Summer Certification Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: best70

IIA-CIA-Part2 Internal Audit Engagement Questions and Answers

Questions 4

An internal auditor wants to compare performance information from one quarter to another. Which analytics procedure would the auditor use?

Options:

A.

Ratio analysis

B.

Trend analysis

C.

Vertical analysis

D.

Benchmarking analysis

Buy Now
Questions 5

When forming an opinion on the adequacy of management ' s systems of internal control, which of the following findings would provide the most reliable assurance to the chief audit executive?

• During an audit of the hiring process in a law firm, it was discovered that potential employees ' credentials were not always confirmed sufficiently. This process remained unchanged at the following audit.

• During an audit of the accounts payable department, auditors calculated that two percent of accounts were paid past due. This condition persisted at a follow up audit.

• During an audit of the vehicle fleet of a rental agency, it was determined that at any given time, eight percent of the vehicles were not operational. During the next audit, this figure had increased.

• During an audit of the cash handling process in a casino, internal audit discovered control deficiencies in the transfer process between the slot machines and the cash counting area. It was corrected immediately.

Options:

A.

1 and 3 only

B.

1 and 4 only

C.

2 and 3 only

D.

2 and 4 only

Buy Now
Questions 6

The objective of an internal audit engagement is to evaluate the organization ' s ethics program. Which of the following should be included in the scope of the engagement?

Options:

A.

Organizational strategic plan

B.

Established investigation protocols

C.

Operational budget of the organization

D.

Remuneration of ethics officers

Buy Now
Questions 7

Which of the following should be described in the recognition element of a typical internal audit repot?

Options:

A.

Positive aspects of the process or area under review

B.

A brief synopsis of the process of area under review

C.

Outcomes and ratings of the process or area under review

D.

Report issuance and the communication process of the engagement.

Buy Now
Questions 8

An internal auditor wants to determine whether employees are complying with the information security policy, which prohibits leaving sensitive information on employee desks overnight. The auditor checked a sample of 90 desks and found eight that contained sensitive information. How should this observation be reported, if the organization tolerates 4 percent noncompliance?

Options:

A.

The matter does not need to be reported, because the noncompliant findings fall within the acceptable tolerance limit.

B.

The deviations are within the acceptable tolerance limit, so the matter only needs to be reported to the information security manager.

C.

The incidents of noncompliance fall outside the acceptable tolerance limit and require immediate corrective action, as opposed to reporting.

D.

The incidents of noncompliance exceed the tolerance level and should be included in the final engagement report.

Buy Now
Questions 9

In which of the following situations would an internal control questionnaire best suit the internal auditor ' s purpose?

Options:

A.

The auditor wants to receive mid-level management insight on how to improve hiring practices.

B.

The auditor wants to obtain information on whether adherence to approval matrices is actually taking place in different maintenance units.

C.

The auditor wants to gain assurance that inventory counts are conducted in accordance with established procedures.

D.

The auditor wants to assess whether different subsidiaries apply centrally established procurement rules in the same manner.

Buy Now
Questions 10

An internal auditor is planning an engagement at a financial institution. Toe engagement objective is to identify whether loans were granted in accordance with the organization ' s policies. When of the following approaches would provide the auditor with the best information?

Options:

A.

Randomly select 30 cases of loans and verify whether they were repaid timely and in full

B.

Randomly select 30 cases of loans and validate them against applicable underwriting guidelines

C.

Randomly select 30 employees to complete a survey regarding whether policies and standards are followed

D.

Randomly select several months obtain ageing reports for these months and compare them with the poor year

Buy Now
Questions 11

An internal auditor is conducting an assessment of the purchasing department. She has worked the full amount of hours budgeted for the engagement; however, the audit objectives are not yet complete. According to IIA guidance, which of the following are appropriate options available to the chief audit executive?

1. Allow the auditor to decide whether to extend the audit engagement.

2. Determine whether the work already completed is sufficient to conclude the engagement.

3. Provide the auditor feedback on areas of improvement for future engagements.

4. Provide the auditor with instructions and directions to complete the audit.

Options:

A.

1, 2, and 3

B.

1, 2, and 4

C.

1, 3, and 4

D.

2, 3, and 4

Buy Now
Questions 12

According to IIA guidance, which of the following statements best justifies a chief audit executive ' s request for external consultants to complement internal audit activity (IAA) resources?

Options:

A.

The organization ' s audit universe is extensive and diverse.

B.

There has been an increase in unanticipated requests for advisory work.

C.

Previous work provided by the external service provider has been of great quality and value.

D.

A recent benchmarking study found that using external service providers is a common practice of similarly-sized IAAs in other organizations.

Buy Now
Questions 13

An internal audit function described scenarios of fraud indicators and fraud-related key words. The objective is for this data to serve as an input into algorithms that will forecast potentially fraudulent behavior and prevent the execution of flagged transactions. Which of the following analytic methods is the internal audit function most likely developing?

Options:

A.

Diagnostic analytics

B.

Descriptive analytics

C.

Prescriptive analytics

D.

Predictive analytics

Buy Now
Questions 14

Which of the following computerized audit tools or techniques should be used if the internal auditor wants to extract specific files and records in the database?

Options:

A.

An expert or decision support system

B.

Generalized audit software

C.

A system utility program

D.

An integrated test facility

Buy Now
Questions 15

Which of the following audit steps would an internal auditor most likely be questioned on?

Options:

A.

The auditor confirms the organization ' s ownership of physical equipment by verifying its presence on site visually.

B.

The auditor vouches for a sample of check copies to support voucher packages to test the checks ' validity.

C.

The auditor vouches a sales invoice to a shipping document to conclude that the invoice has been issued.

D.

The auditor recalculates the allowance for doubtful accounts based on management assertions.

Buy Now
Questions 16

A chief audit executive (CAE) is trying to balance the internal audit activity ' s needs for technical audit skills budget efficiency and staff development opportunities. Which of the following would best assist the CAE in achieving this balance1?

Options:

A.

Strategic sourcing

B.

Loan staff arrangement

C.

Flat organizational structure

D.

Hierarchical organizational structure

Buy Now
Questions 17

An internal auditor reviewed bank reconciliations prepared by management of the area under review. The auditor noted that the bank statements attached did not have the

bank heading, logo, or address. Which of the following statements is true regarding this situation?

Options:

A.

The evidence may not be reliable.

B.

The evidence is not relevant.

C.

The evidence may not be sufficient.

D.

The information missing is not relevant to the audit.

Buy Now
Questions 18

The board has asked the internal audit activity (IAA) to be involved in the organization ' s enterprise risk management process. Which of the following activities is appropriate for IAA to perform without safeguards?

Options:

A.

Coach management in responding to risks.

B.

Develop risk management strategies for board approval.

C.

Facilitate identification and evaluation of risks.

D.

Evaluate risk management processes.

Buy Now
Questions 19

Where should internal auditor focus their attention when identify and assessing key risks during the planning stage of an assurance engagement?

Options:

A.

Sampling risk.

B.

Audit risk.

C.

Residual risk.

D.

Inherent risk

Buy Now
Questions 20

Which of the following is essential for ensuring that the internal audit activity ' s findings and recommendations receive adequate consideration?

Options:

A.

Reporting results of audits with recommendations to management.

B.

Providing formal follow-up procedures to ensure that management complies with an action plan or accepted risk of not taking action.

C.

Reporting quarterly to management that the audit plan is focused on higher exposures of risk.

D.

Discussing audit findings with independent auditors.

Buy Now
Questions 21

An internal auditor collected several employee testimonials Which of the following is the best action for the internal auditor to take before drawing a conclusion?

Options:

A.

Ensure the testimonials are well documented

B.

Substantiate the testimonials with physical or documentary evidence

C.

Corroborate testimonials with the results from other soft control techniques

D.

Review the testimonials with the interviewed employees

Buy Now
Questions 22

An internal auditor plans to conduct a walk-through to evaluate the control design of a process. Which of the following techniques is the auditor most likely to use?

Options:

A.

Observation and inspection.

B.

Inquiry and observation.

C.

Inspection and reperformance.

D.

Inquiry and reperformance.

Buy Now
Questions 23

Which of the following situations is most critical for the chief audit executive to report to the board?

Options:

A.

The chief audit executive disagreed with the business unit manager ' s initial decision to accept a particular risk Management ultimately agreed to address the risk only after discussing the issue with senior management.

B.

The internal audit activity was restructured, which resulted in a significant change in responsibilities among audit managers and supervisors for some audits

C.

A staff internal auditor had difficulties completing a portion of the audit because management of the area under review was unwilling to cooperate and provide information timely.

D.

The resignation of an internal audit manager during the year caused the chief audit executive to defer a number of audit engagements to the following year.

Buy Now
Questions 24

Which of the following engagement supervision activities should be performed first?

Options:

A.

Ensure that internal audit recommendations are practical, cost-effective, and value-added

B.

Ensure that internal audit conclusions am based on sufficient and reliable evidence

C.

Ensure that risks to the timely completion of the engagement are assessed

D.

Ensure that performance assessments are completed for audit team members

Buy Now
Questions 25

A chief audit executive (CAE) determined that management chose to accept a high-level risk that may be unacceptable lo the organization. Which is the best course of action for the CAE to Follow?

Options:

A.

Include using in a subsequent audit to determine if the risks are still present

B.

Discuss the matter with senior management and it not reserved with the board

C.

Require that management implement controls to mitigate lie risks

D.

Report the risks to the process owners so that they can modify their process

Buy Now
Questions 26

Internal auditors map a process by documenting the steps in the process, which provides a framework for understanding Which of the following is a reason to use narrative memoranda?

Options:

A.

To create a detailed risk assessment

B.

To identify individuals who perform key roles

C.

To explain a simple process.

D.

To document which outputs support other activities.

Buy Now
Questions 27

A team of internal auditors is assigned to audit the employee relations process in an organization, which includes employee conduct and disciplinary hearings. Which of the following audit approaches would provide the auditors with the best evidence to determine the degree to which disciplinary decisions are complying with documented policy?

Options:

A.

Review a random sample of concluded disciplinary reports to assess how the policy was applied in each case.

B.

Interview a sample of impacted employees for their opinions on the clarity and fairness of the policy.

C.

Observe several disciplinary hearings to determine whether they are in compliance with the policy.

D.

Conduct an interview to assess the disciplinary hearing chairman’s understanding of the policy and its appropriate use.

Buy Now
Questions 28

An internal auditor is tasked with evaluating the adequacy of the organization ' s inventory fraud controls. What is the most relevant information that the auditor can obtain from the documentation of cyclic counting for this purpose?

Options:

A.

Accounting adjustments of inventories are approved by the management in accordance with a signature policy

B.

Root causes of inventory differences are analyzed and corrective measures are followed

C.

High value items are inventoried more frequently throughout the year

D.

Value of accounting adjustments matches with the value of inventory differences and are made in a timely manner

Buy Now
Questions 29

After concluding a preliminary assessment, the engagement supervisor prepared a draft work program According to HA guidance which of the following would be tested by this program?

Options:

A.

The process objectives.

B.

The process risks

C.

The process controls

D.

The process scope

Buy Now
Questions 30

Management has taken immediate action to address an observation received during an audit of the organization ' s manufacturing process Which of the following is true regarding the validity of the observation closure?

Options:

A.

Valid closure requires evidence that ensures the corrected process will function as expected in the future

B.

Valid closure requires the client lo address not only the condition, but also the cause of the condition

C.

Valid closure of an observation ensures it will be included in the final engagement report

D.

Valid closure requires assurance from management that the original problem will not recur in the future

Buy Now
Questions 31

Which of the following would help the internal audit activity assess compliance with the organization ' s standard operating procedures for bank deposits during a preliminary survey?

Options:

A.

Issue an internal control questionnaire to select branch customers.

B.

Issue an internal control questionnaire to the president of the organization.

C.

Issue an internal control questionnaire to the director of bank operations.

D.

Issue an internal control questionnaire to select branch managers.

Buy Now
Questions 32

A large investment organization hired a chief risk officer (CRO) to be responsible for the organization ' s risk management processes. Which of the following people should prioritize risks to be used for the audit plan?

Options:

A.

Operational management, because they are responsible for the day-to-day management of the operational risks.

B.

The CRO, because he is responsible for coordinating and project managing risk activities based on his specialized skills and knowledge.

C.

The chief audit executive, although he is not accountable for risk management in the organization.

D.

The CEO, because he has ultimate responsibility for ensuring that risks are managed within the agreed tolerance limits set by the board.

Buy Now
Questions 33

The internal audit activity is currently working on several engagements, including a consulting engagement on the management process in the human resources department. Which of the following actions should the chief audit executive take to most efficiently and effectively ensure the quality of the engagement?

Options:

A.

Assign an experienced manager to monitor the whole engagement process.

B.

Employ fieldwork peer review to enhance the work quality.

C.

Require internal auditors to follow a standardized work program.

D.

Personally supervise the engagement

Buy Now
Questions 34

What type of audit engagement would be the most appropriate to determine how an organization could be more profitable in the long term?

Options:

A.

Operational audit

B.

Compliance and financial audit

C.

Performance audit

D.

Quality audit

Buy Now
Questions 35

Which of the following represents the best method for confirming that vendor invoices were for authorized purchases?

Options:

A.

Vouching vendor invoices to payments made.

B.

Sorting invoices by purchase orders and comparing for successive duplicate invoices.

C.

Comparing a random sample of vendor invoices to purchase orders.

D.

Sorting payments by invoice to detect successive duplicate invoices.

Buy Now
Questions 36

An internal auditor discovered fraud while performing an audit of an organization ' s procurement process. Which of the following describes the greatest benefit of using forensic auditing techniques in this scenario?

Options:

A.

Enhanced capability to prevent frauds from occurring.

B.

Greater assurance that procurement frauds will be detected in a timely manner

C.

Improved capability of evaluating fraud risks within the organization.

D.

Greater understanding of fraud through better evidence collection

Buy Now
Questions 37

Which of the following components should be included in an audit finding?

1. The scope of the audit.

2. The standard(s) used by the auditor to make the evaluation.

3. The engagement ' s objectives.

4. The factual evidence that the internal auditor found in the course of the examination.

Options:

A.

1 and 2

B.

1 and 3 only

C.

2 and 4

D.

1, 3, and 4

Buy Now
Questions 38

An internal auditor was assigned to review controls in the accounts payable function. Most of tie accounts payable processes are performed by a third-party service provider. The auditor included in the audit report a number of control deficiencies involving processes performed by the service provider. The service provider requested a copy of the report Which of Vie following would be the most appropriate response from the chief audit executive (CAE)?

Options:

A.

The CAE would automatically sand a copy of the report to the service provider as many of the findings relate to Via area managed by the service provider

B.

The CAE may distribute the report to tie service provider at no cost, after consulting with legal counsel and tie chief compliance officer

C.

The CAE may provide a copy of the audit report to the service provider If an agreement & signed and the service provider agrees to reimburse the cost of the auditD, The CAE should benchmark with other organization in the industry by consorting with colleagues and distribute the report only I it is an acceptable practice m the industry

Buy Now
Questions 39

After the team member who specialized in fraud investigations left the internal audit team, the chief audit executive decided to outsource fraud investigations to a third party service provider on an as needed basis. Which of the following is most likely to be a disadvantage of this outsourcing decision?

Options:

A.

Cost.

B.

Independence.

C.

Familiarity.

D.

Flexibility.

Buy Now
Questions 40

Which requirement should the chief audit executive consider when communicating results of the quality assurance and improvement program to the board of a large organization?

Options:

A.

The internal assessment results should be discussed once every five years

B.

The rating conclusions and the impact from results of the external assessment should be explained

C.

The results of the external assessment should be discussed every seven years.

D.

The qualifications and independence of the internal assessment team should be discussed

Buy Now
Questions 41

According to IIA guidance, which of the following is true regarding the exit conference for an internal audit engagement?

Options:

A.

A primary purpose of the exit conference is to provide for the timely communication of observations that call for immediate management action.

B.

Both the chief audit executive and the chief executive over the activity or function reviewed must attend the exit conference to validate the findings.

C.

The exit conference provides only anticipated results for inclusion in the final audit communication.

D.

During the exit conference, the performance of the internal auditors who executed the engagement is reviewed.

Buy Now
Questions 42

An internal auditor wants to obtain management ' s evaluation of the organizational risk culture. Because there are more than 30 geographically dispersed managers, one-to-one interviews are not possible. Which of the following is the most efficient option for the auditor to adopt?

Options:

A.

Send out a survey with a few open questions, such as “What is your impression of the risk culture in our organization?”

B.

Send out a survey with statements and request defined answers, such as “strongly agree” and “strongly disagree.”

C.

Send out an email asking managers to evaluate the risk culture and provide detailed justification.

D.

Send out an email asking those who have something to report on organizational risk culture to step forward.

Buy Now
Questions 43

Which of the following is one of the five attributes that internal auditors include when documenting a deficiency?

Options:

A.

The criteria used to make the evaluation

B.

The methodology used to analyze data

C.

The proposed follow-up engagement work to be performed

D.

The scope of work performed during the engagement

Buy Now
Questions 44

Which of the following offers the best explanation of why the auditor in charge would assign a junior auditor to complete a complex part of the audit engagement?

Options:

A.

The senior auditors are unavailable, as they are currently working on other portions of the engagement

B.

The auditor in charge believes that the junior auditor should obtain a specific type of experience.

C.

The audit engagement has a tight deadline and the work must be completed timely.

D.

The auditor in charge is unable to identify audit staff with all of the required skills needed to complete the engagement

Buy Now
Questions 45

Which of the following is the most appropriate reason for a chief audit executive to conduct an external assessment more frequently than five years?

Options:

A.

Significant changes in the organization ' s accounting policies or procedures would warrant timely analysis and feedback.

B.

More frequent external assessments can serve as an equivalent substitute for internal assessments.

C.

The parent organization ' s internal audit activity agreed to perform biennial reciprocal external assessments to provide greater assurance at a reduced cost.

D.

A change in senior management or internal audit leadership may change expectations and commitment to conformance

Buy Now
Questions 46

According to IIA guidance, which of the following provides additional insight into errors, problems, missed opportunities, or noncompliance to improve the effectiveness and efficiency of an organization ' s control process?

Options:

A.

Reperformance.

B.

Vouching.

C.

Independent confirmation.

D.

Root cause analysis.

Buy Now
Questions 47

Which of the following factors would the auditor in charge be least likely to consider when assigning tasks to audit team members for an engagement?

Options:

A.

The amount of experience the auditors have conducting audits in the specific area of the organization.

B.

The availability of the auditors in relation to the availability of key client staff.

C.

Whether the budgeted hours are sufficient to complete the audit within the current scope.

D.

Whether outside resources will be needed, and their availability.

Buy Now
Questions 48

An internal auditor selects a sample of paid invoices and matches them to receiving reports. What is the most likely purpose for this procedure?

Options:

A.

To ensure all customer shipments are billed appropriately.

B.

To ensure invoices are only paid for goods received.

C.

To ensure all liabilities have been satisfied.

D.

To ensure invoices are only paid for goods ordered.

Buy Now
Questions 49

A corporate merger decision prompts the chief audit executive (CAE) lo propose interim changes to the existing annual audit plan to account for emerging risks Which of the following is the most appropriate action for the CAE to take regarding the changes made to the audit plan ' '

Options:

A.

Present the revised audit plan directly to the board for approval.

B.

Communicate with the chief financial officer and present the revised audit plan to the CEO tor approval

C.

Present the revised audit plan directly to the CEO for approval

D.

Communicate with the CEO and present the revised audit plan to the board for approval.

Buy Now
Questions 50

Which of the following risk assessment approaches involves gathering data from work team representing different levels of an organisation?

Options:

A.

Surveys

B.

Management produced analysis 0

C.

Facilitated team workshops

D.

Weighted risk factors

Buy Now
Questions 51

According to IIA guidance which of the following best describes reliable information?

Options:

A.

Reliable information is factual adequate, and convincing so that a prudent informed person would reach the same conclusions as the internal auditor

B.

Reliable information is the best attainable information through the use of appropriate engagement techniques

C.

Reliable information supports engagement observations and recommendations and is consistent with the objectives for the engagement

D.

Reliable information helps the organization and the internal audit activity meet its goals

Buy Now
Questions 52

Internal control questionnaires are used to achieve which of the following objectives?

Options:

A.

To ascertain the operating effectiveness of a procedure

B.

To verify the accuracy of Information in a report

C.

To assess the controls mitigating major risks

D.

To determine whether specified contra procedures are in place

Buy Now
Questions 53

An internal auditor wants to assess the completeness of sales invoices issued by the organization over a period of time Providing that at the necessary data and analytics software is which of the following types of analyse would be appropriate to satisfy the auditor ' s objective?

Options:

A.

Payment terms analysis

B.

Duplicates analysts

C.

Aging analysis

D.

Gap analysis

Buy Now
Questions 54

Which of the following is an example of a properly supervised engagement?

Options:

A.

Auditors are asked to keep a daily record of their activity for review by the auditor in charge following the engagement.

B.

The senior internal auditor requires each auditor to review and initial colleagues’ workpapers for completeness and format

C.

A new internal auditor is accompanied by an experienced auditor during a highly sensitive fraud investigation.

D.

The auditor in charge provides reasonable assurance that engagement objectives were met

Buy Now
Questions 55

An internal auditor believes that the internal audit activity ' s independence is impaired Which of the following actions should the internal auditor take first?

Options:

A.

Report the impairment to senior management

B.

Discuss the impairment with the audit manager.

C.

Ascertain the best approach to disclose the impairment.

D.

Decide on the extent of impact of the impairment

Buy Now
Questions 56

Acceding to IIA guidance, which of the following statements is true regarding the risk assessment process performed by the internal audit activity?

Options:

A.

The assessment of high-level risks is typically a linear process.

B.

Management should create the preliminary risk matrix

C.

The analysis should begin with ne identification of objectives

D.

Likelihood should receive greater consideration than impact

Buy Now
Questions 57

Which of the following internal audit activity staffing models has the disadvantage that auditors are always new and in training?

Options:

A.

Career model.

B.

Center of competence model.

C.

Rotational model.

D.

Hybrid model.

Buy Now
Questions 58

Which of the following would not be a typical activity for the chief audit executive to perform following an audit engagement?

Options:

A.

Report follow-up activities to senior management.

B.

Implement follow-up procedures to evaluate residual risk.

C.

Determine the costs of implementing the recommendations.

D.

Evaluate the extent of improvements.

Buy Now
Questions 59

What is the primary objective of an engagement supervisor ' s review of key activities performed during the engagement?

Options:

A.

To ensure that the engagement is completed on time and within budget

B.

To ensure that all work performed meets acceptable quality standards

C.

To ensure that management has provided suitable responses to all observations

D.

To ensure that management is satisfied with the progress of the engagement

Buy Now
Questions 60

A technology organization is developing an artificial intelligence (AI) program for use on its social media platform. The AI program is meant to help content creators with images and posts that will acquire followers more efficiently. The internal audit function is planning an engagement of the AI program development. Which of the following should be considered a significant, immediate, and inherent risk?

Options:

A.

The AI program becomes self-reliant and no longer requires human assistance to perform tasks for the organization.

B.

The AI program advancements allow for it to generate original images for use by content creators and other individuals.

C.

The AI program captures images found online that are created and owned by individuals and other organizations.

D.

The AI program will have to comply with the national regulation expected to come in force in two years ' time.

Buy Now
Questions 61

An internal auditor reviewed the tender documents for the procurement of manufacturing equipment and observed the following:

    Tender technical specifications were compliant with internal policies.

    The sole assessment criterion of the tender was economic feasibility.

    All bids were submitted to a designated software and could not be opened before the submission deadline.

    The winner was approved by senior management.

    The winner was selected based on which bidder offered the newest technology.

Which of the following is the most appropriate conclusion?

Options:

A.

Key controls of the procurement process operate as intended based on the analysis of the specific tender documents.

B.

IT controls implemented to ensure confidentiality of submitted bids seem to have several deficiencies.

C.

Management ' s selection of the winner should be positively acknowledged for focusing on innovative technological solution.

D.

The principles of transparency and equal treatment of bidders seem to be impaired.

Buy Now
Questions 62

Which of the following statements best describes the difference between risk appetite and risk tolerance?

Options:

A.

Risk appetite applies to specific objectives, while risk tolerance refers to an organization ' s general attitude toward risk.

B.

Risk appetite refers to the degree of risk acceptance for a particular objective, while risk tolerance is one approach to risk management

C.

Risk appetite refers to an organization’s general level of acceptance, while risk tolerance is a more specific and subordinate concept

D.

There is no significant difference between the two terms

Buy Now
Questions 63

Which of the following represents a ratio that measures short-term debt-paying ability?

Options:

A.

Debt-to-equity ratio

B.

Profit margin

C.

Current ratio

D.

Times interest earned

Buy Now
Questions 64

Which of the following are advantages of flowcharts over internal control questionnaires ' '

1 Flowcharts reduce the need to test whether employees are observing internal control processes

2 Flowcharts provide a visual depiction of the processes in the area under review 3. Flowcharts identify and prioritize internal control design weaknesses.

4 Flowcharts highlight the control points to help internal auditors evaluate control design

Options:

A.

1 and 3 only

B.

2 and 4 only.

C.

1.2. and 3 only

D.

2. 3 and 4 only

Buy Now
Questions 65

According to IIA guidance, which of the following typically serves as the basis for an engagement work program?

Options:

A.

Past audit findings.

B.

Scope and audit objectives.

C.

Techniques and resources.

D.

Stakeholders ' expectations.

Buy Now
Questions 66

Which procedure should an internal auditor perform to determine the audit objective?

Options:

A.

Meet with the board to discuss emerging issues and concerns

B.

Conduct a risk assessment of the area under review

C.

Establish the boundaries of the engagement

D.

Outline what will be included in the review

Buy Now
Questions 67

Which of the following items, included in the preliminary audit communication would be most useful for management to formulate action plans in response to audit recommendations?

Options:

A.

A condition

B.

An audit objectives

C.

An audit scope

D.

An observation rating

Buy Now
Questions 68

While reviewing the workpapers and draft report from an audit engagement, the chief audit executive (CAE) found that an Important compensating control had not been considered adequately by the audit team when it reported a major control weakness Therefore, the CAE returned the documentation to the auditor in charge for correction Based on this Information, which of the following sections of the workpapers most likely would require changes?

1.Effect of the control weakness.

2.Cause of the control weakness

3.Conclusion on the control weakness.

4.Recommendation for the control weakness.

Options:

A.

1, 2, and 3.

B.

1.2. and 4

C.

1,3, and 4.

D.

2, 3, and 4.

Buy Now
Questions 69

An internal auditor is testing the success of the IT support department in meeting the service levels guaranteed to small, medium and large customers. The customer ' s size classification is based on its annual expenditures with the organization and the nature and extent of services it receives. Which of the following sampling techniques would be the most suitable to select customers for this test?

Options:

A.

Interval sampling

B.

Cluster sampling

C.

Stop-and-go sampling

D.

Stratified sampling

Buy Now
Questions 70

According to the Standards, which of the following is leastimportant in determining the adequacy of an annual audit plan?

Options:

A.

Sufficiency.

B.

Appropriateness.

C.

Effective deployment.

D.

Cost effectiveness.

Buy Now
Questions 71

An internal auditor is conducting an assurance engagement. One engagement objective is to evaluate the project manager’s effectiveness at controlling project costs. Which of the following audit tests should be included in the engagement program?

Options:

A.

Prepare a bank reconciliation statement for all the bank accounts of the organization

B.

Track a sample of project payments from accounts payable to concluded agreements and authorization rights

C.

Validate the accuracy of assumptions and inputs used for calculations in the project’s feasibility model

D.

Investigate whether the budget of the project was approved timely as required by internal policies

Buy Now
Questions 72

According to IIA guidance, which of the following describes the primary reason to implement environmental and social safeguards within an organization?

Options:

A.

To enable Triple Bottom Line reporting capability.

B.

To facilitate the conduct of risk assessment

C.

To achieve and maintain sustainable development.

D.

To fulfill regulatory and compliance requirements.

Buy Now
Questions 73

Prior to performing testing an internal auditor has determined that a primary process control failed due to design weakness. Which of the following actions should the auditor perform next?

Options:

A.

Determine whether there are any compensating controls in place to reduce the nsk to an acceptable level, and discuss this matter with management of the business area to determine which corrective action is needed

B.

Test the control anyway to determine the likelihood that the control was not performed property, and discuss this matter with management of the business area to determine which corrective action is needed

C.

Conclude that the process control environment is weak, issue a finding on this conclusion and report this finding to management of the business area

D.

Confer with a second internal auditor to determine whether the control failure is legitimate issue a finding on this conclusion and report this finding to management of the business area

Buy Now
Questions 74

Which of the following constitutes supervisory activity undertaken during the planning phase of an assurance engagement?

Options:

A.

Ensuring the process owner with the engagement objectives

B.

Reviewing engagement draft reports

C.

Ensuring workpapers support audit findings

D.

Approving audit work programs

Buy Now
Questions 75

Which of the following statements is true regarding engagement planning?

Options:

A.

The scope of the engagement should be planned according to the internal audit activity ' s budget and then aligned to the risk universe.

B.

The audit engagement objectives should be based on operational managements view of risk objectives

C.

The planning phase of the engagement should be completed and approved before the fieldwork of the engagement begins.

D.

The main purpose of the engagement work program is to determine the nature and timing of procedures required to gather audit evidence

Buy Now
Questions 76

An organization has a mature control environment but limited internal audit resources Given this scenario, on which of the following should the internal auditors focus their testing?

Options:

A.

Detective compensating controls

B.

Preventive compensating controls

C.

Detective Key controls

D.

Preventive key controls

Buy Now
Questions 77

An internal auditor is conducting a financial audit. Which of the following audit procedures is most appropriate when existing internal controls are weak?

Options:

A.

Analytical procedures.

B.

Detail testing.

C.

Test of design.

D.

Test of control.

Buy Now
Questions 78

Which of the following attribute sampling methods would be most appropriate to use to measure the total misstatement posted to an accounts payable ledger?

Options:

A.

Stop-or-go sampling

B.

Probability to proportional size sampling

C.

Classical variable sampling

D.

Discovery sampling

Buy Now
Questions 79

A newly promoted chief audit executive (CAE) is faced with a backlog of assurance engagement reports to review for approval. In an attempt to attach a priority for this review, the CAE scans the opinion statement on each report. According to IIA guidance, which of the following opinions would receive the lowest review priority?

1. Graded positive opinion.

2. Negative assurance opinion.

3. Limited assurance opinion.

4. Third-party opinion.

Options:

A.

1 and 3

B.

1 and 4

C.

2 and 3

D.

2 and 4

Buy Now
Questions 80

The chief audit executive of an international organization is planning an audit of the treasury function located at the organization ' s headquarters. The current internal audit team at headquarters lacks expertise in the area of financial markets which is needed tor the engagement When of the following would be the most approbate solution considering the time constraint?

Options:

A.

Outsource the engagement 10 tie organization ' s external auditor who has expertise in the area of financial markets

B.

Hire additional internal auditors who have expertise in the area of financial markets.

C.

Invite a guest auditor from one of the organization ' s affiliates who has expertise m the area of financial markets.

D.

Limit the scope of the engagement to the knowledge and skills possessed by the internal audit team.

Buy Now
Questions 81

Which of the following would be the most helpful to a chief audit executive when developing a talent management strategy?

Options:

A.

Gap analysis

B.

Staff preferences

C.

Maturity analysis

D.

Extent of external audit coverage

Buy Now
Questions 82

Which of the following statements is true regarding different competitive strategies?

Options:

A.

An organization that adopts a cost leadership competitive strategy generally maintains standard operating procedures to ensure efficiency.

B.

An organization that adopts a differentiation strategy generally maintains a targeted strategic approach to its operations.

C.

An organization that adopts a focus strategy is known for taking the lead in technological advancement.

D.

An organization that adopts a cost leadership strategy is known for cherishing employees who think creatively and emphasize uniqueness.

Buy Now
Questions 83

When a significant finding is noted early during a review of the accounts payable function, which next course of action is best for communicating the issue?

Options:

A.

Intern accounting management via an interim memorandum update

B.

Note the item in the workpapers for inclusion in the final audit report

C.

Call a meeting and discuss me issue with the audit committee

D.

Alert the CEO as soon as the issue is discovered

Buy Now
Questions 84

According to IIA guidance, which of the following statements is true regarding engagement planning?

Options:

A.

For both assurance and consulting engagements, planning typically occurs after the engagement objectives and scope have already been determined.

B.

The expectations and objectives of an assurance engagement are usually determined by. or in conjunction with, the engagement client

C.

Internal auditors may not need to complete a preliminary risk assessment for a consulting engagement as they would when planning an assurance engagement.

D.

For both consulting and assurance engagements, internal auditors usually form the engagement objectives prior to completing the preliminary risk assessment

Buy Now
Questions 85

A rapidly expanding retail organization continues to be tightly controlled by its original small management team. Which of the following is a potential risk in this vertically centralized organization?

Options:

A.

Lack of coordination among different business units

B.

Operational decisions are inconsistent with organizational goals.

C.

Suboptimal decision-making.

D.

Duplication of business activities.

Buy Now
Questions 86

According to Maslow ' s hierarchy of needs theory, which of the following best describes a strategy where a manager offers an assignment to a subordinate specifically to support his professional growth and future advancement^

Options:

A.

Esteem by colleagues.

B.

Self-fulfillment.

C.

Sense of belonging in the organization

D.

Job security.

Buy Now
Questions 87

According to IIA guidance, which of the following statements about analytical procedures is true?

Options:

A.

Analytical procedures compare information against expectations

B.

Analytical procedures begin after the engagements planning phase.

C.

Analytical procedures provide internal auditors with explainable results.

D.

Analytical procedures are computer-assisted audit techniques

Buy Now
Questions 88

Which of the following statements is true regarding engagement planning?

Options:

A.

The engagement objectives are the boundaries for the engagement, which outline what will be included in the review

B.

The risk-based objectives of the engagement can be determined once the scope of the engagement has been formed

C.

For a consulting engagement, planning typically occurs after the engagement objectives and scope have already been determined

D.

For an assurance engagement, once the scope is established and testing has begun, the scope cannot be modified.

Buy Now
Questions 89

An engagement supervisor reviewed a staff internal auditor ' s documentation and noted that several edits should be made. The internal audit activity uses an electronic workpaper database and does not maintain paper files for its system of record. A system error prevents the engagement supervisor from adding her electronic signature to any workpaper in the database Given this situation which is the most appropriate response to provide evidence of supervisory review?

Options:

A.

The engagement supervisor should print sign and date each workpaper after the review is complete and scan the document into the database as evidence of review

B.

Because the engagement supervisor called the help desk to correct the IT problem, he should upload the support-request ticket from the help desk to serve as evidence of the review

C.

The engagement supervisor should ask another manager-level internal auditor not associated with the project to sign the workpaper on his behalf

D.

The engagement supervisor should instruct the staff internal auditor to add a note in the workpaper on his behalf indicating that the workpaper was reviewed and feedback was provided

Buy Now
Questions 90

Applying ISO 31000; which of the following is part of the external context for risk management?

Options:

A.

Risk treatment method based on risk evaluation.

B.

Organizational culture, objectives, and processes.

C.

The regulatory and competitive environment.

D.

The method of determining the risk level

Buy Now
Questions 91

Which of the following statements about assurance maps is correct?

Options:

A.

An assurance map is used by the chief audit executive to coordinate assurance activities with other internal and external assurance providers

B.

An assurance map is a picture of all assurance engagements performed by the internal audit activity across the organization

C.

An assurance map is used by the engagement supervisor to coordinate the roles of various internal audit team members assigned to assurance engagements

D.

An assurance map lists the procedures and testing activities performed by an internal audit team during an assurance engagement

Buy Now
Questions 92

Which of the following is an advantage of an internal audit activity coordinating with a management-defined risk universe?

Options:

A.

Increased completeness, including risk categories like political, supplier, and social media.

B.

Business managers can identify and assess risks that occur within each category.

C.

The internal audit activity can rely on management ' s risk assessment.

D.

Organizationwide audits are required since risk events within categories occur in many different ways.

Buy Now
Questions 93

During audit engagement planning, an internal auditor is determining the best approach for leveraging computer-assisted audit techniques (CAATs). Which of the following approaches maximizes the use of CAATs and why?

Options:

A.

Tracing, because it would enable the auditor to verify quickly that the record counts were properly included in the compilation.

B.

Inspection, because it would enable the auditor to verify how management enters the data into the application for processing.

C.

Testing data, because it would enable the auditor to ensure that the application processes the transaction as described by management.

D.

Reperformance, because it enables the auditor to verify that the application performed the calculation correctly.

Buy Now
Questions 94

The final engagement communication contains the following observation:

The internal auditor discovered that three of the 10 contracts reviewed failed to meet the organization ' s competitive bidding requirements Management explained that senior management deemed these purchases to be critical and awarded them as sole-source. "

Which of the following components is missing in the documentation of the observation?

Options:

A.

Criteria.

B.

Effect

C.

Condition

D.

Cause

Buy Now
Questions 95

According to IIA guidance, which of the following objectives was most likely formulated for a non-assurance engagement?

Options:

A.

The internal audit activity will assess the effects of changes in maintenance strategy on the availability of production equipment

B.

The internal audit activity will inform management on the possible risks of moving the data warehouse to a cloud server maintained by a third party.

C.

The internal audit activity will ascertain whether the data center security arrangements are compliant with agreed terms

D.

The internal audit activity will ensure equipment downtime risks have been managed in accordance with the internal policy.

Buy Now
Questions 96

An organization must maintain a current ratio of at least 1.2 to comply with debt covenants. Its current ratio is now 0.9. Which year-end transaction can increase the current ratio?

Options:

A.

Paying off an overdraft debt using funds from another bank current account.

B.

Purchasing inventory using funds from long-term bank loans.

C.

Acquiring a new car through leasing.

D.

Factoring short-term accounts receivable in exchange for cash.

Buy Now
Questions 97

An internal auditor was reviewing the procurement department ' s tender documentation for completeness He documented all discrepancies but the procurement manager disagreed with his findings Upon further review, the internal auditor noted that all discrepancies had been corrected in the tender database. Which of the following courses of action would have prevented this situation?

Options:

A.

The auditor should have ensured the preservation of audit evidence by taking screenshots or extracting tender documents

B.

The auditor should have extracted a list of logs and identified any actions that were executed in the database during the audit

C.

The auditor should have instructed procurement workers that changes to the database during the course of the audit were strictly forbidden

D.

The internal auditor should have created a more thorough work program, which would address audit criteria and potential causes in more detail

Buy Now
Questions 98

An internal auditor is examining the organization ' s internal control processes. Which of the following would the auditor do to test the reliability of a customer database1?

Options:

A.

Perform a site visit to see whether the organization ' s servers are operational

B.

Interview end users to determine whether they understand how to use the database information

C.

Determine whether policies are in place on how to use the database information

D.

Review for indications of potential issues with the database information

Buy Now
Questions 99

When addressing the excessive overtime being paid lo employees in an organization ' s customer service call center, which of the following would be most relevant for the internal auditor to use?

1 Confirmation.

2. Trend analysis.

3 External benchmarking

4. Internal benchmarking

Options:

A.

1.2 and 3

B.

1.2. and 4.

C.

1.3. and 4.

D.

2. 3. and 4.

Buy Now
Questions 100

During an engagement in one of the subsidiaries of an organization, an internal auditor noted the following in the workpapers:

" As a subsidiary of a multinational organization in this particular country, the entity is required to register annually with the

respective ministry. However, the subsidiary did not submit the required documentation for registration during the prior year. Failure

to comply with internal and external regulations could lead to penalties or fines from the respective authorities. It is recommended

that the management of the subsidiary ensures compliance with the relevant legislation. As a recoverable action, management

should register the subsidiary in the current year as soon as possible. "

What part of this narrative represents a condition of the observation made by auditors in the final report?

Options:

A.

" ... the subsidiary did not submit required documentation for registration in the prior year. "

B.

" ... the entity is required to register annually with the respective ministry. "

C.

" ... failure to comply with internal and external regulations might lead to penalties or fines from the respective authorities. "

D.

" ... management should register the subsidiary in the current year as soon as possible. "

Buy Now
Questions 101

The internal audit activity has adopted the balanced scorecard approach to assess its performance According to MA guidance which of the following is a key performance indicator relevant to the audit client?

Options:

A.

Percentage of recommendations implemented by corrective action date

B.

Staff experience

C.

Percentage of planned audits completed

D.

Conformance with the International Professional Practices Framework

Buy Now
Questions 102

An internal audit manager assigns an audit team to test purchase transactions by selecting a sample from transactions processed by each of the three procurement officers.

Which of the following techniques will help the audit team achieve this sampling objective?

Options:

A.

Systematic sampling.

B.

Stratified sampling.

C.

Stop-or-go sampling

D.

Discovery sampling.

Buy Now
Questions 103

When using cost-volume-profit analysis, which of the following will increase operating income once the break-even point has been reached?

Options:

A.

Fixed costs per unit for each additional unit sold.

B.

Variable costs per unit for each additional unit sold.

C.

Contribution margin per unit for each additional unit sold.

D.

Gross margin per unit for each additional unit sold

Buy Now
Questions 104

Which of the following methodologies consists of the internal auditor holding individual meetings with different people, asking them the same questions, and aggregating the results?

Options:

A.

Facilitated workshops.

B.

Surveys.

C.

Structured interviews.

D.

Elicitation.

Buy Now
Questions 105

Which of the following is an effective approach for internal auditors to take to improve collaboration with audit clients during an engagement?

1. Obtain control concerns from the client before the audit begins so the internal auditor can tailor the scope accordingly.

2. Discuss the engagement plan with the client so the client can understand the reasoning behind the approach.

3. Review test criteria and procedures where the client expresses concerns about the type of tests to be conducted.

4. Provide all observations at the end of the audit to ensure the client is in agreement with the facts before publishing the report.

Options:

A.

1 and 2 only

B.

1 and 4 only

C.

2 and 3 only

D.

3 and 4 only

Buy Now
Questions 106

An internal auditor is preparing for an auditor of newly implemented software that is used by 3,000 employees in South America and Europe. What would be the best way for the auditor to gather relevant feedback?

Options:

A.

interview IT management in both regions

B.

Inspect regional user software training records

C.

Interview propel management and the vendor responsible for implementation

D.

Distribute surveys to software users in both regions

Buy Now
Questions 107

A manager has allowed a subordinate employee to have greater control and responsibility over the tasks that he performs This is an example of which of the following?

Options:

A.

Job enlargement

B.

Job enrichment

C.

Horizontal loading of the job.

D.

Job rotation.

Buy Now
Questions 108

According to IIA guidance, which of the following statements regarding the internal audit charter is true?

Options:

A.

The nature of consulting services typically is not included in the charter.

B.

The chief audit executive must formally review the charter at least once a year

C.

The nature of assurances provided to parties outside of the organization typically is not included in the charter.

D.

The charter typically defines the internal audit activity’s position within the organization.

Buy Now
Questions 109

Which of the following is most likely the subject of a periodic report from the chief audit executive to the board?

Options:

A.

A complete, accurate, and comprehensive account of engagement observations and recommendations.

B.

Oversight of the coordination between the internal audit activity and independent outside auditors

C.

The internal audit activity ' s purpose, authority, responsibility, and performance relative to plan.

D.

Management ' s assertions regarding the system of internal controls.

Buy Now
Questions 110

Which of the following best describes external benchmarking using trend analysis for a subsidiary of an international company?

Options:

A.

Comparing the current ratio of the subsidiary with the current ratio of another company for the same period

B.

Comparing common-size financial statements of the subsidiary with the averages of the industry for the last two periods

C.

Comparing the sales of the subsidiary with the sales of another subsidiary for the last two periods.

D.

Comparing the sales of the subsidiary with the budgeted figures for the last two periods

Buy Now
Questions 111

A manufacturer is under contract to produce and deliver a number of aircraft to a major airline. As part of the contract, the manufacturer is also providing training to the airline ' s pilots. At the time of the audit, the delivery of the aircraft had fallen substantially behind schedule while the training had already been completed. If half of the aircraft under contract have been delivered, which of the following should the internal auditor expect to be accounted for in the general ledger?

Options:

A.

Training costs allocated to the number of aircraft delivered, and the cost of actual production hours completed to date.

B.

All completed training costs, and the cost of actual production hours completed to date.

C.

Training costs allocated to the number of aircraft delivered, and 50% of contracted production costs.

D.

All completed training costs, and 50% of the contracted production costs.

Buy Now
Questions 112

Which of the following sources of audit evidence is most reliable?

Options:

A.

Evidence obtained directly from an untested third party.

B.

Uncorroborated audit evidence obtained indirectly from an employee.

C.

Undocumented audit evidence obtained directly from a manager.

D.

Timely audit evidence obtained directly from a customer.

Buy Now
Questions 113

For which of the following fraud engagement activities would it be most appropriate to involve a forensic auditor?

Options:

A.

Independently evaluating conflicts of interests.

B.

Assessing contracts for relevant terms and conditions.

C.

Performing statistical analysis for data anomalies.

D.

Preparing evidentiary documentation.

Buy Now
Questions 114

In an assurance engagement focused on the adequacy of organizationwide risk management practices, which of the following best describes a primary area of interest for the engagement?

Options:

A.

The effectiveness of process-level and transaction-level controls.

B.

Conflicts of interest within the organizational structure of the senior management.

C.

The alignment of management decisions with the level of risk the organization is willing to accept.

D.

The actions of upper management in response to the internal audit acth/lty ' s reporting

Buy Now
Questions 115

Acceding to IIA guidance, when of the Mowing is an assurance service commonly performed by the internal audit activity?

Options:

A.

Proposing fine item recommendation lot the annual financial budget of the accounting department

B.

Making recommendations regarding financial approval authority limits for the operations department

C.

Validating whether employees are following established policies and procedures in the procurement department

D.

Generating expense report metrics for employees in the finance department

Buy Now
Questions 116

Which of the following is one of the differences between probability-proportional-to-size (PPS) and attribute sampling?

Options:

A.

PPS sampling s used to reach conclusions regarding monetary amounts, attribute sampling is not.

B.

PPS sampling is used to roach conclusions regarding rates of occurrence, attribute sampling is not.

C.

PPS sampling a applied within the context of testing controls attribute sampling s not.

D.

Attribute sampling is affected by the monetary book value of the population PPS sampling is not

Buy Now
Questions 117

According to IIA guidance,which of the following is true about the supervising internal auditor ' s review notes?

• They are discussed with management prior to finalizing the audit.

• They may be discarded after working papers are amended as appropriate.

• They are created by the auditor to support her fieldwork in case of questions.

• They are not required to support observations issued in the audit report.

Options:

A.

1 and 3 only

B.

1 and 4 only

C.

2 and 3 only

D.

2 and 4 only

Buy Now
Questions 118

In a health care organization the internal audit activity provides overall assurance on governance, risk and control The chief audit executive advises and influences senior management, and the audit strategy leverages the organization ' s management of risk According to HA guidance which of the following stages of internal audit maturity best describes this organization?

Options:

A.

Infrastructure.

B.

Emerging.

C.

Managed.

D.

Initial.

Buy Now
Questions 119

Considering the five-attribute approach to documenting deficiencies in an area under review which of the following answers the question. " What should be in place?’’

Options:

A.

Action plan

B.

Recommendation

C.

Condition

D.

Criteria

Buy Now
Questions 120

According to IIA guidance, which of the following is true when the internal audit activity is asked to investigate potential ethics violations in a foreign subsidiary?

Options:

A.

Communication of any internal ethics violations to external parties may occur with appropriate safeguards.

B.

Cultural impacts are less critical where the organization practices uniform polices around the globe.

C.

Cross-cultural differences should always be handled by the staff of the same cultural background.

D.

Local law enforcement should be involved as they are more familiar with the applicable local laws.

Buy Now
Questions 121

While reviewing engagement workpapers prepared by an internal audit team, the engagement supervisor identifies instances where there is no direct connection between certain workpapers and the engagement objectives. How should the engagement supervisor respond?

Options:

A.

Request that the internal auditors remove irrelevant workpapers from the records.

B.

Sign off on all workpapers, and arrange the documentation from most relevant to least relevant.

C.

Ensure that the final audit report indicates that the initial engagement objectives were expanded.

D.

Expand the scope of the audit and include the additional documentation.

Buy Now
Questions 122

While conducting a review of the logistics department the internal audit team identified a crucial control weakness. The chief audit executive (CAE) decided to prepare an audit memorandum for management of the logistics department followed by an informal meeting What is the most likely reason the CAE decided to prepare the audit memorandum?

Options:

A.

To report up-to-date audit progress to management

B.

To ensure that the internal audit team and the CAE are aligned with regard to the identified weakness

C.

To allow management to address the identified weakness timely

D.

To obtain management ' s agreement with regard to the identified weakness

Buy Now
Questions 123

A toy manufacturer receives certain components from an overseas supplier and uses them to assemble final products Recently quality reviews have identified numerous issues regarding the components ' compliance with mandatory quality standards. Which type of engagement would be most appropriate to assess the root causes of the quality issues?

Options:

A.

A risk assessment

B.

An operational audit

C.

A third-party audit

D.

A fraud investigation

Buy Now
Questions 124

Which of the following is the primary engagement responsibility of an entry-level internal auditor?

Options:

A.

Leadership

B.

Documentation.

C.

Analysis.

D.

Reporting

Buy Now
Questions 125

Which is the most appropriate evaluation criterion regarding the quality of audit engagement workpapers?

Options:

A.

Every workpaper should provide reasonable evidence of work conducted.

B.

Every workpaper should result in appropriately worded audit findings.

C.

Every workpaper should include a conclusion regarding the likelihood of fraud.

D.

Every workpaper should be approved by the engagement client.

Buy Now
Questions 126

According to IIA guidance, organizations have the most influence on which element of fraud?

Options:

A.

Opportunity.

B.

Rationalization.

C.

Pressure.

D.

Incentives.

Buy Now
Questions 127

When is an organic organizational structure likely to be more successful than a mechanistic organizational structure?

Options:

A.

When a manufacturing organization has stable demand for its products.

B.

When an organization is subjected to strong political and social pressures

C.

When a manufacturer has reliable resources and suppliers.

D.

When an organization is infrequently affected by technological advances

Buy Now
Questions 128

Which of the following statements is true regarding the final assurance engagement report issued to management?

Options:

A.

Ratings are only used to assess the condition of an observation made by an internal auditor.

B.

Audit findings may be communicated to management prior to issuance of the final approved audit report.

C.

Communications must be relevant logical, and free from errors before they are disseminated.

D.

The audit report must present the information in the following order (1) audit scope, (2) engagement objectives, and (3) engagement results

Buy Now
Questions 129

An internal auditor determined that the organization ' s accounting system was designed to reject duplicate invoices if they were issued with identical invoice numbers. However, if an invoice number was changed by at least one digit, the system would accept the duplicate invoice as new. Which of the following would be the most appropriate criteria to refer to in the audit observation?

Options:

A.

Each invoice for goods or services acquired by the organization must be recorded only once in the accounting system.

B.

The accounting system lacks efficient controls for the identification of duplicate invoices.

C.

Disbursements may be made inappropriately, and liabilities may be overstated.

D.

The accounting system is at the end of its lifetime and is no longer developed by the provider.

Buy Now
Questions 130

Which of the following should an internal auditor document to support an assurance engagement’s conclusions?

Options:

A.

Evidence of all data used in an engagement

B.

Internal audit policies and workpaper templates

C.

Workpapers, cross-referenced to audit observations

D.

Satisfaction ratings from management of the area under review

Buy Now
Questions 131

When developing the scope of an audit engagement, which of the following would the internal auditor typically not need to consider?

Options:

A.

The need and availability of automated support.

B.

The potential impact of key risks.

C.

The expected outcomes and deliverables.

D.

The operational and geographic boundaries.

Buy Now
Questions 132

During which phase of the contracting process are contracts drafted for a proposed business activity’

Options:

A.

Initiation phase.

B.

Bidding phase.

C.

Development phase.

D.

Management phase

Buy Now
Questions 133

A regional entertainment organization is in the process of developing a corporate social responsibility (CSR) policy. Management invites ideas from employees when developing the CSR policy Which of the following is the most appropriate idea to include?

Options:

A.

Management has overall responsibility for the effectiveness of governance, risk management, and internal control processes associated with CSR.

B.

The board Is responsible for ensuring that CSR objectives are established, risks are managed, performance is measured, and activities are appropriately monitored and reported

C.

Management is responsible for ensuring that the organization ' s CSR principles are communicated, understood, and integrated into decision-making processes.

D.

Generally, CSR activities are limited to the management of the organization, thus, employees do not have a responsibility for ensuring the success of CSR objectives.

Buy Now
Questions 134

Management requested internal audit consulting services. During fieldwork significant control issues were identified by the internal audit team. Which of the following is an appropriate response from the chief audit executive?

Options:

A.

End the consulting engagement and report the results to management as planned

B.

Report the significant control issues to senior management and the board and recommend corrective action

C.

Mutually agree with the engagement client on corrective actions

D.

Focus on the consulting engagement and schedule an assurance engagement next to address the control issues

Buy Now
Questions 135

Which of the following approaches would best help an internal auditor determine whether a retailer database of 100,000 customers has nay duplicate accounts?

Options:

A.

Stratifying the customer information

B.

Extracting the customer information

C.

Filtering the customer information

D.

Sorting the customer information

Buy Now
Questions 136

Which of the following activities demonstrates an example of the chief audit executive performing residual risk assessment?

Options:

A.

Cost-benefit analysis of management not implementing a recommendation to address an observation.

B.

Inquiry of corrective action to be completed within a certain period

C.

Reporting the status of every observation for every engagement in a detailed manner.

D.

Soliciting management ' s feedback after completion of the audit engagement.

Buy Now
Questions 137

A multinational organization has multiple divisions that sell their products internally to other divisions When selling internally, which of the following transfer prices would lead to the best decisions for the organization?

Options:

A.

Full cost

B.

Full cost plus a markup.

C.

Market price of the product.

D.

Variable cost plus a markup.

Buy Now
Questions 138

An organization ' s health-care insurance costs have been rising approximately 10 percent per year for several years Which of the following analytical review procedures would best evaluate the reasonableness of the increase in health-care costs?

Options:

A.

Develop a comparison of the costs incurred with similar costs incurred by other organizations

B.

Obtain the government index of health-care costs for the comparable period of time and compare the rate of increase with that of the cost per employee incurred by the organization.

C.

Obtain a bid from another health-care administrator to provide the same administrative services as the current health-care administrator.

D.

Review all claims and compare with appropriate procedures to ensure that overpayments have not occurred

Buy Now
Questions 139

The internal audit function is in the fieldwork stage of the annual staff performance appraisal assurance engagement. A new auditor is hired and added to the engagement team. The auditor reviews the engagement work program with another member of the team and suggests improvements to make the fieldwork easier to complete. What action should be taken next?

Options:

A.

Refer the suggested changes to the engagement supervisor for approval.

B.

Note the suggested changes to be included in next year’s engagement program.

C.

Update the engagement work program with the suggested changes.

D.

No action is required as the work program has been approved and is underway.

Buy Now
Questions 140

Some lime after the final audit report was issued, the engagement supervisor teamed that several internal control deficiencies were not remedied, despite management ' s previous agreement to remedy them According to IIA guidance, which of the following is the most appropriate response ' 5

Options:

A.

The engagement supervisor must notify the chief audit executive (CAE) that the deficiencies have not been rectified

B.

The engagement supervisor should rely on professional judgment as to whether the CAE should be informed, or the management action plan should be adjusted

C.

The engagement supervisor should rely on his negotiation skills and issue an ultimatum to management to remedy the control deficiencies

D.

Ensure that these deficiencies are captured in the documentation as high-priority areas to be reviewed during the next audit.

Buy Now
Questions 141

Which of the following activities Is most likely to require a fraud specialist to supplement the knowledge and skills of the internal audit activity?

Options:

A.

Planning an engagement of the area in which fraud is suspected.

B.

Employing audit tests to detect fraud

C.

Interrogating a suspected fraudster.

D.

Completing a process review to improve controls to prevent fraud.

Buy Now
Questions 142

Two internal auditors are conducting an audit engagement concerning derivatives. The auditors meet with the organization ' s head of accounting. The head of accounting later complains to the chief audit executive (CAE) that it took hours for the auditors to understand basic derivatives concepts and how derivatives are typically recorded in bookkeeping. What should the CAE have considered more thoroughly?

Options:

A.

The engagement objectives.

B.

The head of accounting’s schedule availability.

C.

The auditors ' qualifications.

D.

The details of the audit test plan.

Buy Now
Questions 143

Which of the following is true regarding the monitoring of internal audit activities?

Options:

A.

The form and content of monitoring policies could vary by industry

B.

The board of directors is responsible for the establishment of monitoring polities

C.

Both large and small audit departments must have written policies on monitoring.

D.

The chief audit executive must develop all monitoring policies related to the activity

Buy Now
Questions 144

According to IIA guidance, which of the following actions by the chief audit executive would best ensure that internal auditors demonstrate due professional care?

Options:

A.

Developing policies and procedures for the internal audit activity

B.

Ensuring the internal audit activity is not found fallible during audit engagements.

C.

Undertaking all engagements that management requests of the internal audit activity.

D.

Ensuring the internal audit activity reports functionally to the board of directors

Buy Now
Questions 145

According to an internal audit observation, the organization’s rules of record management require all contracts to be registered and stored in a specific electronic system. One subsidiary has thousands of client contracts on paper, which are kept in the office because there are not enough assistants to scan the contracts into the system. Which of the following component should be added to this observation?

Options:

A.

Criteria

B.

Cause

C.

Effect

D.

Condition

Buy Now
Questions 146

Which of the following is the most appropriate objective for establishing a professional development plan for the internal audit activity?

Options:

A.

A plan that focuses on furthering the independence of the internal audit activity.

B.

A plan that ensures internal auditors collectively possess expertise in various fields to avoid outsourcing.

C.

A plan based on individual preferences and proposals, which helps internal auditors achieve greater success.

D.

A plan that focuses on filling gaps in the current skills needed to complete audit objectives.

Buy Now
Questions 147

An internal auditor is performing testing to gather evidence regarding an organization ' s inventory account balance and is mindful of the possibility that the sample used might support the conclusion that the recorded account balance is not materially misstated when, in fact, it is The auditor ' s concern best describes which of the following risks?

Options:

A.

Incorrect rejection risk.

B.

Incorrect acceptance risk.

C.

Tolerable misstatement risk

D.

Anticipated misstatement risk

Buy Now
Questions 148

A newly appointed chief audit executive (CAE) started analyzing the organization ' s policies in an attempt to customize them to address internal audit specifics. Which of the following organizationwide practices is most likely to be acceptable to the CAE?

Options:

A.

Internal auditors ' performance evaluation is primarily based on both client satisfaction surveys and cost savings identified from the audits

B.

Standard training for each employee, including internal auditors, is 10 hours per year.

C.

To enhance efficiency, Internal auditors should not be rotated regularly among engagements

D.

Hiring practices include requiring potential auditors to disclose any significant stock ownership in the organization.

Buy Now
Questions 149

According to IIA guidance which of the following statements is true regarding the annual audit plan?

Options:

A.

The annual audit plan should only be adjusted in response to problems with resourcing, scope, and data availability.

B.

The chief audit executive (CAE) may incorporate risk information, including risk appetite levels from management for the audit plan at her discretion.

C.

In an immature risk management environment it is preferable for the CAE to rely solely on her judgment regarding risk identification and assessment to develop the audit plan.

D.

The CAE may make adjustments to the annual audit plan as needed without senior management or board approval.

Buy Now
Questions 150

Which of the following represents a ratio that measures short term debt-paying ability?

Options:

A.

Debt-to-equity ratio.

B.

Profit margin.

C.

Current ratio.

D.

Times interest earned.

Buy Now
Questions 151

Which of the following best illustrates the primary focus of a risk-based approach to control self-assessment?

Options:

A.

To evaluate controls regarding the computer security of an oil refinery.

B.

To examine the processes involved in exploring, developing, and operating a gold mine.

C.

To assess the likelihood and impact of events associated with operating a finished goods warehouse.

D.

To link a financial institution ' s business objectives to a work unit responsible for the associated risk.

Buy Now
Questions 152

Which of the following statements is true regarding engagement planning?

Options:

A.

The scope of the engagement should be planned according to the internal audit activity’s budget and then aligned to the risk universe.

B.

The audit engagement objectives should be based on operational management ' s view of risk objectives.

C.

The planning phase of the engagement should be completed and approved before the fieldwork of the engagement begins.

D.

The main purpose of the engagement work program is to determine the nature and timing of procedures required to gather audit evidence.

Buy Now
Questions 153

Which of the following actions would an internal auditor perform primarily during a consulting engagement of a debt collections process?

Options:

A.

Reviewing journal entries for accuracy and completeness.

B.

Comparing the policies and procedures to regulatory collections guidance.

C.

Advising management on streamlining the recording of accounts receivable.

D.

Performing a walk-through of the debt collections process to determine whether proper segregation of duties exists

Buy Now
Questions 154

An internal audit activity plans its engagements based on an organization-wide risk assessment. According to IIA guidance, which of the following statements is true regarding the required frequency of the risk assessment?

Options:

A.

The risk assessment must be performed at least quarterly.

B.

The risk assessment must be performed at least annually.

C.

The risk assessment must be performed at least once every five years, in alignment with the internal audit activity ' s quality assurance and improvement program.

D.

There is no specific requirement; a risk assessment should be performed as needed to account for changes in the business environment.

Buy Now
Questions 155

According to IIA guidance, which of the following would not be a consideration for the internal audit activity (IAA) when determining the need to follow-up on recommendations?

Options:

A.

Degree of effort and cost needed to correct the reported condition.

B.

Complexity of the corrective action.

C.

Impact that may result should the corrective action fail.

D.

Amount of resources required to conduct the follow-up activities.

Buy Now
Questions 156

According to ISO 31000, which of the following statements is correct?

Options:

A.

The board is responsible for setting the organizational attitude through tone at the top.

B.

The internal audit activity will provide assurance over operating effectiveness but not over the design of risk management activities

C.

The internal audit activity can give objective assurance on any part of the risk management framework for which it is responsible.

D.

The framework is designed to be effective for organizations no matter how small.

Buy Now
Questions 157

During an audit, the chief audit executive reviews and approves changes to the audit program. Which of the following describes this activity?

Options:

A.

Engagement reporting

B.

Continuous monitoring

C.

Engagement supervision

D.

Engagement risk assessment

Buy Now
Questions 158

Which of the following internal control attributes should internal auditors consider testing during a review of the board of directors?

Options:

A.

The presence of an independent critical mass

B.

The established philosophy and operating style of senior management

C.

The articulated internal control objectives of the organization

D.

The organization ' s employee recruiting and retention policies

Buy Now
Questions 159

Which of the following is an example of a properly supervised engagement?

Options:

A.

Auditors are asked to keep a daily record of their activity for review by the auditor in charge following the engagement.

B.

The senior internal auditor requires each auditor to review and initial colleagues ' workpapers for completeness and format.

C.

A new internal auditor is accompanied by an experienced auditor during a highly sensitive fraud investigation.

D.

The auditor in charge provides reasonable assurance that engagement objectives were met.

Buy Now
Questions 160

The internal auditor and her supervisor are in dispute about a risk that was not tested during an audit of the procurement function. Which of the following tools would best support the auditor ' s decision not to test the risk?

Options:

A.

A spaghetti map

B.

A heat map.

C.

A process map

D.

An assurance map

Buy Now
Questions 161

An organization owns vehicles that are kept off-site by employees to pick up and deliver orders. An internal auditor selects a specific vehicle from the fixed asset register for

testing. Which of the following would best provide sufficient, indirect evidence for the auditor to confirm the existence of the vehicle?

Options:

A.

Review logs of the vehicles assigned to employees for the delivery of goods during the engagement period.

B.

Visit the home address of the specific employee to see the selected vehicle.

C.

Compare the registered details of the vehicle in the fixed asset register to a date-stamped photograph of the vehicle.

D.

Seek independent confirmation of the vehicle ' s details from one of the delivery employees.

Buy Now
Questions 162

An internal auditor used a risk and control matrix to prepare a work program for testing a software release. During the engagement planning stage, he tested the design of

the release procedure as a key control and concluded that the control was not designed well. During the performance stage, he tested the operation of this control and

concluded that it was implemented as designed. Which of the following statements is true regarding this scenario?

Options:

A.

The test of the control design should have occurred at the performance stage.

B.

The test of the operating effectiveness of the control was not necessary.

C.

A risk and control matrix is not appropriate for this type of engagement.

D.

The test of the operating effectiveness of the control should have occurred at the planning stage.

Buy Now
Questions 163

Which of the following conditions are necessary for successful change management?

1. Decisions and necessary actions are taken promptly.

2. The traditions of the organization are respected.

3. Changes result in improvement or reform.

4. Internal and external communications are controlled.

Options:

A.

1 and 2

B.

1 and 3

C.

2 and 3

D.

2 and 4

Buy Now
Questions 164

During an audit of the accounts payable process, an internal auditor was assigned to confirm the quantity of goods received on receiving documents to invoices for those goods and subsequent postings in the accounting system. Which of the following procedures would be most appropriate for this test?

Options:

A.

Independent confirmation

B.

Tracing

C.

Vouching

D.

Reperformance

Buy Now
Questions 165

During follow-up, the chief audit executive (CAE) is having a discussion with management about the internal audit team ' s recommendations related to a significant issue Management accepted the issue but took no remedial action What is the next step for the CAE?

Options:

A.

The CAE should reassess and validate the risk tolerance policy

B.

The CAE should escalate the issue to senior management .

C.

The CAE should reiterate the internal audit team ' s recommendations to management .

D.

The CAE should grant management more time to implement the recommendation and check the status of the issue during the next scheduled follow-up.

Buy Now
Questions 166

An internal auditor completed a consulting engagement covering a recent advertising campaign. The audit client asked the auditor to forward a copy of the report to one of the three advertising agencies used by the organization. According to IIA guidance, which of the following statements is true regarding this request?

Options:

A.

The internal auditor may communicate the results to the advertising agency as instructed by the audit client, with approval from the chief audit executive.

B.

The internal auditor may not communicate the results to this external party regardless of the engagement client ' s instruction.

C.

The internal auditor may send the report and is required to include instructions for the advertising agency to limit further distribution and the use of results.

D.

The internal auditor may only communicate the results verbally to the advertising agency and should not provide a hard copy.

Buy Now
Questions 167

An internal auditor notes that employees continue to violate segregation-of-duty controls in several areas of the finance department, despite previous audit recommendations. Which of the following recommendations is the most appropriate to address this concern?

Options:

A.

Recommend additional segregation-of-duty reviews.

B.

Recommend appropriate awareness training for all finance department staff.

C.

Recommend rotating finance staff in this area.

D.

Recommend that management address these concerns immediately.

Buy Now
Questions 168

Which of the following is one of the five basic tnanoal statement assertions when an internal auditor evaluates controls over financial reporting?

Options:

A.

Reliability or appropriateness

B.

Reasonableness

C.

Existence or occurrence

D.

Relevance

Buy Now
Questions 169

The chief audit executive (CAE) for a manufacturing company included in this year s audit plan a review of the company ' s laboratory, using an experienced external service provider. The audit plan was approved by the audit committee without any changes At the time of engaging the external service provider, the CAE also secured the approval from the CEO. Who is responsible for ensuring that the conclusions reached for this exercise are adequately supported7

Options:

A.

Audit committee

B.

CEO

C.

CAE.

D.

External service provider

Buy Now
Questions 170

While planning for an accounts payable audit an internal auditor performs an entity level controls analysis. Which of the following statements is true regarding me approach used by the auditor?

Options:

A.

It enables the auditor to identify the inherent risks to the effective operation of accounts payable process controls.

B.

It enables the auditor to understand the framework of the activities and associated accounts payable subprocesses

C.

it enables the auditor to understand the accounts payable process and its flow, including key steps and systems.

D.

It enables the auditor to categorize the population of transactions within the accounts payable process

Buy Now
Questions 171

Internal audit staff lacks the expertise to perform a fraud investigation engagement stemming from a whistleblowing incident. Which of the following is the most appropriate

option for the chief audit executive?

Options:

A.

Appoint an independent fraud investigation specialist to work with the selected internal auditors.

B.

Organize in-house fraud investigation training sessions for selected internal auditors.

C.

Assign an experienced auditor to the engagement for a development opportunity.

D.

Hire a new internal auditor who possesses fraud investigation experience.

Buy Now
Questions 172

The newly appointed chief audit executive (CAE) of a large multinational corporation, with seasoned internal audit departments located around the world, is reviewing responsibilities for engagement reports. According to IIA guidance, which of the following statements is true?

Options:

A.

The CAE is required to review, approve, and sign every engagement report.

B.

The CAE is required to review, approve, and sign all regulatory compliance engagement reports only

C.

The CAE may delegate responsibility for reviewing, approving and signing engagement reports, but should review the reports after they are issued.

D.

The internal audit charter must identify authorized signers of engagement reports.

Buy Now
Questions 173

Which of the following is not an outcome of control self-assessment?

Options:

A.

Informal, soft controls are omitted, and greater focus is placed on hard controls.

B.

The entire objectives-risks-controls infrastructure of an organization is subject to greater monitoring and continuous improvement.

C.

Internal auditors become involved in and knowledgeable about the self-assessment process.

D.

Nonaudit employees become experienced in assessing controls and associating control processes with managing risks.

Buy Now
Questions 174

An internal auditor finds inconsistencies in a risk area that needs immediate attention. Which of the following actions is most appropriate for the auditor?

Options:

A.

Prepare an action plan to address the inconsistencies

B.

Contact regulatory agencies to report the inconsistencies and recommended corrective actions

C.

Assess the risk of the inconsistencies against the organization ' s mission

D.

Issue an interim report to senior management

Buy Now
Questions 175

An internal auditor determines that certain information from the engagement results is not appropriate for disclosure to all report recipients because it is privileged. In this situation, which of the following actions would be most appropriate?

Options:

A.

Disclose the information in a separate report.

B.

Distribute the information in a confidential report to the board only

C.

Distribute the reports through the use of blind copies.

D.

Exclude the results from the report and verbally report the conditions to senior management and the board.

Buy Now
Questions 176

Which of the following would most likely be found in an organization that uses a decentralized organizational structure?

Options:

A.

There is a higher reliance on organizational culture

B.

There are clear expectations set for employees.

C.

There are electronic monitoring techniques employed

D.

There is a defined code for employee behavior

Buy Now
Questions 177

Which of the following actions should the chief audit executive take when senior management decides to accept risks by choosing to do business with a questionable vendor?

Options:

A.

Persuade senior management to take appropriate action.

B.

Cancel issuing the engagement report due to the assumed risks.

C.

Accept senior management’s assumption of the risks.

D.

Discuss the issue with the board for them to take appropriate action.

Buy Now
Questions 178

The internal audit activity is planning an assurance engagement for a foreign subsidiary. According to IIA guidance, which of the following would be included in the preliminary communication to management of the area under review?

Options:

A.

The scope of the engagement, the estimated time frame, and the names of the auditors.

B.

The estimated time frame, the names of the auditors, and the resources and travel budget.

C.

The names of the auditors, the resources and travel budget, and the scope of the engagement.

D.

The resources and travel budget, the scope of the engagement, and the estimated time frame.

Buy Now
Questions 179

An engagement work program o of greatest value to audit management when which of the following is true?

Options:

A.

The work program provides more detailed support for the audit report

B.

The work program helps determined the required amount of audit resources

C.

The work program helps ensure tie achievement of the engagement objectives

D.

The work program assists the auditor n developing and managing audit tests

Buy Now
Questions 180

Senior management requested that the internal audit activity perform a consulting project to assist in making a decision on a new software system. Which of the following would be used to determine the engagement objectives?

Options:

A.

An assessment of risks to the business objectives

B.

An understanding of the engagement client ' s expectations

C.

The probability of significant errors fraud or noncompliance

D.

Criteria previously established by the board

Buy Now
Questions 181

A chief audit executive assigns a team of three internal auditors to carry out an audit engagement to ascertain adherence to the requirements of the procurement policy. Which of the following should be included in the scope of this engagement?

Options:

A.

The sample size to be considered

B.

The inherent risks to be considered

C.

The audit procedures to be considered

D.

The sub-processes to be considered

Buy Now
Questions 182

New environmental regulations require the board to certify that the organization ' s reported pollutant emissions data is accurate. The chief audit executive (CAE) is planning an audit to provide assurance over the organization ' s compliance with the environmental regulations. Which of the following groups or individuals is most important for the CAE to consult to determine the scope of the audit?

Options:

A.

The audit committee of the board.

B.

The environmental, health, and safety manager.

C.

The organization ' s external environmental lawyers.

D.

The organization ' s insurance department.

Buy Now
Questions 183

Which phase of an audit engagement is typically the most effective time for an internal auditor to develop a risk and control matrix?

Options:

A.

When preparing to recap audit test results.

B.

At sample selection, to determine sampling methodology.

C.

At the start of fieldwork, as part of developing the annual audit plan.

D.

At planning, to assist in developing the engagement work program.

Buy Now
Questions 184

Following an IT systems audit, management agreed to implement a specific control in one of the IT systems. After a period, the internal auditor followed up and learned that management had not implemented the agreed management action due to the decision to move to another IT system that has built-in controls, which may address this risks highlighted by the Internal audit Which of the following Is the most appropriate action to address the outstanding audit recommendation?

Options:

A.

The auditor examines the system documentation of the new system to verify that the risk has been addressed in the new system, then reports to senior management the closure of the issue.

B.

The auditor accepts managements explanation that the previously identified issue is adequately addressed by the new IT system, as management understands the concern and is most knowledgeable about the new system, and closes the outstanding issue.

C.

The auditor advises management that replacing the IT system does not dismiss the prior obligation to implement the agreed action plan, and escalates the issue to senior management and the board.

D.

The auditor requires management to provide details regarding the process for selecting the new IT system and whether other systems were evaluated, and closure of the issue would depend on the new information provided.

Buy Now
Questions 185

Which of the following statements is true regarding the chief audit executive ' s (CAT$) responsibilities after completing an assurance or consulting engagement?

Options:

A.

The CAE must establish a follow-up process tor both assurance and consulting engagements to monitor that management actions have been effectively implemented to address observations

B.

The CAE must communicate the results of assurance and consulting engagements lo whoever can ensure that the results are given due consideration.

C.

The CAE must acknowledge satisfactory performance when communicating the results of assurance and consulting engagements

D.

The CAE may delegate the responsibility for communicating the results of consulting engagements although this responsibility cannot be delegated for assurance engagements

Buy Now
Questions 186

Which of the following is essential for ensuring that the internal audit activity’s findings and recommendations receive adequate consideration?

Options:

A.

Reporting results of audits with recommendations to management.

B.

Providing formal follow-up procedures to ensure that management complies with an action plan or accepted risk of not taking action.

C.

Reporting quarterly to management that the audit plan is focused on higher exposures of risk.

D.

Discussing audit findings with independent auditors.

Buy Now
Questions 187

When establishing a quality assurance and improvement program, the chief audit executive should ensure the program is designed to accomplish which of the following objectives?

1. Add value.

2. Improve operations.

3. Provide assurance that the internal audit activity conforms with the Standards.

4. Provide assurance that the internal audit activity conforms with the IIA Code of Ethics.

Options:

A.

1 only

B.

1 and 2 only

C.

1 and 3 only

D.

1, 2, 3, and 4

Buy Now
Questions 188

An organization experiencing staff shortages wants to contract a temporary employee to assist with work in the accounting office. Which of the following controls should be in place to ensure the temporary employee performs the assigned work before payment is issued?

Options:

A.

A three-way match between the invoice, purchase requisition, and documentation of receipt of services

B.

A member of management approves the purchase requisition before the temporary employee begins work

C.

A scope of work for the temporary employee is included in the purchase requisition and signed by the organization

D.

Payments to the vendor are analyzed monthly to ensure they do not exceed the amount approved on the purchase order

Buy Now
Questions 189

During the planning stage of an assurance engagement, an internal auditor has been assigned to prepare a risk matrix. Which of the following should the internal auditor consider when attempting to identify process-level risks?

Options:

A.

Possible tests

B.

Possible scenarios

C.

Possible controls

D.

Possible samples

Buy Now
Questions 190

An internal auditor recommended that an organization implement computerized controls in its sales system in order to prevent sales representatives from executing contracts in excess of their delegated authority levels A follow-up review found that the sales system had not been modified, but a process had been implemented to obtain written approval by the vice president of sales for all contracts in excess of S1 million The chief audit executive (CAE) would be justified in reporting this situation to the organization ' s board under which of the tollowing circumstances ' ?

1. In the opinion of the CAE the level of residual risk assumed by senior management is too high

2. Testing of compliance with the new process finds that all new contracts in excess of $1 million have been approved by the vice president of sales

3. The cost of modifying the sales system to include a preventive control is less than S100.000

Options:

A.

1 only

B.

3 only

C.

1 and 3 only

D.

1, 2, and3

Buy Now
Questions 191

Which of the following approaches to understanding business processes is conducted from a broad organizational perspective and has the greatest risk of overlooking processes that are ultimately critical?

Options:

A.

Process narrative.

B.

Process mapping.

C.

Bottom-up.

D.

Top-down.

Buy Now
Questions 192

Which of the following describes (he primary reason why a preliminary risk assessment is conducted during engagement planning?

Options:

A.

To identify the greatest risks organizationwide

B.

To ensure that the engagement work program covers all risk areas

C.

To ensure that risks identified during previous audits of the area have been adequately addressed

D.

To ensure that significant risks are included in the engagement scope

Buy Now
Questions 193

Which of the following best describes how an internal auditor would use a flowchart during engagement planning?

Options:

A.

To prepare for testing the effectiveness of controls

B.

To plan for evaluating potential losses

C.

To prepare a sampling plan for the engagement

D.

To evaluate the design of controls

Buy Now
Questions 194

An internal audit team leader is having difficulties completing the planning phase of an assurance engagement because the business unit lacks a system of internal controls. Which of the following is the most appropriate course of action for the internal audit team leader?

Options:

A.

Defer the engagement until a system of internal control has been established

B.

Change the scheduled engagement from assurance to consulting to help correct the shortcomings

C.

Add a consulting component to the already scheduled assurance engagement

D.

Seek the involvement of the external auditor to assist with improving the internal controls

Buy Now
Questions 195

An organization has a health and safety division that conducts audits to meet regulatory requirements. The chief health and safety officer reports directly to the CEO. Which of the following describes an appropriate role for the chief audit executive (CAE) with regard to the organization ' s health and safety program?

Options:

A.

The CAE has no role to play, because the chief health and safety officer reports to a senior executive.

B.

The CAE should coordinate with, and review the work of, the chief health and safety officer to gain an understanding of whether risks related to health and safety are managed properly.

C.

The CAE should give periodic reports directly to the regulator regarding health and safety issues, as it is the appropriate regulatory oversight body.

D.

The CAE should hire an independent external specialist to conduct an annual assessment and provide assurance over the effectiveness of the health and safety program and the reliability of its reports.

Buy Now
Questions 196

An internal auditor s examination of accounts receivable generates the following results:

IIA-CIA-Part2 Question 196

What is the projected misstatement for the population if ratio estimation is used?

Options:

A.

$84,000

B.

$238,095

C.

$700,000

D.

$2100.000

Buy Now
Questions 197

Which of the following factors should a chief audit executive consider when determining the audit universe?

1. Components of the organization ' s strategic plan.

2. Inputs from senior management and the board.

3. Views of competitors and business associates.

4. Results of exit interviews with departing employees.

Options:

A.

1 and 2 only

B.

2 and 4 only

C.

1, 2, and 4

D.

2, 3, and 4

Buy Now
Questions 198

An internal audit intends to create a risk and control matrix to better understand the organization ' s complex manufacturing process. With which of the following approaches would the auditor most likely start?

Options:

A.

Assess management responses to key risk exposures

B.

Analyze the costs and benefits of key controls

C.

Evaluate the design adequacy of known controls

D.

Conduct a walk-through of all related activates

Buy Now
Questions 199

When auditing an organization ' s purchasing function, which of the following appropriately matches an engagement objective and the resulting audit procedure?

Options:

A.

Determine whether the purchasing department complies with policy by examining a random selection of purchase orders.

B.

Evaluate whether purchasing requests are properly approved by authorized staff by obtaining independent verification from the vendors.

C.

Ascertain whether material receipts are recorded on a timely basis by reviewing physical inventory stock counts.

D.

Determine whether prices charged for goods received are correct by reviewing the appropriate accounts payable record by vendor.

Buy Now
Questions 200

Upon concluding the engagement fieldwork an internal auditor discusses the audit findings with operational management There is a greater likelihood that the auditor will obtain a responsive action plan from management when both parties agree on which of the following attributes of the audit finding?

Options:

A.

Criteria

B.

Condition

C.

Cause

D.

Effect

Buy Now
Questions 201

In which of the following situations would an internal control questionnaire best suit the internal auditor ' s purpose?

Options:

A.

The auditor wants to receive mid-level management insight on how to improve hiring practices

B.

The auditor wants to obtain information on whether adherence to approval matrices is actually taking place in different maintenance units.

C.

The auditor wants to gain assurance that inventory counts are conducted in accordance with established procedures.

D.

The auditor wants to assess whether different subsidiaries apply centrally established procurement rules in the same manner

Buy Now
Questions 202

To effectively communicate the acceptance of risk in an organization a chief audit executive must first consider which of the following?

Options:

A.

The organization ' s view on risk tolerance

B.

The organization ' s principal risk events.

C.

The organization ' s risk response strategies

D.

The organization ' s major control activities

Buy Now
Questions 203

An internal auditor is performing a review of an organization ' s vendor for any possible conflicts of interest. Which of the following would provide the greatest assistance to the auditor in meeting this objective?

Options:

A.

Vendor contracts.

B.

Employee master list.

C.

Payment records.

D.

Purchasing policy.

Buy Now
Questions 204

The organization’s internal audit charter was last updated six years ago to update the charter, which of the following actions is most appropriate for the chief audit executive to take?

Options:

A.

Wait for the next external assessment and address all of the missing information in the charter based on the recommendations from the external assessment team

B.

Perform a review of HA guidance to become acquainted with the latest mandatory elements prior to updating the charter

C.

Use an internal audit charter template from another organization that operates within the same industry.

D.

Identify an individual within the internal audit activity who has in-depth knowledge of mandatory IIA guidance elements to address any gaps or areas of the current version of the charter that could be improved

Buy Now
Questions 205

According to IIA guidance, which of the following is based on the results of a preliminary assessment of risks relevant to the area under review?

Options:

A.

Audit findings

B.

Audit resources

C.

Audit objectives

D.

Audit plan

Buy Now
Questions 206

A chief audit executive (CAE) identifies that the internal audit activity lacks a necessary skill to perform a management request for a consulting engagement. According to IIA guidance, which of the following Is the most appropriate action the CAE should take regarding the request?

Options:

A.

Assign the engagement to a more senior internal auditor.

B.

Decline the engagement request.

C.

Allow the internal auditors to acquire the needed skills while performing the engagement.

D.

Supervise the assigned internal auditors throughout the engagement.

Buy Now
Questions 207

Which of the following best describes how an internal auditor would use a flowchart during engagement planning?

Options:

A.

To prepare for testing the effectiveness of controls.

B.

To plan for evaluating potential losses.

C.

To prepare a sampling plan for the engagement.

D.

To evaluate the design of controls.

Buy Now
Questions 208

An internal auditor developed a list of internal and external risk considerations across the organization ' s processes, developed a scale to assess each risk and allocated the relative importance of each risk. When of the following approaches did the auditor take?

Options:

A.

Top-down approach

B.

Process-Metrix approach

C.

Risk-factor approach

D.

Bottom up approach

Buy Now
Questions 209

Which of the following would be the most effective fraud prevention control?

Options:

A.

Email alert sent to management for checks issued over S100.000.

B.

installation of a video surveillance system in a warehouse prone to inventory loss

C.

New hire training to explain fraud and employee misconduct.

D.

Daily report that Identifies unsuccessful system log-in attempts

Buy Now
Questions 210

An internal auditor receives a document displaying all the steps of a process and the path taken as transactions flow between each step of the process How is the internal auditor most likely to use This document during the engagement?

Options:

A.

To perform an assessment of the adequacy of process controls.

B.

To perform an assessment of the effectiveness of process controls

C.

To perform a detailed assessment of process risks

D.

To perform an assessment of the sufficiency of residual process risks.

Buy Now
Questions 211

Which of the following is the most appropriate approach for the internal audit activity to follow up on management action plans?

Options:

A.

Create a tracking system for follow up

B.

Ensure that follow-up activities are performed at least weekly.

C.

Delegate follow-up activities to qualified administrative staff within the business unit

D.

Ensure that follow-up activities are performed by the most senior auditor on staff

Buy Now
Questions 212

Which of the following actions should the internal audit activity take during an audit engagement when examining the effectiveness of risk management processes?

Options:

A.

Evaluate how the organization manages fraud risk.

B.

Establish procedures for improving risk management processes.

C.

Ensure risk responses are aligned with industry standards

D.

Verify that organizational objectives are aligned with each departments objectives.

Buy Now
Questions 213

The head of customer service asked the chief audit executive (CAE) whether eternal auditors could assist her staff with conducting a risk self-assessment in the customer service department. The CAE promised to meet with customer service managers analyze relevant business processes, and come up with a proposal. Who is most likely to be the final approver of the engagement objectives and scope?

Options:

A.

Senior management of the organization

B.

The chief audit executive

C.

The head of customer service

D.

The board of directors

Buy Now
Questions 214

An organization has a mature control environment but limited internal audit resources. Given this scenario, on which of the following should the internal auditors focus their testing?

Options:

A.

Detective compensating controls

B.

Preventive compensating controls.

C.

Detective key controls.

D.

Preventive key controls

Buy Now
Questions 215

According to IIA guidance, which of the following reflects a characteristic of sufficient and reliable information?

Options:

A.

The establishment of an audit approach and documentation system

B.

The standardization of workpaper terminology and notations

C.

The ability to reach consistent audit conclusions regardless of who performs the audit

D.

The application of documentation standards m an appropriate and consistent manner

Buy Now
Questions 216

An internal auditor has discovered that duplicate payments were made to one vendor Management has recouped the duplicate payments as a corrective action Which of the following describes managements action in this case?

Options:

A.

A condition-based action plan

B.

A cause-based action plan.

C.

A root cause-based action plan.

D.

An effect-based action plan.

Buy Now
Questions 217

What would be the effect if an organization paid one of its liabilities twice during the year, in error?

Options:

A.

Assets, liabilities, and owners ' equity would be understated.

B.

Assets, net income, and owners’ equity would be unaffected

C.

Assets and liabilities would be understated.

D.

Assets, net income, and owners’ equity would be understated, but liabilities would be overstated

Buy Now
Questions 218

The chief audit executive (CAE) is developing a workpaper preparation policy for a new internal audit activity. The CAE wants to ensure that all workpapers relate directly to the engagement objectives. Which of the following statements should be included in the policy specifically to address this concern?

Options:

A.

The workpapers should be understandable.

B.

The workpapers should be relevant.

C.

The workpapers should be economical.

D.

The workpapers should be complete.

Buy Now
Questions 219

An internal auditor completes a series of engagement steps and is ready to turn in the workpapers for the engagement supervisor’s review. The auditor has additional, separate notes about the engagement and is unsure what to do with them. The workpapers are complete and contain sufficient information to support the engagement work. What should the auditor do with the additional notes, according to IIA guidance?

Options:

A.

Include them in the workpapers for the engagement supervisor’s review.

B.

Omit them from the workpapers.

C.

There is no guidance on the inclusion of additional notes with workpapers.

D.

Retain them after the engagement is completed.

Buy Now
Questions 220

According to IIA guidance, which of the following activities are typically primary objectives of engagement supervision?

Options:

A.

Enable training and development of staff, identify engagement objectives, and assign responsibilities to individual auditors.

B.

Identify engagement objectives, assign responsibilities to individual auditors, and approve the engagement program.

C.

Assign responsibilities to individual auditors, approve the engagement program, and enable training and development of staff.

D.

Approve the engagement program, enable training and development of staff, and identify engagement objectives

Buy Now
Questions 221

A corporate merger decision prompts the chief audit executive (CAE) to propose interm changes to the existing annual audit plan to account for emerging risks Which of the following Is the most appropriate action for the CAE to take regarding the changes made to the audit plan?

Options:

A.

Present the revised audit plan directly to the board for approval

B.

Communicate with the chief financial officer and present the revised audit plan to the CEO for approval.

C.

Present the revised audit plan directly to the CEO for approval.

D.

Communicate with the CEO and present the revised audit plan to the board for approval

Buy Now
Questions 222

Which of The following best justifies an internal auditor ' s decision to issue a preliminary audit report?

Options:

A.

The internal audit team and audit client have a serious dispute over the scope and objective of the engagement

B.

The internal audit team expects management to address certain issues immediately due to their severe impact

C.

The internal audit team anticipates that the formal final audit report would be undesirable for management due to the significance of outlined risks

D.

The internal audit team would like to issue a clean final audit report without any material observations or risks

Buy Now
Questions 223

Which of the following statements about including consulting engagements in the annual internal audit plan is true?

Options:

A.

All requests for consulting engagements must be included in the annual internal audit plan

B.

Assurance engagements must be included in the annual internal audit plan but there is no requirement to include consulting engagements

C.

Consulting engagements do not need to be included m the annual internal audit plan unless requested by the board

D.

The acceptance of proposed consulting engagements into the annual internal audit plan may depend on their ability to add value

Buy Now
Questions 224

An internal auditor examined a nostatistical sample of open accounts receivable balances and discovered that 10 out of 60 exceeded the approved unseated credit limit threshold defined by the organization ' s policy What should the auditor document in the workpapers?

Options:

A.

Credit limit over drafts are not monitored in accordance with the organizations policy

B.

Seventeen percent of customers ' open balances in the sample exceed their approved unsecured credit rent

C.

The threshold for credit limits defined by the organization ' s policy is not adequate

D.

Management should perform monthly monitoring of open customer balances

Buy Now
Exam Code: IIA-CIA-Part2
Exam Name: Internal Audit Engagement
Last Update: Jul 10, 2026
Questions: 747

PDF + Testing Engine

$134.99

Testing Engine

$99.99

PDF (Q&A)

$84.99