ensure that HA Standards requirements are adhered to during audit engagements

C.

An effective program may ensure internal auditors ' effectiveness in setting the organization ' s nsk management process

D.

An effective program may clarify management ' s expectations of the auditors and their responsibilities to the organization

Buy Now
Questions 216

Which of the following characteristics is typical of the internal audit activity?

Options:

A.

Serves third parties that need reliable financial information from audit engagements

B.

Responds to the needs and desires of senior management and the board, but remains independent of areas under review

C.

Ensures the organization complies with laws and regulations in the area under review

D.

Is completely independent of senior management, the board and the area under review

Buy Now
Questions 217

Which of the following is an example of corruption?

Options:

A.

Recognizing revenue up front rather than over a contract’s life to inflate revenue for the current period

B.

Requesting reimbursement for overstated travel and entertainment expense amount

C.

Misstating realized foreign currency transaction gains or losses

D.

Demanding payment from a vendor for decisions made in the vendor’s favor

Buy Now
Questions 218

Which of the following best demonstrates the application of due professional care?

Options:

A.

An engagement supervisor requests that the employment of a process owner be terminated due to a significant control failure.

B.

An audit lead establishes internal audit manuals to guide the internal audit activity on now to undertake audit engagements.

C.

An audit manager provides a guarantee to senior management that internal controls relating to an audited process operate effectively.

D.

An organization ' s internal audit activity operates under a direct reporting structure to tie audit committee of the board

Buy Now
Questions 219

Who is held responsible for oversight of the organization ' s risk management framework?

Options:

A.

Operational management.

B.

Board of directors.

C.

Internal auditors.

D.

Head of risk management.

Buy Now
Questions 220

With regard to organizational governance assurance, which of the following is an appropriate role for the internal audit activity ' ?

Options:

A.

Assess compliance with the organization ' s code of conduct

B.

Oversee the governance and risk management processes

C.

Initiate new organizational control processes

D.

Provide advice on organizational governance activities

Buy Now
Exam Code: IIA-CIA-Part1
Exam Name: Internal Audit Fundamentals
Last Update: Jul 10, 2026
Questions: 735

PDF + Testing Engine

$134.99

Testing Engine

$99.99

PDF (Q&A)

$84.99