Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

IIA IIA-ACCA - ACCA CIA Challenge Exam

IIA IIA-ACCA Premium Access     Download Demo    
Page: 8 / 13
Total 604 questions

A large trucking organization wants to reduce traffic accidents by improving its system of internal controls.

Which of the following controls is correctly classified?

1. Review of speeding violations to identify repetitive locations and drivers is an example of a preventive control.

2. Defensive driver training is an example of a directive control.

3. The installation of tracking devices in delivery vehicles is an example of a corrective control.

4. Providing a vehicle driver handbook is an example of a detective control.

A.

1 and 2.

B.

1 and 4.

C.

2 and 3.

D.

3 and 4.

A chief audit executive (CAE) reports functionally to the CEO and administratively to the chief financial officer, both of whom serve on the company's board of directors. According to IIA guidance, which of the following would offer the greatest protection for the independence of the internal audit activity?

A.

Appoint the CAE as a member of the board.

B.

Move the CAE's functional reporting to an executive who is not on the board.

C.

Obtain full board approval of the internal audit activity's annual audit plan.

D.

Move the CAE's functional reporting to the audit committee.

Which of the following techniques would provide the most compelling evidence that a safety hazard exists within a manufacturing facility?

A.

Observation of the facility during operations.

B.

Questioning of facility management, including the facility safety officer.

C.

Analysis of facility operating reports, focusing on instances when breakdowns occurred.

D.

Review of records involving safety violations, filed by facility production employees.

According to IIA guidance, which of the following roles would be appropriate for an internal auditor regarding fraud risk?

1. Identification.

2. Mitigation.

3. Remediation.

4. Reduction.

A.

1 only. |

B.

1 and 4 only.

C.

1, 3, and 4 only.

D.

1,2, 3, and 4.

While auditing an organization's credit approval process, an internal auditor learns that the organization has made a large loan to another auditor's relative. Which course of action should the auditor take?

A.

Proceed with the audit engagement, but do not include the relative's information.

B.

Have the chief audit executive and management determine whether the auditor should continue with the audit engagement.

C.

Disclose in the engagement final communication that the relative is a customer.

D.

Immediately withdraw from the audit engagement.

The chief audit executive (CAE) is planning to conduct an internal assessment of the internal audit activity (IAA). Part of this assessment will include benchmarking. According to IIA guidance, which of the following qualitative metrics would be appropriate for the CAE to use?

1. Average client customer satisfaction score for a given year.

2. Client survey comments on how to improve the IAA.

3. Auditor interviews once an audit has been completed.

4. Percentage of audits completed within 90 days.

A.

1 and 2.

B.

1 and 3.

C.

2 and 3.

D.

3 and 4.

Reviewing prior audit reports and supporting workpapers before an engagement starts enables an internal auditor to do which of the following?

1. To understand better the activity and processes that will be audited.

2. To identify the audit procedures that will be used during the engagement.

3. To ensure that matters of greatest vulnerability will be addressed.

4. To use the information obtained as evidence in the current engagement.

A.

4 only

B.

1 and 3 only

C.

1 and 4 only

D.

2, 3, and 4 only

An IT contractor applied for an internal audit position at a bank. The contractor worked for the bank's IT security manager two years ago. If the audit manager interviewed the contractor and wants to extend a job offer, which of the following actions should the chief audit executive pursue?

A.

Allow the audit manager to hire the contractor and state that the individual is free to perform IT audits, including security.

B.

Not allow the audit manager to hire the contractor, as it would be a conflict of interest.

C.

Allow the audit manager to hire the contractor, but state that the individual is not allowed to work on IT security audits for one year.

D.

Not allow the audit manager to hire the contractor and ask the individual to apply again in one year.

According to COSO, which of the following is not considered one of the components of an organization's internal environment?

A.

Authority and responsibility to resolve issues.

B.

Framework to plan, execute and monitor activities.

C.

Integrated responses to multiple risks.

D.

Knowledge and skills needed to perform activities.

According to IIA guidance, which of the following statements is true when an internal auditor performs consulting services that improve an organization's operations?

A.

The services must be aligned with those defined in the internal audit charter.

B.

The services must not be performed by the same internal auditor who performed assurance services, in order to maintain objectivity.

C.

The services may preclude assurance services from the consulting engagement.

D.

The services impose no responsibility to communicate information other than to the engagement client.

Which of the following would be the most appropriate first step for the board to take when developing an effective system of governance?

A.

Determine the organization's overall risk appetite.

B.

Establish a governance committee.

C.

Delegate authority to members of senior management.

D.

Identify key stakeholders and their expectations.

An internal auditor is using a spreadsheet application to review a cash flow forecast prepared by management.

Which of the following correctly identifies the type of evidence this information represents?

A.

Competent, corroborative evidence of future working capital requirements.

B.

Sufficient, analytical evidence of the cash flow position at a given point of time in the future.

C.

Competent, documentary evidence of future cash flow changes within the organization.

D.

Sufficient, circumstantial evidence of the future solvency of the organization.

An auditor identifies three errors in the sample of 25 entries selected for review (a 12 percent error rate). Based on this result, the auditor assumes that approximately 59 of the total population of 492 entries are incorrect. To reach this assumption, the auditor has used a technique known as which of the following?

A.

Variability tolerance.

B.

Ratio estimation.

C.

Stratification.

D.

Acceptance sampling.

Which of the following is an example of a management control technique?

A.

A budget.

B.

A risk assessment.

C.

The board of directors.

D.

The control environment.

According to the International Professional Practices Framework, which of the following are allowable activities for an internal auditor?

1. Advocating the establishment of a risk management function.

2. Identifying and evaluating significant risk exposures during audit engagements.

3. Developing a risk response for the organization if there is no chief risk officer.

4. Benchmarking risk management activities with other organizations.

5. Documenting risk mitigation strategies and techniques.

A.

4 and 5 only.

B.

1.2, and 3 only.

C.

1.2. 4. and 5 only.

D.

2. 3. 4. and 5 only.