Spring Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

IIA IIA-CIA-Part1 - Internal Audit Fundamentals

Page: 10 / 15
Total 735 questions

According to IIA guidance, which of the following statements is true regarding the internal audit activity's quality assurance and improvement program (QAIP)?

A.

Internal assessments rely solely on the review of completed audit engagements for demonstrated performance.

B.

The chief audit executive is responsible for assessing the suitability and competence of an external assessor.

C.

QAIP results must first be discussed with the board and approval obtained for distribution to senior management.

D.

At the board's discretion, the frequency of external assessments can exceed the five-year guideline.

How do assurance services and consulting services differ?

A.

There is less variety of consulting services that an internal audit activity might provide compared to assurance services

B.

Assurance services are limited to financial events or actions, and consulting services are not limited in this way

C.

Consulting services do not have to be included in the internal audit charter

D.

Other employees in an organization can provide consulting services but only an internal audit activity can provide assurance services

An internal audit activity maintains a quality assurance and improvement program that includes annual self-assessments. The internal audit activity includes in each engagement report a clause that the engagement is conducted in conformance with the International

Standards for the Professional Practice of Internal Auditing ( Standards) Which of the following justifies inclusion of this clause in the reports?

A.

Internal audit activity policies and engagement records provide relevant, sufficient, and competent evidence that the statement is correct

B.

The audit committee has reviewed the annual self-assessment results and approved the use of the clause

C.

The self-assessment results were validated by a qualified external review team three years prior

D.

The internal audit charter, approved by the audit committee requires conformance with the Standards

The chief audit executive (CAE) has hired a new internal auditor who was immediately assigned to a procurement function audit. Because the new auditor's name is similar to that of the procurement manager, some staff members think the two are related, although they are not. Which of the following actions is most appropriate for the CAE to take?

A.

Take no action, as there is no impairment to independence.

B.

Remove the new internal auditor from the engagement team.

C.

Discuss the matter with the appropriate personnel to alleviate concerns.

D.

Closely supervise the new auditor and carefully review his work.

The internal audit activity audited an organization's risk management function multiple times, and the recommendations that were made remain unaddressed by the head of risk management. Which of the following would be the next step for the internal audit activity?

A.

The internal audit activity should add value by implementing the recommendations on management's behalf.

B.

The chief audit executive (CAE) must discuss this matter with senior management and the board

C.

The CAE should determine which recommendations to implement based on the severity of the associated risks.

D.

The internal audit activity, led by the CAE. should assume responsibility for risk management function.

An internal audit of warehouse inventory revealed no material deficiencies. However, management later discovered fraud, which occurred during the period that was audited, and determined that a major control deficiency allowed the fraud to occur. Given management's discovery, which of the following statements is valid?

A.

The internal auditors violated the standard for due professional care because they did not detect the fraud, even though it occurred during the period that was reviewed.

B.

The internal auditors should have had sufficient knowledge of fraud to identify red flags indicating possible fraud.

C.

The internal auditors could not have detected the fraud due to collusion among employees in the inventory unit.

D.

The internal auditors are not responsible for considering fraud risk, which is a management responsibility.

The internal audit activity is responsible for which of the following actions related to an organization’s internal controls?

A.

Mitigating risks affecting achievement of organizational objectives.

B.

Enabling opportunities affecting achievement of organizational objectives.

C.

Analyzing and advising regarding costs versus benefits of control activities,

D.

Attesting to fairness of financial statements.

When an organization purchases a derivative contract in the stock market to limit the potential loss in the value of a security, the organization is applying which of the following risk management techniques?

A.

Avoiding the risk altogether.

B.

Transferring the risk.

C.

Introducing a control feature.

D.

Accepting the risk.

According to HA guidance, which of the following is true regarding independence and objectivity for small internal audit activities?

A.

The chief audit executive (CAE) may consider including a disclaimer on independence in audit reports.

B.

The CAE may consider greater involvement of those with suitable knowledge of audit practice.

C.

Conformance with this Standard is not dependent upon the size of the internal audit activity.

D.

Due to the small size of the internal audit activity, having an external assessment once every seven years is acceptable.

Senior management is eager to assess the organization's risks with regard to electricity sales processes, but the senior management team does not know where to start. How can the internal audit activity assist?

A.

Outsource the identification of best practices for risk management to an external third party.

B.

Perform an audit engagement to identify risk management practices deployed in electricity sales processes.

C.

Recommend reporting the lack of risk management to government authorities and request guidance.

D.

Facilitate a self-assessment workshop with the employees responsible for process execution.

Which of the following scenarios violates The IIA's standard regarding internal audit independence?

A.

The chief audit executive (CAE) reports on the internal audit activity's day-to-day tasks and responsibilities to the CEO.

B.

An assessment of the risk management function is reviewed by an outside consulting firm because the CAE is temporarily fulfilling the role of risk manager.

C.

The CAE regularly meets with the organization's chief risk officer, who validates all reported audit findings and dictates which will be Included In the package to the audit committee.

D.

The internal audit activity will experience staffing shortages for the next six months due to planned and unplanned leaves of absence; therefore the CAE proposed including fewer audits in the annual audit plan compared to the previous financial year.

During an assurance engagement, an internal auditor uses benchmarking research to support preparation of a report to stakeholders that contains significant findings about control deficiencies. Which of the following skills did the auditor demonstrate?

A.

Internal audit management.

B.

Conflict negotiation.

C.

Critical thinking.

D.

Persuasion and collaboration.

A whistle blower notified internal audit of a conflict of interest between an organization's employee and a major supplier. Which of the following steps should be undertaken first?

A.

Interview the employee identified by the whistleblower.

B.

Attain an understanding of the employee's role, responsibilities, and relationship with the supplier.

C.

Notify senior management, the board, and the external auditor about the alleged fraud

D.

Review all the orders issued to the supplier to investigate potential fraud.

What is expected of internal auditors in regards to due professional care?

A.

Auditors perform assurance services without regard to cost

B.

Auditors perform assurance services effectively to identify all risks

C.

Auditors perform assurance services needed to achieve the engagement's objectives

D.

Auditors perform assurance services to guarantee all significant risks will be addressed

Which of the following activities should the chief audit executive perform to ensure compliance with an organization's code of conduct?

A.

Act as an advisor to the committee responsible for reviewing violations of the code.

B.

Review and adjudicate all violations of the code of conduct.

C.

Lead the committee responsible for the oversight of the code.

D.

Implement a system of procedures to inform all employees of the code.