EMT Practice Test

1. Question Content...


Question List

Question1: Following an audit, management developed an action plan to improve controls over the handling of scrap metal. Which of the following would be the most appropriate course of action for the auditor to follow up?

Question2: Which of the following best exemplifies having effective risk management and internal control processes?

Question3: Which of the following best describes the manual audit procedure known as vouching?

Question4: An internal auditor wanted to determine whether company vehicles were being used for personal purposes She extracted a report that listed company vehicle numbers business units to which the vehicles are allocated travel dates, travel duration and mileage She then filtered the data for weekend dates Which of the following additional information would the auditor need?

Question5: Which of the following internal audit procedures commonly involves sampling?

Question6: Which of the following internal audit activity staffing models has the disadvantage that auditors are always new and in training?

Question7: An internal audit manager is planning a contract compliance audit Which of the following should be done prior to developing the audit work program?

Question8: During audit engagement planning, an internal auditor is determining the best approach for leveraging computer-assisted audit techniques (CAATs). Which of the following approaches maximizes the use of CAATs and why?

Question9: An internal auditor accessed accounts payable records and extracted data related to fuel purchased tor the organization's vehicles As a first step, she sorted the data by vehicle and used spreadsheet functions to identify all instances of refueling on the same or sequential dates She then performed other tests Based on the auditor's actions which of the following is most likely the objective of this engagement1?

Question10: As a result of server managements assumption of risk there is residual risk that exceeds me organisation's risk appetite. Which of the following actions would be most appropriate for the chief audit executive to take?

Question11: After the team member who specialized in fraud investigations left the internal audit team, the chief audit executive decided to outsource fraud investigations to a third party service provider on an as needed basis. Which of the following is most likely to be a disadvantage of this outsourcing decision?

Question12: An internal auditor is conducting a preliminary survey of the investments area, and sends an internal control questionnaire to the management of the function. (An extract of the survey is provided below).

1. Are there any restrictions for any company's investments?
2. Are there any written policies and procedures that document the flow of investment processing?
3. Are investment purchases recorded in the general ledger on the date traded?
4. Is the documentation easily accessible to an persons who need in to perform their job?
Which of the following is a drawback of testing methods like this?

Question13: Which of the following is an appropriate role for the internal audit activity with regard to the organization's risk management program?

Question14: When forming an opinion on the adequacy of management's systems of internal control, which of the following findings would provide the most reliable assurance to the chief audit executive?
* During an audit of the hiring process in a law firm, it was discovered that potential employees' credentials were not always confirmed sufficiently. This process remained unchanged at the following audit.
* During an audit of the accounts payable department, auditors calculated that two percent of accounts were paid past due. This condition persisted at a follow up audit.
* During an audit of the vehicle fleet of a rental agency, it was determined that at any given time, eight percent of the vehicles were not operational. During the next audit, this figure had increased.
* During an audit of the cash handling process in a casino, internal audit discovered control deficiencies in the transfer process between the slot machines and the cash counting are a. It was corrected immediately.

Question15: According to IIA guidance, which of the following best describes the purpose of a planning memorandum for an audit engagement?

Question16: How do internal auditors generally determine the priority of the areas within the engagement scope?

Question17: According to IIA guidance, which of the following should be a primary objective for an internal auditor who is conducting an exit conference?

Question18: An internal auditor recommended that an organization implement computerized controls in its sales system in order to prevent sales representatives from executing contracts in excess of their delegated authority levels A follow-up review found that the sales system had not been modified, but a process had been implemented to obtain written approval by the vice president of sales for all contracts in excess of S1 million The chief audit executive (CAE) would be justified in reporting this situation to the organization's board under which of the tollowing circumstances'?
1. In the opinion of the CAE the level of residual risk assumed by senior management is too high
2. Testing of compliance with the new process finds that all new contracts in excess of $1 million have been approved by the vice president of sales
3. The cost of modifying the sales system to include a preventive control is less than S100.000

Question19: According to IIA guidance, which of the following steps should precede the development of audit engagement objectives?

Question20: The chief audit executive (CAE) should determine whether the internal audit activity has confirmed the status of all of management's corrective actions Doing so would help the CAE assess which of the following?

Question21: An internal auditor has been asked to join a project team to help design controls in a software application to address specific risks that have been identified by the team Which of the following actions is most appropriate for the internal auditor to perform?

Question22: Which of the following is not a primary reason for outsourcing a portion of the internal audit activity?

Question23: An internal auditor discovered that a new employee was granted inappropriate access to the payroll system Apparently the IT specialist had made a mistake and granted access to the wrong new employee. Which of the following management actions would be most effective to prevent a similar issue from occurring again?

Question24: Which of the following statements is true regarding a drawback of using internal control questionnaires (ICQs)?

Question25: If there is a significant error or omission in the final audit report that was communicated to management, which of the following is the key action for the internal audit activity?

Question26: Which of the following actions is the most appropriate response for an internal auditor to take when a significant risk is identified during a consulting engagement?

Question27: Internal control questionnaires are used to achieve which of the following objectives?

Question28: During a review of data privacy an internal auditor is tasked with testing management's identification and prioritization of critical data collected by the organization. Which of the following steps would accomplish this objective?

Question29: What is the best course of action for a chief audit executive if an internal auditor identifies in the early stage of an audit that some employees have inappropriate access to a key system?

Question30: During a fraud interview, it was discovered that unquestioned authority enabled a vice president to steal funds from the organization. Which of the following best describes this condition?

Question31: Which of the following statements is true pertaining to interviewing a fraud suspect?
1. Information gathered can be subjective as well as objective to be useful.
2. The primary objective is to obtain a voluntary written confession.
3. The interviewer is likely to begin the interview with open-ended questions.
4. Video recordings always should be used to provide the highest quality evidence.

Question32: Which of The following best justifies an internal auditor's decision to issue a preliminary audit report?

Question33: Which of the following best describes the four components of a balanced scorecard?

Question34: After completing an assurance engagement, the chief audit executive (CAE) concludes that management has accepted a level of risk that may be unacceptable to the organization. What is the most appropriate first step for the CAE to take?

Question35: An internal auditor at a bank informed the branch manager of a malfunctioning lock on one of the vaults. The risk associated with this issue was deemed significant by the chief audit executive (CAE), and immediate remediation was recommended However during a follow-up engagement the branch manager told the CAE that the risk was actually not significant, hence no action was taken. What is the most appropriate next step for the CAE?

Question36: Which of the following statistical sampling approaches is the most appropriate for testing a population for fraud?

Question37: Which of the followings statements describes a best practice regarding assurance engagement communication activities?

Question38: 'Internal policy prohibits employees from entering into contacts with financial obligations without proper approval.
A project manager signed a change to an important service agreement without obtaining the proper approval As a result the organization is receiving $5,000 per month less for its services.'' Which of the following should be added to the observation?

Question39: According to IIA guidance, which of the following reflects a characteristic of sufficient and reliable information?

Question40: The audit committee has asked the chief audit executive (CAE) to conduct an ad hoc forensic investigation of the purchasing department within a month due to the significance and urgency of a recently discovered risk The internal audit activity currently has no available staff with relevant experience or qualifications Which of the following is the CAE's best option for fulfilling the internal audit activity's responsibilities in this case?

Question41: Which of the following would most Holy reflect the best possible engagement objectives?

Question42: When presenting an observation m writing which or the Mowing is usually true regarding the level of detail provided?
1. The description of the observation in the final audit report contains more detail then the description m the engagement workpapers
2. The description of the observation m the engagement workpapers contains more detail than the descriptor n a preliminary observation document
3. A preliminary observation document contains more detail than tie observation description in the final audit report
4. A preliminary observation document contains more detail than tie observation description in the engagement workpapers

Question43: Which of the following is an appropriate documentation of proper engagement supervision?

Question44: Prior to performing testing an internal auditor has determined that a primary process control failed due to design weakness. Which of the following actions should the auditor perform next?

Question45: According to IIA guidance, which of the following accurately describes the responsibilities of the chief audit executive with respect to the final audit report?
1. Coordinate post-engagement conferences to discuss the final audit report with management.
2. Include management's responses in the final audit report.
3. Review and approve the final audit report.
4. Determine who will receive the final audit report.

Question46: A chief audit executive's report to the board showed a significant trend of recent aud4s going over planned budgeted hours. Which of the following factors could cause this trend?

Question47: An internal auditor is using computer-assisted audit techniques to examine employee expenses across several divisions of the organization. Which of the following is true in this situation?

Question48: Due to emerging new technologies that greatly affect the organization, the chief audit executive (CAE) wants to conduct frequent IT audit and is particularly focused on improving the quality of these engagements. Which of the following is the most viable solution for the CAE to ensure that IT audit quality is immediately enhanced and maintained long-term?

Question49: Which of the following has the greatest effect on the efficiency of an audit?

Question50: An internal auditor notes that employees continue to violate segregation-of-duty controls in several areas of the finance department, despite previous audit recommendations. Which of the following recommendations is the most appropriate to address this concern?

Question51: An internal auditor wants to compare performance information from one quarter to another. Which analytics procedure would the auditor use?

Question52: Acceding to MA guidance, when of the Mowing strategies would like provide the most assurance to the chief audit executive (CAE) that the internal audit activity's recommendations are being acted upon?

Question53: According to IIA guidance, which of the following is true about the supervising internal auditor's review notes?
* They are discussed with management prior to finalizing the audit.
* They may be discarded after working papers are amended as appropriate.
* They are created by the auditor to support her fieldwork in case of questions.
* They are not required to support observations issued in the audit report.

Question54: The chief audit executive was asked to define me internal audit activity s key performance indicators (KPIs) tor the upcoming year. The KPIs must measure efficiency and effectiveness. Which of the following is an example of a KPI that measures effectiveness?

Question55: According to IIA guidance which of the following best describes reliable information?

Question56: Which of the following recommendation types is most likely to propose the most long-term solutions?

Question57: According to IIA guidance, which of the following activities is most likely to enhance stakeholders' perception of the value the internal audit activity (IAA) adds to the organization?
1. The IAA uses computer-assisted audit techniques and IT applications.
2. The IAA uses a consistent risk-based approach in both its planning and engagement execution.
3. The IAA demonstrates the ability to build strong and constructive relationships with audit clients.
4. The IAA frequently is involved in various project teams and task forces in an advisory capacity.

Question58: Which of The following best describes a risk that is deemed "unacceptable" to the organization?

Question59: Due to price risk from the foreign currency purchase of aviation fuel, an airliner has purchased forward contracts to hedge against fluctuations in the exchange rate. When recalculating the exchange losses from individual purchases of jet fuel, which of the following details does the internal auditor need to validate?
1. The hedge documentation designating the hedge.
2. The spot exchange rate on the transaction date.
3. The terms of the forward contract.
4. The amount of fuel purchased.

Question60: Which of the following internal audit activities is performed in the design evaluation phase?

Question61: Which of the following engagement techniques would be best to meet the objective of denting a personal conflict -of -interest situation affecting an organization's procurement function?

Question62: According to IIA guidance, which of the following factors should the auditor in charge consider when determining the resource requirements for an audit engagement?

Question63: While reviewing the workpapers and draft report from an audit engagement, the chief audit executive (CAE) found that an important compensating control had not been considered adequately by the audit team when it reported a major control weakness. Therefore, the CAE returned the documentation to the auditor in charge for correction. Based on this information, which of the following sections of the workpapers most likely would require changes?
Effect of the control weakness.
Cause of the control weakness.
Conclusion on the control weakness.
Recommendation for the control weakness.

Question64: Which of the following statements is true regarding risk assessments, including the evaluation and prioritization of risk and control factors?

Question65: Which of the following items, included in the preliminary audit communication would be most useful for management to formulate action plans in response to audit recommendations?

Question66: Following an IT systems audit, management agreed to implement a specific control in one of the IT systems. After a period, the internal auditor followed up and learned that management had not implemented the agreed management action due to the decision to move to another IT system that has built-in controls, which may address the risks highlighted by the internal audit. Which of the following is the most appropriate action to address the outstanding audit recommendation?

Question67: According to IIA guidance, which of the following statements is true regarding audit workpapers?

Question68: Which of the following computerized audit tools or techniques should be used if the internal auditor wants to extract specific files and records in the database?

Question69: Which of the following components should be included in an audit finding?
1. The scope of the audit.
2. The standard(s) used by the auditor to make the evaluation.
3. The engagement's objectives.
4. The factual evidence that the internal auditor found in the course of the examination.

Question70: A corporate merger decision prompts the chief audit executive (CAE) lo propose interim changes to the existing annual audit plan to account for emerging risks Which of the following is the most appropriate action for the CAE to take regarding the changes made to the audit plan''

Question71: According to IIA guidance, which of the following would be considered necessary for a one-person audit function?

Question72: What is the primary purpose of issuing a preliminary communication to management of the area under review?

Question73: An internal auditor suspects that employee turnover is unusually high at the organization's primary manufacturing plant To investigate this potential issue which of the following analytical approaches is the auditor likely to use?

Question74: An internal auditor discovered that equipment used to monitor air quality was not maintained according to the established maintenance schedule. If the issue is not addressed, the equipment may not provide accurate information on pollutant levels, which could result in regulatory sanctions and reputational damage. The auditor discussed the issue with both the manager in charge and the CEO, who explained that they understand the risk, but it has become too expensive to maintain the equipment as scheduled. In this situation, what should the chief audit executive do?

Question75: Which of the following factors would the auditor in charge be least likely to consider when assigning tasks to audit team members for an engagement?

Question76: The internal audit manager has been delegated the task of preparing the annual internal audit plan for the forthcoming fiscal year All engagements should be appropriately categorized and presented to the chief audit executive for review Which of the following would most likely be classified as a consulting engagement?

Question77: New environmental regulations require the board to certify that the organization's reported pollutant emissions data is accurate. The chief audit executive (CAE) is planning an audit to provide assurance over the organization's compliance with the environmental regulations. Which of the following groups or individuals is most important for the CAE to consult to determine the scope of the audit?

Question78: During an assurance engagement, an internal auditor noted that the time staff spent accessing customer information in large Excel spreadsheets could be reduced significantly through the use of macros. The auditor would like to train staff on how to use the macros. Which of the following is the most appropriate course of action for the internal auditor to take?

Question79: Which of the following would most likely cause an internal auditor to consider adding fraud work steps to the audit program?

Question80: According to IIA guidance, which of the following statements best justifies a chief audit executive's request for external consultants to complement internal audit activity (IAA) resources?

Question81: An organization is experiencing a significant risk that threatens its financial well-being Senior management requested that the chief audit executive (CAE) meet with them to discuss the risk. Which of the following would best describe the CAE's responsibility at the meeting?

Question82: The newly appointed chief audit executive (CAE) of a large multinational corporation, with seasoned internal audit departments located around the world, is reviewing responsibilities for engagement reports. According to IIA guidance, which of the following statements is true?

Question83: Which of the following should be included in a privacy audit engagement?
1. Assess the appropriateness of the information gathered.
2. Review the methods used to collect information.
3. Consider whether the information collected is in compliance with applicable laws.
4. Determine how the information is stored.

Question84: Senior IT management requests the internal audit activity to perform an audit of a complex IT are a. The chief audit executive (CAE) knows that the internal audit activity lacks the expertise to perform the engagement. Which of the following is the most appropriate action for the CAE to take?

Question85: Where should internal auditor focus their attention when identify and assessing key risks during the planning stage of an assurance engagement?

Question86: Which of the following is the most appropriate approach for the internal audit activity to follow up on management action plans?

Question87: An internal auditor is assessing the organization's risk management framework. Which of the following formulas should he use to calculate the residual risk?



Question88: An employee in the sales department completes a purchase requisition and forwards it to the purchaser. The purchaser places competitive bids and orders the requested items using approved purchase orders. When the employee receives the ordered items, she forwards the packing slips to the accounts payable department. The invoice for the ordered items is sent directly to the sales department, and an administrative assistant in the sales department forwards the invoices to the accounts payable department for payment. Which of the following audit steps best addresses the risk of fraud in the cash receipts process?

Question89: A chief audit executive (CAE) a developing a work program for an upcoming engagement that will review an organization's small contracting services. When of the following would the CAT need to consider most when developing the work program?

Question90: Which of the following is the most important determinant of the objectives and scope of assurance engagements?

Question91: According to IIA guidance which of the following statements is true regarding heat maps?

Question92: An internal auditor has discovered that duplicate payments were made to one vendor. Management has recouped the duplicate payments as a corrective action. Which of the following describes management's action in this case?

Question93: While conducting an audit of a third party's Web-based payment processor, an internal auditor discovers that a programming error allows customers to create multiple accounts for a single mailing address. Management agrees to correct the program and notify customers with multiple accounts that the accounts will be consolidated. Which of the following actions should the auditor take?
1. Schedule a follow-up review to verify that the program was corrected and the accounts were consolidated.
2. Evaluate the adequacy and effectiveness of the corrective action proposed by management.
3. Amend the scope of the subsequent audit to verify that the program was corrected and that accounts were consolidated.
4. Submit management's plan of action to the external auditors for additional review.

Question94: According to IIA guidance, which of the following actions might place the independence of the internal audit function in jeopardy?

Question95: Upon completing a follow-up audit engagement, the chief audit executive (CAE) noted that management has not implemented any mitigation measures to address the high risks that were reported in the initial audit report. What initial step must the CAE take to address this situation?

Question96: Management requested internal audit consulting services. During fieldwork significant control issues were identified by the internal audit team. Which of the following is an appropriate response from the chief audit executive?

Question97: An audit observation states the following:
"Despite the rules of the organization there is no approved credit risk management policy in the subsidiary. The subsidiary is concluding contacts with clients who have very high credit ratings. The internal audit team tested 50 contacts and 17 showed clients with a poor credit history" Which of the following components are missing in the observation?

Question98: According to IIA guidance, which of the following is the most appropriate action to be taken by the chief executive (CAE) if management refuses to accept audit recommendations and implement corrective actions, Even after escalation to senior management?

Question99: According to HA guidance, the chief audit executive is directly responsible for which of the following?

Question100: During the filework phase of an assurance engagement the internal auditor decides that she wants to adjust the audit work program. Which of the following is the most appropriate next step for the auditor to take9

Question101: An internal auditor develops an engagement observation related to an organization's accumulation of large travel advances. The auditor observes that the organization's procedures do not require justification for travel advances greater than a specific amount Which of the following best describes the organization's procedures?

Question102: Which of the following actions are appropriate for the chief audit executive to perform when identifying audit resource requirements?
1. Consider employees from other operational areas as audit resources, to provide additional audit coverage in the organization.
2. Approach an external service provider to conduct internal audits on certain areas of the organization, due to a lack of skills in the organization.
3. Suggest to the audit committee that an audit of technology be deferred until staff can be trained, due to limited IT audit skills among the audit staff.
4. Communicate to senior management a summary report on the status and adequacy of audit resources.

Question103: Which of the following is one of the differences between probability-proportional-to-size (PPS) and attribute sampling?

Question104: The board of directors expressed concerns about potential external risks that could impact the organization s ability to meet its annual objectives and goals The board requested consulting services from the internal audit activity to gain insight regarding the external risks Which of the following engagement objectives would be appropriate to fulfill this request?

Question105: An internal auditor is asked to determine why the production line for a large manufacturing organization has been experiencing shutdowns due to unavailable pacts The auditor learns that production data used for generating automatic purchases via electronic interchange is collected on personal computers connected by a local area network (LAN) Purchases are made from authorized vendors based on both the production plans for the next month and an authorized materials requirements plan (MRP) that identifies the parts needed per unit of production The auditor suspects the shutdowns are occurring because purchasing requirements have not been updated for changes in production techniques. Which of the following audit procedures should be used to test the auditor's theory?

Question106: An internal auditor receives a document displaying all the steps of a process and the path taken as transactions flow between each step of the process How is the internal auditor most likely to use This document during the engagement?

Question107: The internal audit activity plans to assess the effectiveness of management's self-assessment activities regarding the risk management process. Which of the following procedures would be most appropriate to accomplish this objective?

Question108: Which of the following steps should an internal auditor complete when conducting a review of an electronic data interchange application provided by a third-party service?
Ensure encryption keys meet ISO standards.
Determine whether an independent review of the service provider's operation has been conducted.
Verify that the service provider's contracts include necessary clauses.
Verify that only public-switched data networks are used by the service provider.

Question109: Which of the following risk assessment approaches involves gathering data from work team representing different levels of an organisation?

Question110: Which of the following best describes external benchmarking using trend analysis for a subsidiary of an international company?

Question111: Which of the following sources of testimonial evidence would be considered the most reliable regarding whether a process is effectively performed according to its design?

Question112: Which type of engagement would be the most appropriate to assess the maturity and rigor of the organizationwide risk management process of a target entity that management is considering acquiring?

Question113: Which of the following statements is true regarding engagement planning?

Question114: An internal auditor wants to assess the completeness of sales invoices issued by the organization over a period of time Providing that at the necessary data and analytics software is which of the following types of analyse would be appropriate to satisfy the auditor's objective?

Question115: Which of the following reasonably represents best practices regarding what should be the level of internal audit resource investment in monitoring and following up on engagement outcomes?

Question116: An internal auditor uses a data query tool in the purchasing process to review the vendor master file for authorizations Which of the following describes the control objective likely being tested?

Question117: The following is a list of major findings in the executive summary report for an audit of the contract management process
- Noncompliance with contract provisions requiring vendors to obtain insurance policies with indemnity value of not less than $1 million
- Compliance with contract obligations and deliverables is not monitored
- No contract agreement with five vendors providing core services
Which of the following is an appropriate conclusion that can be drawn from these findings?

Question118: Which of the following would be the most helpful to a chief audit executive when developing a talent management strategy?

Question119: The engagement supervisor would like lo change the audit program's scope poor to beginning fieldwork According to IIA guidance before any change is implemented what is the most important action that should be undertaken?

Question120: According to HA guidance, which of the following is the Key planning step internal auditors should perform to establish appropriate engagement objectives prior to starting an audit engagement?

Question121: An internal auditor wants to determine whether employees are complying with the information security policy, which prohibits leaving sensitive information on employee desks overnight. The auditor checked a sample of 90 desks and found eight that contained sensitive information. How should this observation be reported, if the organization tolerates 4 percent noncompliance?

Question122: Which of the following describes the primary objective of an internal audit engagement supervisor?

Question123: What is the primary purpose of creating a preliminary draft audit report?

Question124: Which of the following engagement supervision activities should be performed first?

Question125: Which of the following situations is most critical for the chief audit executive to report to the board?

Question126: A large retail organization, which sells most of its products online, experiences a computer hacking incident. The chief IT officer immediately investigates the incident and concludes that the attempt was not successful. The chief audit executive (CAE) learns of the attack in a casual conversation with an IT auditor. Which of the following actions should the CAE take?
1. Meet with the chief IT officer to discuss the report and control improvements that will be implemented as a result of the security breach, if any.
2. Immediately inform the chair of the audit committee of the security breach, because thus far only the chief IT officer is aware of the incident.
3. Meet with the IT auditor to develop an appropriate audit program to review the organization's Internet-based sales process and key controls.
4. Include the incident in the next quarterly report to the audit committee.

Question127: A bakery chain has a statistical model that can be used to predict daily sales at individual stores based on a direct relationship to the cost of ingredients used and an inverse relationship to rainy days. What conditions would an auditor look for as an indicator of employee theft of food from a specific store?

Question128: Which of the following is most likely the subject of a periodic report from the chief audit executive to the board?

Question129: Which of the following would not be a typical activity for the chief audit executive to perform following an audit engagement?

Question130: Which of the following factors would be the most critical in determining which engagements should be included in the annual internal audit plan?

Question131: Which of the following attribute sampling methods would be most appropriate to use to measure the total misstatement posted to an accounts payable ledger?

Question132: An internal audit team was conducting an assurance engagement to review segregation of duties in the purchasing function. The internal auditors reviewed a sample of purchase orders from the past two year and discovered that 2 percent were signed by employees who were operating in a designated acting capacity due to employee absence. According to IIA guidance, which of the following attributes of information would most likely assist the auditor in deciding whether to report this finding?

Question133: The internal auditors available to perform the engagement do not have sufficient skills related to the area under review. Which of the following iss an appropriate action for the chief audit executive to take?

Question134: Which of the following is an appropriate responsibility for the internal audit activity with regard to the organization's risk management program?

Question135: According to IIA guidance, which of the following typically serves as the basis for an engagement work program?

Question136: An engagement supervisor reviewed a staff internal auditor's documentation and noted that several edits should be made. The internal audit activity uses an electronic workpaper database and does not maintain paper files for its system of record. A system error prevents the engagement supervisor from adding her electronic signature to any workpaper in the database Given this situation which is the most appropriate response to provide evidence of supervisory review?

Question137: Which of the following statements is true regarding internal controls?

Question138: Which of the following would be the most reliable source of documentary evidence?

Question139: A manufacturer is under contract to produce and deliver a number of aircraft to a major airline. As part of the contract, the manufacturer is also providing training to the airline's pilots. At the time of the audit, the delivery of the aircraft had fallen substantially behind schedule while the training had already been completed. If half of the aircraft under contract have been delivered, which of the following should the internal auditor expect to be accounted for in the general ledger?

Question140: Which of the following is not a primary purpose for conducting a walk-through during the initial stages of an assurance engagement?

Question141: Which of the following actives is an internal auditor most likely to perform when establishing the objectives of an assurance engagement?

Question142: An internal auditor is conducting a financial audit. Which of the following audit procedures is most appropriate when existing internal controls are weak?

Question143: According to IIA guidance, which of the following are the most important objectives for helping to ensure the appropriate completion of an engagement?
1. Coordinate audit team members to ensure the efficient execution of all engagement procedures.
2. Confirm engagement workpapers properly support the observations, recommendations, and conclusions.
3. Provide structured learning opportunities for engagement auditors when possible.
4. Ensure engagement objectives are reviewed for satisfactory achievement and are documented properly.

Question144: Which of the following situations would justify the removal of a finding from the final audit report?

Question145: According to the Standards, which of the following is leastimportant in determining the adequacy of an annual audit plan?

Question146: According to the Standards, which of the following is true regarding the auditor's inclusion of management's satisfactory performance in the final audit report?

Question147: While planning for an accounts payable audit an internal auditor performs an entity level controls analysis. Which of the following statements is true regarding me approach used by the auditor?

Question148: An internal auditor determines that certain information from the engagement results is not appropriate for disclosure to all report recipients because it is privileged. In this situation, which of the following actions would be most appropriate?

Question149: An organization has a health and safety division that conducts audits to meet regulatory requirements. The chief health and safety officer reports directly to the CEO. Which of the following describes an appropriate role for the chief audit executive (CAE) with regard to the organization's health and safety program?

Question150: Which of the following is true about surveys?

Question151: Which of the following should management action plans include at a minimum?

Question152: Management has taken immediate action to address an observation received during an audit of the organization's manufacturing process Which of the following is true regarding the validity of the observation closure?

Question153: The chief audit executive (CAE) is developing a workpaper preparation policy for a new internal audit activity. The CAE wants to ensure that all workpapers relate directly to the engagement objectives. Which of the following statements should be included in the policy specifically to address this concern?

Question154: Which of the following statements about internal audit's follow-up process is true?

Question155: Which method of examining entity-level controls involves gathering information from work groups that represent different levels in an organization?

Question156: Which of the following statements is true regarding the final assurance engagement report issued to management?

Question157: Which of the following describes (he primary reason why a preliminary risk assessment is conducted during engagement planning?

Question158: An internal auditor tested whether purchase orders were supported by appropriately approved purchase requisitions She sampled a population of purchase documents and identified instances where purchase requisitions were missing However, she did not notice that n some cases purchase requisitions were approved by an unauthorized person Which of the following risks most appropriately describes this situation?

Question159: For which of the following fraud engagement activities would it be most appropriate to involve a forensic auditor?

Question160: In a health care organization the internal audit activity provides overall assurance on governance, risk and control The chief audit executive advises and influences senior management, and the audit strategy leverages the organization's management of risk According to HA guidance which of the following stages of internal audit maturity best describes this organization?

Question161: An engagement work program o of greatest value to audit management when which of the following is true?

Question162: Which of the following is not a direct benefit of control self-assessment (CSA)?

Question163: An audit identified a number of weaknesses in the configuration of a critical client/server system. Although some of the weaknesses were corrected prior to the issuance of the audit report, correction of the rest will require between 6 and 18 months for completion. Consequently, management has developed a detailed action plan, with anticipated completion dates, for addressing the weaknesses. What is the most appropriate course of action for the chief audit executive to take?

Question164: Which of the following is a justifiable reason for omitting advance client notice when planning an audit engagement?

Question165: An internal auditor used a risk and control matrix to prepare a work program for testing a software release. During the engagement planning stage, he tested the design of the release procedure as a key control and concluded that the control was not designed well. During the performance stage, he tested the operation of this control and concluded that it was implemented as designed. Which of the following statements is true regarding this scenario?

Question166: An organization recently acquired a subsidiary in a new industry, and management asked the chief audit executive (CAE) to perform a comprehensive audit of the subsidiary prior to recommencing operations The CAE is unsure her team has the necessary skills and knowledge to accept the engagement According to IIAguidance, which of the following responses by the CAE would be most appropriate?

Question167: Which of the following is an advantage of utilizing an external fraud specialist in a suspected fraud investigation?

Question168: An organization does not have a formal risk management function. According to the Standards, which of the following are conditions where the internal audit activity may provide risk management consulting?
There is a clear strategy and timeline to migrate risk management responsibility back to management.
The internal audit activity has the final approval on any risk management decisions.
The internal audit activity gives objective assurance on all parts of the risk management framework for which it is responsible.
The nature of services provided to the organization is documented in the internal audit charter.

Question169: What information would be most useful to an internal auditor who is attempting to identify specific processes to include in the scope of an assurance engagement?

Question170: Which of the following is an effective approach for internal auditors to take to improve collaboration with audit clients during an engagement?
1. Obtain control concerns from the client before the audit begins so the internal auditor can tailor the scope accordingly.
2. Discuss the engagement plan with the client so the client can understand the reasoning behind the approach.
3. Review test criteria and procedures where the client expresses concerns about the type of tests to be conducted.
4. Provide all observations at the end of the audit to ensure the client is in agreement with the facts before publishing the report.

Question171: An internal auditor completed a consulting engagement covering a recent advertising campaign. The audit client asked the auditor to forward a copy of the report to one of the three advertising agencies used by the organization. According to IIA guidance, which of the following statements is true regarding this request?

Question172: According to IIA guidance, which of the following describes the primary reason the chief audit executive (CAE) should actively network and build relationships with senior management and the board?

Question173: During a review of the treasury function an internal auditor identified a risk that all bank accounts may net to include in the daily reconciliation process.
Which of the following responses would be most effective to mitigate this risk?

Question174: An internal auditor performed a test of controls and found that a statistically selected representative sample of recorded transactions within the account receivables ledger had an error rate that was within management expectations. The associated revenue account was outside the scope of the audit engagement. How should the conclusion to this engagement be reported?

Question175: The chief audit executive of a medium-sized financial institution is evaluating the staffing model of the internal audit activity (IAA). According to IIA guidance, which of the following are the most appropriate strategies to maximize the value of the current IAA resources?
* The annual audit plan should include audits that are consistent with the skills of the IAA.
* Audits of high-risk areas of the organization should be conducted by internal audit staff.
* External resources may be hired to provide subject-matter expertise but should be supervised.
* Auditors should develop their skills by being assigned to complex audits for learning opportunities.

Question176: An internal auditor is conducting an initial risk assessment of an audit area and wants to assess management's compliance with privacy laws for safeguarding customer information stored on the organization's servers. Which course of action is appropriate for this phase of the engagement?

Question177: Which of the following is an advantage of nonstatistical sampling over statistical sampling?

Question178: Acceding to IIA guidance, when of the Mowing is an assurance service commonly performed by the internal audit activity?

Question179: A senior IT auditor is performing an audit of inventory valuation. The auditor misinterprets the sampling results. Which of the following best describes this situation?

Question180: During an audit of the human resources department, an internal auditor adopts benchmarking to test the employee turnover rate. How should the internal auditor apply this technique?

Question181: Which of the following statements concerning workpapers is the most accurate?

Question182: Which of the following recommendations made by the internal audit activity (IAA) is most likely to help prevent fraud?

Question183: A chief audit executive (CAE) reviews the supervision of an internal audit engagement Which of the following would most likely assure the CAE that the engagement had adequate supervision?

Question184: What type of audit engagement would be the most appropriate to determine how an organization could be more profitable in the long term?

Question185: An internal auditor plans to conduct a walk-through to evaluate the control design of a process. Which of the following techniques is the auditor most likely to use?

Question186: Acceding to IIA guidance, which of the following statements is true regarding the risk assessment process performed by the internal audit activity?

Question187: Which of the following statements is true regarding engagement planning?

Question188: An internal auditor wanted to determine whether the organization's 200 employees are charging their work hours accurately to the correct project. The internal auditor selected a sample of 30 employee time reports for testing. Based on the testing, the internal auditor determined the following:
- 5 Time reports were incorrect.
- 21 Time reports were correct.
- 4 Time reports were not supported.

Question189: According to IIA guidance, which of the following individuals should receive the final audit report on a compliance engagement for the organization's cash disbursements process?

Question190: Which of the following would present the most critical external risk to an organization?

Question191: Which of the following manual audit approaches describes testing the validity of a document by following it backward to a previously prepared record?