EMT Practice Test

1. Question Content...


Question List

Question1: According to IIA guidance, which of the following best describes internal auditors' responsibility regarding fraud?

Question2: What is the primary benefit to the internal audit activity for undertaking an internal quality assessment?

Question3: Which of the following activities is most likely to require a fraud specialist to supplement the knowledge and skills of the internal audit activity?

Question4: Management of a publicly-held organization requires the internal audit activity to be involved with quarterly financial statements, which are made public and used internally. Which of the following explanations of management's decision is least plausible?

Question5: An auditor identifies three errors in the sample of 25 entries selected for review (a 12 percent error rate).
Based on this result, the auditor assumes that approximately 59 of the total population of 492 entries are incorrect. To reach this assumption, the auditor has used a technique known as which of the following?

Question6: Suspecting fraud, the chief financial officer (CFO) asked the internal audit activity to investigate a significant increase in travel related expenditures. Work was performed by a qualified internal auditor. Following the completion of the engagement, the chief audit executive (CAE) reported to the CFO that no violations were found and no fraud had occurred.
According to the Standards, which of the following principles did the CAE violate?

Question7: Evidence discovered during the course of an engagement suggests that multiple incidents of fraud have occurred. There do not appear to be sufficient controls in place to prevent reoccurrence. Which of the following is the internal auditor's most appropriate next step?

Question8: Which of the following is an example of a risk avoidance strategy?

Question9: What type of risk management strategy is being employed when an organization installs two firewalls to provide protection from unauthorized access to the network?

Question10: Which of the following items should the chief audit executive disclose to senior management regarding the results of the internal audit activity's quality assessments?

Question11: According to the COSO enterprise risk management (ERM) framework, which of the following is not part of the new paradigm in ERM?

Question12: Which of the following control methods is effective in reducing the risk of purchasing-scheme fraud?
1. Periodically reviewing the vendor list for unusual vendors and addresses.
2. Segregating duties for amount purchasing, receiving, shipping, and accounting.
3. Validating sequential integrity of purchase orders.
4. Verifying the validity of invoices with post office box addresses.

Question13: Why is it important for the chief audit executive to periodically review the audit charter and present the results to senior management and the board?

Question14: The chief audit executive (CAE) has assigned an internal auditor to an upcoming engagement. Which of the following requirements would most likely indicate that the internal auditor was assigned to an assurance engagement?

Question15: When developing the organization's first risk universe, which of the following would the chief audit executive be least likely to consider?

Question16: An organization is beginning to implement an enterprise risk management program. One of the first steps is to develop a common risk language. Which of the following statements about a common risk language is true?

Question17: An internal audit activity (IAA) provided assurance services for an activity it was responsible for during the preceding year.
As a result, which IIA Code of Ethics principle is presumed to be impaired?

Question18: According to The IIA's Code of Ethics, which of the following actions violates the principle of confidentiality?

Question19: When auditing the award of a major contract, which of the following should an internal auditor suspect as a red flag for a bidding fraud scheme?
1. Subsequent change orders increase requirements for low-bid items.
2. Material contract requirements are different on the actual contract than on the request for bids.
3. A high percentage of employees are charged to indirect accounts.
4. Losing bidders are hired as subcontractors.

Question20: While reviewing first quarter sales transactions, an internal auditor discovered that 10 invoices for a new customer had not been posted into the accounts receivable subsidiary ledger. Those 10 invoices were listed in an error report automatically generated by the sales processing system. The system had rejected the invoices because the customer's account number was not found in the customer master file. In this scenario, which of the following controls was lacking?

Question21: An auditor in charge was reviewing the workpapers submitted by a newly hired internal auditor. She noted that the new auditor's analytical work did not include any rating or quantification of the risk assessment results, and she returned the workpapers for correction. Which section of the workpapers will the new auditor need to modify?

Question22: During an internal audit, the internal auditor compares the employee turnover rate in the area being audited with the employee turnover rate in the organization as a whole.
This is an example of which of the following analytical auditing procedures?

Question23: According to IIA guidance, which of the following are considerations of due professional care when an internal auditor conducts a formal consulting engagement?
1. The complexity of the work required.
2. The needs and expectations of the client.
3. The potential value of the engagement compared to the effort.
4. Information regarding assumptions and procedures to be employed.

Question24: Which of the following would provide the best evidence of errors in the quantities of items received from suppliers?

Question25: Which of the following must be in existence as a precondition to developing an effective system of internal controls?

Question26: What is the additional advantage of facilitated workshops, in comparison with structured interviews, used when testing the effectiveness of entity-level controls?

Question27: An internal auditor is conducting an assessment of the organization's fraud prevention program using the COSO enterprise risk management framework. According to this framework, which of the following activities would fall under the control environment component for preventing fraud?
1. The organization uses an automated authority approval matrix to control payments.
2. The organization has a whistleblower hotline that is available to employees.
3. Annually, every manager completes a comprehensive fraud assessment of his or her department.
4. Annually, the organization reviews and communicates the code of expected behavior.

Question28: Which of the following documents is most appropriate in promoting the objectivity of the internal audit activity?

Question29: Why is a code of ethics for the internal audit profession necessary?

Question30: The internal audit activity is planning a procurement audit and needs to obtain a thorough understanding of the subcontracting process, which can involve multiple individuals in multiple countries.
Which of the following internal audit tools would be most effective to document the process and the key controls?

Question31: According to IIA guidance, which of the following is ultimately responsible for seeing that the internal control system of an organization's social responsibility program is effective?

Question32: Which of the following control activities is the most effective to ensure users' levels of access are appropriate for their current roles?

Question33: An assurance mapping exercise helps an organization do which of the following?
1. Provide assurance to stakeholders that risks are managed and reported, and regulatory and legal obligations are met.
2. Fulfill best practices in the industry.
3. Identify and address any gaps in the risk management process.
4. Identify fraud.

Question34: Which of the following combinations of conditions is most likely a red flag for fraud?

Question35: Sometimes, internal audit staff may partner with operating managers to rank risks. Which of the following outcomes may be the most beneficial aspects of this strategy?
1. Reappraising risks levels.
2. Providing accurate information to management.
3. Marketing the internal audit activity.
4. Planning safeguards for assets in high-risk areas.

Question36: What is the purpose of a secondary control?

Question37: An internal auditor needs to recommend a policy element to be included in an organization's code of ethics.
Which of the following recommendations would be most effective?

Question38: Which of the following is an activity that an internal auditor must not perform?

Question39: During an audit engagement, the internal auditor discussed a risk mitigation recommendation with the manager of the area under review. The manager disagreed with the risk assessment and recommendation. The two failed to come up with an alternative solution, and the auditor decided to proceed with including the original recommendation in the engagement report. Which of the following is especially important in dealing with this type of situation?

Question40: In which of the following scenarios would a customer service hotline receive a high volume of complaints regarding payments not being applied to customers' accounts?

Question41: A chief audit executive (CAE) is selecting an internal audit team to perform an audit engagement that requires a high level of knowledge in the areas of finance, investment portfolio management, and taxation. If neither the CAE nor the existing internal audit staff possess the required knowledge, which of the following actions should the CAE take?

Question42: According to IIA guidance, which of the following is not a responsibility of the chief audit executive pertaining to documenting information to support internal audit engagement results and conclusions?

Question43: The results of an internal audit activity's (IAA) quality assurance and improvement program are favorable and an external assessment was completed within the last five years. Which of the following statements may the IAA use to describe its work?

Question44: According to the COSO enterprise risk management framework, which of the following best describes the activity that helps ensure risk responses are carried out effectively?

Question45: An internal audit charter, approved by the board, restricts the internal audit activity to providing assurance only on the reliability of financial information and the effectiveness of internal accounting controls. Which of the following statements is true regarding the extent to which the external auditor may rely on the internal audit activity's work?

Question46: Which of the following enhances the independence of the internal audit activity?

Question47: Who is responsible for setting the risk appetite?

Question48: An internal auditor is reviewing employee travel data to identify opportunities to cut costs while ensuring adequate participation at conferences to support the organization's mission. Which of the following pieces of evidence would be sufficient for completing this task?

Question49: When internal auditors are preparing workpapers for the testing stage of an engagement, which of the following guidelines should be observed?
1. Include copies of all client files that were reviewed for the audit.
2. Avoid the use of professional, industry-appropriate jargon and technical terms.
3. Indicate the original sources of all data and information used in the workpapers.
4. Leave blank space for cross-references to be completed during the post-audit process.

Question50: Which of the following best describes the assessment of risks?

Question51: The security department uncovered what appears to be a complex fraud in the accounting department. The CEO has requested the internal audit activity to investigate the fraud. If the internal audit staff lacks the expertise to conduct the investigation, how should the chief audit executive proceed?

Question52: Which of the following types of fraud includes embezzlement?

Question53: Which of the following best describes the misdirection of payments on accounts receivable to an employee's bank account?

Question54: According to IIA guidance, which of the following is an area in which the internal auditor should be proficient?

Question55: An internal auditor is performing analytical reviews as part of an audit of a supermarket's merchandising department. Because the economy has declined since midyear, the auditor can expect to encounter which of the following?

Question56: Given the highly technical and legal nature of privacy issues, which of the following statements best describes the internal audit activity's responsibility with regard to assessing an organization's privacy framework?

Question57: Which of the following is a preventive control?

Question58: Which of the following are core responsibilities to be included in the internal audit charter?
1. Review reliability and integrity of financial and operating information and the means used to identify, measure, classify, and report such information.
2. Determine the adequacy and effectiveness of the organization's systems of internal accounting and operating controls.
3. Participate in the planning and performance of audits of potential acquisitions with the organization's outside accountants and other members of the corporate staff.
4. Report to those members of management who should be informed of results of audit examinations, the audit opinions formed, and the recommendations made.

Question59: Which of the following is most likely to enhance an internal auditor's objectivity?

Question60: Which of the following statements is true about The IIA Global Internal Audit Competency Framework?

Question61: An internal audit charter describes the mission and scope of the internal audit activity (IAA), responsibilities of the IAA, accountability of the chief audit executive, independence of the IAA, and standards followed by the IAA. Which of the following also should be included in the charter?

Question62: A snow removal company is conducting a scenario planning exercise where participating employees consider the potential impacts of a significant reduction in annua snowfall for the coming winter. Which of the following best describes this type of risk?

Question63: Which of the following is a valid statement about the use of visual observations during an audit engagement?
1. Visual observations can be used to detect ineffective controls, idle resources, and safety hazards.
2. Visual observations can be used during both preliminary survey and fieldwork stages of the audit engagement.
3. Visual observations can provide unsubstantiated facts to management if the internal auditor believes the information is useful.
4. Visual observations can assist an auditor in determining if a material observation should be communicated through informal means to the organization's senior management.

Question64: To fill a critical vacancy, an internal auditor is assigned temporarily to a nonaudit role in the purchasing department, where she worked previously before joining the internal audit activity. According to IIA guidance, which of the following statements is true regarding these circumstances?

Question65: The chief audit executive (CAE) of a mid-sized pharmaceutical organization has operational responsibility for the regulatory compliance function. The audit committee requests an assessment of regulatory compliance.
According to IIA guidance, which of the following is the CAE's best course of action?

Question66: A government agency maintains a system of internal control, according to the COSO model, and has made a change to its employee performance reviews and rewards program. This change relates to which of the following components of COSO's internal control framework?

Question67: A candidate has applied for an entry level internal audit position. The candidate holds a CISA (Certified Information Systems Auditor) designation, and has six months of audit experience, but limited knowledge of accounting principles and techniques. According to the IIA guidance, which of the following is the most relevant reason for the chief audit executive to consider this candidate?

Question68: Management would like to self-assess the overall effectiveness of the controls in place for its 200-person manufacturing department. Which of the following client-facilitated approaches is likely to be the most efficient way to accomplish this objective?

Question69: A new director was hired to lead the internal audit activity at a small start-up company. Which of the following assignments would impair the director's independence?

Question70: Which of the following conditions is the most likely indicator of fraud?

Question71: The audit committee is concerned that the small size of the internal audit activity (IAA) makes it impractical to achieve full conformance with the Standards. To address this concern, which of the following actions is most appropriate for the CAE to take?

Question72: According to IIA guidance, which of the following scenarios demonstrates an internal auditor exercising due professional care?
When auditing investments, the auditor identified instruments with which he was unfamiliar.

Question73: During an internal audit, an organization's processing department is found to have incidences of both duplicate invoices and notices from customers that purchased goods were not received. The department under review insists that some of these reports are false and that others were isolated oversights due to understaffing.
Which of the following tests would best help the internal auditor detect fraudulent activity?

Question74: An internal auditor is using a spreadsheet application to review a cash flow forecast prepared by management.
Which of the following correctly identifies the type of evidence this information represents?

Question75: Which segregation of duties would best reduce the risk of payroll fraud?

Question76: An organization has implemented a new automated payroll system that contains a table of pay rates that are matched to employee job classifications. Which control should an internal auditor suggest in order to ensure that the table is updated correctly, and is used only for valid pay changes?

Question77: Which of the following statements best explains why internal auditors map processes?
1. To obtain audit evidence to support auditor's observations.
2. To determine scope and objectives of the audit.
3. To facilitate the identification of ownership and responsibility for key risks.
4. To identify potential efficiency improvements.

Question78: Which of the following actions indicates a lack of due professional care by an internal auditor performing an audit of a store's cash function?

Question79: Which of the following describes a key characteristic related to effective organizational communication?

Question80: According to IIA guidance, which of the following is the best example of a system application control?

Question81: An internal auditor is reviewing the accounts receivable when she discovers account balances more than three years old. The auditor was previously supervising the area during this time, and she subsequently advises the chief audit executive (CAE) of a potential conflict.
Which of the following is the most appropriate course of action for the CAE to take?

Question82: While preparing for an audit of senior management expenses, the chief audit executive (CAE) learns that management is unable to locate a number of original expense claims to support the related disbursements. She decides to defer the engagement until they can be located. Which of the following principles likely guided the CAE's decision?

Question83: An internal auditor would like to identify the involvement of various organizational units in handling employee travel reimbursement claims. Which of the following methods would be most effective and efficient in completing this task?

Question84: Which of the following statements describes a control failure that is not directly attributable to a customer billing application?
1. End users have raised a number of concerns regarding data integrity.
2. An untested program change is transferred from the test environment to production.
3. Purchase history does not reconcile with accounts receivable for some customers.
4. End user security is inadvertently granted to an unauthorized individual by management.

Question85: An internal audit manager of a furniture manufacturing organization is planning an audit of the procurement process for kiln-dried wood. The procurement department maintains six procurement officers to manage 24 different suppliers used by the organization.
Which of the following controls would best mitigate the risk of employees receiving kickbacks from suppliers?

Question86: According to IIA guidance, which of the following individuals would best be considered independent for the purpose of participating in an external assessment of the quality assurance and improvement program for an internal audit activity (IAA)?

Question87: Which of the following is an example of collusion?

Question88: Which of the following statements is true regarding the use of non-statistical sampling in auditing control tests?

Question89: While reviewing the workpapers of a new auditor, the auditor in charge discovered that additional audit procedures might be necessary. According to IIA guidance, which of the following would be most relevant for the auditor in charge to consider when making this decision?

Question90: Which of the following scenarios would represent the greatest threat to the authority of the internal audit activity (IAA)?

Question91: A government agency's policy states that board members' travel and hospitality expenses must be audited annually. Which of following people or groups is most appropriate to perform this audit?

Question92: According to IIA guidance, when preparing the charter for the internal audit activity, the chief audit executive (CAE), board, and senior management should agree on which of the following?
1. The standards to be used by the internal audit activity.
2. The internal audit activity's code of ethics.
3. The CAE's reporting line.
4. The internal audit activity's responsibilities.

Question93: Which of the following best describes the details that must be included in the quality assurance and improvement program (QAIP) report to senior management and the board?

Question94: Which of the following would be the most important consideration by the internal audit activity when selecting employees to perform an internal quality assessment?

Question95: An internal auditor is evaluating techniques management uses to mitigate risks within a particular product division. Which of the following is an example of risk reduction?

Question96: According to the Standards, which of the following best describes why initial audit test results should be reported to the auditor-in-charge prior to advising management?

Question97: According to The IIA's Code of Ethics, which of the following is true?

Question98: According to IIA guidance, which of the following must the internal auditor consider to meet the requirements for due professional care?

Question99: According to the HA Code of Ethics, which of the following statements best describes the principle of competency?