IIA IIA-CIA-Part1 Essentials of Internal Auditing Exam Practice Test

Managers who have been with the organization for several decades become aware that newly hired, younger managers are being moved more quickly into senior positions.

The controller at a nationwide manufacturing company recently opted to no longer require two-week mandatory vacations for accounting staff.

Security cameras that monitor cash handling at the register are not functioning.

The organization is slowly phasing out three mature products that produce the highest commissions for the sales staff.

Conduct anti-fraud training.

Perform background investigations.

Implement process controls.

Activate a whistleblower hotline.

Human rights and the environment.

Organizational governance and financial reporting.

Fair operating practices and government regulation.

Consumer issues and return on investment.

A budget.

A risk assessment.

The board of directors.

The control environment.

The chief audit executive (CAE) reports functionally to the board and administratively to the chief financial officer.

The board seeks senior management's recommendation before approving the annual salary adjustment of the CAE.

The CAE confirms to the board, at least once every five years, the organizational independence of the internal audit activity.

The CAE updates the internal audit charter and presents it to the board for approval periodically, not on a specific timeline.

1 and 4 only.

3 and 4 only.

2, 3, and 4 only.

1,2, 3, and 4.

To enable Triple Bottom Line reporting capability.

To facilitate the conduct of risk assessment.

To achieve and maintain sustainable development.

To fulfill regulatory and compliance requirements.

An internal auditor evaluates the significant risks arising from a consulting engagement.

An internal auditor declares that he would have a conflict of interest in providing planned audit support.

An internal auditor has been given sufficient authority to access documents needed to make an appraisal of an issue.

An internal auditor uses technology-based audit techniques to ensure that all significant risks are identified.

The core competencies outlined in the framework are not expected of a person undertaking an entry-level position as an internal auditor.

The framework is designed to be used primarily by chief audit executives that are developing indicators to measure the performance of the internal audit activity for which they are responsible.

The framework lists the core competencies internal auditors should possess before attempting to attain The IIA's Certified Internal Auditor certification.

The framework describes competencies needed for individual internal auditors, but not those necessary at the chief audit executive level.

Control activities.

Information and communication.

Commitment.

Control environment.

They assist in the implementation of recommendations.

They provide support for communication to third parties.

They demonstrate compliance with auditing standards.

They contribute to development of the internal audit staff.

The auditor should accept the calculations generated by the function, as any further work or documentation would be inefficient.

The auditor should perform a manual recalculation of several results to validate and document the results.

The auditor should review the programming of the macro before its use to ensure that it is appropriate for the required calculations.

The auditor should tabulate the results in the spreadsheet to ensure the macro has generated the correct results for all calculations.

The services must be aligned with those defined in the internal audit charter.

The services must not be performed by the same internal auditor who performed assurance services, in order to maintain objectivity.

The services may preclude assurance services from the consulting engagement.

The services impose no responsibility to communicate information other than to the engagement client.

Delegate final approval of the risk-based internal audit plan to the chief audit executive (CAE).

Approve the annual budget and resource plan for the internal audit activity.

Assist the CAE with hiring objective and competent internal audit staff.

Encourage the CAE to communicate and coordinate with the external auditor.

Graph A only

Graph B only

Both A and B.

Neither A nor B.

Require the physician to submit a signed statement attesting that the treatments had been performed.

Send confirmations to the physicians, requesting them to verify the exact nature of the claims submitted to the insurance provider.

Develop an integrated test facility and submit false claims to verify that the system is detecting such claims on a consistent basis.

Use computer software to identify abnormal claims based on the insured's age and medical history.

1.2, and 3.

1,2, and 4.

1.3, and 4.

2. 3, and 4.

Act as an adviser to the committee responsible for reviewing violations of the code.

Review and adjudicate all violations of the code of conduct.

Lead the committee responsible for the oversight of the code.

Implement a system of procedures to inform all employees of the code.

The overall effectiveness of the internal audit activity's periodic self assessments.

The type of audit productivity and performance statistics reported.

The adequacy of the day-to-day supervision and review process.

The scope and frequency of external assessments.

Refrain from indicating that the internal audit activity operates in conformance with the Standards until the chief audit executive confirms that the internal audit activity has addressed all areas of nonconformance and the audit committee has been notified.

Refrain from indicating that the internal audit activity operates in conformance with the Standards until another external assessment confirms that the significant areas of nonconformance have been addressed.

Indicate that the internal audit activity operates in partial conformance with the Standards, as the internal audit activity has a quality assurance and improvement program in place to address deficiencies and has met the requirement for conducting an external assessment.

Update and reissue previous audit reports, removing the assertion that the internal audit activity operates in conformance with the Standards, and distribute them to all parties who received the original reports.

The assigned internal auditor must determine the objectives, scope, and techniques of the engagement.

The CAE must personally obtain the needed skills, knowledge, or other competencies if the internal auditor does not have them.

The assigned internal auditor must not assume management responsibilities while performing the engagement.

The assigned internal auditor must maintain objectivity while performing the engagement.

1 and 2 only

2 and 3 only

2 and 4 only

3 and 4 only

Continuously monitor the organization's overall risk activities in relation to its risk appetite.

Evaluate the adequacy and effectiveness of the organization's governance activities.

Oversee the establishment and administration of an effective risk management program.

Assist management in implementing recommended control improvements.

1 only

2 only

1 and 3.

2 and 4.

When planning assurance and consulting engagements, internal auditors must consider the strategies and objectives of the activity being reviewed.

Internal auditors determine the engagement objectives, scope, and work program for both assurance and consulting services.

Internal auditors must not provide assurance or consulting services for an activity for which they had responsibility within the previous year.

Both assurance and consulting services generally involve the internal auditor, the area under review, senior management, and the board.

Management will be able to reduce inherent risk because they will have a better understanding of risk.

Internal auditors will be able to reduce their sample sizes because controls will be more consistent.

Stakeholders will have more assurance that the risks are assessed consistently.

Decision makers will understand that the likelihood of missing or ineffective controls will be reduced.

Having an occupational health officer on the engagement team.

Determining that the claims have been classified properly.

Placing reliance on medical reports from the injured worker's doctor.

Reviewing claims to ensure all accidents actually occurred in the workplace.

Plan employee sessions and team building strategies for the organization to improve awareness of fraud among employees.

Review the investigation and implement any improvements to the process.

Conduct lessons learned sessions to ascertain how the fraud occurred and which controls failed.

Determine why The fraud was not detected earlier and design controls to strengthen early detection.