Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpt65

IIA-CIA-Part1 Questions and Answers

Question # 6

Which of the following is the most appropriate way to ensure that a newly formed internal audit activity remains free from undue influence by management?

A.

Appoint the chief audit executive as a member of the board.

B.

Adopt written policies and procedures for the internal audit activity, approved by the board.

C.

Ensure the chief audit executive reports administratively to the audit committee.

D.

Establish the internal audit activity’s position within the organization in an audit charter.

Full Access
Question # 7

When a plant manager from within the organization is hired as a rotational internal auditor within the internal audit activity which area should he most likely be trained for immediately?

A.

Industry knowledge

B.

Project management

C.

Leadership skills

D.

Risk assessments

Full Access
Question # 8

Which of the following statements is true regarding corporate social responsibility (CSR)?

A.

Many of the areas explored by CSR are normally included in an audit universe or annual audit plan

B.

Despite significant corporate resources spent on CSR reporting investors generally do not rely on CSR information

C.

Unlike many other areas of reporting responsibilities impacting stakeholders, CSR is largely voluntary

D.

Typically operating management does not have a major role to play based on the public nature of reporting

Full Access
Question # 9

Which of the following specifications in an internal audit charter is the most important factor in the internal audit activity’s independence?

A.

Description of internal audit activity's responsibilities

B.

Definition of internal auditing

C.

Statement of internal audit activity's authonty

D.

Description of internal audit activity's reporting structure

Full Access
Question # 10

Which of the following is an example of a risk avoidance strategy?

A.

Outsourcing the payroll function

B.

Installing cameras in the mailroom

C.

Exiting a product line

D.

Insuring all fixed assets

Full Access
Question # 11

Which of the following would be considered advanced expertise which most internal auditors are not expected to possess'?

A.

The ability to evaluate fraud risk

B.

The ability to detect and investigate fraud

C.

The ability to assess risk management strategies

D.

The ability to create test databases

Full Access
Question # 12

According to IIA guidance, which of the following actions by the chief audit executive (CAE) best demonstrates the organizational independence of the internal audit activity?

A.

The CAE seeks senior management approval of the internal audit charter

B.

The CAE obtains senior management's approval to hire staff

C.

The CAE reports significant issues to the organization's CEO

D.

The CAE provides the board with an annual budget for approval

Full Access
Question # 13

According to IIA guidance, which of the following statements is true regarding internal auditors' knowledge, skills and other competencies?

A.

The chief audit executive (CAE) must obtain competent advice and assistance if the internal audit activity lacks the knowledge, skills, or other competencies needed to complete the audit engagement

B.

Internal auditors must have sufficient knowledge to evaluate the risk of fraud and the manner in which it is managed by the organization and should have the expertise of a fraud investigator

C.

Internal auditors need to have basic knowledge of key IT risks and controls and available technology-based audit techniques in order to perform their assigned work

D.

The CAE must refuse a consulting engagement if the internal audit activity lacks the knowledge, skills, or other competencies needed to perform all or part of the engagement

Full Access
Question # 14

Management would like to self-assess the overall effectiveness of the controls in place for its 200-person manufacturing department. Which of the following client-facilitated approaches is likely to be the most efficient way to accomplish this objective?

A.

Workshops.

B.

Surveys.

C.

Interviews.

D.

Observation.

Full Access
Question # 15

Which of the following is the primary engagement responsibility of an entry-level internal auditor?

A.

Leadership.

B.

Documentation.

C.

Analysis.

D.

Reporting.

Full Access
Question # 16

A chief audit executive (CAE) has no direct access to the board. According to IIA guidance, which of the following is the most appropriate way for the CAE to react?

A.

Ensure all subsequent audit reports include a disclaimer as to the lack of access to the board,

B.

Focus on operational audit work and disregard lack of direct access to the members of the board.

C.

Initiate changes to the internal audit charter to report to senior management for the time being,

D.

Engage in written communications with the board and present relevant issues in writing

Full Access
Question # 17

According to NA guidance, which of the following provides the best evidence of conformance with the Standards with respect to the proficiency required of the internal audit activity?

A.

Discussions with the chief audit executive.

B.

A listing of employee profiles and certifications.

C.

Inquiry of external auditors.

D.

Validation by human resources.

Full Access
Question # 18

A snow removal company is conducting a scenario planning exercise where participating employees consider the potential impacts of a significant reduction in annual snowfall for the coming winter. Which of the following best describes this type of risk?

A.

Residual.

B.

Net.

C.

Inherent.

D.

Accepted.

Full Access
Question # 19

According to IIA guidance, which of the following statements is true regarding reporting the results of the quality assurance and improvement program?

A.

Results of internal assessments need to be reported to the board at least once every five years.

B.

The external assessor must present the findings from the external assessment to senior management and the board upon completion.

C.

Deficiencies within the internal audit activity must be reported to the board as soon as they are noted.

D.

Results of ongoing monitoring of the internal audit activity's performance must be reported to senior management and the board at least annually

Full Access
Question # 20

An internal auditor believes that the internal audit activity's independence is impaired. Which of the following actions should the internal auditor take first?

A.

Report the impairment to senior management

B.

Discuss the impairment with the audit manager

C.

Ascertain the best approach to disclose the impairment.

D.

Decide on the extent of impact of the impairment

Full Access
Question # 21

During a review of employee benefits, a staff internal auditor observed an ambiguity in the incentive compensation policy. If reported, it could negatively impact the internal auditor's compensation. Which of the following would encourage the internal auditor to be objective in his work?

A.

Periodic reinforcement of the internal audit activity's code of ethics disclosure practices.

B.

External assessments of the internal audit activity every five years.

C.

Audit committee review of every engagement report at the conclusion of the audit.

D.

Internal audit charter approved by the board.

Full Access
Question # 22

A regional entertainment organization is in the process of developing a corporate social responsibility (CSR) policy. Management invites ideas from employees when developing the CSR policy. Which of the following is the most appropriate idea to include?

A.

Management has overall responsibility for the effectiveness of governance, risk management, and internal control processes associated with CSR.

B.

The board is responsible for ensuring that CSR objectives are established, risks are managed, performance is measured, and activities are appropriately monitored and reported.

C.

Management is responsible for ensuring that the organization’s CSR principles are communicated, understood, and integrated into decision-making processes.

D.

Generally, CSR activities are limited to the management of the organization; thus, employees do not have a responsibility for ensuring the success of CSR objectives.

Full Access
Question # 23

Which of the following statements best demonstrates application of due professional care during an assurance engagement?

A.

The engagement detected irregularities and noncompliance instances.

B.

The engagement supervisor had no significant comments in the supervisory review.

C.

The audit procedures were systematically planned, executed, and documented.

D.

The engagement objectives were designed to assist the engagement client.

Full Access
Question # 24

An internal audit activity includes in its audit reports the assertion that its work is performed in conformance with the International Standards for the Professional Practice of Internal Auditing ( Standards). A recent external quality assessment concluded that the internal audit activity had substantial deficiencies that impact its overall operations.

According to IIA guidance, which of the following is the most appropriate action for issuing future audit reports?

A.

Refrain from indicating that the internal audit activity operates in conformance with the Standards until the chief audit executive confirms that the internal audit activity

has addressed all areas of nonconformance and the audit committee has been notified.

B.

Refrain from indicating that the internal audit activity operates in conformance with the Standards until another external assessment confirms that the significant areas of nonconformance have been addressed.

C.

Indicate that the internal audit activity operates in partial conformance with the Standards t as the internal audit activity has a quality assurance and improvement program in place to address deficiencies and has met the requirement for conducting an external assessment.

D.

Update and reissue previous audit reports, removing the assertion that the internal audit activity operates in conformance with the Standards, and distribute them to ail parties who received the original reports.

Full Access
Question # 25

Which of the following resources would be most effective for an organization that would like to improve how it informs stakeholders of its social responsibility performance?

A.

ISO 26000.

B.

Global Reporting Initiative.

C.

Open Compliance and Ethics Group.

D.

COSO’s enterprise risk management framework

Full Access
Question # 26

Which requirement should the chief audit executive consider when communicating results of the quality assurance and improvement program to the board of a large

organization?

A.

The internal assessment results should be discussed once every five years,

B.

The rating conclusions and the impact from results of the external assessment should be explained,

C.

The results of the external assessment should be discussed every seven years,

D.

The qualifications and independence of the internal assessment team should be discussed

Full Access
Question # 27

In an assurance engagement focused on the adequacy of organizationwide risk management practices, which of the following best describes a primary area of interest for the engagement?

A.

The effectiveness of process-level and transaction-level controls.

B.

Conflicts of interest within the organizational structure of the senior management.

C.

The alignment of management decisions with the level of risk the organization is willing to accept.

D.

The actions of upper management in response to the internal audit activity's reporting

Full Access
Question # 28

According to NA guidance, which of the following is true regarding typical fraud schemes?

1. A diversion occurs when an employee has an undisclosed personal economic interest in a transaction that adversely affects

the organization.

2. Tax evasion is intentional reporting of false or misleading information on a tax return by an organization to reduce taxes owed.

3. Skimming involves stealing cash or assets from the organization and is normally concealed by adjusting the organization’s

records.

4, Disbursement fraud occurs when a person causes the organization to issue a payment for fictitious goods or services.

A.

1 and 3.B.

B.

1 and 4.

C.

2 and 3.

D.

2 and 4.

Full Access
Question # 29

A business unit manager was impressed by the competence of the internal auditor who was conducting an assurance engagement in his area and the manager made the auditor an attractive job offer to begin after the audit was completed The auditor later told her auditor in charge that she was considering the offer. Which of the following IIA Code of Ethics principles was most likely violated?

A.

Integrity

B.

Confidentiality

C.

Objectivity

D.

No violation was committed

Full Access
Question # 30

The largest risks facing an organization should be mitigated by which type of controls?

A.

Entity-level

B.

Activity-level

C.

Transaction-level

D.

Process-level

Full Access
Question # 31

According to IIA guidance, which of the following is true of the internal audit activity’s quality assurance and improvement program?

1 Monitoring the internal audit activity’s performance must be ongoing

2 All aspects of the internal audit activity should be evaluated

3 The requirement for external assessments can be satisfied through self-assessments that are validated by an independent external party

4 The review of assurance services should be the primary focus

A.

1 and 2 only

B.

2 and 3 only

C.

2 and 3

D.

1 3 and 4

Full Access
Question # 32

An external assessment of an organization's internal audit activity was last completed four years ago Which of the following options would be acceptable this year if the internal audit activity is to fulfill the requirements of the Standards?

A.

The internal audit activity conducts a self-assessment that is validated by a qualified and experienced internal auditor and then schedules a qualified, independent external assessor

B.

The board nominates an independent individual from senior management in the organization to conduct an assessment of the internal audit activity

C.

An external auditor conducts an audit of the organization which includes information about the internal audit activity

D.

The chief audit executive schedules a self-assessment and the board approves the results

Full Access
Question # 33

Which of the following scenarios best illustrates due professional care?

A.

An internal auditor who previously worked in the payroll department within the last year was intentionally excluded by the chief audit executive from the audit team assigned to a payroll audit

B.

While performing a payroll audit an auditor became skeptical about significant payments made to a manager. The auditor sought to determine whether these payments were reasonable through discussion with a manager in a different department in the organization

C.

The head of the payroll department being audited is a business partner of the engagement supervisor During the audit the engagement supervisor sought to maintain his objectivity by not participating in fieldwork

D.

An auditor assigned to a payroll audit was unable to reperform some complex payroll computations for a small number of employees The sum of these payments was below the materiality thresholds provided so the auditor did not perform further tests

Full Access
Question # 34

An organization is testing a new IT system for digital data storage and security. The internal audit activity has been asked to evaluate the system in a consulting engagement. Although several internal auditors on staff are qualified to perform basic assessments of IT systems, none are familiar with the new system. Which of the following is a legitimate response to the prospective client?

1. Decline the engagement.

2. Proceed with the engagement, performing only those parts of the engagement that the internal auditors are qualified to perform.

3. Accept the engagement and develop the additional competencies in-house prior to the engagement's starting date.

4. Make arrangements to obtain assistance from a competent IT auditing expert.

A.

1 and 4 only.

B.

2 and 3 only.

C.

1. 2, and 3 only.

D.

1, 3, and 4 only.

Full Access
Question # 35

According to IIA guidance, which of the following is the primary reason the chief audit executive discusses the internal audit charter with senior management and the board?

A.

To provide guidance and solicit feedback on managing the internal audit activity as expected by various stakeholders.

B.

To provide an understanding of the Mission of Internal Audit and The IIA's mandatory guidance elements.

C.

To provide an update on the internal audit activity's quality of engagement supervision.

D.

To provide information on existing internal audit planning, changes to the internal audit plan, and the rationale for the changes

Full Access
Question # 36

According to IIA guidance, which of the following best describes expense reimbursement fraud'?

A.

Theft of cash after it is recorded in the books

B.

Theft of cash before it is recorded in the books

C.

Theft of assets through fictitious or inflated invoices

D.

Theft of assets through false mileage travel logs and meal charges

Full Access
Question # 37

Who is responsible for setting the risk appetite?

A.

External auditors.

B.

Chief risk officer.

C.

Operations management.

D.

Board of directors.

Full Access
Question # 38

Guidelines need to be set for various levels of suspected fraud within an organization and when it would be reported to the audit committee. Which of the following would be

reported at the next meeting?

A.

Minor theft of less than $10,000, not involving senior management.

B.

Theft using collusion for more than $10,000. but not involving senior management.

C.

Denial of access to requested employees during an audit.

D.

Discussion of replacement of the chief audit executive.

Full Access
Question # 39

According to IIA guidance, which of the following actions best demonstrates that due professional care has been considered by the internal audit activity when conducting a review of an organization's assets?

A.

Determining whether any opportunity exists for senior executives to misappropriate property or funds

B.

Planning and executing fieldwork In a complete and timely manner to identify all significant risks

C.

Verifying whether the board of directors has implemented effective internal controls

D.

Having senior management determine whether the degree of work planned is sufficient to meet engagement objectives

Full Access
Question # 40

Which of the following is the first step in the process of identifying relevant fraud risk factors?

A.

Identifying preventive and detective controls

B.

Gathering information about the organization’s business activities to gain an understanding of fraud risks

C.

Engaging in strategic reasoning to anticipate the fraud scheme

D.

The use of brainstorming, management interviews, analytical procedures and review of prior frauds.

Full Access
Question # 41

An organization's board recommends revising the internal audit charter by adding requirements regarding the hiring and compensation of the chief audit executive as well as information on approving the internal audit budget. Which of the following is the board most likely defining in the charter?

A.

Functional and administrative responsibilities of internal audit activity.

B.

Authority and objectivity of internal audit activity.

C.

Independence and objectivity of internal audit activity.

D.

Assurance and improvement of internal audit activity.

Full Access
Question # 42

Which of the following statements about internal audit consulting engagements is true?

A.

The primary purpose of a consulting engagement is to assess evidence and provide conclusions.

B.

The internal audit activity determines the nature and scope of work for the specific consulting engagement

C.

Internal auditors may provide consulting services relating to operations for which they had previous responsibilities.

D.

It is not appropriate to communicate control issues identified during consulting engagements to the board

Full Access
Question # 43

Which of the following scenarios best illustrates a rationalization as the root cause of potential fraud?

A.

Managers who have been with the organization for several decades become aware that newly hired, younger managers are being moved more quickly into senior positions.

B.

The controller at a nationwide manufacturing company recently opted to no longer require two-week mandatory vacations for accounting staff.

C.

Security cameras that monitor cash handling at the register are not functioning.

D.

The organization is slowly phasing out three mature products that produce the highest commissions for the sales staff

Full Access
Question # 44

Why is it imperative for the chief audit executive to track and develop the educational qualifications of internal audit staff?

A.

To accurately conduct performance appraisals

B.

To ensure that staff complete required continuing professional education credits annually.

C.

To ensure that the resources needed to complete the audit plan are available.

D.

To satisfy the audit committee requirements.

Full Access
Question # 45

Which of the following statements is true regarding consulting engagements?

A.

Internal auditors cannot provide consulting services related to operations for which they had previous responsibilities.

B.

The nature of consulting services to be performed by internal auditors must be defined in the internal audit charter

C.

If internal auditors have potential impairments to objectivity related to the proposed consulting engagement, the engagement must be declined.

D.

If internal auditors lack the knowledge, skills, or other competencies needed to perform the consulting engagement, the engagement can proceed with proper disclosures.

Full Access
Question # 46

According to IIA guidance, which of the following statements is true regarding the internal audit activity’s responsibilities in providing consulting services?

A.

The chief audit executive is responsible for deciding the priority of consulting services in the internal audit plan

B.

The scope of consulting services is determined primarily by the internal auditor with input from management of the area under review

C.

The board defines the internal audit activity’s responsibilities over consulting activities

D.

Adding value to an organization requires the internal audit activity to initiate a consulting engagement

Full Access
Question # 47

An internal audit activity maintains a quality assurance and improvement program that includes annual self-assessments The internal audit activity includes in each engagement report a clause that the engagement is conducted in conformance with the International

Standards for the Professional Practice of Internal Auditing ( Standards) Which of the following justifies inclusion of this clause in the reports?

A.

Internal audit activity policies and engagement records provide relevant, sufficient, and competent evidence that the statement is correct

B.

The audit committee has reviewed the annual self-assessment results and approved the use of the clause

C.

The self-assessment results were validated by a qualified external review team three years prior

D.

The internal audit charter, approved by the audit committee requires conformance with the Standards

Full Access