EMT Practice Test

1. Question Content...


Question List

Question1: Which of the following is a responsibility of the internal audit activity as it relates to risk and risk management?

Question2: The manager of the payroll department requested a review of the payroll process, but only wants the engagement to include processes related to approval of time worked. What type of activity is this?

Question3: An automobile manufacturer will become one of the first in the industry to adopt a new inventory management software. Despite the system being new to the market, senior management believes that the benefits are great enough to offset the potential risks. Which of the following aspects of risk management does senior management's decision best illustrate?

Question4: In which of the following scenarios would the internal auditor's objectivity be best protected?

Question5: As part of a fraud investigation by regulators, a court order was issued to a bank. The court order requested the chief audit executive (CAE) to provide access to a number of audit reports and workpapers, some of which included customers' confidential information such as transaction activity and other personal details. What is the appropriate response by the CAE?

Question6: Which of the following scenarios is a characterize of an organization with a highly effective ethical culture?

Question7: With regard To IT governance, which of the following is the most effective and appropriate role for the internal audit activity?

Question8: An organization sells products through distributors. The organization's chief audit executive insists that the organization's code of conduct be applicable to their distributors as well. Which of the following risks would this mitigate?

Question9: Which of the following statements is most likely to be true regarding a consulting engagement involving an organization's new payroll system?

Question10: Management is installing security cameras to identify unauthorized physical access to the organization's warehouse. This is an example of which of the following types of controls?

Question11: In the COSO internal control framework, which of the following components serves as the foundation for the other components?

Question12: For a new board chair who has not previously served on the organization's board, which of the following steps should first be undertaken to ensure effective leadership to the board?

Question13: According to NA guidance, which of the following corporate sociaf responsibility (CSR) evaluation activities may be performed by the internal audit activity?
1. Consult on CSR program design and implementation.
2. Serve as an advisor on CSR governance and risk management.
3. Review third parties for contractual compliance with CSR terms.
4. Identify and mitigate risks to help meet the CSR program objectives.

Question14: According to The IIA's Code of Ethics, an internal auditor who has a romantic relationship with an audit client violates which of the following rules of conduct?

Question15: According to MA guidance, which of the following best demonstrates that the chief audit executive is properly reporting the results of the quality assurance and improvement program lo senior management and the board?

Question16: An internal auditor has suspicions that some fictitious vendors have been created in the organization's computer system. Which of the following would be the best technique to detect this fraud?

Question17: Which of the following is true regarding the use of a formal risk management framework?
1. It facilitates a methodical approach to risk mitigation.
2. It defines and standardizes the terminology used in risk communication.
3. It establishes the risk tolerance levels to be accommodated in the strategy.
4. It facilitates the alignment of risk mitigation strategies with management priorities.

Question18: Which of the following is the best way for an internal auditor to demonstrate due professional care?

Question19: The chief audit executive of an organization assigns audit resources to undertake a consulting engagement requested by senior management the previous year, and a scheduled assurance audit of the procurement process Which of the following appropriately differentiates the two engagements?

Question20: Which of the following is an example of a management control technique?

Question21: Which of the following best describes the board's role in establishing effective organizational governance?

Question22: Senior management relies on the professional judgment of an internal auditor and uses outcomes of her audit work to make business decisions Which of the following personal qualities displayed by the internal auditor is most likely the foundation for this relationship?

Question23: Which of the following is an advantage of using nongovernmental organization (NGO) members on an assurance team when auditing corporate social responsibility?

Question24: In a small organization, management is unable to achieve adequate segregation of duties for its cash-handling procedures Therefore hidden surveillance cameras were installed to monitor cash-handling activities Which of the following best describes this type of control?

Question25: Which of the following is most likely to be considered a control weakness?

Question26: A chief audit executive (CAE) identifies that the internal audit activity lacks a necessary skill to perform a management request for a consulting engagement. According to IIA guidance, which of the following is the most appropriate action the CAE should take regarding the request?

Question27: In addition to her internal audit activity responsibilities, the chief audit executive has been asked to oversee the organization's insurance function. Which of the following responses is most appropriate?

Question28: Which of the following should be implemented to promote independence of the internal audit activity?

Question29: Which of the following documents would promote objectivity within an organization's internal audit activity?

Question30: An internal auditor discovered fraud while performing an audit of an organization's procurement process.
Which of the following describes the greatest benefit of using forensic auditing techniques in this scenario?

Question31: An internal auditor extended the scope of testing for a disbursements engagement following a fraud risk assessment Despite the investment of additional audit resources no significant issues were found Unfortunately a major payment fraud was discovered several months later According to IIA guidance which of the following statements is true regarding the internal auditor's application of due professional care?

Question32: Which of the following statements is true regarding an organization's code of ethics?

Question33: A regional entertainment organization is in the process of developing a corporate social responsibility (CSR) policy. Management invites ideas from employees when developing the CSR policy. Which of the following is the most appropriate idea to include?

Question34: According to MA guidance, which of the following activities would typically be examined when using the maturity model approach for assessing an organization's risk management program?

Question35: A large commercial bank was fined by regulators for fraudulent practices when employees, over a period of time, opened thousands of new accounts for existing clients without the clients' consent. It was later found that employees were given unrealistic new account targets and were aggressively monitored by management on a daily basis.
Which of the following controls would have most likely reduced the likelihood of the fraudulent practice from occurring?

Question36: In which of the following scenarios would it be appropriate for the chief audit executive (CAE) to report that the internal audit activity conforms with the Standards?

Question37: According to MA guidance, which of the following best describes how often the chief audit executive should review the quality assurance and improvement program of the internal audit activity?

Question38: An organization's senior management team is awarding substantial bonuses if employees meet financial targets. Which of the following motivators to potentially commit fraud would become most likely in this scenario?

Question39: Which of the following is the first step in the process of identifying relevant fraud risk factors?

Question40: According to MA guidance, which of the following is the most accurate statement regarding the internal audit charter?

Question41: Which of the following needs to be established prior to undertaking an assessment of the quality assurance and improvement program?

Question42: Which of the following is a greater consideration for internal auditors when they are performing a consulting engagement than when they are performing an assurance engagement'?

Question43: The internal audit activity is undergoing a self-assessment as part of its quality assurance and improvement program Which of the following observations must be addressed in order for the internal audit activity to achieve conformance with the Standards?

Question44: Which of the following situations undermines the independence of the internal audit activity?

Question45: Which of the following situations best describes an internal auditor who may have violated the IIA Code of Ethics principle of confidentiality?

Question46: Which of the following best demonstrates the authority of the internal audit activity?

Question47: Of all the common characteristics of frauds, which of the following can the organization influence the most?

Question48: Which of the following statements is true regarding the role of the internal audit activity in the organization's risk management process?

Question49: The results of an assessment of the adequacy of controls would be considered incomplete or misleading unless the internal auditor considers which of the following?

Question50: Which of the following is most important for an internal auditor to consider when developing an approach for an audit engagement in a foreign country?

Question51: Which of the following represents a deficiency in the control environment?

Question52: Which of the following would be considered an impairment to an internal auditor's objectivity when performing a review of the organization's procurement function'?

Question53: An internal audit activity is using the auditing-by-element approach to audit the organization's controls around corporate social responsibility. Which of the following would be an element for the internal audit activity to consider?

Question54: Considering the concepts of organizationwide risk management and the system of internal controls, the internal audit activity as a whole can be considered which of the following types of control?

Question55: Following a quality assurance review of a small internal audit activity, the external reviewer and the chief audit executive (CAE) cannot agree on the importance of several deficiencies noted during the review. Which of the following would be the most appropriate next step for the reviewer to take?

Question56: An organization s board of directors has decided that the internal audit activity must have greater access to different pans of the organization in order to perform their assurance work effectively Which of !he following areas is the board seeking to improve by making this change?

Question57: Which of the following written documents typically offers the best evidence that internal auditors exercise due professional care in conformance with the Standards?

Question58: A fraud investigation was completed by management, and a proven fraud was communicated to relevant authorities. According to IIA guidance, which of the following roles would be most appropriate for the internal audit activity to undertake after the investigation?

Question59: An organization's fraud policies and procedures dictate that the internal audit activity does not have primary responsibility for conducting fraud investigations and should, in fact, refrain from involvement in investigations. Which of the following activities would be considered acceptable for internal auditors to perform of this organization?

Question60: Which of the following is part of a fraud detection program?

Question61: Which of the following is an example of a directive control?

Question62: The management team of an agricultural organization has prioritized corporate social responsibility (CSR) initiatives. Which of the following would be considered a CSR activity'?

Question63: The chief audit executive (CAE) of a new internal audit activity is creating an internal audit charter According to IIA guidance, which of the following terms is most likely to be included in the charter?

Question64: Which of the following scenarios best illustrates due professional care?

Question65: Which of the following statements best describes the difference between risk appetite and risk tolerance?

Question66: Which of the following statements is true regarding control activities'?

Question67: Which of the following statements is correct regarding disclosure of conformance or nonconformance with the Standards?

Question68: Which of the following activities best ensures that internal auditors grow professionally in alignment with current industry trends to meet the expectations of primary stakeholders?

Question69: An internal audit activity maintains a quality assurance and improvement program that includes annual self-assessments. The internal audit activity includes in each engagement report a clause that the engagement is conducted in conformance with the International! Standards for the Professional Practice of Internal Auditing (Standards). Which of the following justifies inclusion of this clause in the reports?

Question70: The internal audit activity was asked to conduct an investigation for potential fraud in the treasury department and subsequently contracted with a forensic accountant to join the team for the engagement. Which of the following parties has the primary responsibility for resolving any fraud incidents found as a result of this investigation?

Question71: According to IIA guidance, which of the following statements is true regarding internal auditors' knowledge, skills and other competencies?

Question72: When dealing with various stakeholders which of the following is true regarding an internal auditor's responsibility to remain objective and independent?

Question73: Upon completion of an external quality assessment, which of the following would the chief audit executive be required to report to the board?

Question74: An engagement supervisor obtains facilities maintenance reports from a contractor during an audit of third-party services. Which of the following is the source of authority for the engagement supervisor to make such contact outside the organization?

Question75: Which of the following situations is most likely to heighten an internal auditor's professional skepticism regarding potential fraud?

Question76: Which of the following are considered root causes of fraud?

Question77: An organization opened its warehouse to sell written-off surplus and outdated office furniture to the general public. Prices were negotiable, and customers could pay by cash, check, or credit card. Receipts were available upon request, and were issued by the inventory manager upon collection of payment. At the end of the day, the manager forwarded all of the funds he had collected to the finance department for deposit. Which of the following types of fraud is most likely to occur under these circumstances?

Question78: Which of the following best describes the internal audit activity's responsibility within a risk and control framework?

Question79: Which of the following types of fraud tests would be most effective if an internal auditor was looking for possible fictitious vendors?

Question80: Which of the following actions is a chief audit executive most likely to take in order to identify gaps in the internal audit activity's knowledge, skills, and competencies?

Question81: Which of the following actions would best help the internal audit activity promote continuous improvement in control effectiveness within the organization?

Question82: According to IIA guidance, which of the following statements is true regarding due professional care?

Question83: Which of the following organizations has reached the most mature level of corporate social responsibility?

Question84: Which of the following best demonstrates organizational independence of the internal audit activity?

Question85: The organization's internal audit charter was last updated six years ago. To update the charter, which of the following actions is most appropriate for the chief audit executive to take?

Question86: With regard to organizational governance assurance, which of the following is an appropriate role for the internal audit activity'?

Question87: Which of the following best describes organizational governance processes?

Question88: An internal auditor was offered expensive tickets to a sporting event by the manager of an area that she was currently auditing. The auditor politely declined. Which of the following fundamental principles of the MA Code of Ethics did she display?

Question89: Which of the following is the best reason why the engagement supervisor should take care in explaining to local management the criteria that will be used to measure the effectiveness of the control environment?

Question90: According to NA guidance which of the following should be documented in the internal audit chatter?

Question91: Which competency is required of all staff internal auditors prior to the commencement of an IT audit?

Question92: According to IIA guidance, which of the following actions is a chief audit executive required to take with regard to reporting the results of the quality assurance and improvement program?

Question93: Which of the following actions should the audit committee take to promote organizational independence for the internal audit activity?

Question94: During a review of employee benefits, a staff internal auditor observed an ambiguity in the incentive compensation policy. If reported, it could negatively impact the internal auditor's compensation. Which of the following would encourage the internal auditor to be objective in his work?

Question95: According to IIA guidance, which of the following statements is true regarding mentoring programs designed to assist internal auditors with their professional development?

Question96: In an assurance engagement focused on the adequacy of organizationwide risk management practices, which of the following best describes a primary area of interest for the engagement?

Question97: Which of the following options describes the reason that conformance with The IIA's Code of Ethics is mandatory for internal auditors?

Question98: After the final audit report was issued, the engagement supervisor received an expensive gift from management recognizing her assistance in improving the business, if the gift is accepted, which of the following would be true?

Question99: Which of the following is the best way for internal auditors to demonstrate their proficiency to effectively carry out their professional responsibilities?

Question100: An accounts payable clerk has recently transferred Into the internal audit activity and has been assigned to an engagement related to accounts payable processes for which he was previously responsible Which of the following is the best action for the new internal auditor to take?

Question101: Which of the following best describes why a chief audit executive might obtain the services of a fraud specialist to assist in a major fraud investigation'?

Question102: Under which of the following circumstances should the final audit report include a disclosure of nonconformance with the Standards?

Question103: Internal controls belong to which risk response category?

Question104: A business unit manager was impressed by the competence of the internal auditor who was conducting an assurance engagement in his area and the manager made the auditor an attractive job offer to begin after the audit was completed The auditor later told her auditor in charge that she was considering the offer. Which of the following IIA Code of Ethics principles was most likely violated?

Question105: According to IIA guidance, which of the following statements is true regarding ISO 31000?

Question106: Which of the following is a limitation of detective internal controls in fraud management?

Question107: Management assessed the organization's risk of expanding operations into a new, but volatile, region and began looking for a compatible local partner to manage sales and distribution. Which of the following best describes this risk management technique?

Question108: What should be the first step for a newly hired chief audit executive to build and maintain the proficiency of the internal audit activity'?

Question109: According to IIA guidance, which of the following is required of an internal audit activity?

Question110: Which of the following statements is true regarding consulting and assurance engagements performed by the internal audit activity'?

Question111: Which of the following types of policies best helps promote objectivity in the interna! audit activity's work?

Question112: If an internal auditor suspects fraud during an engagement which of the following is expected of the auditor?

Question113: Which of the following actions should the internal audit activity take during an audit engagement when examining the effectiveness of risk management processes?

Question114: During an audit of the purchasing department, an internal auditor identifies significant issues that could affect the organization's financial reporting. Management disagrees with the audit results. Which of the following responses best demonstrates the internal auditor has the necessary competencies related to professional Judgment and conflict management?

Question115: Which of the following is the best example of a risk appetite statement concerning an investment portfolio?

Question116: According to IIA guidance, the nature and scope of assurance and consulting services to be offered must be clearly delineated in which of the following internal audit documents?

Question117: An internal audit team analyzed the organization's value-at-risk model during an assurance engagement and suggested several useful improvements. Management was impressed by the internal audit team's work and requested additional actions. Which of the following requested actions would impact internal audit independence most severely if fulfilled?

Question118: A chief audit executive (CAE) has no direct access to the board. According to IIA guidance, which of the following is the most appropriate way for the CAE to react?

Question119: Which of the following process weaknesses is most likely to cause an internal auditor the most concern about fraud risk?

Question120: Who is responsible for ensuring internal auditors' continuing professional development?

Question121: During the closing meeting of a procurement audit, the business manager disagrees with the observation presented by the engagement supervisor and accuses the team of not understanding the procurement objectives The engagement supervisor blames the manager for impeding the audit What skillset should the chief audit executive utilize to manage this situation?

Question122: An engagement supervisor noted that an internal auditor's personal relationship with a process owner resulted in the auditor providing a favorable and partial assessment during an audit within that process owner's area.
According to MA guidance, which of the following should be used to manage this impairment?

Question123: What should the chief audit executive do when the internal audit activity is found to be in nonconformance with the Code of Ethics or the Standards?

Question124: Which of the following best demonstrates conformance with the Standards relating to continuing professional development of internal auditors?

Question125: According to IIA guidance, which of the following training methods is considered most effective in assisting new entry-level internal auditors in achieving competence with internal audit practices in the workplace?

Question126: When taken by a chief audit executive, which of the following actions would be most likely to prevent division management from exaggerating sales reports?
1. Announcing a series of internal audit engagements focusing on compliance with corporate sales-reporting policies.
2. Asking the president and the board to issue a statement of corporate policy stressing the importance of accurate management reporting and the negative consequences of intentional misreporting.
3. Setting up a hotline for employees to report fraudulent behavior anonymously,
4. Assisting the controller in developing and monitoring a series of business process indicators, which are historically correlated with, but independent of sales.

Question127: Which of the following is most likely to impair the organizational independence of the internal audit activity?

Question128: In its five years of existence, an internal audit activity conducted a single internal assessment of its quality assurance and improvement program (QAIP). The results of that assessment showed that the internal audit activity did not conform with the Standards. Prior to this, an external assessment of the internal audit activity's QAIP was conducted, which reported that the internal audit activity was in conformance with the Standards.
Considering the two assessments, what would be the internal audit activity's current state of conformance with the Standards?

Question129: Which of the following parties would be responsible for ongoing monitoring of the organization's corporate social responsibility activities to reduce its carbon footprint?

Question130: Senior management purchased surveillance cameras and installed them over a door that provides entry to an area where according to a recent internal audit report, hazardous materials exist and there is a high risk of explosion Which type of control was implemented in this situation?

Question131: An internal auditor is finalizing an audit report on the effectiveness of the organization's overall system of internal control. Several audit tests were performed, and the only issue identified was that the CEO frequently asks employees to make exceptions or bypass the organization's standard written policies and procedures.
Which of the following conclusions is most appropriate for the auditor to report?

Question132: Which of the following is most likely to impair the internal audit activity's independence?

Question133: The chief audit executive (CAE) is drafting the annual internal audit plan and seeks input from senior management and the external auditor prior to submitting it for approval to the board. According to MA guidance, which of the following statements is true regarding this scenario?

Question134: Which of the following activities should the chief audit executive perform to ensure compliance with an organization's code of conduct?

Question135: During an audit of company expenses, the internal auditor performed a test using data analytics and identified a violation of the company's expenses policy. The auditor who discovered the issue considered it a potential fraudulent transaction and informed the chief financial officer (CFO). The CFO dismissed the concern because he did not understand the data analytics test that was performed and the transaction was of a low value. Given this situation, which skills or competencies should this internal auditor seek to improve?

Question136: Which of the following statements relating to risk management is true?

Question137: According to IIA guidance, which of the following corporate social responsibility {CSR) evaluation activities may be performed by the internal audit activity?
1. Consult on CSR program design and implementation
2. Serve as an advisor on CSR governance and risk management.
3. Review third parties for contractual compliance with CSR terms.
4. Identify and mitigate risks to help meet the CSR program objectives.

Question138: During an assurance engagement the internal audit team discovers that employees performing a control do not understand the principles behind it. Before the engagement concludes, at management's request the audit team facilitates several formal training sessions to help explain those principles to the employees. Which of the following best describes the engagement provided by the internal audit activity in this scenario?

Question139: According to ISO 31000, which of the following statements is correct?

Question140: An external assessment of an organization's internal audit activity was last completed four years ago Which of the following options would be acceptable this year if the internal audit activity is to fulfill the requirements of the Standards?

Question141: An internal audit activity includes in its audit reports the assertion that its work is performed in conformance with the International Standards for the Professional Practice of Internal Auditing ( Standards). A recent external quality assessment concluded that the internal audit activity had substantial deficiencies that impact its overall operations.
According to IIA guidance, which of the following is the most appropriate action for issuing future audit reports?

Question142: Which of the following statements best describes how the internal audit activity obtains reasonable assurance that significant risks in the organization are identified and assessed?

Question143: Which of the following tools would be most useful to an internal auditor performing an assessment of the effectiveness of the organization's risk responses?

Question144: According to IIA guidance, which of the following statements is true with regard to the chief audit executive's (CAE's) responsibility for conducting a self-assessment of the internal audit activity?
1 The CAE should select an independent reviewer or review team to perform sufficient tests of the self-assessment to validate the results
2 The CAE should validate results by engaging experienced audit professionals from a separate internal audit activity outside of the organization to reperform all of the tests conducted for the assessment
3. The CAE should select independent, nonaudit professionals who are knowledgeable about the organization and the industry in which it operates to assist with performing the self-assessment
4. The CAE may consider performing a self-assessment with independent external validation in Iieu of performing a full external assessment

Question145: An internal auditor was assigned to work in the procurement department for six months to gam m-depth knowledge about the procurement process. Which of the following personnel development practices was applied in this situation?

Question146: An internal auditor believes that the internal audit activity's independence is impaired. Which of the following actions should the internal auditor take first?

Question147: Which of the following is a true statement regarding controls such as ethical values, tone at the top and operational style?

Question148: A newly hired internal auditor is performing an engagement that requires significant IT expertise that he does not possess. If the auditor does not alert the chief audit executive about his lack of expertise and decides to perform the engagement anyhow, which principle of the IIA's Code of Ethics would he violate?

Question149: A whistle blower notified internal audit of a conflict of interest between an organization's employee and a major supplier. Which of the following steps should be undertaken first?

Question150: When would on-the-job training be more effective?

Question151: Which of the following statements is true regarding electronic funds transfer (EFT)?

Question152: Which of the following statements best demonstrates application of due professional care during an assurance engagement?

Question153: Which of the following actions should the organization's governing body perform to provide the most effective governance over the organization's culture?

Question154: A chief audit executive (CAE) is considering hiring a candidate who most recently worked for a large public accounting firm What would be the CAE's most likely concern regarding this candidate*?

Question155: Which of the following describes a primary responsibility for the internal audit activity in helping management maintain effective controls?

Question156: Which of the following would be considered a monitoring activity in organization wide risk management?

Question157: Which of the following should a general internal auditor be able to characterize as an IT-related risk?

Question158: Which of the following would be the most appropriate first step for the board to take when developing an effective system of governance?

Question159: During a review of the procurement function, an internal auditor identified an existing control for adding new vendors into the vendor contract system. Which of the following would best help the auditor determine the adequacy of the control's design?

Question160: Which of the following is a legitimate role for the internal audit activity in the organization's risk management process'?

Question161: In an internal audit charter, which of the following statements regarding the chief audit executive (CAE) would be most directly related to describing the responsibilities of the internal audit activity*?

Question162: During an audit engagement, a junior staff internal auditor begins to suspect a fraud may have occurred involving a friend of the engagement supervisor. He reports his concerns to the engagement supervisor, who disagrees with his suspicions and directs him to continue with the engagement as planned. Given the circumstance, what is the most appropriate action for the junior auditor to take?

Question163: The board of a newly established organization was discussing the contents of the draft internal audit charter One board member suggested adding to the charter an obligation for the internal audit activity to develop controls in business procedures. The board member explained that the new organization needs professional-level developers, internal auditors have the necessary skills and competencies, and the internal audit activity is well positioned to assume this responsibility. Which of the following would be a potential concern if the board member's suggestion is adopted?

Question164: Which of the following actions by an internal auditor would be the most relevant to determine the effectiveness of controls?

Question165: Which of the following actions taken during an audit engagement is the best demonstration of an internal auditor's due professional care?

Question166: Which of the following should catch the internal auditor's attention as a potential red flag for fraud?

Question167: To assure that the technical proficiency of internal auditors is appropriate for the audit engagements to be performed, a chief audit executive should:

Question168: Which of the following statements is true regarding consulting engagements?

Question169: Which of the following engagements would be considered an appropriate consulting service?

Question170: An organization employs ongoing monitoring and is considering implementing periodic evaluations to assess the continuing effectiveness of its risk management process. Which of the following statements Is true with regard to such periodic evaluations?

Question171: Which of the following statements is true with regard to services provided by the internal audit activity?

Question172: According to IIA guidance, which of the following is true of the internal audit activity's quality assurance and improvement program?
1 Monitoring the internal audit activity's performance must be ongoing
2 All aspects of the internal audit activity should be evaluated
3 The requirement for external assessments can be satisfied through self-assessments that are validated by an independent external party
4 The review of assurance services should be the primary focus

Question173: Which of the following best demonstrates conformance with the Standards regarding the internal audit activity's purpose authority, and responsibility?

Question174: Which of the following statements would typically be included in the responsibility section of the internal audit charter?

Question175: An auditor for a large wholesaler is evaluating the controls over the approval and oversight of credit sales.
Which of the following procedures would be a control weakness?

Question176: Which of the following best demonstrates that the internal audit activity is using due professional care?

Question177: The chief audit executive of a large national retailer is reviewing the purpose and objectives of the organization's internal audit activity Which of the following objectives is best aligned with The IIA's Mission of Internal Audit?

Question178: After being assigned to an audit of the accounts payable process, an internal auditor privately notifies the chief audit executive that she is a finalist for an open manager position within the accounts payable department.
Which of the following is the IIA Code of Ethics principle that the auditor upheld?

Question179: An investment advisory firm purchased professional liability insurance to offer protection from lawsuits brought by customers claiming they received poor or erroneous advice. Which of the following best describes this risk management technique?