Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

IIA IIA-CIA-Part1 - Essentials of Internal Auditing

Page: 8 / 15
Total 735 questions

Which of the following is the first step in the process of identifying relevant fraud risk factors?

A.

Identifying preventive and detective controls

B.

Gathering information about the organization’s business activities to gain an understanding of fraud risks

C.

Engaging in strategic reasoning to anticipate the fraud scheme

D.

The use of brainstorming, management interviews, analytical procedures and review of prior frauds.

Which of the following best describes organizational governance processes?

A.

Processes employed by internal and external assurance providers to authorize, direct, and provide oversight to management to better enable the meeting of organizational objectives

B.

Processes employed by the board of directors to authorize and provide guidance and oversight to management to promote the achievement of organizational objectives.

C.

Processes employed by the board of directors and senior management to mitigate risks to acceptable levels.

D.

Processes employed by risk owners to mitigate risks to acceptable levels within the organization's risk appetite

Which of the following best demonstrates that an internal auditor is applying due professional care when planning an assurance engagement?

A.

Assessing the risk of noncompliance with laws and regulations

B.

Following the policies as prescribed by the internal audit manual.

C.

Advising management of the area under review on how to mitigate internal control risks.

D.

Conducting the engagement on the presupposition that fraud exists.

Which of the following would provide the best support for internal auditors to meet their continuing professional development requirements?

A.

Access to online internal audit and business skills courses.

B.

Records of self-assessment reports completed by the internal audit staff.

C.

Cosourcing arrangements with external providers on specific engagements.

D.

Performance reviews comparing internal auditors' achievements against specified goals.

Which of the following scenarios best demonstrates the application of internal audit proficiency?

A.

Management requests that the internal audit activity review and provide feedback on its strategic plans for a merger, but the chief audit executive (CAE) declines the engagement due to the team's lack of experience with mergers.

B.

A CAE reassigns auditors from other audits to perform testing on all of the fixed asset additions for a period, including amounts below the materiality level stated by external auditors.

C.

Due to the routine and recurring nature of bank branch audits, an audit manager often excludes detailed planning at the beginning of the audit and immediately performs fieldwork.

D.

During fieldwork, an auditor observed a lack of segregation of duties over cash management. The auditor reported this observation to his supervisor, who decided that the area should be examined in a subsequent audit.

In which of the following scenarios would the chief audit executive (CAE) be required to decline the assignment?

A.

The CAE would need to procure external services to deliver the internal audit assurance program.

B.

There is no expertise within the internal audit team for detecting and investigating fraud.

C.

There is no expertise within the internal audit team for auditing an IT engagement.

D.

There is no available expertise on the internal audit team to perform a consulting engagement

Which of the following describes an ongoing monitoring activity that could be performed as part of an internal assessment for a quality assurance and improvement program (QAIP)?

A.

Planning and supervising engagements

B.

Evaluating the quality of supervision

C.

Identifying opportunities for improvement m internal audit's processes and procedures

D.

Determining if the objectives of QAIP are current

A global manufacturing company has three regional offices. The chief audit executive (CAE) is concerned about the cost of an upcoming external quality assessment of the internal audit activity. The last external assessment was performed six years ago. Recently, the internal audit staff at one of the regional offices performed an internal assessment. To ensure conformance with the Standards, what is the most appropriate action for the CAE to take?

A.

Request from the audit committee an additional budget and an extension so that the external assessment could be performed next year.

B.

Review the results of the internal assessment, identify weaknesses, and implement improvements at the remaining offices.

C.

Request the regional office that performed the internal assessment to perform an assessment of the remaining offices.

D.

Request that an external assessor validate the results of the internal assessment and review the remaining offices.

An organization is conducting a fraud risk assessment as part ol its risk management program. Which of the following steps is the organization most likely to perform first?

A.

Identify relevant fraud risk factors.

B.

Identify potential fraud schemes.

C.

Identify existing controls for preventing and detecting fraud.

D.

Identify red flags by conducting data analysis.

Who has the ultimate responsibility of implementing the organization’s governance system?

A.

Stakeholders

B.

The board

C.

The chief executive officer

D.

Internal auditors

An internal auditor has documented several instances in which management asked employees to ad against the policies and procedures. Which of the following is the most appropriate next step?

A.

Report the non-compliance cases to the board of directors.

B.

Recommend that management update its policies and procedures based on the circumstances.

C.

Investigate the rationale for management's actions.

D.

Recommend those employees to report the cases through the designed whistleblowing channel for the appropriate treatment.

Which of the following factors are commonly assessed to determine the magnitude of risk events?

A.

Tolerance and appetite

B.

Inherent and residual risk

C.

Cost and benefit

D.

Impact and likelihood

Which of the following scenarios would cause a chief audit executive (CAE) to immediately discontinue using any statements that would indicate conformance with the Standards in an audit report?

A.

The internal audit activity used a risk-based approach to create the internal audit plan.

B.

The engagement supervisor considered requests from senior management regarding engagements to include in the internal audit plan.

C.

The CAE only accepted engagements that the internal audit activity collectively had the knowledge to perform.

D.

The area under review restricted the internal audit activity's ability to access records, impacting the audit results.

According to IIA guidance, which of the following conditions would enhance the independence of the internal audit activity?

A.

The organizational culture rewards critical and objective thinking.

B.

The quality of work performed by the internal audit activity is periodically reviewed.

C.

The organization establishes effective governing body oversight.

D.

Audit assignments are rotated among internal audit staff.

Which of the following is an indicator that an organization's risk management processes are effective?

A.

Departmental objectives are managed by department heads and are independent of the organization's mission.

B.

Organization wide mechanisms exist to enable the identification and assessment of all significant risks.

C.

Department heads have the autonomy to determine risk responses that fall outside of the organizations risk appetite

D.

Relevant risk information is captured and communicated primarily between management and the board