Which of the following internal audit activities is performed in the design evaluation phase?
Which of the following is one of the five basic tnanoal statement assertions when an internal auditor evaluates controls over financial reporting?
Upon concluding the engagement fieldwork an internal auditor discusses the audit findings with operational management There is a greater likelihood that the auditor will obtain a responsive action plan from management when both parties agree on which of the following attributes of the audit finding?
An engagement team is being assembled to audit of one of the organization's vendors Which of the following statements best applies to this scenario?
According to IIA guidance, which of the following statements is true regarding audit workpapers?
Which of the following would be most likely found in an internal audit procedures manual?
While performing fieldwork for an assurance engagement, a member of the internal audit team identified a key control that was not identified during the planning phase of the engagement Which of the following actions by the internal auditor would be most appropriate?
The board of directors expressed concerns about potential external risks that could impact the organization s ability to meet its annual objectives and goals The board requested consulting services from the internal audit activity to gain insight regarding the external risks Which of the following engagement objectives would be appropriate to fulfill this request?
The external auditor has identified a number of production process control deficiencies involving several departments. As a result, senior management has asked the internal audit activity to complete internal control training for all related staff. According to IIA guidance, which of the following would be the most appropriate course of action for the chief audit executive to follow?
A chief audit executive (CAE) is trying to balance the internal audit activity's needs for technical audit skills budget efficiency and staff development opportunities. Which of the following would best assist the CAE in achieving this balance1?
Which of the following is the best option for the chief audit executive to consider for effective coordination of assurance coverage?
What type of audit engagement would be the most appropriate to determine how an organization could be more profitable in the long term?
According to IIA guidance, which of the following is true regarding the exit conference for an internal audit engagement?
Which of the following best describes why an internal audit activity would consider sending written preliminary observations to the audit client?
An internal auditor is preparing for an auditor of newly implemented software that is used by 3,000 employees in South America and Europe. What would be the best way for the auditor to gather relevant feedback?
When presenting an observation m writing which or the Mowing is usually true regarding the level of detail provided?
1. The description of the observation in the final audit report contains more detail then the description m the engagement workpapers
2. The description of the observation m the engagement workpapers contains more detail than the descriptor n a preliminary observation document
3. A preliminary observation document contains more detail than tie observation description in the final audit report
4. A preliminary observation document contains more detail than tie observation description in the engagement workpapers
According to IIA guidance, which of the following best describes the purpose of a planning memorandum for an audit engagement?
According to IIA guidance, which of the following reflects a valid principle for the internal audit activity to rely on the work of internal or external assurance providers?
When forming an opinion on the adequacy of management's systems of internal control, which of the following findings would provide the most reliable assurance to the chief audit executive?
• During an audit of the hiring process in a law firm, it was discovered that potential employees' credentials were not always confirmed sufficiently. This process remained unchanged at the following audit.
• During an audit of the accounts payable department, auditors calculated that two percent of accounts were paid past due. This condition persisted at a follow up audit.
• During an audit of the vehicle fleet of a rental agency, it was determined that at any given time, eight percent of the vehicles were not operational. During the next audit, this figure had increased.
• During an audit of the cash handling process in a casino, internal audit discovered control deficiencies in the transfer process between the slot machines and the cash counting area. It was corrected immediately.
A chief audit executive (CAE) a developing a work program for an upcoming engagement that will review an organization’s small contracting services. When of the following would the CAT need to consider most when developing the work program?
Which of the following should management action plans include at a minimum?
Which of the following audit steps would an internal auditor perform when reviewing cash disbursements to satisfy IIA guidance on due professional care?
Which of The following best justifies an internal auditor's decision to issue a preliminary audit report?
An internal auditor is planning an engagement at a financial institution. Toe engagement objective is to identify whether loans were granted in accordance with the organization's policies. When of the following approaches would provide the auditor with the best information?
Which of the following is the primary reason the chief audit executive should consider the organization's strategic plans when developing the annual audit plan?
The audit manager asked the internal auditor to perform additional testing because several irregularities were found in the financial information. Which of the following would be the most appropriate analytical review for the auditor to perform?
Which of the following reasonably represents best practices regarding what should be the level of internal audit resource investment in monitoring and following up on engagement outcomes?
Which of the following is a true statement regarding the use of flowcharts as an audit tool?
An internal control questionnaire would be most appropriate in which of the following situations?
To effectively communicate the acceptance of risk in an organization a chief audit executive must first consider which of the following?
Which of the following constitutes supervisory activity undertaken during the planning phase of an assurance engagement?
A draft internal audit report that cites deficient conditions generally should be reviewed with which of the following groups?
1. The client manager and her superior.
2. Anyone who may object to the report’s validity.
3. Anyone required to take action.
4. The same individuals who receive the final report.
According to HA guidance, which of the following statements regarding audit workpapers is true?
During an engagement in one of the subsidiaries of an organization, an internal auditor noted the following in the workpapers:
"As a subsidiary of a multinational organization in this particular country, the entity is required to register annually with the
respective ministry. However, the subsidiary did not submit the required documentation for registration during the prior year. Failure
to comply with internal and external regulations could lead to penalties or fines from the respective authorities. It is recommended
that the management of the subsidiary ensures compliance with the relevant legislation. As a recoverable action, management
should register the subsidiary in the current year as soon as possible."
What part of this narrative represents a condition of the observation made by auditors in the final report?
Due to price risk from the foreign currency purchase of aviation fuel, an airliner has purchased forward contracts to hedge against fluctuations in the exchange rate. When recalculating the exchange losses from individual purchases of jet fuel, which of the following details does the internal auditor need to validate?
1. The hedge documentation designating the hedge.
2. The spot exchange rate on the transaction date.
3. The terms of the forward contract.
4. The amount of fuel purchased.
A toy manufacturer receives certain components from an overseas supplier and uses them to assemble final products Recently quality reviews have identified numerous issues regarding the components' compliance with mandatory quality standards. Which type of engagement would be most appropriate to assess the root causes of the quality issues?
An internal audit manager is planning a contract compliance audit Which of the following should be done prior to developing the audit work program?
According to IIA guidance, which of the following objectives was most likely formulated for a non-assurance engagement?
Which of the following is the primary weakness of internal control questionnaires (ICQs)?
What is the primary objective of an engagement supervisor's review of key activities performed during the engagement?
Which of the following is one of the differences between probability-proportional-to-size (PPS) and attribute sampling?
According to IIA guidance, which of the following factors should the auditor in charge consider when determining the resource requirements for an audit engagement?
When establishing a quality assurance and improvement program, the chief audit executive should ensure the program is designed to accomplish which of the following objectives?
1. Add value.
2. Improve operations.
3. Provide assurance that the internal audit activity conforms with the Standards.
4. Provide assurance that the internal audit activity conforms with the IIA Code of Ethics.
An internal auditor for a regional bank suspects that the head of commercial lending has been granting loans without the required collateral Which of the following sampling techniques will be most effective for investigating the auditor's suspicion?
Which of the following statements is true pertaining to interviewing a fraud suspect?
1. Information gathered can be subjective as well as objective to be useful.
2. The primary objective is to obtain a voluntary written confession.
3. The interviewer is likely to begin the interview with open-ended questions.
4. Video recordings always should be used to provide the highest quality evidence.
An internal auditor performed a test of controls and found that a statistically selected representative sample of recorded transactions within the account receivables ledger had an error rate that was within management expectations. The associated revenue account was outside the scope of the audit engagement. How should the conclusion to this engagement be reported?
During an assurance engagement, an internal auditor noted that the time staff spent accessing customer information in large Excel spreadsheets could be reduced significantly through the use of macros. The auditor would like to train staff on how to use the macros. Which of the following is the most appropriate course of action for the internal auditor to take?
During a review of data privacy an internal auditor is tasked with testing management's identification and prioritization of critical data collected by the organization. Which of the following steps would accomplish this objective?
A corporate merger decision prompts the chief audit executive (CAE) lo propose interim changes to the existing annual audit plan to account for emerging risks Which of the following is the most appropriate action for the CAE to take regarding the changes made to the audit plan''
Which of the followings statements describes a best practice regarding assurance engagement communication activities?
Flowcharts are useful during audit planning because they contain information that may help internal auditors with which of the following?
An internal auditor is conducting an assessment of the purchasing department. She has worked the full amount of hours budgeted for the engagement; however, the audit objectives are not yet complete. According to IIA guidance, which of the following are appropriate options available to the chief audit executive?
1. Allow the auditor to decide whether to extend the audit engagement.
2. Determine whether the work already completed is sufficient to conclude the engagement.
3. Provide the auditor feedback on areas of improvement for future engagements.
4. Provide the auditor with instructions and directions to complete the audit.
An internal auditor develops an engagement observation related to an organization's accumulation of large travel advances. The auditor observes that the organization's procedures do not require justification for travel advances greater than a specific amount Which of the following best describes the organization's procedures?
The internal audit activity has adopted the balanced scorecard approach to assess its performance According to MA guidance which of the following is a key performance indicator relevant to the audit client?
Which of the following computerized audit tools or techniques should be used if the internal auditor wants to extract specific files and records in the database?
When me internal audit activity does not have sufficient time to complete its usual root cause analysis which c4 the following is most appropriate?
During a fraud interview, it was discovered that unquestioned authority enabled a vice president to steal funds from the organization. Which of the following best describes this condition?
Which of the following actions is the most appropriate response for an internal auditor to take when a significant risk is identified during a consulting engagement?
According to the International Professional Practices Framework, which of the following is an appropriate reason for issuing an interim report?
To keep management informed of audit progress when audit engagements extend over a long period of time.
To provide an alternative to a final report for limited-scope audit engagements.
To communicate a change in engagement scope for the activity under review.
After the team member who specialized in fraud investigations left the internal audit team, the chief audit executive decided to outsource fraud investigations to a third party service provider on an as needed basis. Which of the following is most likely to be a disadvantage of this outsourcing decision?
Which of the following is a primary reason for an internal auditor to use a risk and control questionnaire when auditing financial processes?
During an audit of suspense accounts the internal auditor found that there were no written policies on how suspense accounts should be treated. The auditor also found that suspense account balances were cleared once per week, not daily. Which of the following is the most appropriate first response by the auditor?
During the planning phase of an assurance engagement, an internal auditor seeks to gam an understanding of now when the area under review is accomplishing its objectives When of the
Following information-gathering techniques is the auditor most likely to use?
When constructing a staffing schedule for the internal audit activity (IAA), which of the following criteria are most important for the chief audit executive to consider for the effective use of audit resources?
1. The competency and qualifications of the audit staff for specific assignments.
2. The effectiveness of IAA staff performance measures.
3. The number of training hours received by staff auditors compared to the budget.
4. The geographical dispersion of audit staff across the organization.
Senior management wants assurance that third-party contractors are following procedures as agreed with the organization. Which type of audit would be most appropriate
to achieve this objective?
What is the best course of action for a chief audit executive if an internal auditor identifies in the early stage of an audit that some employees have inappropriate access to a key system?
During follow-up, the chief audit executive (CAE) is having a discussion with management about the internal audit team's recommendations related to a significant issue Management accepted the issue but took no remedial action What is the next step for the CAE?
The chief audit executive (CAE) should determine whether the internal audit activity has confirmed the status of all of management's corrective actions Doing so would help the CAE assess which of the following?
Acceding to IIA guidance, which of the following statements is true regarding the risk assessment process performed by the internal audit activity?
Which of the following statements is true regarding the audit objective for an assurance engagement?
Which of the following engagement supervision activities should be performed first?
In a health care organization the internal audit activity provides overall assurance on governance, risk and control The chief audit executive advises and influences senior management, and the audit strategy leverages the organization's management of risk According to HA guidance which of the following stages of internal audit maturity best describes this organization?
An internal auditor is asked to review a recently completed renovation to a retail outlet. Which of the following would provide the most reliable evidence that the completed work conformed to the plan?
Which of the following is least likely to help ensure that risk is considered in a work program?
Which of the following statements generally true regarding audit engagement planning?
The board has asked the internal audit activity (IAA) to be involved in the organization's enterprise risk management process. Which of the following activities is appropriate for IAA to perform without safeguards?
According to IIA guidance, which of the following strategies would add the least value to the achievement of the internal audit activity's (IAA's) objectives?
Which of the following best describes external benchmarking using trend analysis for a subsidiary of an international company?
To compete in the global market, an organization is restructuring and consolidating many of its divisions. Prior to the consolidation, senior management requested assistance from tie internal audit activity. Which of the following consulting services would be most appropriate in this situation?
A large investment organization hired a chief risk officer (CRO) to be responsible for the organization's risk management processes. Which of the following people should prioritize risks to be used for the audit plan?
Which of the following statements is true regarding internal auditors and other assurance providers?
According to IIA guidance, which of the following actions might place the independence of the internal audit function in jeopardy?
When addressing the excessive overtime being paid lo employees in an organization's customer service call center, which of the following would be most relevant for the internal auditor to use?
1 Confirmation.
2. Trend analysis.
3 External benchmarking
4. Internal benchmarking
An internal auditor completed a consulting engagement covering a recent advertising campaign. The audit client asked the auditor to forward a copy of the report to one of the three advertising agencies used by the organization. According to IIA guidance, which of the following statements is true regarding this request?
The chief audit executive (CAE) of a small internal audit activity (IAA) plans to test conformance with the Standards through a quality assurance review. According to the Standards, which of the following are acceptable practice for this review?
1. Use an external service provider.
2. Conduct a self-assessment with independent validation.
3. Arrange for a review by qualified employees outside of the IAA.
4. Arrange for reciprocal peer review with another CAE.
Besides a chief audit executive's professional experience what determines the frequency and approach to assessing residual risk?
Which of the following statements is true regarding risk assessments, including the evaluation and prioritization of risk and control factors?
Which of the following statements concerning workpapers is the most accurate?
Which type of assurance engagement is conducted to determine whether a process or area is performing as intended, accomplishing its objectives, and doing so in an efficient and economical way?
An internal auditor is testing the success of the IT support department in meeting the service levels guaranteed to small, medium and large customers. The customer's size classification is based on its annual expenditures with the organization and the nature and extent of services it receives. Which of the following sampling techniques would be the most suitable to select customers for this test?
The internal auditors available to perform the engagement do not have sufficient skills related to the area under review. Which of the following iss an appropriate action for the chief audit executive to take?
After concluding a preliminary assessment, the engagement supervisor prepared a draft work program According to HA guidance which of the following would be tested by this program?
An internal auditor examined a nostatistical sample of open accounts receivable balances and discovered that 10 out of 60 exceeded the approved unseated credit limit threshold defined by the organization's policy What should the auditor document in the workpapers?
In an organization with a large internal audit activity that has several audit teams performing engagements simultaneously which of the following tasks is an engagement supervisor most likely to perform during the planning phase of a new engagement?
During a consulting engagement an internal auditor wants to determine whether all principal stakeholders are involved in a project. Which tool should the auditor use?
Which of the following statements is true regarding internal control questionnaires?
Below is a flowchart detailing an organization's bank reconciliation process. Which of the following conclusions can be drawn from the flowchart?
Which of the following actions best describes an internal auditor's use of test data to determine whether an organization's new accounts payable system avoids processing questionable invoices for payment?
Which of the following would be the most helpful to a chief audit executive when developing a talent management strategy?
Where should internal auditor focus their attention when identify and assessing key risks during the planning stage of an assurance engagement?
Which of the following statement is consistent with IIA guidance the use of mentoring for internal auditors?
An internal auditor notes that employees continue to violate segregation-of-duty controls in several areas of the finance department, despite previous audit recommendations. Which of the following recommendations is the most appropriate to address this concern?
Which of the following is essential for ensuring that the internal audit activity's findings and recommendations receive adequate consideration?
Which of The following best describes a risk that is deemed "unacceptable" to the organization?
During the filework phase of an assurance engagement the internal auditor decides that she wants to adjust the audit work program. Which of the following is the most appropriate next step for the auditor to take9
Senior management requested that the internal audit activity perform a consulting project to assist in making a decision on a new software system. Which of the following would be used to determine the engagement objectives?
Which of the following factors should a chief audit executive consider when determining the audit universe?
1. Components of the organization's strategic plan.
2. Inputs from senior management and the board.
3. Views of competitors and business associates.
4. Results of exit interviews with departing employees.
An internal auditor e assessing the design of a control and has identified a potential significant weakness. The auditor shared his concern with management however management does not agree that the weakness is significant. What should the internet auditor do next?
Which of the following best describes how an internal auditor would use a flowchart during engagement planning?
Which of the following best describes the guideline for preparing audit engagement workpapers?
In which of the following ways can the internal audit activity new engagement opportunities?
An internal audit activity has to confirm the validity of the activities reported by a grantee that received a charitable contribution from the organization. Which of the following methods would best help meet this objective?
The chief audit executive (CAF) determined that the residual risk identified in an assurance engagement is acceptable. When should this be communicated to senior management?
In which of the following populations would the internal auditor most likely choose to use a stratified sampling approach?
According to the MA guidance, which of the following does the engagement work program test in a review of an organizational process?
An internal auditor used a risk and control matrix to prepare a work program for testing a software release. During the engagement planning stage, he tested the design of
the release procedure as a key control and concluded that the control was not designed well. During the performance stage, he tested the operation of this control and
concluded that it was implemented as designed. Which of the following statements is true regarding this scenario?
According to IIA guidance, which of the following procedures would be least effective in managing the risk of payroll fraud?
Which of the following would most likely cause an internal auditor to consider adding fraud work steps to the audit program?
A senior IT auditor is performing an audit of inventory valuation. The auditor misinterprets the sampling results. Which of the following best describes this situation?
An organization recently acquired a subsidiary in a new industry, and management asked the chief audit executive (CAE) to perform a comprehensive audit of the subsidiary prior to recommencing operations The CAE is unsure her team has the necessary skills and knowledge to accept the engagement According to IIAguidance, which of the following responses by the CAE would be most appropriate?
Which of the following would not be a typical activity for the chief audit executive to perform following an audit engagement?
Which of the following recommendations made by the internal audit activity (IAA) is most likely to help prevent fraud?
Acceding to MA guidance, when of the Mowing strategies would like provide the most assurance to the chief audit executive (CAE) that the internal audit activity's recommendations are being acted upon?
According to IIA guidance, which of the following are the most important objectives for helping to ensure the appropriate completion of an engagement?
1. Coordinate audit team members to ensure the efficient execution of all engagement procedures.
2. Confirm engagement workpapers properly support the observations, recommendations, and conclusions.
3. Provide structured learning opportunities for engagement auditors when possible.
4. Ensure engagement objectives are reviewed for satisfactory achievement and are documented properly.
According to IIA guidance, which of the following are appropriate actions for the chief audit executive regarding management's response to audit recommendations?
An organization has a mature control environment but limited internal audit resources Given this scenario, on which of the following should the internal auditors focus their testing?
In addition to gathering information, which of the following is a primary objective of a client interview conducted during the planning stage of an audit engagement?
'Internal policy prohibits employees from entering into contacts with financial obligations without proper approval.
A project manager signed a change to an important service agreement without obtaining the proper approval As a result the organization is receiving $5,000 per month less for its services.’’
Which of the following should be added to the observation?