Question1: According to IIA guidance, which of the following would be the most appropriate to help a new internal auditor understand the nature and positioning of the internal audit activity within his organization?
Question2: An organization allows the same individual to physically access inventory and purchase new assets when supplies are depleted. Which of the following would best help the organization manage the risk of fraud?
Question3: Which of the following statements is true regarding occupational fraud?
Question4: Whch ol the following would show appropriate disclosure of nonconformance with the Standards?
Question5: An organization opened its warehouse to sell written-off surplus and outdated office furniture to the general public. Prices were negotiable, and customers could pay by cash, check, or credit card. Receipts were available upon request, and were issued by the inventory manager upon collection of payment. At the end of the day, the manager forwarded all of the funds he had collected to the finance department for deposit. Which of the following types of fraud is most likely to occur under these circumstances?
Question6: Which of the following would decrease or be reduced if an organization establishes and implements excessive internal controls?
Question7: Which of the following statements is true regarding control activities'?
Question8: Senior management asks the chief audit executive to review the organization's compliance with recently introduced legislation on international transfer pricing. The review requires an internal auditor who thoroughly understands the legislation and pricing methods. The internal audit activity does not have an auditor with those skills. Which of the following is the most appropriate course of action?
Question9: Which of the following is most likely to impair the organizational independence of the internal audit activity?
Question10: Which of the following best demonstrates organizational independence of the internal audit activity?
Question11: A subsidiary of the organization was preparing for an initial public offering (IPO). Af the request of the audit committee, the chief audit executive (CAE) and all senior audit staff were actively involved in the process by helping collect and validate financial data, conducting assessments, and participating in meetings with IPO advisors. Six months later, it became obvious that the IPO had to be canceled. Newly appointed audit committee members requested an assurance engagement that v/ould assess the IPO preparation process.
Which of the following would be the best course of action for the chief audit executive (CAE) to take?
Question12: At what point in time can an organization conclude that the established organizational governance framework was correctly implemented?
Question13: Which of the following actions does a competency assessment tool help the chief audit executive perform?
Question14: According to IIA guidance, which of the following is true of the internal audit activity's quality assurance and improvement program?
1 Monitoring the internal audit activity's performance must be ongoing
2 All aspects of the internal audit activity should be evaluated
3 The requirement for external assessments can be satisfied through self-assessments that are validated by an independent external party
4 The review of assurance services should be the primary focus
Question15: An internal audit activity is performing a governance engagement. Which of the following would provide the best evidence for an internal auditor when evaluating the organization's culture?
Question16: Which action by senior management indicates to the internal auditor that there may be fraudulent activities occurring within the organization?
Question17: An internal auditor believes that the internal audit activity's independence is impaired. Which of the following actions should the internal auditor take first?
Question18: During a quality assessment of the internal audit activity an auditor is assessing whether the independence of the internal audit activity is at risk of being compromised. According to IIA guidance, which of the following would provide the best source of evidence for such an assessment?
Question19: Which of the following statements best demonstrates application of due professional care during an assurance engagement?
Question20: Which of the following statements is true regarding the internal audit activity's quality assurance and improvement program (QAIP)?
Question21: What is the primary purpose of The IIA's Code of Ethics?
Question22: Which of the following actions taken during an audit engagement is the best demonstration of an internal auditor's due professional care?
Question23: An internal audit activity uses a rotational program to recruit high-performing staff members from other parts of the organization One of these individuals is nearing the end of her four-year internal audit rotation The chief audit executive assigned her to an assurance engagement in the business area she will be going into when she leaves the internal audit activity Which of the following statements is true regarding this scenario?
Question24: Which of the following specifications in an internal audit charter is the most important factor in the internal audit activity's independence?
Question25: Regarding the chief audit executive (CAE). which ot the following is considered an impairment to the independence of the internal audit activity?
Question26: An audit engagement required that an internal auditor, using available tools, test a transaction population for a period The auditor decided to test a sample of transactions rather than the full population.
Results of the audit were reported as satisfactory to management. Subsequent to the audit report, fraud was discovered in the area audited and was found to include transactions that were in the relevant transaction population not tested by the auditor. The auditor later disclosed that he decided to test a sample because it was representative of the population and facilitated quicker testing. Which of the following skills below, if improved, would most likely have prevented this situation?
Question27: Which of the following is an example of an impairment to an internal auditor's independence?
Question28: Which of the following statements is true regarding an organization's code of ethics?
Question29: In the COSO internal control framework, which of the following components serves as the foundation for the other components?
Question30: According to NA guidance, which of the following provides the best evidence of conformance with the Standards with respect to the proficiency required of the internal audit activity?
Question31: According to IIA guidance, which of the following would be included in an internal audit charter to help establish the authority of the internal audit activity?
Question32: In which of the following ways can a chief audit executive demonstrate to the board that the internal audit activity collectively possesses all of the skills needed to complete its annual goals?
Question33: Which of the following actions is the internal audit activity best positioned within the organization to perform?
Question34: Which of the following situations would cause the greatest concern regarding impairment of internal audit objectivity?
Question35: During a complex financial compliance engagement, a senior internal auditor determines that current audit procedures are not sufficient for adequate testing She consults with a colleague and learns that a spreadsheet application contains a helpful tool She proceeds to use the tool to properly complete the evaluation Which of the following best describes the core competency displayed by the senior auditor?
Question36: Which of the following would be considered an impairment to an internal auditor's objectivity when performing a review of the organization's procurement function'?
Question37: Which requirement should the chief audit executive consider when communicating results of the quality assurance and improvement program to the board of a large organization?
Question38: Which of the following is a way to demonstrate an individual internal auditor's competency through continuing professional development?
Question39: Which of the following is an example of a management control technique?
Question40: The same internal auditor has audited the regional purchasing department annually for the last three years.
The audits have shown several significant control deficiencies that have not been corrected by management.
New management is in charge of this regional purchasing department, and it is time to audit the department again. What concerns should be considered prior to assigning the audit to the same auditor?
Question41: During an assurance engagement, an internal auditor reviews a tender inviting vendors to submit bids to supply financial services software to the organization. She suspects that the tender was tailored for the bidder who eventually won the contract. What should the auditor do next?
Question42: According to IIA guidance, which of the following statements is true regarding reporting the results of the quality assurance and improvement program?
Question43: Which of the following engagement areas would allow the internal audit activity to assess organizational governance?
Question44: Which of the following techniques should an internal auditor use in order to conduct an effective interview?
Question45: Which of the following items related to the quality assurance and improvement program should the chief audit executive report to the board?
Question46: Which of the following resources would be most effective for an organization that would like to improve how it informs stakeholders of its social responsibility performance?
Question47: An internal auditor was offered expensive tickets to a sporting event by the manager of an area that she was currently auditing. The auditor politely declined. Which of the following fundamental principles of the MA Code of Ethics did she display?
Question48: Which of the following best demonstrates that the internal audit activity is using due professional care?
Question49: What is the primary purpose of The IIA's Code of Ethics?
Question50: Further examination revealed that most differences resulted from rounding errors bulk weights or minor tariff adjustments for shipping. Which of the followtng IS the most reasonable conclusion for the Internal auditor regarding this control?
Question51: According to IIA guidance, which of the following corporate social responsibility {CSR) evaluation activities may be performed by the internal audit activity?
1. Consult on CSR program design and implementation
2. Serve as an advisor on CSR governance and risk management.
3. Review third parties for contractual compliance with CSR terms.
4. Identify and mitigate risks to help meet the CSR program objectives.
Question52: Which of the following statements would typically be included in the responsibility section of the internal audit charter?
Question53: Which of the following skills is most important for an internal auditor who facilitates control self-assessment workshops to possess?
Question54: Which aspect of an internal audit charter relates to the reporting structure for the internal audit activity?
Question55: An IT contractor applied for an internal audit position at a bank. The contractor worked for the bank's IT security manager two years ago. If the audit manager interviewed the contractor and wants to extend a job offer, which of the following actions should the chief audit executive pursue?
Question56: Which of the following situations undermines the independence of the internal audit activity?
Question57: Which of the following procedures will best help an internal auditor assess operating effectiveness of fraud prevention and detection controls?
Question58: Which of the following statements is most accurate with respect to the required elements of the quality assurance and improvement program?
Question59: It is important for the chief audit executive to consider the level of competence of the internal audit staff because their competence influences which of the following?
Question60: Guidelines need to be set for various levels of suspected fraud within an organization and when it would be reported to the audit committee. Which of the following would be reported at the next meeting?
Question61: Which of the following best demonstrates conformance with the Standards relating to continuing professional development of internal auditors?
Question62: An organization's fraud policies and procedures dictate that the internal audit activity does not have primary responsibility for conducting fraud investigations and should, in fact, refrain from involvement in investigations. Which of the following activities would be considered acceptable for internal auditors to perform of this organization?
Question63: Which of the following practices is generally most effective to protect internal audit objectivity?
Question64: To meet the resource requirements of this year's internal audit plan, the chief audit executive (CAE) has recruited additional staff auditors, including an employee who resigned as a senior supervisor from the accounts payable department two months ago. There is a scheduled accounts payable review that the CAE wants to start within the next five months. Which approach should the CAE take, knowing the expertise of his new recruit in the area intended to be audited?
Question65: Which of the followIng would permit an internal audit activity to use the statement "conducted m conformance with the International Standards for the Professional Practice of Internal Auditing m audit reports?
Question66: The chief audit executive (CAE) annually develops a budget and resource plan and submits it to the board for approval. This action best fulfills which of the following responsibilities of the CAE?
Question67: When the chief audit executive Is responsible for risk management in an organization, which of the following parties is responsible for overseeing the internal audit activity's assurance over risk management?
Question68: Which of the following is a true statement regarding whistleblowing?
Question69: Which of the following actions would be most effective to help an internal auditor determine how successful the organization has been in communicating the existence of its ethics hotline?
Question70: According to IIA guidance, which of the following statements is true of assurance services provided by the internal audit activity?
Question71: The accounting department asked the chief audit executive (CAE) to perform a review of suspicious transactions The CAE was an accounting manager for the organization six months ago How should she respond to the request?
Question72: According to IIA guidance, which of the following is most critical to ensuring that an organization's risk management program remains effective over time?
Question73: Which of the following is the best reason why the engagement supervisor should take care in explaining to local management the criteria that will be used to measure the effectiveness of the control environment?
Question74: Which of the following is a primary benefit of implementing a governance risk management and compliance framework within an organization?
Question75: Which of the following is the most effective way for internal auditors to determine whether ethical values are followed throughout the organization?
Question76: A global manufacturing company has three regional offices. The chief audit executive (CAE) is concerned about the cost of an upcoming external quality assessment of the internal audit activity. The last external assessment was performed six years ago. Recently, the internal audit staff at one of the regional offices performed an internal assessment. To ensure conformance with the Standards, what is the most appropriate action for the CAE to take?
Question77: Which competency is required of all staff internal auditors prior to the commencement of an IT audit?
Question78: The chief audit executive (CAE) is drafting the annual internal audit plan and seeks input from senior management and the external auditor prior to submitting it for approval to the board. According to MA guidance, which of the following statements is true regarding this scenario?
Question79: A senior executive at a government-owned organization received an invitation to attend a public exhibition where he can learn about new trucks relevant to the organization's business. As a special perk, the executive is offered an opportunity to drive a luxury vehicle manufactured by one of the exhibiting companies. Prior to the event, the executive asked for the chief audit executive s (CAE's) advice. What should the CAE recommend as the most appropriate course of action for the executive?
Question80: While conducting an engagement in the procurement department, the internal auditor noticed that the department head's travel reports showed minor travel expenses, and there were no charges for hotels, meals, or transportation. However, the auditor knew that the department head frequently traveled worldwide to meet with suppliers and visit their production sites. Which of the following would be the most appropriate next step for the auditor?
Question81: If an internal auditor suspects fraud during an engagement which of the following is expected of the auditor?
Question82: Which of the following is the primary benefit of an effective professional development program for internal auditors?
Question83: Which of the following would be considered a violation of The HAfs mandatory guidance on independence?
Question84: Which of the following disclosures must the chief audit executive (CAE) include when communicating the results of the quality assurance and improvement program to senior management and the board?
Question85: A newly hired chief audit executive is reviewing available documentation to provide evidence of conformance with the standard for continuing professional development. Which of the following documents is the most reliable source for this purpose?
Question86: Regarding assurance and consulting services provided by the internal audit activity which of the following statements is correct?
Question87: Which of the following represents a deficiency in the control environment?
Question88: Which of the following statements best represents the due professional care that is required of internal auditors?
Question89: An internal auditor is reviewing the results of an employee survey at a mining company. Which of the following would alert the auditor to a potential ethics issue?
Question90: An internal auditor is assessing the effectiveness of the organization's risk management practices. She checks to see whether risk management is an integral part of decision making and whether risk management is transparent, responsive to change, and addresses uncertainty. According to IIA guidance on risk management frameworks, which of the following approaches is the auditor most likely using?
Question91: Which of the following statements is true with regard to the quality assurance and improvement program (GAIP)?
Question92: During an audit engagement of a large retail store, internal auditors noted significant discrepancies between available inventory and sales and suspect an abuse of cash register refunds and voids. Which of the following would be the most effective preventative control to reduce these losses?
Question93: After the draft engagement report is issued, the manager of the area that was reviewed is informally interviewed by the engagement supervisor regarding the audit experience. Which of the following is most likely the purpose for this interview?
Question94: Which of the following actions should the organization's governing body perform to provide the most effective governance over the organization's culture?
Question95: Which of the following describes a responsibility of operating management in an organization's corporate social responsibility (CSR) efforts?
Question96: An automobile manufacturer will become one of the first in the industry to adopt a new inventory management software. Despite the system being new to the market, senior management believes that the benefits are great enough to offset the potential risks. Which of the following aspects of risk management does senior management's decision best illustrate?
Question97: During a payroll audit, a staff internal auditor suspects that signatures on some of the documents being sampled for examination are not authentic. Which of the following actions should the auditor take before proceeding with the examination?
Question98: Which of the following is an example of risk monitoring to ensure a system is performing as intended?
Question99: When beginning an engagement to assess the effectiveness of the organization's newly revamped risk management processes, which of the following should internal auditors review first?
Question100: According to IIA guidance, which of the following statements is true regarding the internal audit activity's quality assurance and improvement program (QAIP)?
Question101: A business unit manager was impressed by the competence of the internal auditor who was conducting an assurance engagement in his area and the manager made the auditor an attractive job offer to begin after the audit was completed The auditor later told her auditor in charge that she was considering the offer. Which of the following IIA Code of Ethics principles was most likely violated?
Question102: According to NA guidance, which of the following is true regarding typical fraud schemes?
1. A diversion occurs when an employee has an undisclosed personal economic interest in a transaction that adversely affects the organization.
2. Tax evasion is intentional reporting of false or misleading information on a tax return by an organization to reduce taxes owed.
3. Skimming involves stealing cash or assets from the organization and is normally concealed by adjusting the organization's records.
4, Disbursement fraud occurs when a person causes the organization to issue a payment for fictitious goods or services.
Question103: Operational management in the IT department has developed key performance indicator reports, which are reviewed in detail during monthly staff meetings. This activity is designed to prevent which of the following conditions?
Question104: Which of the following should play a leading role in overseeing the ethical atmosphere of an organization?
Question105: What is due professional care in internal audit? 4: Standard 1220 - Due Professional Care - The Institute of Internal Auditors or The IIA Which of the following scenarios most likely indicates that the organization is not managing risks effectively?
Question106: Which of the following process weaknesses is most likely to cause an internal auditor the most concern about fraud risk?
Question107: According to IIA guidance, which of the following best demonstrates that the chief audit executive is properly reporting the results of the quality assurance and improvement program to senior management and the board?
Question108: Which of the following activities best ensures that internal auditors grow professionally in alignment with current industry trends to meet the expectations of primary stakeholders?
Question109: Which of the following activities aligns with The IIA's Core Principles for the Professional Practice of Internal Auditing?
Question110: Which of the following is a strategic risk that internal auditors should consider when performing a third-party risk management engagement?
Question111: According to IIA guidance, who is ultimately responsible for the enhancement of the internal auditor's knowledge, skills, and other competencies?
Question112: Which of the following best describes a consulting engagement rather an assurance engagement?
Question113: Which of the following best demonstrates the board of directors' governance over internal control?
Question114: Which of the following is an indicator of ineffective third-party risk management?
Question115: An internal auditor is reviewing employee travel expenses from the previous six months for fraud. Which of the following tests would best detect instances where personal travel has been claimed?
Question116: Which of the following options describes the reason that conformance with The IIA's Code of Ethics is mandatory for internal auditors?
Question117: According to IIA guidance, which policy, established by the chief audit executive, would most likely ensure internal audits are conducted with due professional care?
Question118: Which of the following should be part of the internal audit activity's duties?
Question119: Which of the following offers the best evidence that the internal audit activity has achieved organizational independence?
Question120: A large commercial bank was fined by regulators for fraudulent practices when employees, over a period of time, opened thousands of new accounts for existing clients without the clients' consent. It was later found that employees were given unrealistic new account targets and were aggressively monitored by management on a daily basis.
Which of the following controls would have most likely reduced the likelihood of the fraudulent practice from occurring?
Question121: Which of the following statements relating to risk management is true?
Question122: During a review of the procurement function, an internal auditor identified an existing control for adding new vendors into the vendor contract system. Which of the following would best help the auditor determine the adequacy of the control's design?
Question123: Which of the following is a primary responsibility of senior management with respect to ethical violations?
Question124: To comply with the proficiency standard which of the following would the chief audit executive likely consider as the primary hiring criterion when choosing a new internal auditor?
Question125: Which of the following documents are internal auditors most likely to be asked to sign as a demonstration of due professional care?
A description of their job responsibilities,
Question126: Which of the following accurately describes the concept of inherent risk?
Question127: Senior management and the board have expressed concerns about the length of engagements and whether their outcome aligns with the organization's strategies and objectives. Which of the following actions, if taken by the chief audit executive, could address these concerns?
Question128: A third-party provider's questionable labor practices have exposed the organization to reputational risks and regulatory risks. Which of the organization's risk management practices was most likely ineffective?
Question129: Which of the following most accurately describes the role of the board when it comes to organizational governance?
Question130: The chief audit executive (CAE) has decided to outsource an audit of the organization's cloud governance in the annual audit plan. Why would the CAE outsource this audit?
Question131: An internal auditor is reviewing employee travel expenses from the previous six months for fraud. Which of the following tests would best detect instances where personal travel has been claimed?
Question132: At a construction company, supervisors are entitled to bonus payments if there are no safety rule violations on their teams. There are several channels available for workers to report accidents and violations, and all reported violations are investigated. Bonus payment calculations are approved by managers and the head of safety. Which of the controls best addresses the risk that supervisors will conceal accidents on their teams in order to receive the bonus?
Question133: Which of the following statements is true regarding the independent peer review process undertaken to fulfill the requirement for an external quality assessment?
Question134: Which of the following is an indicator that an organization's risk management processes are effective?
Question135: An internal auditor notes that inventory counts are conducted on Mondays only and that all documentation is on paper as there are no computers in the underground warehouses. Also she notices that the person responsible for receiving the goods is the same one who distributes materials and spare parts Finally, she sees that spare parts are written off and taken by the heads of mining units to different underground locations to wait for their turn to be installed. Which of the described findings requires more consideration from a fraud risk perspective?
Question136: Which of the following situations is most likely to prompt the internal audit activity to disclose its nonconformance with the Standards?
Question137: Due to unfavorable economic conditions management decided to postpone new investments for the next year.
Which of the following best describes the risk management strategy used to address this situation?
Question138: According to MA guidance, which of the following is an appropriate role for the internal audit activity?
Question139: Which of the following approaches will internal audit utilize when developing a set of performance standards to measure an organization's risk management process against?
Question140: To achieve conformance with the Standards, the chief audit executive must include which of the following activities in the quality assurance and improvement program (QAIP)?
Question141: Which of the following actions should the internal audit activity take during an audit engagement when examining the effectiveness of risk management processes?
Question142: Which of the following preventative controls would be most effective for organizations facing business disruptions and respective financial losses?
Question143: In a small company with a small budget, the board and senior management asked the chief audit executive (CAE) to develop specific controls prompted by a new regulatory requirement affecting a specific process.
The CAE was also directed to report functionally to senior management. An audit engagement on this process was already set in the internal audit plan. Which of the following represents an impairment to the internal audit activity's independence?
Question144: Which of the following factors is most important for internal auditors to consider when prioritizing fraud risks?
Question145: For a high-risk observation, which is the best approach to follow when management takes an aggressive, uncompromising position in opposition to the internal audit activity?
Question146: According to IIA guidance, which of the following activities are considered a core internal audit role with regard to enterprise risk management?
Reviewing the management of key risks.
Evaluating the reporting of key risks.
Evaluating risk management processes.
Consolidating the reporting of risks.
Question147: Which of the following statements is true regarding reporting results of the quality assurance and improvement program to senior management and the board?
Question148: Which of the following is an example of corruption?
Question149: According to IIA guidance, which of the following actions best demonstrates due professional care by an internal auditor when she discovers a number of fraud-related red flags during an audit engagement?
Question150: After being assigned to an audit of the accounts payable process, an internal auditor privately notifies the chief audit executive that she is a finalist for an open manager position within the accounts payable department. Which of the following is the IIA Code of Ethics principle that the auditor upheld?
Question151: Which statement accurately describes the authority of the internal audit activity as outlined in the audit charter?
Question152: A newly appointed chief audit executive (CAE) is tasked with creating a new internal audit activity within the organization. Which of the following would the CAE need to include in the new internal audit charter?
Question153: Which of the following strategies would be the most effective to share an organization's risk of losses through foreign currency transactions related to the accounts payable process?
Question154: At a conference, an interna! auditor presented a new computer-assisted audit technique developed by his organization. The presentation included sample data derived from performing audit engagements for the organization. Travel costs were paid by the conference organizers, and the trip was approved by the chief audit executive (CAE).
However, neither management nor the CAE was aware that the internal auditor would be making a presentation based on work completed for the organization. According to IIA guidance, which of the following statements is most relevant regarding the actions of the auditor?
Question155: According to IIA guidance, which of the following is the primary reason the chief audit executive discusses the internal audit charter with senior management and the board?
Question156: Considering the concepts of organization wide risk management and the system of internal controls, the internal audit activity as a whole can be considered which of the following types of control?
Question157: A whistle blower notified internal audit of a conflict of interest between an organization's employee and a major supplier. Which of the following steps should be undertaken first?
Question158: A manufacturing organization's chief audit executive (CAE) was approached by the head of security from one of the manufacturer's third party suppliers The head of security requested internal audit records from a recent audit engagement involving the third-party supplier The head of security believed those records contained information that would enable to identify employees of the third-party supplier who may be involved m fraudulent activities What is the most appropriate course of action for the CAE?
Question159: How should the internal audit activity promote continuous improvement of organizational controls?
Question160: An internal auditor is assessing the effectiveness of the organization's risk management practices She checks to see whether risk management is an integrai part of decision making and whether risk management is transparent, responsive to change and addresses uncertainty. According to HA guidance on risk management frameworks, which of the following approaches is the auditor most likely using?
Question161: Which of the following is an example of the chief audit executive (CAE) demonstrating due professional care?
Question162: The chief audit executive of a large national retailer is reviewing the purpose and objectives of the organization's internal audit activity Which of the following objectives is best aligned with The IIA's Mission of Internal Audit?
Question163: Which of the following threatens internal audit objectivity'?
Question164: An internal audit activity is using the auditing-by-element approach to audit the organization's controls around corporate social responsibility. Which of the following would be an element for the internal audit activity to consider?
Question165: Which of the following is true with regard to an organization's risk management practices?
Question166: What is the primary reason for establishing a continuing professional development program within an organization's internal audit activity?
Question167: A multinational organization has asked the internal audit activity to assist in setting up the organization's risk management system. The chief audit executive (CAE) agrees to take on the engagement as a consultant.
Which of the following tasks is appropriate for the CAE to undertake?
Question168: The internal audit activity is performing an assessment of an organization's ethics program, and the engagement scope specifies a focus on the training program's design. According to IIA guidance, which of the following questions would be the most relevant?
1. Does the training include situations that require an ethical decision?
2. What percentage of employees have taken the training?
3. What are the results of the employee assessment of the organization's ethical climate?
4. Does the instructor provide feedback on the thought process to reach an ethical resolution?
Question169: While auditing an organization's credit approval process, an internal auditor learns that the organization has made a large loan to another auditor's relative. Which course of action should the auditor take?
Question170: An engagement supervisor obtains facilities maintenance reports from a contractor during an audit of third- party services. Which of the following is the source of authority for the engagement supervisor to make such contact outside the organization?
Question171: An internal auditor in a busy internal audit activity reviews her continuing professional development records toward the end of the year and is concerned to find she has undertaken limited training and formal professional development. Which of the following actions is the most appropriate for her to take?
Question172: Which of the following is an area that an organization would most likely include as part of its corporate social responsibility reporting?
Question173: An organization sells products through distributors. The organization's chief audit executive insists that the organization's code of conduct be applicable to their distributors as well. Which of the following risks would this mitigate?
Question174: According to HA guidance, if an internal auditor suspects fraud during an assurance engagement, what should the auditor do first?
Question175: Which of the following is the most appropriate reason for a chief audit executive to conduct an external assessment more frequently than five years?
Question176: Which of the following is an example of an entity-level control pertaining to the finance area of an organization'?
Question177: An internal auditor assessed the controls within his organization's payroll process and suspects that erroneous payments may have been made to a fraudulent bank account. What is the best course of action for the auditor to take?
Question178: Which of the following is a consulting service the internal audit activity can perform with respect to the organization's risk management?
Question179: Which of the following is an example of computer forensic auditing?
Question180: Which of the following scenarios best demonstrates the application of internal audit proficiency?
Question181: An internal auditor is assessing fraud risks and creating a fraud risk matrix for a particular branch location.
Which of the following is most likely to be included in the matrix?
Question182: Which of the following statements is true regarding internal controls?
Question183: An engagement supervisor noticed that a newly hired internal auditor struggles with large data samples because he appears reluctant to apply available spreadsheet statistical functions and tends to perform testing of transactions manually In which of the following areas does the internal auditor most likely need training?
Question184: Senior management has requested that the internal audit activity review and amend policies where necessary when auditing the purchasing department. To which of the following would the chief audit executive most likely give primary consideration when responding to this request?
Question185: During an assurance engagement the internal audit team discovers that employees performing a control do not understand the principles behind it. Before the engagement concludes, at management's request the audit team facilitates several formal training sessions to help explain those principles to the employees. Which of the following best describes the engagement provided by the internal audit activity in this scenario?
Question186: An accounts payable clerk has recently transferred Into the internal audit activity and has been assigned to an engagement related to accounts payable processes for which he was previously responsible Which of the following is the best action for the new internal auditor to take?
Question187: In which of the following scenarios would the internal auditor's objectivity be best protected?
Question188: Which of the following statements represents the most appropriate correlation between an organization's risk maturity and the internal audit activity's consulting role in risk management processes?
Question189: The internal audit activity audited an organization's risk management function multiple times, and the recommendations that were made remain unaddressed by the head of risk management. Which of the following would be the next step for the internal audit activity?
Question190: A sales manager was recently bypassed for a promotion. He feels entitled to a higher salary and is angry that management does not recognize his contributions. To make up for this perceived injustice, he begins to record false expenses on his travel expense reports. This scenario best illustrates which of the following fraud risk factors?
Question191: An internal auditor has completed an assurance engagement Which of the following is most likely true regarding the engagement?
Question192: To encourage internal audit objectivity, which of the following is an appropriate policy the chief audit executive should establish?
Question193: A chief audit executive assigned an internal auditor to perform an assurance engagement. The auditor concluded with a major audit finding based on hearsay evidence Which of the following competencies did the auditor appear to be lacking?
Question194: To comply with the proficiency standard which of the following would the chief audit executive likely consider as the primary hiring criterion when choosing a new internal auditor?
Question195: The board of a newly established organization was discussing the contents of the draft internal audit charter One board member suggested adding to the charter an obligation for the internal audit activity to develop controls in business procedures. The board member explained that the new organization needs professional- level developers, internal auditors have the necessary skills and competencies, and the internal audit activity is well positioned to assume this responsibility. Which of the following would be a potential concern if the board member's suggestion is adopted?
Question196: Which of the following statements is true regarding the role of the internal audit activity in the organization's risk management process?
Question197: The internal audit activity is asked to review the effectiveness of controls around the disposal of chemical waste. However, the internal auditors on staff lack the necessary skills to conduct this review. Which of the following would be the most appropriate approach?
Question198: Which of the following is an example of a directive control?
Question199: Which of the following statements is true regarding management's use of judgement to design, implement, and conduct internal control?
Question200: An internal auditor creates a professional development plan to obtain more experience in the organization's environmental, social, and corporate governance initiatives. Which of the following would the auditor include in the plan to support these objectives?
Question201: Which of the following types of fraud tests would be most effective if an internal auditor was looking for possible fictitious vendors?
Question202: Which of the following is true about a system of internal control?
Question203: According to the Standards, which of the following demonstrates the proficiency of an internal auditor?
Question204: An organization's senior management team is awarding substantial bonuses if employees meet financial targets. Which of the following motivators to potentially commit fraud would become most likely in this scenario?
Question205: To assure that the technical proficiency of internal auditors is appropriate for the audit engagements to be performed, a chief audit executive should:
Question206: According to IIA guidance, which of the following conditions would enhance the independence of the internal audit activity?
Question207: In which of the following scenarios is the internal auditor in conformance with The IIA's Code of Ethics and the Standards?
Question208: The board requested the chief audit executive (CAE) to provide consulting services for a new systems implementation project Which of the following statements is true regarding this scenario?
Question209: Which of the following should an internal auditor take into consideration when making a judgement regarding whether management selected appropriate risk responses?
Question210: An employee accepts cash payments from customers and does not record the sale. This is an example of which of the following types of fraud?
Question211: Which of the following engagements would be considered an appropriate consulting service?
Question212: According to IIA guidance, which of the following threats to objectivity is described as familiarity'?
Question213: Which of the following documents most directly describes the guidelines for and importance of the objectivity of internal auditors?
Question214: An internal auditor discovered fraud while performing an audit of an organization's procurement process.
Which of the following describes the greatest benefit of using forensic auditing techniques in this scenario?
Question215: Which of the following best demonstrates organizational independence of the internal audit activity?
Question216: Which of the following demonstrates that the internal audit activity exercises due professional care?
Question217: Which of the following is most important for an internal auditor to consider when developing an approach for an audit engagement in a foreign country?
Question218: Which of the following should a general internal auditor be able to characterize as an IT-related risk?
Question219: Which of the following is true regarding risk analysis?
Question220: According to HA guidance, which of the following is true regarding independence and objectivity for small internal audit activities?
Question221: Which of the following is most accurate concerning corporate social responsibility?
Question222: An internal auditor has documented several instances in which management asked employees to ad against the policies and procedures. Which of the following is the most appropriate next step?
Question223: Which of the following statements is the most appropriate example of the internal audit activity exercising due professional care during an audit of the payroll department?
Question224: According to NA guidance which of the following should be documented in the internal audit chatter?
Question225: The collaborating style for conflict resolution, where the parties promote assertiveness and work together to develop a mutually beneficial solution, is best used in which of the following situations?
Question226: An internal auditor failed to identify transactions between the parent organization and a subsidiary.
What is the most likely reason for the failure?
Question227: During an audit of company expenses, the internal auditor performed a test using data analytics and identified a violation of the company's expenses policy. The auditor who discovered the issue considered it a potential fraudulent transaction and informed the chief financial officer (CFO). The CFO dismissed the concern because he did not understand the data analytics test that was performed and the transaction was of a low value. Given this situation, which skills or competencies should this internal auditor seek to improve?
Question228: What should be the first step for a newly hired chief audit executive to build and maintain the proficiency of the internal audit activity'?
Question229: A chief audit executive (CAE) is concerned that the internal audit activity is not receiving adequate training and continuing education. Which of the following approaches should the CAE take?
Question230: Which of the following would be included in quality assurance and improvement program (QAIP) reporting?
Question231: Which of the following would be the most effective fraud prevention control?
Question232: Instead of leaving its capital in a bank account with a low guaranteed interest rate, an organization's board approved a proposal to invest in a stock that could have a high expected return rate without taking any risk mitigation activities. Which risk concept does this decision illustrate?
Question233: When performing an audit of the risk management process an auditor makes the observations listed below.
Which poses the greatest risk to the organization?
Question234: Which of the following processes does the board manage to ensure adequate governance?
Question235: Which of the following is true about corporate social responsibility (CSR)?
Question236: Which of the following is an example of a risk avoidance strategy?
Question237: One of the essential skills for a head of internal audit is the ability to apply the International Professional Practices Framework (IPPF) issued by the Institute of Internal Auditors (IIA). The IPPF consists of mandatory and supplemental guidance that provides the principles, standards, and best practices for internal audit activities2. A head of internal audit should be familiar with the IPPF and ensure that the internal audit function conforms to its requirements and expectations3. The IPPF also helps the head of internal audit to demonstrate the value and quality of internal audit to the stakeholders, such as the board, senior management, regulators, and external auditors4.
Some additional information:
Data analysis and mining, technical and IT skills, and risk management and planning are also important skills for a head of internal audit, but they are not specific to the role. These skills are relevant for any internal auditor or manager who needs to perform effective and efficient audits, use appropriate tools and techniques, and assess and mitigate risks5.
The mandatory guidance of the IPPF includes the Core Principles for the Professional Practice of Internal Auditing, the Code of Ethics, the International Standards for the Professional Practice of Internal Auditing (Standards), and the Definition of Internal Auditing2.
The supplemental guidance of the IPPF includes Implementation Guidance, Supplemental Guidance, and Practice Advisories that provide detailed guidance on how to apply the Standards in various situations and contexts2.
Which of the following would be Included in ongoing monitoring of the performance of the internal audit activity?
Question238: The internal auditor obtained large volumes of transaction history data for accounts on which he suspected that some fraudulent transactions occurred. Which of the following actions best demonstrates due professional care by the internal auditor?
Question239: Management assessed the organization's risk of expanding operations into a new, but volatile, region and began looking for a compatible local partner to manage sales and distribution. Which of the following best describes this risk management technique?
Question240: According to IIA guidance, which of the following statements regarding the internal audit charter is true?
Question241: Which of the following statements best describes a functional difference between external auditors and internal auditors?
Question242: An internal audit activity includes in its audit reports the assertion that its work is performed in conformance with the International Standards for the Professional Practice of Internal Auditing ( Standards). A recent external quality assessment concluded that the internal audit activity had substantial deficiencies that impact its overall operations.
According to IIA guidance, which of the following is the most appropriate action for issuing future audit reports?
Question243: Which of the following statements is true regarding the disclosure of results of the quality assurance and improvement program?
Question244: Which type of engagement requires that the client agrees with the techniques used by the internal audit activity?
Question245: Upon completion of an external quality assessment, which of the following would the chief audit executive be required to report to the board?
Question246: Which of the following tools would be most useful to an internal auditor performing an assessment of the effectiveness of the organization's risk responses?
Question247: An engagement supervisor noted that an internal auditor's personal relationship with a process owner resulted in the auditor providing a favorable and partial assessment during an audit within that process owner's area.
According to MA guidance, which of the following should be used to manage this impairment?
Question248: Which of the following would the chief audit executive be required to disclose in the communication of quality assessment results to senior management and the board?
Question249: Which of the following actions best demonstrates an internal auditor exercising due professional care?
Question250: Which of the following fraud prevention measures is most likely to trigger undesired adverse behavior if improperly designed?
Question251: Which level of corporate social responsibility does whistleblowing in companies primarily support?
Question252: A chief audit executive ensures that the internal audit activity provides annual training to management on internal controls. Where is the nature of these services defined?
Question253: When dealing with various stakeholders which of the following is true regarding an internal auditor's responsibility to remain objective and independent?
Question254: With regard to governance, which of the following is a board-level responsibility rather than a management responsibility?
Question255: When an organization purchases a derivative contract in the stock market to limit the potential loss in the value of a security, the organization is applying which of the following risk management techniques?
Question256: Which of the following offers the feast evidence that the internal audit activity has achieved organizational independence?
Question257: According to IIA guidance, which of the following is ultimately responsible for seeing that the internal control system of an organization's social responsibility program is effective?
Question258: Which of the following statements is true regarding control activities?
Question259: According to IIA guidance which of the following correctly describes the standard risk treatments outlined in the process element approach of the framework for risk management?
Question260: According to IIA guidance, which of the following statements is true regarding proficiency?
Question261: According to IIA guidance, which of the following best describes the chief audit executive s responsibility for confirming to the board the organizational independence of the internal audit activity'?
Question262: Which of the following activities would breach the principles of The IIA's Code of Ethics?
Question263: In which of the following situations has the internal auditor violated the IIA's Code of Ethics?
Question264: The chief audit executive (CAE) planned an in-person group training to help internal auditors perform onsite inspections of an automobile manufacturing facility. The training would have allowed the auditors to better understand the production of the organization's automobiles. However, a global health crisis has impacted the training by prohibiting in-person contact at the facility. Which of the following could the CAE use to provide auditors with a better understanding of the organization s production process?
Question265: The internal audit activity is responsible for conducting fraud investigations. A potential fraud instance was identified during an audit engagement. The chief audit executive appoints a lead investigator. Which of the following would most likely be the next step?
Question266: Which of the following is an appropriate role for the internal audit activity?
Question267: A chief audit executive (CAE) is currently employed at a commercial bank where she was previously the chief compliance officer over three years ago. The current chief compliance officer abruptly resigned prior to the start of a mandatory anti-money laundering compliance audit. The board is contemplating a number of alternatives regarding the vacant post, bearing in mind that the bank has been struggling financially and is looking to contain costs. Which of the following alternatives, if taken by the board, would be most appropriate to satisfy the bank's objectives as well as preserve the internal audit activity's independence?
Question268: According to The IIA's Code of Ethics, an internal auditor who has a romantic relationship with an audit client violates which of the following rules of conduct?
Question269: Which of the following best illustrates the principle of due professional care?
Question270: Which of the following situations would best indicate to the chief audit executive that one of the audit team members is struggling with application of due professional care?
Question271: After the final audit report was issued, the engagement supervisor received an expensive gift from management recognizing her assistance in improving the business, if the gift is accepted, which of the following would be true?
Question272: The internal audit activity conducted an organization wide risk assessment. One of the most significant risks identified is associated with the oil price market. The chief audit executive (CAE) is considering including in the annual audit plan an assessment of the effectiveness of oil price risk management. The manager responsible commented that the assessment was not needed, as market risks were regularly addressed by the financial risk committee. If the CAE decides to include this activity in the annual audit plan anyway, how should it be recorded?
Question273: Which type(s) of assessments in an internal audit activity's quality assurance and improvement program requires ongoing monitoring to evaluate internal audit activity's efficiency and effectiveness?
Question274: During an audit of a foreign subsidiary an internal audit team discovered that products were sold to a prohibited country due to sanctions. What is the best course of action for the internal audit team?
Question275: Which of the following scenarios would cause a chief audit executive (CAE) to immediately discontinue using any statements that would indicate conformance with the Standards in an audit report?
Question276: Which should the internal auditor first consider when assessing fraud risks during an engagement?
Question277: Senior management purchased surveillance cameras and installed them over a door that provides entry to an area where according to a recent internal audit report, hazardous materials exist and there is a high risk of explosion Which type of control was implemented in this situation?
Question278: An internal audit team analyzed the organization's value-at-risk model during an assurance engagement and suggested several useful improvements. Management was impressed by the internal audit team's work and requested additional actions. Which of the following requested actions would impact internal audit independence most severely if fulfilled?
Question279: The largest risks facing an organization should be mitigated by which type of controls?
Question280: An internal auditor failed to identify transactions between the parent organization and a subsidiary. What is the most likely reason for the failure?
Question281: Which of the following should the internal audit activity establish to ensure auditors develop the appropriate skills for conducting audits?
Question282: Which of the following is a legitimate requirement for an internal audit activity's quality assurance and improvement program (QAIP)?
Question283: A newly appointed chief audit executive (CAE) started analyzing the organization's policies in an attempt to customize them to address internal audit specifics. Which of the following organizationwide practices is most likely to be acceptable to the CAE?
Question284: The internal audit activity was denied access to expenditure and budget reports because they were considered to be confidential. This situation would result in which of the following limitations of the internal audit activity?
Question285: Which of the following describes an ongoing monitoring activity that could be performed as part of an internal assessment for a quality assurance and improvement program (QAIP)?
Question286: According to IIA guidance, which of the following corporate social responsibility (CSR) evaluation activities may be performed by the internal audit activity?
1. Consult on CSR program design and implementation.
2. Serve as an advisor on CSR governance and risk management.
3. Review third parties for contractual compliance with CSR terms.
4. Identify and mitigate risks to help meet the CSR program objectives.
Question287: Which of the following would be the best choice for a continuing professional development requirement for a newly created internal audit activity?
Question288: During fieldwork, an internal auditor located a significant internal control issue. Without identifying the origins of the issue, the auditor concluded the engagement and included the issue in the final audit report. To enhance audit quality, which of the following skills should the internal auditor improve?
Question289: Which of the following would be considered an indicator that an organization's ethics program is not yet well developed?
Question290: The board of directors of a global organization has found an increased number of reported cases of unethical practices since last year. To assist the board in gaining a better understanding of the degree of ethics awareness within the organization, which of the following actions should be undertaken?
Question291: Which of the following are considered root causes of fraud?
Question292: An accounts payable clerk who has access to the vendor master file replaced the payment details of a legitimate vendor with those of a friend before processing the payment through the organization's cashier.
Immediately afterward, he restored the original vendor information. Which of the following controls could have prevented this fraud?
Question293: Which of the following best demonstrates the application of due professional care?
Question294: A chief audit executive (CAE) identifies that the internal audit activity lacks a necessary skill to perform a management request for a consulting engagement. According to IIA guidance, which of the following is the most appropriate action the CAE should take regarding the request?
Question295: Which of the following best demonstrates the authority of the internal audit activity?
Question296: In an assurance engagement focused on the adequacy of organizationwide risk management practices, which of the following best describes a primary area of interest for the engagement?
Question297: An internal audit activity maintains a quality assurance and improvement program that includes annual self- assessments. The internal audit activity includes in each engagement report a clause that the engagement is conducted in conformance with the International! Standards for the Professional Practice of Internal Auditing (Standards). Which of the following justifies inclusion of this clause in the reports?
Question298: Which of the following statements is true regarding how the scope of a consulting engagement should be established?
Question299: In its five years of existence, an internal audit activity conducted a single internal assessment of its quality assurance and improvement program (QAIP). The results of that assessment showed that the internal audit activity did not conform with the Standards. Prior to this, an external assessment of the internal audit activity's QAIP was conducted, which reported that the internal audit activity was in conformance with the Standards.
Considering the two assessments, what would be the internal audit activity's current state of conformance with the Standards?
Question300: An auditor for a large wholesaler is evaluating the controls over the approval and oversight of credit sales.
Which of the following procedures would be a control weakness?
Question301: Following a quality assurance review of a small internal audit activity, the external reviewer and the chief audit executive (CAE) cannot agree on the importance of several deficiencies noted during the review. Which of the following would be the most appropriate next step for the reviewer to take?
Question302: An external assessment of an organization's internal audit activity was last completed four years ago Which of the following options would be acceptable this year if the internal audit activity is to fulfill the requirements of the Standards?
Question303: Which of the following parties would be responsible for ongoing monitoring of the organization's corporate social responsibility activities to reduce its carbon footprint?
Question304: The internal audit activity plans to audit a supplier quality management process within the supply chain function. In what way is this assurance engagement similar to a typical consulting engagement?
Question305: During an assurance engagement an internal auditor discovered that risk limits risk limit were set for a new market expansion project Management of the area under review was eager to comply and submitted a potential risk limit value for the auditor's review and approval. Which of the following would be an appropriate course of action for the auditor to take?
Question306: Which of the following would be an important aspect of an internal auditor's role in fraud management?
Question307: Which of the following statements is most likely to be true regarding a consulting engagement involving an organization's new payroll system?
Question308: Which of the following scenarios provides the most concerning red flag or indicator of possible fraud?
Question309: During an assurance engagement internal auditors interview operational management to gather and evaluate information. Which approach is most important for internal auditors to be able to listen effectively to interviewees in the given situation?
Question310: According to NA guidance, which of the following actions by the chief audit executive would best ensure that internal auditors demonstrate due professional care?
Question311: What is the primary reason a chief audit executive should dedicate time and resources to support continuing professional development of internal audit staff?
Question312: When taken by a chief audit executive, which of the following actions would be most likely to prevent division management from exaggerating sales reports?
1. Announcing a series of internal audit engagements focusing on compliance with corporate sales-reporting policies.
2. Asking the president and the board to issue a statement of corporate policy stressing the importance of accurate management reporting and the negative consequences of intentional misreporting.
3. Setting up a hotline for employees to report fraudulent behavior anonymously,
4. Assisting the controller in developing and monitoring a series of business process indicators, which are historically correlated with, but independent of sales.
Question313: The chief audit executive (CAE) of a large organization has been asked by the board to assume responsibility for risk management and compliance operations, both of which are distinct departments within the organization and are subject to periodic audits by the internal audit activity In regards to future audits of these functions which of the following approaches would be most appropriate?
Question314: An investment advisory firm purchased professional liability insurance to offer protection from lawsuits brought by customers claiming they received poor or erroneous advice. Which of the following best describes this risk management technique?
Question315: What is an appropriate first step in an internal auditor's fraud risk assessment to evaluate how the organization manages such risk?
Question316: An internal audit of warehouse inventory revealed no material deficiencies. However, management later discovered fraud, which occurred during the period that was audited, and determined that a major control deficiency allowed the fraud to occur. Given management's discovery, which of the following statements is valid?
Question317: Which of the following statements is true regarding corporate social responsibility (CSR)?
Question318: The internal audit activity is asked to provide consulting services regarding the risks related to implementing a proposed new Inventory management system. Which of the following would be a key consideration of the internal audit activity in accepting this engagement?
Question319: What is the ultimate goal of establishing a robust risk management framework in an organization?
Question320: Which of the following statements describes the activities performed by the internal audit activity to fulfill the Mission of Internal Audit?
Question321: Which of the following would a chief audit executive most likely use to identify a need for improvement in a staff internal auditor's business acumen?
Question322: The head of human resources notified the internal audit activity that a key account manager was fired because he did not register a large number of contracts with clients As a result the organization was unaware of its duties and would suffer some financial loss Which of the following should be expected from a competent internal auditor who is analyzing this situation?
Question323: The chief audit executive (CAE) has hired a new internal auditor who was immediately assigned to a procurement function audit. Because the new auditor's name is similar to that of the procurement manager, some staff members think the two are related, although they are not. Which of the following actions is most appropriate for the CAE to take?
Question324: The organization's internal audit charter was last updated six years ago. To update the charter, which of the following actions is most appropriate for the chief audit executive to take?
Question325: Which of the following is a greater consideration for internal auditors when they are performing a consulting engagement than when they are performing an assurance engagement'?
Question326: Which of the following scenarios would most likely impair the independence of an internal audit activity?
Question327: The chief audit executive (CAE) has assigned an internal auditor to an upcoming engagement. Which of the following requirements would most likely indicate that the internal auditor was assigned to an assurance engagement?
Question328: Which of the following activities should the chief audit executive perform to ensure compliance with an organization's code of conduct?
Question329: Which of the following would provide the best support for internal auditors to meet their continuing professional development requirements?
Question330: According to IIA guidance, which of the following statements is true regarding ISO 31000?
Question331: Management authorizes internal audit only to view production reports that are built into the system.
How can the chief audit executive create buy-in with management and attain the access required for the engagement?
Question332: Which of the following best describes a proactive role for the internal audit activity with regard to the organization's ethics program?
Question333: Which of the following is considered to be a threat to the internal auditor's objectivity?
Question334: An internal audit activity is taking steps to promote professional development among the staff, and is in the process of implementing a mentorship program. According to HA guidance, which of the following is important for a successful mentorship program?
Question335: Which of the following is ultimately responsible for the continuing professional development of internal audit activity staff?
Question336: Which of the following is the primary engagement responsibility of an entry-level internal auditor?
Question337: According to MA guidance, which of the following statements is true regarding internal auditors' use of technology-based techniques?
Question338: Which of the following is the first step in the process of identifying relevant fraud risk factors?
Question339: Which of the following would be considered a monitoring activity in organization wide risk management?
Question340: Which of the following actions is a chief audit executive most likely to take in order to identify gaps in the internal audit activity's knowledge, skills, and competencies?
Question341: Which of the following best describes the board's role in establishing effective organizational governance?
Question342: Which of the following best describes the internal audit activity's contribution to the implementation of the risk management framework?
Question343: Nearing the completion of fieldwork, an internal auditor shared the draft report findings with management prior to the closing meeting. During the closing meeting, management expressed dissatisfaction in that they were not familiar with some of the findings. Management also noted that some aspects of the report seemed confusing. Which of the following competencies appears to have been lacking in this scenario?
Question344: Which of the following scenarios demonstrates nonconformance with the Standards?
Question345: Due to the increased operational responsibility of the CEO the chief audit executive (CAE) of an organization currently reports to the chief financial officer (CFO) What is the likely impact of such a situation?
Question346: Which of the following statements demonstrates that internal auditors are in conformance with the standard of due professional care?
Question347: Anew internal auditor suspects fraud is taking place. Which action should the new auditor take?
Question348: Which of the following is the best way for an internal auditor to demonstrate due professional care?
Question349: The audit committee chair requested that the chief audit executive include in his annual report to the audit committee information related to how the internal audit activity meets its requirement for due professional care. Which of the following statements would be appropriate to include in the report?
Question350: During the closing meeting of a procurement audit, the business manager disagrees with the observation presented by the engagement supervisor and accuses the team of not understanding the procurement objectives The engagement supervisor blames the manager for impeding the audit What skillset should the chief audit executive utilize to manage this situation?
Question351: According to IIA guidance, the internal audit activity must be free from interference in which of the following areas in order to maintain organizational independence?
Question352: Which of the following would be a preventive control for helping to manage fraud in an organization?
Question353: Which documents would help a forensic auditor identify instances of collusion between an employee and vendor to defraud the organization?
Question354: According to IIA guidance, which of the following statements regarding ethics is true?
Question355: Which of the following is the internal audit activity expected to do with respect to the organization's governance processes?
Question356: Which of the following is true regarding internal audit role's in The IIA's Three Lines Model?
Question357: The accounting department asked the chief audit executive (CAE) to perform a review of suspicious transactions. The CAE was an accounting manager for the organization six months ago.
How should she respond to the request?
Question358: Which of the following survey questions would be most effective to identify ethics violations within the organization?
Question359: In the context of an internal control framework, organizational structure and assignment of authority and responsibility is related to which of the following?
Question360: According to MA guidance, which of the following is the most accurate statement regarding the internal audit charter?
Question361: According to MA guidance, which of the following statements is true regarding an effective governance process?
Question362: According to IIA guidance, which of the following best describes expense reimbursement fraud?
Question363: Which statement is accurate regarding reporting on the quality assurance and improvement program (OAIP) to conform with the International Standards for the Professional Practice of Internal Auditing?
Question364: Which of the following actions would best help the internal audit activity promote continuous improvement in control effectiveness within the organization?
Question365: An internal audit team was assigned to review the organization's information security protocol After fieldwork was completed an internal auditor identified an error in the review of security access The error could affect the overall results of the engagement Which of the following is the most appropriate course of action for the internal auditor?
Question366: A manufacturer of power tools is experiencing regular fluctuations in the price of electrical power which is having a serious impact on the bottom line. Which of the following would be the most effective risk strategy to reduce the impact of these fluctuations?
Question367: An internal auditor assessed that the risk of steel theft at a plant is high. In response, the plant's management introduced a number of controls, including fences around the facility, a metal detector at the entrance, and monthly steel inventory counts. If the controls operate as intended, which of the following outcomes would the internal auditor hope to see?
Question368: Which of the following statements is true regarding external quality assessments?
Question369: Management would like to self-assess the overall effectiveness of the controls in place for its 200-person manufacturing department. Which of the following client-facilitated approaches is likely to be the most efficient way to accomplish this objective?
Question370: According to the 11A Code of Ethics, which of the following is required with regard to communicating results?
Question371: Which of the following scenarios would most significantly restrict the areas where internal audit could perform assurance services?
Question372: Which of the following indicates an appropriate disclosure of a potential nonconformance with the Standards?
Question373: An organization's board of directors has decided that the internal audit activity must have greater access to different pans of the organization in order to perform their assurance work effectively Which of !he following areas is the board seeking to improve by making this change?