IIA IIA-CIA-Part2 today updated questions

Practice of Internal Auditing Questions and Answers

Question 1

A manufacturing organization is considering a merger with a similar firm, and requests that the chief audit executive (CAE) perform a due diligence audit. During the preliminary survey, the CAE notes that inventory management is a high risk area. In consultation with the external auditors and legal advisors, the CAE learns that they share those concerns. Which of the following is the CAE's best course of action?

Options:

Perform an independent audit of the merging firm's inventory management practices to verify the concerns and to provide relevant and reliable results to management for their consideration and action.

Advise management that internal audit, external audit, and legal advisors all have concerns about inventory management and, given the high materiality of inventory, management should not proceed with the merger.

Coordinate a review of inventory management with external auditors and legal advisors and ensure each group focuses on their area of expertise to ascertain the extent of the problems, if any.

Coordinate with the merging firm's internal audit department to better understand the inventory management function and whether the concerns are well-founded.

Question 2

According to IIA guidance, which of the following strategies would be the least effective in helping a chief audit executive build a stronger relationship with the board?

Options:

Consider formality and tone of communications to ensure they are appropriate.

Minimize instances of ad hoc communications with board members.

Consider the possible repercussions created by commentary on deficiencies.

Avoid making presumptuous comments without sufficient facts.

Question 3

According to the International Professional Practices Framework, which of the following is correct regarding conducting and reporting follow-up activities by the internal audit activity (IAA)?

Options:

Due to management changes, the IAA is advised by management that no further work will be done. Further follow-up work is not required as management has accepted the related risk.

A newly appointed auditor immediately proceeds to conduct follow-up testing based on previous work performed for the engagement and then reports the results to the chief audit executive (CAE).

Management has stopped implementing several key recommendations citing a growing disagreement with their effectiveness. The auditor communicates the situation to the CAE who then escalates the matter to senior management.

In situations where the identified risk may have a significant impact to the business and senior management has accepted the risk, it is not necessary for the CAE to inform the board of the decision.

Question 4

During the audit of a large decentralized supply chain function, the chief audit executive (CAE) receives serious allegations of fraud concerning the vice president responsible for this function. The CAE engages a third party to provide forensic audit services and lead the investigation portion of the engagement. As part of this team, which of the following would be an appropriate role for the investigator?

1. Authenticate the original approval signatures on contracts.

2. Interview personnel to understand the supply chain processes.

3. Provide certified copies of relevant original documents for the audit file.

4. Identify variances in pixels on original electronic documents.

Options:

1 and 2 only

1 and 4 only

2 and 3 only

3 and 4 only

Question 5

According to the International Professional Practices Framework, which of the following situations is an indicator of a healthy relationship between the audit committee and the internal audit function?

Options:

The chief audit executive (CAE) has direct access to the audit committee and the board but typically does not interact directly with them unless a material weakness in the control environment is identified.

The CAE sends the audit committee all communications between the internal audit department and the audit client in order to keep the audit committee up to date on the engagement.

The CAE does not distribute audit reports to the audit committee. However, the audit committee is made aware of the scope and findings of audits performed.

Whenever a potential audit finding or testing exception is first identified, the audit committee is immediately notified, as well as for any subsequent changes in the status of the engagement.

Question 6

According to the International Professional Practices Framework, which of the following would not be considered when performing an initial risk assessment in engagement planning?

Options:

The reliability of management’s assessment of risk.

Management’s process for monitoring, reporting, and resolving risk issues.

Management's methodology for defining risk criteria.

Risks in related activities relevant to the activity under review.

Question 7

Which of the following documents should the chief audit executive review and approve?

1. Workpaper retention policy.

2. Audit committee meeting minutes.

3. Internal audit handbook.

4. Quarterly financial statements.

Options:

1 and 2 only

1 and 3 only

2 and 4 only

1, 3, and 4 only

Question 8

Which of the following is correct with respect to roles within an enterprise-wide risk management process?

1. The board provides oversight to the risk management process.

2. Executive management owns the risk management framework.

3. Senior management is assigned ownership of risks.

4. Internal audit modifies the risk assessment determined by management.

Options:

1 and 2 only

3 and 4 only

1, 2, and 3 only

1, 2, 3, and 4

Question 9

Which of the following conditions should a chief audit executive take into account when deciding if a follow-up audit engagement is necessary?

• The reported observations were significant and high risk.

• Internal audit resources and the time it will require for follow-up.

• Management may not have the resources to take action.

• Management has previously decided not to take any action.

Options:

1, 2, and 3 only

1, 2, and 4 only

1, 3, and 4 only

2, 3, and 4 only

Question 10

Which of the following is a preventive control strategy against fraud?

Options:

Performing a surprise audit.

Maintaining a whistleblower hotline.

Implementing control self-assessment.

Performing background checks on employees.

Question 11

According to IIA guidance, which of the following are potential benefits of using an assurance map?

Options:

Indication of any gaps in assurance coverage, and improved relevance of assurance recommendations.

Identification of duplicate or overlapping assurance activities, and improved relevance of assurance recommendations.

Indication of gaps in assurance coverage, and enhanced effectiveness of assurance providers.

Enhanced effectiveness of assurance providers, and improved relevance of assurance recommendations.

Question 12

The following audit observation was included in the final audit report:

"Our review concluded that bank reconciliation statements for March and April did not show evidence of supervisory review. We recommend strict compliance with the controller's manual, which requires the department head to place their initials on the reconciliation statements to document their review."

Which of the following attributes are missing from the above audit observation?

1. Criteria.

2. Condition.

3. Cause.

4. Effect.

Options:

1 and 4 only

2 and 3 only

1, 3, and 4 only

3 and 4 only

Question 13

Which of the following would most likely include recommendations for process improvements?

• Due diligence engagement.

• Forensic investigation.

• Internal audit engagement.

• Consulting engagement.

Options:

1, 2, and 3 only

1, 2, and 4 only

1, 3, and 4 only

2, 3, and 4 only

Question 14

Which of the following would be the most important reason for the chief audit executive (CAE) to use inputs from management strategy to update the audit universe?

Options:

The audit charter requires the CAE to update the audit universe before embarking on the selection of potential audit engagements.

The CAE wants to consider the organization's strategic plan including attitude toward risk and the degree of difficulty to achieving planned objectives.

The CAE wants to cover management planned activities for the upcoming year in the audit plan.

The CAE wants to determine internal audit resourcing requirements to cover the organization's major processes and activities over time.

Question 15

According to IIA guidance,when performing a compliance audit of data security standards for a large e-commerce retailer, which of the following would represent the least likely area of risk exposure?

Options:

Operational risks.

Change or configuration risks.

Access risks.

Physical security risks.

Question 16

Which of the following statements is true?

Options:

Consulting engagements provide the internal audit activity with flexibility to add value and do not need to be included in the long-range audit plan.

The internal audit activity's plan of engagments must be based on a formal quantitative risk assessment.

The chief audit executive should consider changes to the long-range audit plan based on the requests of business unit managers.

A risk assessment on which to base the internal audit activity's long-range plan must be undertaken at least once every three years.

Question 17

The chief audit executive of a large publicly held bank is using a risk based approach to update the annual audit plan. Which of the following sources of information will have the least impact on the plan?

Options:

The 12 month forecast of commercial property values.

Recent changes to the bank's strategic plan.

Regulatory changes impacting capitalization for all publicly traded banks.

Continuous changes in the prime lending rate set by the country's central bank.

Question 18

The chief audit executive (CAE) is adding a new audit position to the team. According to the International Professional Practices Framework, which of the following candidates would the CAE be least likely to accept for the position?

Options:

The candidate is applying for an IT audit position, while originally coming from an IT background, but has only experiences of financial and compliance audits in the previous position.

The candidate is knowledgeable about potential indicators of fraud including typical risks, but has only participated as a staff auditor in one investigative fraud audit.

The candidate meets the minimum educational requirements established by the chief audit executive, but has less formal education than any of the other candidates being considered.

The candidate provides examples of previous reports demonstrating excellent writing skills, but lacks ability to clearly communicate ideas and conclusions in a meeting.

Question 19

A company owns a machine that will produce 100 light switches in four hours. Due to increased demand, a second machine capable of producing 100 light switches in three hours has been added.

Approximately how many hours will it take to produce 100 light switches using both machines working together?

Options:

7.0

3.5

1.7

0.58

Question 20

One method for dealing with the uncertainty of demand forecasts used in linear programming is to extend the model solution to include.

Options:

Sensitivity analysis.

Goal seeking.

Branch-and-bound solutions.

Nonlinear programming.

Question 21

A post-audit questionnaire sent to audit clients is an effective mechanism for:

Options:

Substantiating audit observations.

Promoting the internal audit activity.

Improving future audit engagements.

Validating process flow.

Question 22

Which of the following conclusions would be appropriate for a beginning auditor performing an audit of a payroll department?

Options:

Employee taxes have been deducted at the correct rates, and the taxes have been forwarded to the appropriate government agency.

Although there is insufficient segregation of duties, the impact is mitigated by compensating controls.

The payroll computer system should be replaced.

The payroll department staff has the appropriate level of skills.

Question 23

Which of the following must an auditor establish in order to demonstrate that fraud has occurred?

Options:

Monetary damage to the victim.

The suspect's intent.

Existence of an internal control deficiency.

Evidence of collusion.

Question 24

Which of the following activities would be performed during a benchmarking consulting engagement?

I. Collect data relevant to the benchmarking process.

II. Review all business processes.

III. Define critical success factors.

IV. Identify performance gaps.

Options:

I and III only

II and IV only

I, II, and III only

I, III, and IV only

Question 25

The internal audit activity can be involved with systems development continuously, immediately prior to implementation, after implementation, or not at all. An advantage of continuous internal audit involvement compared to the other types of involvement is that:

Options:

The cost of audit involvement can be minimized.

There are clearly defined points at which to issue audit comments.

Redesign costs can be minimized.

The threat of lack of audit independence can be minimized.

Question 26

A recent survey indicated that residents of a small town take the train to a nearby city eight times per month, on average. The same survey showed that the number of train trips that a resident takes per month (y) is determined by the number of days per month that the resident works in the nearby city (x), according to the equation: y = 2 + 2x. A person who never works in the nearby city is expected to take the train:

Options:

Zero times per month.

Two times per month.

Four times per month.

Eight times per month.

Question 27

Which of the following factors is least essential to a successful control self-assessment workshop?

Options:

Voting technology.

Facilitation training.

Prior planning.

Group dynamics.

Question 28

Which of the following best defines an audit opinion?

Options:

A summary of the significant audit observations and recommendations.

An auditor's evaluation of the effects of the observations and recommendations on the activities reviewed.

A conclusion which must be included in the audit report.

A recommendation for corrective action.

Question 29

During a systems development audit, software developers indicated that all programs were moved from the development environment to the production environment and then tested in the production environment. What should the auditor recommend?

I. Implement a test environment to ensure that testing is not performed in the production environment.

II. Require developers to move modified programs from the development environment to the test environment and from the test environment to the production environment.

III. Eliminate access by developers to the production environment.

Options:

I only

III only

I and II only

I and III only

Question 30

In preparing to facilitate a control self-assessment session, an auditor would be least likely to ensure that:

Options:

Key stakeholders are represented in the group.

An independent content expert is available to help settle disagreements.

Background research is completed to familiarize the auditor with relevant issues.

Management is consulted on the issues and priorities.

Question 31

Which of the following is the most appropriate step for the chief audit executive to take in order to avoid defamation of character of the principal suspect in a fraud investigation?

Options:

Restrict the use of potentially damaging words to privileged reports or discussions.

Label all workpapers, reports, and correspondence of the internal audit activity as private.

Restrict discussions of the fraud to members of management who express an interest in the investigation.

Destroy all investigation workpapers and reports if the fraud cannot be proven.

Question 32

In response to an accounts receivable confirmation, a customer indicated that the invoice listed on the confirmation letter had been paid two months earlier.

This may indicate that:

Options:

The receivable was selected for confirmation in error.

The customer is a bad credit risk.

The receivable should be written off.

Fraudulent activity has occurred.

Question 33

An auditor decides to vouch a sample of ledger entries back to their original documentation. In terms of whether all transactions had been recorded, this test would bE.

Options:

Relevant to the completeness objective.

Irrelevant to the completeness objective.

A more timely test of completeness than evidence from interviews.

A more biased test of completeness than evidence from interviews.

Question 34

The following are potential sources of evidence regarding the effectiveness of a division's total quality management program. The least persuasive evidence would be a comparison oF.

Options:

Employee morale before and after program implementation.

Scrap and rework costs before and after program implementation.

Customer returns before and after program implementation.

Manufacturing and distribution costs per unit before and after program implementation.

Question 35

A bank is developing an integrated customer information system. The type of audit involvement that would most likely help avoid implementation of a system that does not cover all types of accounts would be:

Options:

A design review.

An application control review.

A source code review.

An access control review.

Question 36

An audit of a company's accounts payable found that the individuals responsible for maintaining the vendor master file could also enter vendor invoices into the accounts payable system. During the exit conference, management agreed to correct this problem. When performing a follow-up engagement of accounts payable, the auditor should expect to find that management has:

Options:

Transferred the individuals who maintained the vendor master file to another department to ensure that responsibilities are appropriately segregated.

Compared the vendor and employee master files to determine if any unauthorized vendors have been added to the vendor master file.

Changed the access control system to prevent employees from both entering invoices and approving payments.

Modified the accounts payable system to prevent individuals who maintain the vendor master file from entering invoices.

Question 37

An auditor-in-charge is preparing her audit team for a consulting engagement at one of the organization's foreign subsidiaries. According to the Standards, which of the following would not be a necessary step prior to beginning the engagement?

Options:

Verify that none of the audit team worked for the foreign subsidiary within the last year to ensure independence.

Agree, in writing, with the subsidiary's senior management regarding the scope of the engagement.

Communicate a time frame as well as a contingency plan in the event the engagement may take longer than expected.

Communicate what logistical support will be provided by the subsidiary for the duration of the engagement.

Question 38

A major insurance company provides a discount on automobile insurance if the vehicle meets certain safety criteria. Which of the following audit tests would provide an internal auditor with the best evidence that all qualifying insured automobiles are receiving the discount?

Options:

Compare the percentage of automobiles receiving discounts this year to that of last year.

Ask managers whether they are aware of the discount criteria and whether they are providing the discount to all qualifying automobiles.

Select a sample of automobiles that are not receiving the discount and determine if they have been properly excluded.

Select a sample of automobiles receiving the discount and determine that the required discount criteria are being met.

Question 39

In advance of a preliminary survey, a chief audit executive sends a memorandum and questionnaire to the supervisors of the department to be audited. What is the most likely result of that procedure?

Options:

It creates apprehension about the audit engagement.

It involves the engagement client's supervisory personnel in the audit.

It is an uneconomical approach to obtaining information.

It is only useful for audits of distant locations.

Question 40

The internal audit activity of an organization obtained approval to add a senior auditor to its staff. The chief audit executive, audit manager, and audit supervisor each will interview the candidates. According to the Standards, which of the following best explains the involvement of management in the interview process?

Options:

Provides audit management with the opportunity to communicate expectations regarding ethical behavior standards.

Enables audit management to outline its quality assurance and improvement program with the senior auditor.

Assists audit management in planning by more effectively allocating the senior auditor to appropriate audits.

Allows audit management to explain the criteria that will be used to evaluate the senior auditor's performance.

Question 41

An internal auditor has completed an audit of an organization's activities and is ready to issue a report. However, the client disagrees with the internal auditor's conclusions. The auditor should:

Options:

Withhold the issuance of the audit report until agreement on the issues is obtained.

Issue the audit report and state both the auditor and client positions and the reasons for the disagreement.

Issue the audit report and omit the client's conclusion as it is not the opinion of the internal auditor.

Perform additional work, with the client's concurrence, to resolve the areas of disagreement and delay the issuance of the report until agreement is reached.

Question 42

The chief audit executive's responsibility regarding control processes includes:

Options:

Assisting senior management and the audit committee in the development of an annual assessment about internal control.

Overseeing the establishment of internal control processes.

Maintaining the organization's governance processes.

Ensuring that the internal audit activity assesses all control processes annually.

Question 43

When interviewing an individual in relation to a fraud investigation, which course of action should the internal auditor follow?

Options:

Assure the individual that the results of the interview will remain confidential.

Establish a rapport with the subject to encourage openness.

Discontinue questioning once the individual has confessed to the fraud.

Refrain from deviating from the list of questions prepared before the interview.

Question 44

Which of the following is an advantage of an interim report?

An interim report provides timely feedback to the audit engagement client.

II.

An interim report provides a mechanism for communicating information on red flags promptly while they are being investigated.

III.

An interim report provides an opportunity for auditor follow-up of findings before the engagement is completed.

IV.

An interim report increases the probability that corrective action will be initiated more quickly.

Options:

I and IV only

II and III only

I, III, and IV only

I, II, III, and IV.

Question 45

A bakery chain has a statistical model that can be used to predict daily sales at individual stores based on a direct relationship to the cost of ingredients used and an inverse relationship to rainy days. What conditions would an internal auditor look for as an indicator of employee theft of food from a specific store?

Options:

On a rainy day, total sales are greater than expected when compared to the cost of ingredients used.

On a sunny day, total sales are less than expected when compared to the cost of ingredients used.

Both total sales and cost of ingredients used are greater than expected.

Both total sales and cost of ingredients used are less than expected.

Question 46

The most effective procedure to verify compliance with a requirement that materials be purchased from the lowest-priced source is to compare:

Options:

Prices paid for selected materials with prices listed on related purchase orders.

Bids obtained for selected purchases with related purchase orders.

Vendors' current prices with prices listed on related purchase orders.

Approved vendor lists with bids obtained for selected purchases.

Question 47

Which of the following factors would not be considered in determining appropriate follow-up procedures?

Options:

The significance of the audit finding.

The effort and cost needed to correct the reported condition.

The availability of funds in the audited department's budget to correct the reported condition.

The potential consequences if the corrective action fails.

Question 48

In a payroll audit, a staff auditor suspects that signatures on some of the documents being sampled for examination are not authentic. What action should the auditor take before proceeding with the examination?

Options:

Suggest to the payroll manager that the suspicious documents should be sent to the organization's security department for forensic review.

Keep the suspicious documents in the workpaper file until the end of the engagement, and then discuss the suspicions with the payroll manager.

Discuss the suspicious documents with payroll staff to seek their views on the authenticity of the signatures.

Review the suspicious documents with the chief audit executive and seek advice concerning further examination.

Question 49

What is the most likely source of information for a detailed schedule of a company's insurance policies in force?

Options:

Original journal entries found in the cash disbursements journal, along with supporting checks processed by the bank.

Policies and procedures governing insurance coverage.

The current fiscal year's budget for insurance, together with the beginning balance of the prepaid insurance account.

The files containing insurance policies with various carriers.

Question 50

An internal auditor has been assigned to perform a quality audit on a manufacturing plant. Which course of action should the auditor perform first?

Options:

Compare the planned outputs with the actual outputs.

Ascertain the costs of materials purchased.

Evaluate the plant's ability to meet production quotas.

Review the levels of scrap and rework.

Question 51

Which of the following statements is correct regarding the assessment of risk in the annual audit planning process?

1. Activities requested by management should be considered higher risk than those requested by the audit committee.

2. Activities with lower budgets can be as high risk as those with higher budgets.

3. The potential financial or adverse exposure should always be considered in the assessment of risk.

Options:

1 only

2 only

3 only

2 and 3 only

Question 52

Information gathered in a forensic investigation of business fraud is usually gathered with which of the following standards in mind?

Options:

Generally Accepted Auditing Standards.

Generally Accepted Accounting Principles.

The International Professional Practices Framework.

Legal evidence.

Question 53

According to the Standards, which of the following describes the condition attribute when applied to the observations and recommendations contained in the audit report?

Options:

The standards, measures, or expectations used in making an evaluation or verification.

The reason for the difference between the expected state and the actual state.

The factual evidence that the internal auditor found in the course of the examination.

The risk or exposure the organization encounters because the actual state is not consistent with the criteria.

Question 54

Under what circumstances would internal audit not become involved when intentional misconduct is suspected?

Options:

Management is involved in wrongdoing.

Management is running a parallel investigation.

Management does not believe a trusted employee could be guilty.

Management does not maintain strong internal controls.

Question 55

Which of the following does not represent a difficulty in using red flags as fraud indicators?

Options:

Many common red flags are also associated with situations where no fraud exists.

Some red flags are difficult to quantify or to evaluate.

Red flag information is only gathered in extraordinary circumstances.

The red flags literature is not well enough established to have a positive impact on auditing.

Question 56

Access control software on an organization's mainframe computer records detailed information concerning both successful and unsuccessful log-on attempts to applications. Which of the following audit tools would be best suited to review the access information that has been recorded?

Options:

Generalized audit software.

Flowcharting.

Integrated test facility.

Test data.

Question 57

Which of the following audit procedures is most suitable for verifying that all sales transactions have been recorded?

Options:

Observation.

Tracing.

Re-computation.

Vouching.

Question 58

Which of the following would provide the best evidence of compliance with an airline's standard of having aircraft refueled and cleaned within a specified time of arrival at an airport?

Options:

Vendor fuel invoices that have been reconciled to inventory records.

Time cards completed by aircraft cleaning and fueling crews.

Observation of selected aircraft while they are being refueled and cleaned.

Comparison of the standard hourly labor costs for cleaning and fueling personnel with actual labor charges.

Question 59

A company's policy requires that all customers be treated in a fair and consistent manner. Which of the following audit procedures would provide the most persuasive evidence that the policy was followed?

Options:

Compare the aging of outstanding receivables due from each customer.

Compare credit reports with annual sales for a sample of customers.

Compare the ratio of outstanding receivables to the authorized credit limit for each customer.

Compare the sales discounts offered to each customer.

Question 60

Which of the following will be an appropriate course of action when an auditor disagrees with a client about a well-documented audit finding?

Options:

Include both the audit finding and the client's position in the audit report.

Defer reporting the item and plan to perform more detailed work during the next audit.

Change the finding so that it is acceptable to the client.

Address the issue with senior management and the board for resolution prior to issuing the final report.

Question 61

A manufacturing process could create hazardous waste at several production stages, from raw materials handling to finished goods storage. If the objective of a pollution prevention audit engagement is to identify opportunities for minimizing waste, in what order should the following opportunities be considered?

I. Recycling and reuse.

II. Elimination at the source.

III. Energy conservation.

IV. Recovery as a usable product Treatment.

Options:

V, II, IV, I, III.

IV, II, I, III, V.

I, III, IV, II, V.

III, IV, II, V, I.

Question 62

In forming a team to investigate an organization's potential adoption of an activity-based costing system, the best reason to include an internal auditor on the team would be the auditor's knowledge of:

Options:

Activities and cost drivers.

Information processing procedures.

Current product cost structures.

Internal control alternatives.

Question 63

Which of the following would provide the greatest assurance of the accuracy of a computer program's computation of freight charges for catalog sales?

Options:

Use discovery sampling, selecting transactions from invoices which should have freight charges added to them.

Use either test data or parallel simul-ation to test the computer application.

Use difference estimation, selecting transactions from invoices which should have freight charges added to them.

Use generalized audit software to select a monetary-unit sample of invoices that have been billed to customers.

Question 64

A film company determined that income level impacts the number of films that people watch per month, as shown by the graph below:

The graph indicates that:

Options:

A richer person always sees more films than a poorer person.

The number of films seen per month is a linear function of income level.

A 20 percent pay increase is more likely to increase film viewing at lower income levels than at higher income levels.

A 20 percent pay increase is likely to increase film viewing by a constant amount regardless of income level.

Question 65

The most common motivation for management fraud is the existence of:

Options:

Vices, such as a gambling habit.

Job dissatisfaction.

Financial pressures on the organization.

The challenge of committing the perfect crime.

Question 66

During an audit of a retail organization, an internal auditor found a scheme in which the warehouse director and the purchasing agent diverted approximately $500,000 of goods to their own warehouse, then sold the goods to third parties. The fraud was not found earlier since the warehouse director updated the perpetual inventory records and then forwarded receiving reports to the accounts payable department for processing. Which of the following procedures would have most likely led to the discovery of the missing materials and the fraud?

Options:

Select a random sample of receiving reports and trace to the recording in the perpetual inventory records. Note differences and investigate by type of product.

Select a random sample of purchase orders and trace to receiving reports and to the records in the accounts payable department.

Take an annual physical inventory, reconciling amounts with the perpetual inventory records. Note the pattern of differences and investigate.

Select a random sample of sales invoices and trace to the perpetual inventory records to see if inventory was on hand. Investigate any differences.

Question 67

During a routine audit of a customer service hotline, an internal auditor noticed that an unusually high number of customer complaints pertained to payments not being applied to the customers' accounts.

Which of the following would most likely be the reason for the high volume of complaints?

Options:

An ineffective customer service department.

Poor controls in the invoice approval processes.

Check tampering by an employee.

Submission of fraudulent expense reports.

Question 68

If an organization's chief audit executive wants to implement continuous auditing, what is the appropriate order in which key steps should be undertaken?

I. Identify business applications that require access.

II. Implement steps to continuously assess risks and controls.

III. Define objectives of continuous auditing.

IV. Manage and report results.

Options:

III, I, IV, II.

II, I, III, IV.

III, I, II, IV.

II, III, I, IV.

Question 69

New credit policies have been implemented in an automated order-entry system to improve the collection of receivables. Sales management has compiled several examples that show decreased sales and delayed order entry, and contends that these examples are a direct result of the new credit-policy constraints. Sales management's data and information provide.

Options:

Feedback control data.

Irrelevant and argumentative information.

Evidence that the new credit policies do not meet the stated corporate objective to improve collections.

A statistically valid conclusion about the impact of the new credit policies on customer goodwill.

Question 70

An audit department has received anonymous information that an employee has allegedly been able to steal and cash checks sent to the organization by customers. What is the most efficient way for an auditor to determine how this type of fraud could occur and who might be the perpetrator?

Options:

Confirm accounts receivable.

Confirm accounts payable.

Review the endorsements and banks of deposit on customers' canceled checks.

Flowchart and analyze key controls in the cash receipts process.

Question 71

An auditor is using an internal control questionnaire as part of a preliminary survey. Which of the following is the best reason for the auditor to interview management regarding the questionnaire responses?

Options:

Interviews provide the opportunity to insert questions to probe promising areas.

Interviews are the most efficient way to upgrade the information to the level of objective evidence.

Interviewing is the least costly audit technique when a large amount of information is involved.

Interviewing is the only audit procedure which does not require confirmation of the information that is obtained.

Question 72

Which of the following, if observed, would not indicate the need to extend the search for other indicators of fraud in a purchasing department?

Options:

The standard of living of one of the purchasing agents has increased.

The internal control structure has significant weaknesses.

The purchasing agents have convinced management to adopt a policy of paying vendors on a more timely basis in order to avoid incurring penalty charges.

The cost of goods procured seems to be excessive in comparison with previous years.

Question 73

The chief audit executive can illustrate the value of the internal audit activity by reporting which of the following to the board?

Options:

The overall performance resulting from the internal audit balanced scorecard

The number of outstanding and overdue management actions

The experience of the organization's internal auditors

The number of audits in the annual audit plan relative to similar organizations

Question 74

Due to price risk from the foreign currency purchase of aviation fuel, an airliner has purchased forward contracts to hedge against fluctuations in the exchange rate. When recalculating the exchange losses from individual purchases of jet fuel, which of the following details does the internal auditor need to validate?

1. The hedge documentation designating the hedge.

2. The spot exchange rate on the transaction date.

3. The terms of the forward contract.

4. The amount of fuel purchased.

Options:

1 and 2

1 and 4

2 and 3

3 and 4

Question 75

An organization has a health and safety division that conducts audits to meet regulatory requirements. The chief health and safety officer reports directly to the CEO. Which of the following describes an appropriate role for the chief audit executive (CAE) with regard to the organization's health and safety program?

Options:

The CAE has no role to play, because the chief health and safety officer reports to a senior executive.

The CAE should coordinate with, and review the work of, the chief health and safety officer to gain an understanding of whether risks related to health and safety are managed properly.

The CAE should give periodic reports directly to the regulator regarding health and safety issues, as it is the appropriate regulatory oversight body.

The CAE should hire an independent external specialist to conduct an annual assessment and provide assurance over the effectiveness of the health and safety program and the reliability of its reports.

Question 76

The chief audit executive (CAE) of a small internal audit activity (IAA) plans to test conformance with the Standards through a quality assurance review. According to the Standards, which of the following are acceptable practice for this review?

1. Use an external service provider.

2. Conduct a self-assessment with independent validation.

3. Arrange for a review by qualified employees outside of the IAA.

4. Arrange for reciprocal peer review with another CAE.

Options:

1 and 2

2 and 4

1, 2, and 3

2, 3, and 4

Question 77

According to IIA guidance, which of the following statements are true regarding the internal audit plan?

1. The audit plan is based on an assessment of risks to the organization.

2. The audit plan is designed to determine the effectiveness of the organization's risk management process.

3. The audit plan is developed by senior management of the organization.

4. The audit plan is aligned with the organization's goals.

Options:

1 and 2 only

3 and 4 only

1, 2, and 4

1, 3, and 4

Question 78

To effectively communicate the acceptance of risk in an organization a chief audit executive must first consider which of the following?

Options:

The organization's view on risk tolerance

The organization's principal risk events.

The organization's risk response strategies

The organization's major control activities

Question 79

Which of the followings statements describes a best practice regarding assurance engagement communication activities?

Options:

All assurance engagement observations should be communicated to the audit committee.

All assurance engagement observations should be included in the main section of the engagement communication.

During the "communicate" phase of an assurance engagement, it is best to define the methods and timing of engagement communications.

A detailed escalation process should be developed during the planning stage of an assurance engagement.

Question 80

The chief audit executive (CAE) for a manufacturing company included in this year s audit plan a review of the company's laboratory, using an experienced external service provider. The audit plan was approved by the audit committee without any changes At the time of engaging the external service provider, the CAE also secured the approval from the CEO. Who is responsible for ensuring that the conclusions reached for this exercise are adequately supported7

Options:

Audit committee

CEO

CAE.

External service provider

Question 81

An internal auditor completed a review of expenses related to the launch of a new project. The auditor sampled 45 transactions approved by a senior project manager and identified 30 with questionable vendor documentation. Which of the following is the most appropriate conclusion for the auditor to include in the audit report?

Options:

The organization incurred excessive cost overruns that resulted in significant financial and legal risk to the project.

The organization experienced a potential conflict of interest

The organization had weaknesses in its review process which allowed questionable transactions with some vendors

The organization allowed the project to launch without assurance that all transactions were regularly approved

Question 82

According to IIA guidance, which of the following is true regarding audit supervision?

1. Supervision should be performed throughout the planning, examination, evaluation, communication, and follow-up stages of the audit engagement.

2. Supervision should extend to training, time reporting, and expense control, as well as administrative matters.

3. Supervision should include review of engagement workpapers, with documented evidence of the review.

Options:

1 and 2 only

1 and 3 only

2 and 3 only

1, 2, and 3

Question 83

The external auditor has identified a number of production process control deficiencies involving several departments. As a result, senior management has asked the internal audit activity to complete internal control training for all related staff. According to IIA guidance, which of the following would be the most appropriate course of action for the chief audit executive to follow?

Options:

Refuse to accept the consulting engagement because it would be a violation of independence.

Collaborate with the external auditor to ensure the most efficient use of resources.

Accept the engagement but hire an external training specialist to provide the necessary expertise.

Accept the engagement even if the audit engagement staff was previously responsible for operational areas being trained.

Question 84

When constructing a staffing schedule for the internal audit activity (IAA), which of the following criteria are most important for the chief audit executive to consider for the effective use of audit resources?

1. The competency and qualifications of the audit staff for specific assignments.

2. The effectiveness of IAA staff performance measures.

3. The number of training hours received by staff auditors compared to the budget.

4. The geographical dispersion of audit staff across the organization.

Options:

1 and 3

1 and 4

2 and 3

2 and 4

Question 85

What is the primary purpose of issuing a preliminary communication to management of the area under review?

Options:

To build good relations with management

To help management develop more responsive and timely action plans

To formally report medium- and high-risk observations in writing

To improve the internal audit key performance indicators

Question 86

Which of the following best describes the four components of a balanced scorecard?

Options:

Customers, innovation, growth, and internal processes.

Business objectives, critical success factors, innovation, and growth.

Customers, support, critical success factors, and learning.

Financial measures, learning and growth, customers, and internal processes.

Question 87

The internal audit activity (IAA) wants to measure its performance related to the quality of audit recommendations. Which of the following client survey questions would best help the IAA meet this objective?

Options:

Were audit findings relevant and useful to management?

Does the audit report format present issues clearly and concisely?

Does the IAA work with a high degree of professionalism and objectivity?

Were the findings reported in a timely manner?

Question 88

In a health care organization the internal audit activity provides overall assurance on governance, risk and control The chief audit executive advises and influences senior management, and the audit strategy leverages the organization's management of risk According to HA guidance which of the following stages of internal audit maturity best describes this organization?

Options:

Infrastructure.

Emerging.

Managed.

Initial.

Question 89

A draft internal audit report that cites deficient conditions generally should be reviewed with which of the following groups?

1. The client manager and her superior.

2. Anyone who may object to the report’s validity.

3. Anyone required to take action.

4. The same individuals who receive the final report.

Options:

1 only

1 and 2 only

1, 2, and 3

1, 2, and 4

Question 90

Which of the following actions are appropriate for the chief audit executive to perform when identifying audit resource requirements?

1. Consider employees from other operational areas as audit resources, to provide additional audit coverage in the organization.

2. Approach an external service provider to conduct internal audits on certain areas of the organization, due to a lack of skills in the organization.

3. Suggest to the audit committee that an audit of technology be deferred until staff can be trained, due to limited IT audit skills among the audit staff.

4. Communicate to senior management a summary report on the status and adequacy of audit resources.

Options:

1 and 3 only

2 and 4 only

1, 2, and 4

2, 3, and 4

Load More IIA-CIA-Part2 Questions

Massive Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: netdisc

IIA IIA-CIA-Part2 Practice of Internal Auditing Exam Practice Test

Practice of Internal Auditing Questions and Answers

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options: