EMT Practice Test

1. Question Content...


Question List

Question1: The final internal audit report should be distributed to which of the following individuals?

Question2: Which of the following topics must the internal audit staff discuss with management during the exit conference?
1. Issues identified during the audit.
2. Evaluation criteria used to select controls for testing.
3. Staff who were interviewed during the audit.
4. The reporting process for the draft and final report.

Question3: Which of the following is least likely to help ensure that risk is considered in a work program?

Question4: A chief audit executive is preparing interview questions for the upcoming recruitment of a senior internal auditor. According to IIA guidance, which of the following attributes shows a candidate's ability to probe further when reviewing incidents that have the appearance of misbehavior?

Question5: Which of the following conclusions would be appropriate for a beginning auditor performing an audit of a payroll department?

Question6: According to the International Professional Practices Framework, which of the following is not an objective of the exit conference?

Question7: The chief audit executive (CAE) notes during review of the final report of an assurance engagement that management has decided to accept the risks of two significant exposures identified by the audit. Which of the following actions by the CAE would be least prudent in these circumstances?

Question8: Which of the following is not a direct benefit of control self-assessment (CSA)?

Question9: An internal auditor has a recommendation to change operations which could potentially increase profits by $50,000. The best way to sell this recommendation to management is to:

Question10: Which of the following is used to identify and prioritize critical business applications to determine those that must be restored and the order of restoration in the event that a disaster impairs information systems processing?

Question11: Which of the following would most likely cause an internal auditor to consider adding fraud work steps to the audit program?

Question12: The scope of a business process review primarily involves:

Question13: A payroll clerk enters payroll transactions into the general ledger. The staff accountant reconciles the payroll ledgers. The payroll manager issues the manual payroll checks. The checks are maintained in a locked cabinet. The chief financial officer secures the keys to the cabinet. The payroll clerk distributes the manual checks.
The payroll manager reconciles the bank statements monthly. Which of the following audit steps best addresses the risk of fraud in the payroll process?

Question14: According to IIA guidance, which of the following statements is true regarding the authority of the chief audit executive (CAE) to release previous audit reports to outside parties?

Question15: Given the scarcity of internal audit resources, a chief audit executive (CAE) decided not to schedule a follow-up of audit recommendations when developing engagement work schedules. Does the CAE's decision violate the Standards?

Question16: A manufacturer is under contract to produce and deliver a number of aircraft to a major airline. As part of the contract, the manufacturer is also providing training to the airline's pilots. At the time of the audit, the delivery of the aircraft had fallen substantially behind schedule while the training had already been completed. If half of the aircraft under contract have been delivered, which of the following should the internal auditor expect to be accounted for in the general ledger?

Question17: According to the Standards, which of the following would least likely be considered a red flag when evaluating the risk for fraud?

Question18: In order to effectively elicit sensitive information from an employee during an audit engagement, an auditor should:

Question19: Checklists used to assess audit risk have been criticized for all of the following reasons except:

Question20: While conducting a payroll audit, an internal auditor in a large government organization found inadequate segregation in the duties assigned to the assistant director of personnel. When the auditor explained the risk of fraud, the assistant director became upset, terminated the interview, and threatened to sue the organization for defamation of character if the audit engagement was not curtailed. The auditor discussed the situation with the chief audit executive (CAE). The CAE should then:

Question21: The chief audit executive (CAE) determined that based on management's oral response, the action taken regarding an audit observation was sufficient when weighted against the relative importance of the audit recommendation. Which of the following is the most appropriate step for the internal auditor to take next?

Question22: An internal auditor found that the cost of some material installed on capital projects had been transferred to the inventory account because the capital budget had been exceeded. Which of the following would be an appropriate technique for the auditor to use to determine the extent of the problem?

Question23: Which of the following is not an outcome of control self-assessment?

Question24: Which of the following is a preventive control strategy against fraud?

Question25: When creating the internal audit plan, the chief audit executive should prioritize engagements based primarily on which of the following?

Question26: If an auditor is sampling to test compliance with a particular company policy, which of the following factors should not affect the allowable level of sampling risk?

Question27: During an assurance engagement, an internal auditor noted that the time staff spent accessing customer information in large Excel spreadsheets could be reduced significantly through the use of macros. The auditor would like to train staff on how to use the macros. Which of the following is the most appropriate course of action for the internal auditor to take?

Question28: An internal auditor is conducting tests to determine if an organization is in compliance with its payment approval policies. After reviewing a sample of vouchers selected, the internal auditor concluded that there were indicators of fraud. Which of the following would be the most appropriate method to expand the audit test to achieve the audit objective?
I.
Validate the completeness of the accounts payable files.
II.
Examine the sample of vouchers in greater detail.
III.
Increase the number of vouchers in the sample.
IV.
Broaden the scope of the examination to include credits received by accounts payable.

Question29: At the conclusion of an audit of an organization's treasury department, a report was issued to the treasurer, chief financial officer, president, and board. Because of the sensitivity of some findings, a follow-up review was performed. The auditor should provide the report of follow-up findings to the:
I. Treasurer.
II. Chief financial officer.
III. President.
IV. Board.

Question30: When planning an audit engagement, what should an internal auditor first consider when assessing the risk of fraud in the area to be audited?

Question31: In which of the following cases is it appropriate for an audit report to not contain management's response either within the report or as an attachment?

Question32: In response to an audit finding, senior management informed the auditor that the issue would be investigated and resolved when time permitted. According to the International Professional Practices Framework, this action was not acceptable because:

Question33: A company's policy requires that all customers be treated in a fair and consistent manner. Which of the following audit procedures would provide the most persuasive evidence that the policy was followed?

Question34: According to IIA guidance, which of the following is true regarding audit supervision?
1. Supervision should be performed throughout the planning, examination, evaluation, communication, and follow-up stages of the audit engagement.
2. Supervision should extend to training, time reporting, and expense control, as well as administrative matters.
3. Supervision should include review of engagement workpapers, with documented evidence of the review.

Question35: An internal auditor is reviewing a new automated human resources system. The system contains a table of pay rates which are matched to the employee job classifications. The best control to ensure that the table is updated correctly for only valid pay changes would be to:

Question36: Which of the following would be the best audit procedure to use to determine if a division's unusually high sales and gross margin for November and December were the result of fraudulently recorded sales?

Question37: An internal auditor determines that certain information from the engagement results is not appropriate for disclosure to all report recipients because it is privileged. In this situation, which of the following actions would be most appropriate?

Question38: When interrogating an individual who is suspected of fraud, it is appropriate to:

Question39: Which of the following is an appropriate responsibility for the internal audit activity with regard to the organization's risk management program?

Question40: A limitation of using ratio analysis in an audit engagement is that it:

Question41: Which of the following would provide the best evidence of compliance with an airline's standard of having aircraft refueled and cleaned within a specified time of arrival at an airport?

Question42: An internal control questionnaire would be most appropriate in which of the following situations?

Question43: Which of the following would cause a company's accounts receivable turnover ratio to decrease steadily over a three-year period?

Question44: Company A has a formal comprehensive corporate code of ethics while company B does not.
Which of the following statements regarding the existence of the code of ethics in company A can be logically inferred?
I. Company A exhibits a higher standard of ethical behavior than does company B.
II. Company A has established objective criteria by which an employee's actions can be evaluated.
III. The absence of a formal corporate code of ethics in company B would prevent a successful audit of ethical behavior in that company.

Question45: Which of the following examples of audit evidence is the most persuasive?

Question46: An organization has a large number of vendors supplying goods to its various branches across the region. The code of conduct statements signed by the employees specify that the employees or their families will not sell goods to the organization. However, during the internal audit of a branch, the internal auditor suspected that some of the employees may be supplying goods to the organization contrary to the code of conduct. The chief audit executive has requested that a thorough review be completed to identify the potential employee vendors. Of the following tests, it would be least useful to compare [List A] with [List B].
[List A]
[List B]

Question47: Which of the following is a red flag associated with fictitious revenues?

Question48: Which of the following is not relevant when developing recommendations for inclusion in audit reports?

Question49: Which of the following does not represent a difficulty in using red flags as fraud indicators?

Question50: An internal auditor has been assigned to perform a quality audit on a manufacturing plant. Which course of action should the auditor perform first?

Question51: A report prepared by the internal audit activity contains several observations that disclose proprietary information regarding the organization's manufacturing process. According to the International Professional Practices Framework, which of the following is the appropriate treatment for this report?

Question52: Which of the following statements describes an engagement planning best practice?

Question53: During the planning phase of an audit of the treasury function, an internal auditor conducted a risk assessment of the function in order to:

Question54: If the chief audit executive believes that senior management has accepted a level of residual risk that is unacceptable to the organization, they should:

Question55: Which of the following would have the least significance in an audit of the efficiency of a driver's license testing facility?

Question56: The best method for assessing the relative importance of risk factors is to:

Question57: What is the most important risk in determining the validity of construction delay claims?

Question58: An internal auditor notes that employees continue to violate segregation-of-duty controls in several areas of the finance department, despite previous audit recommendations. Which of the following recommendations is the most appropriate to address this concern?

Question59: The scope of a consulting engagement performed by internal auditors should:

Question60: Which of the following would most likely include recommendations for process improvements?
* Due diligence engagement.
* Forensic investigation.
* Internal audit engagement.
* Consulting engagement.

Question61: An organization's internal audit plan includes a recurring assurance review of the human resources (HR) department. Which of the following statements is true regarding preliminary communication between the auditor in charge (AIC) and the HR department?
1. The AIC should notify HR management when the draft audit plan is being developed, as a courtesy.
2. The AIC should notify HR management before the planning stage begins.
3. The AIC should schedule formal status meetings with HR management at the start of the engagement.
4. The AIC should finalize the scope of the engagement before communicating with HR management.

Question62: Which of the following would provide the best audit evidence regarding the effectiveness of an applied research department?

Question63: During a systems development audit, software developers indicated that all programs were moved from the development environment to the production environment and then tested in the production environment. What should the auditor recommend?
I. Implement a test environment to ensure that testing is not performed in the production environment.
II. Require developers to move modified programs from the development environment to the test environment and from the test environment to the production environment.
III. Eliminate access by developers to the production environment.

Question64: Which of the following items should be addressed in an organization's privacy statement?
I.
Intended use of collected information.
II.
Data storage and security.
III.
Network/infrastructure authentication controls.
IV.
Data retention policy of the organization.
Parties authorized to access information.

Question65: During an audit of a branch bank, an internal auditor learned that a series of system failures had resulted in a four-day delay in processing customers' scheduled payroll direct deposits. The first failure was that of a disk drive, followed by software and other minor failures. Which of the following controls should the auditor recommend to avoid similar delays in processing?

Question66: While performing a follow-up of a concern about equipment-inventory tracking, which course of action is not necessary for the auditor to take?

Question67: A bank uses a risk analysis matrix to quantify the relative risk of auditable entities. The analysis involves rating auditable entities on risk factors using a scale of 1 to 10, with 10 representing the greatest risk. A partial list of risk factors and the ratings given to three of the bank's departments is provided below:

Which of the following statements regarding risk in the department is true?

Question68: Due to a recent system upgrade, an audit is planned to test the payroll process. Which of the following audit objectives would be most important to prevent fraud?

Question69: Which of the following is the correct ratio to use in calculating the dollar value of the population if the auditor is using ratio estimation?
Number of Items
Audited Value
Carrying Amount
Sample
300
$500,000
$480,000
Population
3,000
$5,000,000

Question70: According to IIA guidance, which of the following factors should the auditor in charge consider when determining the resource requirements for an audit engagement?

Question71: Production managers for a manufacturing company are authorized to prepare emergency purchase orders for raw materials. These manually prepared orders do not go through the purchasing department and do not require a receiving report. The managers forward the invoice and purchase order to the accounting department for payment. Which of the following internal controls would efficiently prevent abuse of this system?

Question72: Which of the following would have the least impact (either positive or negative) on an assessment of a department's control environment?

Question73: When conducting a performance appraisal of an internal auditor who has been a below-average performer, it is not appropriate to:

Question74: An auditor decides to perform an inventory turnover analysis for both raw materials inventory and finished goods inventory. The analysis would be potentially useful in:
I. Identifying products for which management has not been attuned to changes in market demand.
II. Identifying potential problems in purchasing activities.
III. Identifying obsolete inventory.

Question75: In a review of an electronic data interchange application using a third-party service provider, the auditor should:
I. Ensure encryption keys meet International Organization for Standardization (ISO) standards.
II. Determine whether an independent review of the service provider's operation has been conducted.
III. Verify that only public-switched data networks are used by the service provider.
IV. Verify that the service provider's contracts include necessary clauses, such as the right to audit.

Question76: An auditor-in-charge is preparing her audit team for a consulting engagement at one of the organization's foreign subsidiaries. According to the Standards, which of the following would not be a necessary step prior to beginning the engagement?

Question77: According to IIA guidance, which of the following are benefits to the internal audit activity when conducting an assurance mapping exercise?

Question78: Which of the following tasks is typically performed in the analysis phase of a benchmarking consulting engagement?

Question79: Which of the following types of sampling techniques should an internal auditor use when testing the effectiveness of internal controls?

Question80: An internal auditor has completed an audit of an organization's activities and is ready to issue a report. However, the client disagrees with the internal auditor's conclusions. The auditor should:

Question81: Which of the following situations would best support the decision of a chief audit executive (CAE) to defer follow-up activity at a branch office until the next audit engagement?

Question82: During an engagement, an internal auditor discovered that an organization's policy on delegation of authority listed six individuals who were no longer employed with the organization. In addition, four individuals acting with disbursement authority were not identified in the policy as having such authority. Which of the following is the most effective course of action to address the control weakness?

Question83: An internal auditor would most likely use attributes sampling when testing which of the following?

Question84: Which of the following, if observed, would not indicate the need to extend the search for other indicators of fraud in a purchasing department?

Question85: What is the most likely source of information for a detailed schedule of a company's insurance policies in force?

Question86: The chief audit executive of a large publicly held bank is using a risk based approach to update the annual audit plan. Which of the following sources of information will have the least impact on the plan?

Question87: Which of the following tests must an internal auditor perform in order to ensure that inbound electronic data interchange (EDI) transactions are received and translated accurately?
I. Computerized tests to assess transaction reasonableness and validity.
II. Review of log books to ensure that transactions are logged upon receipt.
III. Edit checks to identify unusual transactions.
IV. Verification of limitations on the authority of users to initiate specific EDI transactions.

Question88: All of the following tools are employed to control large-scale projects except:

Question89: According to the Standards, which of the following would have the least direct interest in the draft report of a compliance review of the purchasing function?

Question90: A newly promoted chief audit executive (CAE) is faced with a backlog of assurance engagement reports to review for approval. In an attempt to attach a priority for this review, the CAE scans the opinion statement on each report. According to IIA guidance, which of the following opinions would receive the lowest review priority?
1. Graded positive opinion.
2. Negative assurance opinion.
3. Limited assurance opinion.
4. Third-party opinion.

Question91: If participants in a control self-assessment workshop begin breaking their agreed-upon ground rules, the facilitator should:

Question92: According to IIA guidance, which of the following individuals should receive the final audit report on a compliance engagement for the organization's cash disbursements process?

Question93: An internal auditor is conducting an assessment of the purchasing department. She has worked the full amount of hours budgeted for the engagement; however, the audit objectives are not yet complete. According to IIA guidance, which of the following are appropriate options available to the chief audit executive?
1. Allow the auditor to decide whether to extend the audit engagement.
2. Determine whether the work already completed is sufficient to conclude the engagement.
3. Provide the auditor feedback on areas of improvement for future engagements.
4. Provide the auditor with instructions and directions to complete the audit.

Question94: Which of the following actions has the least influence on the chief audit executive's development of an audit plan?

Question95: Which of the following is a responsibility of the internal auditor once a fraud investigation has been concluded?

Question96: An organization decides to create an internal audit function and hires a new chief audit executive (CAE). Which of the following should the CAE first consider when developing the internal audit process?

Question97: Which of the following is the least relevant when preparing the internal audit activity's annual engagement plan?

Question98: An organization has developed a large database that tracks employees, employee benefits, payroll deductions, job classifications, and other similar information. The internal auditor reviews the retirement benefits plan and determines that the pension and medical benefits have been changed several times in the past ten years. The auditor wishes to determine whether there is justification to perform further audit investigation. The most appropriate audit procedure would be to:

Question99: Which of the following would be the most effective method to prevent installation of new equipment that does not meet environmental permit requirements, or to prevent modification of current processes in such a way that they no longer meet permit requirements?

Question100: An internal auditor is conducting an assessment of the organization's fraud controls. Which of the following would not be considered a preventive control?
1. Daily report that identifies unsuccessful system log-in attempts.
2. Weekly management communication with tips on identifying possible fraud.
3. E-mail alert sent to management for checks issued over $100,000.00.
4. New hire training to explain fraud and employee misconduct.

Question101: Which of the following is an advantage to using the questionnaire approach when conducting risk and control self assessments?

Question102: New credit policies have been implemented in an automated order-entry system to improve the collection of receivables. Sales management has compiled several examples that show decreased sales and delayed order entry, and contends that these examples are a direct result of the new credit-policy constraints. Sales management's data and information provide.

Question103: An organization's internal auditors are reviewing production costs at a gas-powered electrical generating plant. They identify a serious problem with the accuracy of carbon dioxide emissions reported to the environmental regulatory agency, due to computer errors. The auditors should immediately report the concern to:

Question104: In a sampling application, the group of items about which the auditor wants to estimate some characteristic is called the:

Question105: During an audit of a major contract, an auditor finds that actual hours and dollars billed are consistently at or near budgeted amounts. This condition is a red flag for which of the following procurement fraud schemes?

Question106: An internal auditor recommended that an organization implement computerized controls in its sales system in order to prevent sales representatives from executing contracts in excess of their delegated authority levels. A follow-up review found that the sales system had not been modified, but a process had been implemented to obtain written approval by the vice president of sales for all contracts in excess of $1 million. The chief audit executive (CAE) would be justified in reporting this situation to the organization's board iF.
I.
In the opinion of the CAE, the level of residual risk assumed by senior management is too high.
II.
Testing of compliance with the new process finds that all new contracts in excess of $1 million have been approved by the vice president of sales.
III.
The cost of modifying the sales system to include a preventive control is less than $100,000.

Question107: The internal audit activity's primary responsibility in a review or examination of the organization by an external regulatory body is to:

Question108: After becoming aware of control weaknesses indicating that a fraud could have been committed, which of the following actions should an internal auditor take next?

Question109: In response to an accounts receivable confirmation, a customer indicated that the invoice listed on the confirmation letter had been paid two months earlier.
This may indicate that:

Question110: An internal auditor is evaluating controls over the purchasing function. The function includes the material control department, the purchasing department, and the receiving department. Which of the following is true regarding the presentation of the process flow among the three departments?

Question111: Which of the following statements is false regarding roles and responsibilities pertaining to risk management and control?

Question112: An audit of a Web-based third-party payment processor determined that a programming error enabled customers to create multiple accounts for each mailing address. This caused problems during the processing of credit card transactions. Management agreed to correct the program and notify customers with multiple accounts that the accounts would be consolidated. What should the auditor do in response?
I. Amend the scope of the subsequent audit to verify that the program was corrected and that accounts were consolidated.
II. Evaluate the adequacy and effectiveness of the corrective action proposed by management.
III. Schedule a follow-up review to verify that the program was corrected and the accounts were consolidated.
IV. Do nothing because management has agreed to address the problem.

Question113: Which of the following would be the least desirable criteria against which to judge current operations of an organization's treasury function?

Question114: A staff auditor, nearly finished with an audit engagement, discovers that the director of marketing has a gambling habit. The gambling issue is not directly related to the existing engagement and there is pressure to complete the current engagement. The auditor notes the problem and forwards the information to the chief audit executive but performs no further follow-up. The auditor's actions woulD.
I.
Be in violation of the IIA Code of Ethics for withholding meaningful information.
II.
Be in violation of the Standards because the auditor did not properly follow up on a red flag that might indicate the existence of fraud.
III.
Not be in violation of either the IIA Code of Ethics or Standards.

Question115: Which of the following factors would not be considered in determining appropriate follow-up procedures?

Question116: An audit of management's quality program includes testing the accuracy of the cost-of-quality reports provided to management. Which of the following internal control objectives is the focus of this testing?

Question117: An internal auditor is reviewing purchases made through the organization's corporate credit card program. Which of the following statements best describes a root cause of a deficiency?

Question118: An auditor used a questionnaire during an interview to gather information about the nature of credit sales processing. The questionnaire did not cover some pertinent information offered by the person being interviewed, and the auditor did not document the potential problems for further investigation.
The primary deficiency with the above process is that:

Question119: Which of the following conditions are necessary for successful change management?
1. Decisions and necessary actions are taken promptly.
2. The traditions of the organization are respected.
3. Changes result in improvement or reform.
4. Internal and external communications are controlled.

Question120: Which of the following should be included in a privacy audit engagement?
1. Assess the appropriateness of the information gathered.
2. Review the methods used to collect information.
3. Consider whether the information collected is in compliance with applicable laws.
4. Determine how the information is stored.

Question121: A key to effective benchmarking in a consulting engagement is identifying the issues that can be:

Question122: A bakery chain has a statistical model that can be used to predict daily sales at individual stores based on a direct relationship to the cost of ingredients used and an inverse relationship to rainy days. What conditions would an internal auditor look for as an indicator of employee theft of food from a specific store?

Question123: Which of the following evaluation criteria would be the most useful to help the chief audit executive determine whether an external service provider possesses the knowledge, skills, and other competencies needed to perform a review?

Question124: Which of the following audit planning activities adds the least value in understanding the current risk exposures facing the corporation?

Question125: Which of the following factors could interfere with effective problem solving by an internal auditor?
I. Reacting to previous experiences with clients.
II. Focusing only on the most likely cause.
III. Correcting the symptoms of problems.

Question126: The chief executive officer has requested that the chief audit executive (CAE) coordinate the establishment of an enterprise risk management (ERM) program for the organization. Which of the following would be the most appropriate action for the CAE?

Question127: The board has asked the internal audit activity (IAA) to be involved in the organization's enterprise risk management process. Which of the following activities is appropriate for IAA to perform without safeguards?

Question128: To furnish useful and timely information and promote improvements in operations, internal auditors should provide:

Question129: When approving the final engagement report, which of the following is most critical?

Question130: According to the International Professional Practices Framework, which of the following would not be considered when performing an initial risk assessment in engagement planning?

Question131: Access control software on an organization's mainframe computer records detailed information concerning both successful and unsuccessful log-on attempts to applications. Which of the following audit tools would be best suited to review the access information that has been recorded?

Question132: Which of the following situations might allow an employee to steal checks sent to an organization and subsequently cash them?

Question133: According to the International Professional Practices Framework, which of the following is correct regarding conducting and reporting follow-up activities by the internal audit activity (IAA)?

Question134: The chief audit executive (CAE) of a new organization is in the process of determining the manner in which audit reports will be distributed and to whom. According to the Standards, which of the following is the most appropriate course of action for the CAE to take to develop this distribution process?

Question135: During the quarterly review of the internal audit activity's performance, the chief audit executive (CAE) notes that actual engagement hours consistently exceed the budget. Which of the following strategies would most likely help the CAE address this problem?
* The budget should consider time spent on similar engagements.
* The budget should consider the proficiency of the assigned auditors.
* The budget estimate should provide for unexpected delays.
* The budget should be specific as to time for each work assignment.

Question136: The following is an excerpt from an audit engagement workpaper:
A Company
Accounts Receivable
Date
Objective. To determine if the computer system is correctly recording all accounts receivable transactions.
Procedures: Judgmental selection of a sample of all accounts receivable balances greater than $50,000 for positive confirmation of balances.
Conclusion: Based on the results of testing wherein all but three confirmations were returned, the accounts receivable balance is fairly presented in all material respects.
Which of the following is true regarding the workpaper?

Question137: During a consulting engagement, an internal auditor identifies new risks which will impact the scope and sufficiency of the engagement audit plan. According to the Standards, the internal auditor should:

Question138: Which of the following are key characteristics of enterprise risk management?
1. It considers risk in the formulation of strategy.
2. It applies risk management in some units of an entity.
3. It takes a portfolio view of risks throughout the enterprise.
4. It restricts the organization's ability to seize opportunities inherent in future events.

Question139: Which of the following would be an appropriate improvement to controls over large quantities of consumable material that are charged to expense when placed in bins which are accessible to production workers?

Question140: Which of the following situations would justify the removal of a finding from the final audit report?

Question141: Audit supervision includes approval of the engagement report in order to ensure that:

Question142: According to IIA guidance, which of the following statements best justifies a chief audit executive's request for external consultants to complement internal audit activity (IAA) resources?

Question143: The chief risk officer (CRO) of a large manufacturing organization decided to facilitate a workshop for process managers and staff to identify opportunities for improving productivity and reducing defects. Which of the following is the most likely reason the CRO chose the workshop approach?

Question144: Which of the following would be an appropriate role of the internal audit function?

Question145: Which of the following is the most common method management can use to manage risk within its risk appetite?

Question146: According to IIA guidance, which of the following activities is most likely to enhance stakeholders' perception of the value the internal audit activity (IAA) adds to the organization?
1. The IAA uses computer-assisted audit techniques and IT applications.
2. The IAA uses a consistent risk-based approach in both its planning and engagement execution.
3. The IAA demonstrates the ability to build strong and constructive relationships with audit clients.
4. The IAA frequently is involved in various project teams and task forces in an advisory capacity.

Question147: The chief audit executive (CAE) decided that based on management's oral response, the action taken on an audit observation for a minor improvement in the client's process is sufficient and no further follow-up is necessary. Which of the following would be the best statement regarding the action of the CAE?

Question148: Which of the following methods would an auditor most likely use to document a complex sales order process?

Question149: Which of the following would be an appropriate and effective control self-assessment approach in an organization with an authoritative culture?
I . Facilitated meeting
II . Survey
III . Management-produced analysis

Question150: During a review of performance measures in an organization's purchasing function, the preliminary survey indicates that most of the measures have been in use for some time. The internal auditor should:

Question151: If an auditor expects to find numerous discrepancies between recorded values and audited values of sample selections, which sampling technique would be most appropriate?

Question152: A code of business conduct should include which of the following to increase its deterrent effect?
1. Appropriate descriptions of penalties for misconduct.
2. A notification that code of conduct violations may lead to criminal prosecution.
3. A description of violations that injure the interests of the employer.
4. A list of employees covered by the code of conduct.

Question153: Many questionnaires are made up of a series of different questions that use the same response categories (for example: strongly agree, agree, neither, disagree, strongly disagree). Some designs will have different groups of respondents answer alternate versions of the questionnaire that present the questions in different orders and reverse the orientation of the endpoints of the scale (for example: agree on the right and disagree on the left). The purpose of such questionnaire variations is to:

Question154: Which of the following will be an appropriate course of action when an auditor disagrees with a client about a well-documented audit finding?

Question155: A company used simple regression analysis to analyze maintenance costs against machine hours (MH) for a 26-week period when the plant was in full operation. The regression yielded the following estimated cost function:
Maintenance Cost = $60 + $0.25/MH
The regression analysis also generated a coefficient of determination (R2), or goodness of fit, of 0.85. Which of the following statements regarding this regression analysis is appropriate?

Question156: Which of the following statements is true pertaining to interviewing a fraud suspect?
1. Information gathered can be subjective as well as objective to be useful.
2. The primary objective is to obtain a voluntary written confession.
3. The interviewer is likely to begin the interview with open-ended questions.
4. Video recordings always should be used to provide the highest quality evidence.

Question157: Cross-referencing individual payroll time cards to personnel department records and reports would allow an internal auditor to determine whether:

Question158: Which of the following is a weakness that is inherent in the use of the test data method to test internal controls in a computer-based accounting system?

Question159: Because of an abundance of high priority requests from management, an internal audit activity no longer has the resources to meet all of its commitments contained in the annual audit plan. Which of the following would be the best course of action for the chief audit executive to follow?

Question160: An organization contracted a third party to construct a new facility that was estimated to cost $25 million. Which of the following is the most pertinent reason for the organization to audit the contractor's records?

Question161: The internal audit activity performs the following sequence of risk management activities: identification, analysis, and evaluation. According to IIA guidance, which of the following assurance approaches does this describe?

Question162: Which of the following is the best problem-solving technique to use when analyzing performance and cost?

Question163: A post-audit questionnaire sent to audit clients is an effective mechanism for:

Question164: An audit of an organization's claims department determined that a large number of duplicate payments had been issued due to problems in the claims processing system. During the exit conference, the vice president of the claims department informed the auditors that attempts to recover the duplicate payments would be initiated immediately and that the claims processing system would be enhanced within six months to correct the problems. Based on this response, the chief audit executive should:

Question165: Which of the following tasks would be considered unusual for planning a control self-assessment workshop?

Question166: After partially completing an internal control review of the accounts payable department, an auditor suspects that some type of fraud has occurred. To ascertain whether the fraud is present, the best sampling approach would be to use.

Question167: An organization does not have a formal risk management function. According to the Standards, which of the following are conditions where the internal audit activity (IAA) may provide risk management consulting?
1. There is a clear strategy and timeline to migrate risk management responsibility back to management.
2. The IAA has the final approval on any risk management decisions.
3. The IAA does not give objective assurance on any part of the risk management framework for which it is responsible.
4. The nature of services provided to the organization is documented in the internal audit charter.

Question168: An internal auditor provided the following statement about division A's performance during the month: "Because supplies of raw material X were scarce, division A's profits declined by 15 percent." Which of the following can be validly concluded from the auditor's statement?
I . Division A's production level declined by 15 percent.
II . Division A could have sold more products than it produced.
III . Division A usually sells all of the products that it produces.

Question169: Which of the following potential performance measures should an auditor recommend excluding from a performance scorecard?

Question170: Which of the following actions is related to the preliminary survey process?

Question171: What is the primary reason for having audit management approve audit engagement reports?

Question172: According to IIA guidance, which of the following is true about the supervising internal auditor's review notes?
* They are discussed with management prior to finalizing the audit.
* They may be discarded after working papers are amended as appropriate.
* They are created by the auditor to support her fieldwork in case of questions.
* They are not required to support observations issued in the audit report.

Question173: In forming a team to investigate an organization's potential adoption of an activity-based costing system, the best reason to include an internal auditor on the team would be the auditor's knowledge of:

Question174: Which of the following is an advantage of an interim report?
I.
An interim report provides timely feedback to the audit engagement client.
II.
An interim report provides a mechanism for communicating information on red flags promptly while they are being investigated.
III.
An interim report provides an opportunity for auditor follow-up of findings before the engagement is completed.
IV.
An interim report increases the probability that corrective action will be initiated more quickly.

Question175: According to IIA guidance, which of the following accurately describes the responsibilities of the chief audit executive with respect to the final audit report?
1. Coordinate post-engagement conferences to discuss the final audit report with management.
2. Include management's responses in the final audit report.
3. Review and approve the final audit report.
4. Determine who will receive the final audit report.

Question176: Which of the following data sources would provide the least valid data for an audit of a retail store's customer service?

Question177: A retail sales company has discontinued a product that normally sold for $100. During the first month of a sale of the product, a 20 percent discount was given. Later that sale price was reduced by an additional 40 percent. What was the overall discount from the original selling price?

Question178: Which of the following is the primary reason the chief audit executive should consider the organization's strategic plans when developing the annual audit plan?