EMT Practice Test

1. Question Content...


Question List

Question1: Which of the following best illustrates the primary focus of a risk-based approach to control self-assessment?

Question2: Which of the following scenarios best illustrates a rationalization as the root cause of potential fraud?

Question3: Sometimes, internal audit staff may partner with operating managers to rank risks. Which of the following outcomes may be the most beneficial aspects of this strategy?
1. Reappraising risks levels.
2. Providing accurate information to management.
3. Marketing the internal audit activity.
4. Planning safeguards for assets in high-risk areas.

Question4: Which of the following types of social responsibilities is voluntary and guided purely by the organization's desire to make social contributions?

Question5: Which of the following statements is true regarding the roles and responsibilities associated with a corporate social responsibility (CSR) program?

Question6: According to IIA guidance, which of the following best describes internal auditors' responsibility regarding fraud?

Question7: An internal auditor has been asked to conduct an investigation involving allegations of independent contractor fraud. Which of the following controls would be least effective in detecting any potential fraudulent activity?

Question8: Unsecured loans are loans:

Question9: According to the Standards, which of the following is leastimportant in determining the adequacy of an annual audit plan?

Question10: Which of the following is an effective approach for internal auditors to take to improve collaboration with audit clients during an engagement?
1. Obtain control concerns from the client before the audit begins so the internal auditor can tailor the scope accordingly.
2. Discuss the engagement plan with the client so the client can understand the reasoning behind the approach.
3. Review test criteria and procedures where the client expresses concerns about the type of tests to be conducted.
4. Provide all observations at the end of the audit to ensure the client is in agreement with the facts before publishing the report.

Question11: Which of the following are core responsibilities to be included in the internal audit charter?
1. Review reliability and integrity of financial and operating information and the means used to identify, measure, classify, and report such information.
2. Determine the adequacy and effectiveness of the organization's systems of internal accounting and operating controls.
3. Participate in the planning and performance of audits of potential acquisitions with the organization's outside accountants and other members of the corporate staff.
4. Report to those members of management who should be informed of results of audit examinations, the audit opinions formed, and the recommendations made.

Question12: Which of the following is a disadvantage of selecting a commercial software package rather than developing an application internally?

Question13: Which of the following is a role of the board of directors in the governance process?

Question14: Which of the following statements accurately describes the responsibility of the internal audit activity (IAA) regarding IT governance?
1. The IAA does not have any responsibility because IT governance is the responsibility of the board and senior management of the organization.
2. The IAA must assess whether the IT governance of the organization supports the organization's strategies and objectives.
3. The IAA may assess whether the IT governance of the organization supports the organization's strategies and objectives.
4. The IAA may accept requests from management to perform advisory services regarding how the IT governance of the organization supports the organization's strategies and objectives.

Question15: Which of the following is not a potential area of concern when an internal auditor places reliance on spreadsheets developed by users?

Question16: Which of the following statements is true about The IIA Global Internal Audit Competency Framework?

Question17: Which of the following are appropriate functions for an IT steering committee?
1. Assess the technical adequacy of standards for systems design and programming.
2. Continually monitor of the adequacy and accuracy of software and hardware in use.
3. Assess the effects of new technology on the organization`s IT operations.
4. Provide broad oversight of implementation, training, and operation of new systems.

Question18: Which of the following best describes the four components of a balanced scorecard?

Question19: Which of the following factors should a chief audit executive consider when determining the audit universe?
1. Components of the organization's strategic plan.
2. Inputs from senior management and the board.
3. Views of competitors and business associates.
4. Results of exit interviews with departing employees.

Question20: Import quotas that limit the quantities of goods that a domestic subsidiary can buy from its foreign parent company represent which type of barrier to the parent company?

Question21: In which type of business environment are price cutting strategies and franchising strategies most appropriate?

Question22: Which of the following is an example of a risk management avoidance response?

Question23: Which of the following risks is best addressed by encryption?

Question24: For an engineering department with a total quality management program, important elements of quality management include all of the following except:

Question25: Which of the following is a weakness of observation as audit evidence?

Question26: The percentage of sales method, rather than the percentage of receivables method, would be used to estimate uncollectible accounts if an organization seeks to:

Question27: An organization produces two products, X and Y.
The materials used for the production of both products are limited to 500 kilograms (kg) per month. All other resources are unlimited and their costs are fixed. Individual product details are as follows:
Product X
Product Y
Selling price per unit
$10
$13
Materials per unit (at $1/kg)
2 kg
6 kg
Monthly demand
100 units
120 units
In order to maximize profit, how much of product Y should the organization produce each month?

Question28: According to IIA guidance, which of the following is a primary component of a network security strategy?

Question29: Which of the following control methods is effective in reducing the risk of purchasing-scheme fraud?
1. Periodically reviewing the vendor list for unusual vendors and addresses.
2. Segregating duties for amount purchasing, receiving, shipping, and accounting.
3. Validating sequential integrity of purchase orders.
4. Verifying the validity of invoices with post office box addresses.

Question30: Which of the following is not included in the process of user authentication?

Question31: An audit identified a number of weaknesses in the configuration of a critical client/server system. Although some of the weaknesses were corrected prior to the issuance of the audit report, correction of the rest will require between 6 and 18 months for completion. Consequently, management has developed a detailed action plan, with anticipated completion dates, for addressing the weaknesses. What is the most appropriate course of action for the chief audit executive to take?

Question32: A manufacturer is under contract to produce and deliver a number of aircraft to a major airline. As part of the contract, the manufacturer is also providing training to the airline's pilots. At the time of the audit, the delivery of the aircraft had fallen substantially behind schedule while the training had already been completed. If half of the aircraft under contract have been delivered, which of the following should the internal auditor expect to be accounted for in the general ledger?

Question33: According to the Standards, which of the following is based on the assertion that the quality of an organization's risk management process should improve with time?

Question34: During the last year, an organization had an opening inventory of $300,000, purchases of $980,000, sales of
$1,850,000, and a gross margin of 40 percent. What is the closing inventory if the periodic inventory system is used?

Question35: Which of the following are appropriate reasons for internal auditors to document processes as part of an audit engagement?
1. To determine areas of primary concern.
2. To establish a standard format for process mapping.
3. To define areas of responsibility within the organization.
4. To assess the performance of employees.

Question36: According to MA guidance, which of the following would indicate poor change management control?
1. Low change success rate
2. Occasional planned outages
3. Low number of emergency changes.
4. Instances of unauthorized changes

Question37: Which of the following is an example of a directive control?

Question38: An organization accumulated the following data for the prior fiscal year:
Value of
Percentage of
Quarter
Output Produced
Cost X
1
$4,750,000
2.9
2
$4,700,000
3.0
3
$4,350,000
3.2
4
$4,000,000
3.5
Based on this data, which of the following describes the value of Cost X in relation to the value of Output Produced?

Question39: Which of the following would be a risk in the development of end-user computing (EUC) applications, compared to traditional information systems?

Question40: Which of the following is not a common feature of cumulative preferred stock?

Question41: An internal auditor was asked to review an equal equity partnership In one sampled transaction Partner A transferred equipment into the partnership with a self-declared value of $10,000 and Partner B contributed equipment with a self-declared value of $15 000 The capital accounts of each partner were subsequently credited with S12,500. Which of the following statements is true regarding this transaction?

Question42: Which of the following statements is true regarding reversing entries in an accounting cycled

Question43: Which of the following statements is true regarding assurance services provided to clients outside of the organization?

Question44: A rapidly expanding retail organization continues to be tightly controlled by its original small management team. Which of the following is a potential risk in this vertically centralized organization?

Question45: Which of the following would provide the most relevant assurance that the application under development will provide maximum value to the organization?

Question46: Which of the following is most likely to enhance an internal auditor's objectivity?

Question47: Which mindset promotes the most comprehensive risk management strategy?

Question48: Which of the following factors should be considered when determining the appropriate combination of manual techniques and computer-assisted audit techniques (CAATs) to be used during an audit?
1. Acceptance of CAATs findings by entity management.
2. Computer knowledge and expertise of the auditor.
3. Time constraints.
4. Level of audit risk.

Question49: According to IIA guidance, which of the following is ultimately responsible for seeing that the internal control system of an organization's social responsibility program is effective?

Question50: A former line supervisor from the Financial Services Department has completed six months of a two-year development opportunity with the internal audit activity (IAA). She is assigned to a team that will audit the organization's payroll function, which is managed by the Human Resources Department. Which of the following statements is most relevant regarding her independence and objectivity with respect to the payroll audit?

Question51: An organization's board would like to establish a formal risk management function and has asked the chief audit executive (CAE) to be involved in the process. According to IIA guidance, which of the following roles should the CAE not undertake?

Question52: Where complex problems need to be addressed, which of the following communication networks would be most appropriate?

Question53: According to IIA guidance, which of the following statements is true regarding analytical procedures?

Question54: According to IIA guidance, which of the following would be the best first step to manage risk when a third party is overseeing the organization's network and data?

Question55: Which of the following engagement observations would provide the least motivation for management to amend or replace an existing cost accounting system?

Question56: Which of the following techniques would provide the most compelling evidence that a safety hazard exists within a manufacturing facility?

Question57: Which of the following is a type of network in which an organization permits specific users (such as existing customers) to have access to its internal network through the Internet by building a virtual private network?

Question58: An internal auditor has been assigned to facilitate a risk and control self-assessment for the finance group.
Which of the following is the most appropriate role that she should assume when facilitating the workshop?

Question59: An auditor identifies three errors in the sample of 25 entries selected for review (a 12 percent error rate).
Based on this result, the auditor assumes that approximately 59 of the total population of 492 entries are incorrect. To reach this assumption, the auditor has used a technique known as which of the following?

Question60: Which of the following is the most common way that occupational fraud is detected?

Question61: Which of the following must be in existence as a precondition to developing an effective system of internal controls?

Question62: Which of the following factors is most likely to lead to a lack of cohesiveness in a project team?

Question63: Which of the following application-based controls is an example of a programmed edit check?

Question64: Which of the following stages of contracting focuses on aligning the markets with objectives of the organization?

Question65: An organization is facing a financial downturn and needs to impose major budget reductions to all departments. According to MA guidance, which of the following actions is most appropriate for the board to take to evaluate the potential impact on the internal audit activity?

Question66: According to IIA guidance, which of the following should be included in the internal audit charter?

Question67: Which of the following best describes the purpose of disaster recovery planning?

Question68: Which of the following is the best approach to overcome entry barriers into a new business?

Question69: Due to price risk from the foreign currency purchase of aviation fuel, an airliner has purchased forward contracts to hedge against fluctuations in the exchange rate. When recalculating the exchange losses from individual purchases of jet fuel, which of the following details does the internal auditor need to validate?
1. The hedge documentation designating the hedge.
2. The spot exchange rate on the transaction date.
3. The terms of the forward contract.
4. The amount of fuel purchased.

Question70: Which of the following would be the most appropriate first step for the board to take when developing an effective system of governance?

Question71: According to IIA guidance, which of the following statements is true regarding the reporting of results from an external quality assessment of the internal audit activity?

Question72: According to IIA guidance, which of the following statements about working papers is false?

Question73: When an organization is choosing a new external auditor, which of the following is the most appropriate role for the chief audit executive to undertake?

Question74: According to IIA guidance, which of the following is least compliant with the requirements regarding an internal auditor's need for objectivity?

Question75: According to The MA Global Internal Audit Competency Framework, which of the following areas of training would best assist the internal audit activity in improving its use of tools and techniques?

Question76: Which of the following is true regarding the COSO enterprise risk management framework?

Question77: An organization had three large centralized divisions: one that received customer orders for service work; one that scheduled the service work at customer locations; and one that answered customer calls about service problems. These three divisions were restructured into seven regional groups, each of which performed all three functions. One advantage of this restructuring would be:

Question78: A multinational organization has asked the internal audit activity to assist in setting up the organization's risk management system. The chief audit executive (CAE) agrees to take on the engagement as a consultant.
Which of the following tasks is appropriate for the CAE to undertake?

Question79: According to IIA guidance, when preparing the charter for the internal audit activity, the chief audit executive (CAE), board, and senior management should agree on which of the following?
1. The standards to be used by the internal audit activity.
2. The internal audit activity's code of ethics.
3. The CAE's reporting line.
4. The internal audit activity's responsibilities.

Question80: According to IIA guidance, which of the following corporate social responsibility (CSR) evaluation activities may be performed by the internal audit activity?
1. Consult on CSR program design and implementation.
2. Serve as an advisor on CSR governance and risk management.
3. Review third parties for contractual compliance with CSR terms.
4. Identify and mitigate risks to help meet the CSR program objectives.

Question81: A global business organization is selecting managers to post to various international (expatriate) assignments.
In the screening process, which of the following traits would be required to make a manager a successful expatriate?
1. Superior technical competence.
2. Willingness to attempt to communicate in a foreign language.
3. Ability to empathize with other people.

Question82: Operational management in the IT department has introduced performance evaluation policies that are linked to employees achieving continuing education hours. This activity is designed to prevent which of the following conditions?

Question83: An organization needs to borrow a large amount of cash to fund its expansion plan. Which of the following annual interest rates is least expensive?

Question84: What is the purpose of a secondary control?

Question85: The process of scenario planning begins with which of the following steps?

Question86: Which of the following describes a typical desktop workstation used by most employees in their daily work?

Question87: An organization has a health and safety division that conducts audits to meet regulatory requirements. The chief health and safety officer reports directly to the CEO. Which of the following describes an appropriate role for the chief audit executive (CAE) with regard to the organization's health and safety program?

Question88: What kind of strategy would be most effective for an organization to adopt in order to implement a unique advertising campaign for selling identical product lines across all of its markets?

Question89: An internal auditor is conducting a review of the procurement function and uncovers a potential conflict of interest between the chief operating officer and a significant supplier of IT software development services.
Which of the following actions is most appropriate for the internal auditor to take?

Question90: A multinational organization involved in online business has planned to set up a help desk service. Which of the following best describes the role performed by the help desk?

Question91: If a just-in-time purchasing system is successful in reducing the total inventory costs of a manufacturing company, which of the following combinations of cost changes would be most likely to occur?

Question92: According to IIA guidance, which of the following statements best justifies a chief audit executive's request for external consultants to complement internal audit activity (IAA) resources?

Question93: A chief audit executive (CAE) is reviewing the internal audit activity's performance and is concerned that the average number of revisions to findings is steadily rising, making it increasingly difficult to trace the finding to the supporting evidence and workpapers. According to MA guidance, which of the following elements of the internal audit activity's quality assurance and improvement program would provide the CAE with the most helpful insight into the cause of this problem?

Question94: When setting the scope for the identification and assessment of key risks and controls in a process, which of the following would be the least appropriate approach?

Question95: According to IIA guidance, which of the following are appropriate actions for the chief audit executive regarding management's response to audit recommendations?

Question96: According to IIA guidance, which of the following strategies would add the least value to the achievement of the internal audit activity's (IAA's) objectives?

Question97: An internal auditor is conducting a financial audit. Which of the following audit procedures is most appropriate when existing internal controls are weak?

Question98: An organization facing rapid growth decides to employ a third party service provider to manage its customer relationship management function. Which of the following is true regarding the supporting application software used by that provider compared to an in-house developed system?
1. Updating documentation is always a priority.
2. System availability is usually more reliable.
3. Data security risks are lower.
4. Overall system costs are lower.

Question99: Which of the following enhances the independence of the internal audit activity?

Question100: According to the COSO enterprise risk management framework, which of the following best describes the activity that helps ensure risk responses are carried out effectively?

Question101: Which of the following statements about mentoring is true?
1. Mentoring can be used effectively for increasing employee retention
2. Mentoring can be used effectively in reducing employees frustration.
3. Mentoring can be used effectively for increasing organization communication.
4. Mentoring can be used effectively as a short term activity consisting of instruction and training

Question102: According to IIA guidance, which of the following procedures would be least effective in managing the risk of payroll fraud?

Question103: According to IIA guidance, organizations have the most influence on which element of fraud?

Question104: Which of the following would not be a typical activity for the chief audit executive to perform following an audit engagement?

Question105: Which of the following is an appropriate role for the internal audit activity with regard to the organization's risk management program?

Question106: In mergers and acquisitions, which of the following is an example of a horizontal combination?

Question107: During an assurance engagement, an internal auditor noted that the time staff spent accessing customer information in large Excel spreadsheets could be reduced significantly through the use of macros. The auditor would like to train staff on how to use the macros. Which of the following is the most appropriate course of action for the internal auditor to take?

Question108: Which of the following characteristics is most important specifically for a global manager to possess in order to be successful?

Question109: The internal audit activity is planning a procurement audit and needs to obtain a thorough understanding of the subcontracting process, which can involve multiple individuals in multiple countries.
Which of the following internal audit tools would be most effective to document the process and the key controls?

Question110: A supervisor receives a complaint from an employee who is frustrated about having to learn a new software program. The supervisor responds that the new software will enable the employee to work more efficiently and with greater accuracy. This response is an example of:

Question111: In the current year, a merchandising organization had an inventory turnover ratio of 3.0, which was less than the industry average of 6.5. Which of the following offers the most likely explanation for this difference?

Question112: Which of the following statements describes impairment to the internal auditor's objectivity?

Question113: Which of the following is true regarding an organization's relationship with external stakeholders?

Question114: An internal auditor is performing analytical reviews as part of an audit of a supermarket's merchandising department. Because the economy has declined since midyear, the auditor can expect to encounter which of the following?

Question115: According to IIA guidance, which of the following individuals should receive the final audit report on a compliance engagement for the organization's cash disbursements process?

Question116: Which of the following conflict resolution methods should be applied when the intention of the parties is to solve the problem by clarifying differences and attaining everyone's objectives?

Question117: Which of the following statements best describes the frameworks set forth by the International Standards Organization?

Question118: Which of the following local area network physical layouts is subject to the greatest risk of failure if one device fails?

Question119: The chief audit executive (CAE) of a small internal audit activity (IAA) plans to test conformance with the Standards through a quality assurance review. According to the Standards, which of the following are acceptable practice for this review?
1. Use an external service provider.
2. Conduct a self-assessment with independent validation.
3. Arrange for a review by qualified employees outside of the IAA.
4. Arrange for reciprocal peer review with another CAE.

Question120: Forty-five percent of an organization's customer payments are submitted online. Eight percent of online payments are rejected. Executive management decides to outsource its online payment services to a contractor that will assume 75 percent of the total value of rejected payments. The organization estimates $1.25 million customer payments due during the contract period.
Which of the following represents the organization's residual risk for online customer payments due?

Question121: Which of the following examples demonstrates that the internal audit activity uses descriptive analytics in its engagements?

Question122: Organizations use matrix management to accomplish which of the following?

Question123: Organizational activities that complement each other and create a competitive advantage are called a:

Question124: Which of the following should an organization consider when developing strategic objectives for its business processes?
1. Contribution to the success of the organization.
2. Reliability of operational information.
3. Behaviors and actions expected of employees.
4. How inputs combine with outputs to generate activities.

Question125: Which of the following most accurately describes the purpose of application authentication controls?

Question126: Which of the following control activities is the most effective to ensure users' levels of access are appropriate for their current roles?

Question127: A chief audit executive is preparing interview questions for the upcoming recruitment of a senior internal auditor. According to IIA guidance, which of the following attributes shows a candidate's ability to probe further when reviewing incidents that have the appearance of misbehavior?

Question128: Which of the following would most likely cause an internal auditor to consider adding fraud work steps to the audit program?

Question129: Which of the following would be considered a violation of The IIA's mandatory guidance on independence?

Question130: According to IIA guidance, which of the following accurately describes the responsibilities of the chief audit executive with respect to the final audit report?
1. Coordinate post-engagement conferences to discuss the final audit report with management.
2. Include management's responses in the final audit report.
3. Review and approve the final audit report.
4. Determine who will receive the final audit report.

Question131: According to the International Professional Practices Framework, which of the following statements is true regarding a corporate social responsibility (CSR) program?
1. Every employee generally has a responsibility for ensuring the success of CSR objectives.
2. The board has overall responsibility for the effectiveness of internal control processes associated with CSR.
3. Public reporting on the CSR governance process is expected.
4. Organizations generally have flexibility regarding what is included in a CSR program.

Question132: A chief audit executive (CAE) received a detailed internal report of senior management's internal control assessment. Which of the following subsequent actions by the CAE would provide the greatest assurance over management's assertions?

Question133: A large investment organization hired a chief risk officer (CRO) to be responsible for the organization's risk management processes. Which of the following people should prioritize risks to be used for the audit plan?

Question134: Which of the following statements are true regarding the use of heat maps as risk assessment tools?
1. They focus primarily on known risks, limiting the ability to identify new risks.
2. They rely heavily on objective assessments and related risk tolerances.
3. They are too complex to provide an easily understandable view of key risks.
4. They are helpful but limited in value in a rapidly changing environment.

Question135: All of the following are true with regard to the first-in, first-out inventory valuation method except:

Question136: Which of the following is an example of a risk avoidance response?

Question137: Which of the following is a justifiable reason for omitting advance client notice when planning an audit engagement?

Question138: Which of the following factors is most responsible for the increasing risk that unauthorized parties may obtain or tamper with personal data?

Question139: An employee frequently uses a personal smart device to send and receive work-related emails. Which of the following controls would be most effective to mitigate security risks related to these transmissions?

Question140: Which of the following is the best way to detect fraud?

Question141: The balanced scorecard approach differs from traditional performance measurement approaches because it adds which of the following measures?
1. Financial measures
2. Internal business process measures.
3. Client satisfaction measures
4. Innovation and learning measures

Question142: The following transactions and events occurred during the year:

- $300,000 of raw materials were purchased, of which $20,000 were returned because of defects
- $600,000 of direct labor costs were incurred.
- S750.000 of manufacturing overhead costs were incurred.
What is the organization's cost of goods sold for the year?

Question143: Which of the following actions are appropriate for the chief audit executive to perform when identifying audit resource requirements?
1. Consider employees from other operational areas as audit resources, to provide additional audit coverage in the organization.
2. Approach an external service provider to conduct internal audits on certain areas of the organization, due to a lack of skills in the organization.
3. Suggest to the audit committee that an audit of technology be deferred until staff can be trained, due to limited IT audit skills among the audit staff.
4. Communicate to senior management a summary report on the status and adequacy of audit resources.

Question144: According to IIA guidance, which of the following steps are most important for an internal auditor to perform when evaluating an organization's social and environmental impact on the local community?
* Determine whether previous incidents have been reported, managed, and resolved.
* Determine whether a business contingency plan exists.
* Determine the extent of transparency in reporting.
* Determine whether a cost/benefit analysis was performed for all related projects.

Question145: According to IIA guidance, which of the following statements is true regarding periodic internal assessments of the internal audit activity?

Question146: Management would like to self-assess the overall effectiveness of the controls in place for its 200-person manufacturing department. Which of the following client-facilitated approaches is likely to be the most efficient way to accomplish this objective?

Question147: Which of the following factors is considered a disadvantage of vertical integration?

Question148: An organization engages in questionable financial reporting practices due to pressure to meet unrealistic performance targets. Which internal control component is most negatively affected?

Question149: An organization is projecting sales of 100,000 units, at a unit price of $12. Unit variable costs are $7. If fixed costs are $350,000, what is the projected total contribution margin?

Question150: The critical path for any project is the path that exhibits which of the following characteristics?

Question151: According to IIA guidance, which of the following are considerations of due professional care when an internal auditor conducts a formal consulting engagement?
1. The complexity of the work required.
2. The needs and expectations of the client.
3. The potential value of the engagement compared to the effort.
4. Information regarding assumptions and procedures to be employed.

Question152: Which of the following is an example of a physical control?

Question153: Which of the following offers the best evidence that the internal audit activity has achieved organizational independence?

Question154: An internal auditor wants to sample data to test an audit theory in a cost-effective way. Which of the following sampling strategies should she use?

Question155: Which of the following combinations of conditions is most likely a red flag for fraud?

Question156: The main reason to establish internal controls in an organization is to:

Question157: If a bank's activities are categorized under such departments as community banking, institutional banking, and agricultural banking, what kind of departmentalization is being utilized?

Question158: The chief audit executive of a medium-sized financial institution is evaluating the staffing model of the internal audit activity (IAA). According to IIA guidance, which of the following are the most appropriate strategies to maximize the value of the current IAA resources?
* The annual audit plan should include audits that are consistent with the skills of the IAA.
* Audits of high-risk areas of the organization should be conducted by internal audit staff.
* External resources may be hired to provide subject-matter expertise but should be supervised.
* Auditors should develop their skills by being assigned to complex audits for learning opportunities.

Question159: According to IIA guidance, which of the following are the most important objectives for helping to ensure the appropriate completion of an engagement?
1. Coordinate audit team members to ensure the efficient execution of all engagement procedures.
2. Confirm engagement workpapers properly support the observations, recommendations, and conclusions.
3. Provide structured learning opportunities for engagement auditors when possible.
4. Ensure engagement objectives are reviewed for satisfactory achievement and are documented properly.

Question160: Which of the following is the most likely reason an organization may decide to undertake a stock split?

Question161: According to MA guidance on IT which of the following best describes a but recovery and restore processes have not been defined?

Question162: Which of the following best describes a market signal?

Question163: The newly appointed chief audit executive (CAE) of a large multinational corporation, with seasoned internal audit departments located around the world, is reviewing responsibilities for engagement reports. According to IIA guidance, which of the following statements is true?

Question164: According to IIA guidance, which of the following scenarios demonstrates an internal auditor exercising due professional care?
When auditing investments, the auditor identified instruments with which he was unfamiliar.
He decided not to select that type of investment in his sample, as he did not have the knowledge needed to A. perform a proper assessment.

Question165: A brand manager in a consumer food products organization suspected that several days of the point-of-sale data on the spreadsheet from one grocery chain were missing. The best approach for detecting missing rows in spreadsheet data would be to:

Question166: The chief risk officer (CRO) of a large manufacturing organization decided to facilitate a workshop for process managers and staff to identify opportunities for improving productivity and reducing defects. Which of the following is the most likely reason the CRO chose the workshop approach?

Question167: Which of the followings statements describes a best practice regarding assurance engagement communication activities?

Question168: An internal auditor is evaluating techniques management uses to mitigate risks within a particular product division. Which of the following is an example of risk reduction?

Question169: In which of the following plans is an employee most likely to find guidance on action and performance standards?

Question170: A key advantage of developing a computer application by using the prototyping approach is that it:

Question171: An organization has implemented a software system that requires a supervisor to approve transactions that would cause treasury dealers to exceed their authorized limit. This is an example of which of the following types of controls?

Question172: The board has asked the internal audit activity (IAA) to be involved in the organization's enterprise risk management process. Which of the following activities is appropriate for IAA to perform without safeguards?

Question173: Which of the following is an example of a phishing attack?

Question174: An organization decided to install a motion detection system in its warehouse to protect against after-hours theft. According to the COSO enterprise risk management framework, which of the following best describes this risk management strategy?

Question175: Which of the following statements is true pertaining to interviewing a fraud suspect?
1. Information gathered can be subjective as well as objective to be useful.
2. The primary objective is to obtain a voluntary written confession.
3. The interviewer is likely to begin the interview with open-ended questions.
4. Video recordings always should be used to provide the highest quality evidence.

Question176: A furniture manufacturer has installed a new fire sprinkler system at its central warehouse and canceled the existing fire insurance policy on that property. What change of risk response strategy does this course of action most likely reflect?

Question177: When management uses the absorption costing approach, fixed manufacturing overhead costs are classified as which of the following types of costs?

Question178: Refer to the exhibit.

Presented below are partial year-end financial statement data (000 omitted from dollar amounts) for companies A and B:
If company A has a quick ratio of 2:1, then it has an accounts receivable balance of:

Question179: Which of the following conditions are necessary for successful change management?
1. Decisions and necessary actions are taken promptly.
2. The traditions of the organization are respected.
3. Changes result in improvement or reform.
4. Internal and external communications are controlled.

Question180: An internal audit charter should do which of the following?

Question181: Which of the following actions should the audit committee take to promote organizational independence for the internal audit activity?

Question182: According to IIA guidance, which of the following external groups is most likely to represent a liability risk, based on activities associated with the organization's corporate social responsibility program?

Question183: The internal audit activity completed an initial risk analysis of the organization's data storage center and found several areas of concern. Which of the following is the most appropriate next step?

Question184: An internal audit charter, approved by the board, restricts the internal audit activity to providing assurance only on the reliability of financial information and the effectiveness of internal accounting controls. Which of the following statements is true regarding the extent to which the external auditor may rely on the internal audit activity's work?

Question185: What must be monitored in order to manage risk of consumer product inventory obsolescence?
1. Inventory balances.
2. Market share forecasts.
3. Sales returns.
4. Sales trends.

Question186: What should the internal auditor's role be in assessing the organization's ethical climate?

Question187: Which of the following network types should an organization choose if it wants to allow access only to its own personnel?

Question188: Due to a recent system upgrade, an audit is planned to test the payroll process. Which of the following audit objectives would be most important to prevent fraud?

Question189: One change control function that is required in client/server environments, but is not required in mainframe environments, is to ensure that:

Question190: While auditing an organization's credit approval process, an internal auditor learns that the organization has made a large loan to another auditor's relative. Which course of action should the auditor take?

Question191: The market price is the most appropriate transfer price to be charged by one department to another in the same organization for a service provided when:

Question192: Which of the following statements is true regarding the use of public key encryption to secure data while it is being transmitted across a network?

Question193: Which of the following should be included in a privacy audit engagement?
1. Assess the appropriateness of the information gathered.
2. Review the methods used to collect information.
3. Consider whether the information collected is in compliance with applicable laws.
4. Determine how the information is stored.

Question194: For employees, the primary value of implementing job enrichment is which of the following?

Question195: New environmental regulations require the board to certify that the organization's reported pollutant emissions data is accurate. The chief audit executive (CAE) is planning an audit to provide assurance over the organization's compliance with the environmental regulations. Which of the following groups or individuals is most important for the CAE to consult to determine the scope of the audit?

Question196: Which of the following is the most important concept to be included in a consulting engagement agreement?

Question197: A code of business conduct should include which of the following to increase its deterrent effect?
1. Appropriate descriptions of penalties for misconduct.
2. A notification that code of conduct violations may lead to criminal prosecution.
3. A description of violations that injure the interests of the employer.
4. A list of employees covered by the code of conduct.

Question198: When developing the organization's first risk universe, which of the following would the chief audit executive be least likely to consider?

Question199: An organization is considering the outsourcing of its business processes related to payroll and information technology functions. Which of the following is the most significant area of concern for management regarding this proposed agreement?

Question200: Which of the following would not impair the objectivity of internal auditor?

Question201: Which of the following statements about slack time and milestones are true?
1. Slack time represents the amount of time a task may be delayed without delaying the entire project.
2. A milestone is a moment in time that marks the completion of the project's major deliverables.
3. Slack time allows the project manager to move resources from one task to another to ensure that the project is finished on time.
4. A milestone requires resource allocation and needs time to be completed.

Question202: An internal auditor determines that certain information from the engagement results is not appropriate for disclosure to all report recipients because it is privileged. In this situation, which of the following actions would be most appropriate?

Question203: Which of the following is the most appropriate test to assess the privacy risks associated with an organization's workstations?

Question204: While performing an accounts payable engagement, a senior auditor wants to conduct several tests of controls for travel expenses. Which of the following actions are most appropriate for the senior auditor to undertake?
1. Ensure all tests use a random sampling technique.
2. Consider a judgmental approach for the sample size.
3. Assess testing errors through root cause analysis.
4. Ensure that the entire data set is tested.

Question205: Which of the following options correctly defines a transmission control protocol/Internet protocol (TCP/IP)?

Question206: An internal auditor is conducting an assessment of the purchasing department. She has worked the full amount of hours budgeted for the engagement; however, the audit objectives are not yet complete. According to IIA guidance, which of the following are appropriate options available to the chief audit executive?
1. Allow the auditor to decide whether to extend the audit engagement.
2. Determine whether the work already completed is sufficient to conclude the engagement.
3. Provide the auditor feedback on areas of improvement for future engagements.
4. Provide the auditor with instructions and directions to complete the audit.

Question207: Which of the following best describes the details that must be included in the quality assurance and improvement program (QAIP) report to senior management and the board?

Question208: Which of the following statements is correct regarding risk analysis?

Question209: According to The IIA's Code of Ethics, which of the following is true?

Question210: Which of the following situations is most likely to impair internal audit objectivity?

Question211: According to MA guidance, which of the following best describes an adequate management (audit) trail application control for the general ledger?

Question212: Data encryption is an example of which of the following controls?