Summer Special Sale - Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 575363r9

Welcome To DumpsPedia

IIA-ACCA Sample Questions Answers

Questions 4

Which of the following best explains why integrity is a necessary personal quality for internal auditors at all levels?

Options:

A.

Internal auditor integrity enables stakeholders to constantly question the work of the internal audit activity.

B.

Internal auditor integrity enables the internal auditor to avoid being challenged by any party in the organization.

C.

Internal auditor integrity enables the internal audit activity to be able to demonstrate independence.

D.

Internal auditor integrity enables users of internal auditors' work to make important business decisions.

Buy Now
Questions 5

An internal auditor is conducting an assessment of the purchasing department. She has worked the full amount of hours budgeted for the engagement; however, the audit objectives are not yet complete. According to IIA guidance, which of the following are appropriate options available to the chief audit executive?

1. Allow the auditor to decide whether to extend the audit engagement.

2. Determine whether the work already completed is sufficient to conclude the engagement.

3. Provide the auditor feedback on areas of improvement for future engagements.

4. Provide the auditor with instructions and directions to complete the audit.

Options:

A.

1, 2, and 3

B.

1, 2, and 4

C.

1, 3, and 4

D.

2, 3, and 4

Buy Now
Questions 6

An internal auditor notes that employees continue to violate segregation-of-duty controls in several areas of the finance department, despite previous audit recommendations. Which of the following recommendations is the most appropriate to address this concern?

Options:

A.

Recommend additional segregation-of-duty reviews.

B.

Recommend appropriate awareness training for all finance department staff.

C.

Recommend rotating finance staff in this area.

D.

Recommend that management address these concerns immediately.

Buy Now
Questions 7

Due to a recent system upgrade, an audit is planned to test the payroll process. Which of the following audit objectives would be most important to prevent fraud?

Options:

A.

Verify that amounts are correct.

B.

Verify that payments are on time.

C.

Verify that recipients are valid employees.

D.

Verify that benefits deductions are accurate.

Buy Now
Questions 8

Which of the following roles would be least appropriate for the internal audit activity to undertake with regard to an organization's corporate social responsibility (CSR) program?

Options:

A.

Consult on project design and implementation of the CSR program.

B.

Serve as an advisor on internal controls related to CSR.

C.

Identify and prioritize the CSR issues that are important to the organization.

D.

Evaluate the effectiveness of the organization's CSR efforts.

Buy Now
Questions 9

Unsecured loans are loans:

Options:

A.

That do not have to be repaid for over one year.

B.

That appear to be too risky for most lenders to consider.

C.

Granted on the basis of a company's credit standing.

D.

Backed by mortgaged assets.

Buy Now
Questions 10

Which of the following is useful for forecasting the required level of inventory?

1. Statistical modeling.

2. Information about seasonal variations in demand.

3. Knowledge of the behavior of different business cycles.

4. Pricing models linked to seasonal demand.

Options:

A.

1 and 2 only

B.

2 and 3 only

C.

1, 2, and 3 only

D.

1, 2, 3, and 4

Buy Now
Questions 11

Which of the following components should be included in an audit finding?

1. The scope of the audit.

2. The standard(s) used by the auditor to make the evaluation.

3. The engagement's objectives.

4. The factual evidence that the internal auditor found in the course of the examination.

Options:

A.

1 and 2

B.

1 and 3 only

C.

2 and 4

D.

1, 3, and 4

Buy Now
Questions 12

Which of the following behaviors could represent a significant ethical risk if exhibited by an organization's board?

1. Intervening during an audit involving ethical wrongdoing.

2. Discussing periodic reports of ethical breaches.

3. Authorizing an investigation of an unsafe product.

4. Negotiating a settlement of an employee claim for personal damages.

Options:

A.

1 and 2

B.

1 and 4

C.

2 and 3

D.

3 and 4

Buy Now
Questions 13

When constructing a staffing schedule for the internal audit activity (IAA), which of the following criteria are most important for the chief audit executive to consider for the effective use of audit resources?

1. The competency and qualifications of the audit staff for specific assignments.

2. The effectiveness of IAA staff performance measures.

3. The number of training hours received by staff auditors compared to the budget.

4. The geographical dispersion of audit staff across the organization.

Options:

A.

1 and 3

B.

1 and 4

C.

2 and 3

D.

2 and 4

Buy Now
Questions 14

Which of the following is not a direct benefit of control self-assessment (CSA)?

Options:

A.

CSA allows management to have input into the audit plan.

B.

CSA allows process owners to identify, evaluate, and recommend improving control deficiencies.

C.

CSA can improve the control environment.

D.

CSA increases control consciousness.

Buy Now
Questions 15

During an assurance engagement, an internal auditor discovered that a sales manager approved numerous sales contracts for values exceeding his authorization limit. The auditor reported the finding to the audit supervisor, noting that the sales manager had additional new contracts under negotiation. According to IIA guidance, which of the following would be the most appropriate next step?

Options:

A.

The audit supervisor should include the new contracts in the finding for the final audit report.

B.

The audit supervisor should communicate the finding to the supervisor of the sales manager through an interim report.

C.

The audit supervisor should remind the sales manager of his authority limit for the contracts under negotiation.

D.

The auditor should not reference the new contracts, because they are not yet signed and therefore cannot be included in the final report.

Buy Now
Questions 16

It is close to the fiscal year end for a government agency, and the chief audit executive (CAE) has the following items to submit to either the board or the chief executive officer (CEO) for approval. According to IIA guidance, which of the following items should be submitted only to the CEO?

Options:

A.

The internal audit risk assessment and audit plan for the next fiscal year.

B.

The internal audit budget and resource plan for the coming fiscal year.

C.

A request for an increase of the CAE's salary for the next fiscal year.

D.

The evaluation and compensation of the internal audit team.

Buy Now
Questions 17

According to IIA guidance, which of the following is true regarding audit supervision?

1. Supervision should be performed throughout the planning, examination, evaluation, communication, and follow-up stages of the audit engagement.

2. Supervision should extend to training, time reporting, and expense control, as well as administrative matters.

3. Supervision should include review of engagement workpapers, with documented evidence of the review.

Options:

A.

1 and 2 only

B.

1 and 3 only

C.

2 and 3 only

D.

1, 2, and 3

Buy Now
Questions 18

An internal control questionnaire would be most appropriate in which of the following situations?

Options:

A.

Testing controls where operating procedures vary.

B.

Testing controls in decentralized offices.

C.

Testing controls in high risk areas.

D.

Testing controls in areas with high control failure rates.

Buy Now
Questions 19

Which of the following has the greatest effect on the efficiency of an audit?

Options:

A.

The complexity of deficiency findings.

B.

The adequacy of preliminary survey information.

C.

The organization and content of workpapers.

D.

The method and amount of supporting detail used for the audit report.

Buy Now
Questions 20

According to IIA guidance, which of the following accurately describes the responsibilities of the chief audit executive with respect to the final audit report?

1. Coordinate post-engagement conferences to discuss the final audit report with management.

2. Include management's responses in the final audit report.

3. Review and approve the final audit report.

4. Determine who will receive the final audit report.

Options:

A.

1 and 2

B.

1 and 4

C.

2 and 3

D.

3 and 4

Buy Now
Questions 21

According to IIA guidance, which of the following actions might place the independence of the internal audit function in jeopardy?

Options:

A.

Having no active role or involvement in the risk management process.

B.

Auditing the risk management process for reasonableness.

C.

Coordinating and managing the risk management process.

D.

Participating with management in identifying and evaluating risks.

Buy Now
Questions 22

Which of the following is least likely to help ensure that risk is considered in a work program?

Options:

A.

Risks are discussed with audit client.

B.

All available information from the risk-based plan is used.

C.

Client efforts to affect risk management are considered.

D.

Prior risk assessments are considered.

Buy Now
Questions 23

Which of the following statements is true regarding reversing entries in an accounting cycled

Options:

A.

Reversing all previous closing adjustments is a mandatory step in the accounting cycle

B.

Reversing entries should be completed at the end of the next accounting period after recording regular transactions of the period

C.

Reversing entries are identical to the adjusting entries made in the previous period.

D.

Reversing entries are the exact opposite of the adjustments made in the previous period.

Buy Now
Questions 24

The process of scenario planning begins with which of the following steps?

Options:

A.

Determining the trends that will influence key factors in the organization's environment.

B.

Selecting the issue or decision that will impact how the organization conducts future business.

C.

Selecting leading indicators to alert the organization of future developments.

D.

Identifying how customers, suppliers, competitors, employees, and other stakeholders will react.

Buy Now
Questions 25

Which of the following factors is most responsible for the increasing risk that unauthorized parties may obtain or tamper with personal data?

Options:

A.

The lack of legal and industry frameworks on privacy.

B.

The absence of generally accepted privacy principles.

C.

The rapid growth and evolution of technology.

D.

The legislated need to retain sensitive personal information.

Buy Now
Questions 26

A chief audit executive (CAE) received a detailed internal report of senior management's internal control assessment. Which of the following subsequent actions by the CAE would provide the greatest assurance over management's assertions?

Options:

A.

Assert whether the described and reported control processes and systems exist.

B.

Assess whether senior management adequately supports and promotes the internal control culture described in the report.

C.

Evaluate the completeness of the report and management's responses to identified deficiencies.

D.

Determine whether management's operating style and the philosophy described in the report reflect the effective functioning of internal controls.

Buy Now
Questions 27

An audit identified a number of weaknesses in the configuration of a critical client/server system. Although some of the weaknesses were corrected prior to the issuance of the audit report, correction of the rest will require between 6 and 18 months for completion. Consequently, management has developed a detailed action plan, with anticipated completion dates, for addressing the weaknesses. What is the most appropriate course of action for the chief audit executive to take?

Options:

A.

Assess the status of corrective action during a follow-up audit engagement after the action plan has been completed.

B.

Assess the effectiveness of corrections by reviewing statistics related to unplanned system outages, and denials of service.

C.

Reassign information systems auditors to assist in implementing management's action plan.

D.

Evaluate the ability of the action plan to correct the weaknesses and monitor key dates and deliverables.

Buy Now
Questions 28

The chief risk officer (CRO) of a large manufacturing organization decided to facilitate a workshop for process managers and staff to identify opportunities for improving productivity and reducing defects. Which of the following is the most likely reason the CRO chose the workshop approach?

Options:

A.

It minimizes the amount of time spent and cost incurred to gather the necessary information.

B.

Responses can be confidential, thus encouraging participants to be candid expressing their concerns.

C.

Workshops do not require extensive facilitation skills and are therefore ideal for nonauditors.

D.

Workshop participants have an opportunity to learn while contributing ideas toward the objectives.

Buy Now
Questions 29

A large investment organization hired a chief risk officer (CRO) to be responsible for the organization's risk management processes. Which of the following people should prioritize risks to be used for the audit plan?

Options:

A.

Operational management, because they are responsible for the day-to-day management of the operational risks.

B.

The CRO, because he is responsible for coordinating and project managing risk activities based on his specialized skills and knowledge.

C.

The chief audit executive, although he is not accountable for risk management in the organization.

D.

The CEO, because he has ultimate responsibility for ensuring that risks are managed within the agreed tolerance limits set by the board.

Buy Now
Questions 30

When creating the internal audit plan, the chief audit executive should prioritize engagements based primarily on which of the following?

Options:

A.

The last available risk assessment.

B.

Requests from senior management and the board.

C.

The longest interval since the last examination of each audit universe item.

D.

The auditable areas required by regulatory agencies.

Buy Now
Questions 31

Which of the following is not an outcome of control self-assessment?

Options:

A.

Informal, soft controls are omitted, and greater focus is placed on hard controls.

B.

The entire objectives-risks-controls infrastructure of an organization is subject to greater monitoring and continuous improvement.

C.

Internal auditors become involved in and knowledgeable about the self-assessment process.

D.

Nonaudit employees become experienced in assessing controls and associating control processes with managing risks.

Buy Now
Questions 32

According to IIA guidance, which of the following factors should the auditor in charge consider when determining the resource requirements for an audit engagement?

Options:

A.

The number, experience, and availability of audit staff as well as the nature, complexity, and time constraints of the engagement.

B.

The appropriateness and sufficiency of resources and the ability to coordinate with external auditors.

C.

The number, proficiency, experience, and availability of audit staff as well as the ability to coordinate with external auditors.

D.

The appropriateness and sufficiency of resources as well as the nature, complexity, and time constraints of the engagement.

Buy Now
Questions 33

An internal auditor has been assigned to facilitate a risk and control self-assessment for the finance group. Which of the following is the most appropriate role that she should assume when facilitating the workshop?

Options:

A.

Express an opinion on the participants' inputs and conclusions as the assessment progresses.

B.

Provide appropriate techniques and guidelines on how the exercise should be undertaken.

C.

Evaluate and report on all issues that may be uncovered during the exercise.

D.

Screen and vet participants so that the most appropriate candidates are selected to participate in the exercise.

Buy Now
Questions 34

New environmental regulations require the board to certify that the organization's reported pollutant emissions data is accurate. The chief audit executive (CAE) is planning an audit to provide assurance over the organization's compliance with the environmental regulations. Which of the following groups or individuals is most important for the CAE to consult to determine the scope of the audit?

Options:

A.

The audit committee of the board.

B.

The environmental, health, and safety manager.

C.

The organization's external environmental lawyers.

D.

The organization's insurance department.

Buy Now
Questions 35

Upon joining the internal audit activity, each new auditor receives a copy of the audit handbook. Which of the following handbook policies has the greatest risk of compromising audit objectivity?

Options:

A.

Internal auditors should obtain 80 hours of continuing professional education every two years, 20 of which should be audit-related, and the remainder may be operations-related.

B.

Internal auditors should rotate to other areas of the organization for nonaudit assignments to gain an understanding of the organization's operations.

C.

Internal auditors should have direct and unrestricted access to personnel and information throughout the organization and the governing board.

D.

Internal auditors should undergo annual performance appraisals conducted by the chief audit executive, who reports administratively to the chief financial officer.

Buy Now
Questions 36

Which of the following best describes the four components of a balanced scorecard?

Options:

A.

Customers, innovation, growth, and internal processes.

B.

Business objectives, critical success factors, innovation, and growth.

C.

Customers, support, critical success factors, and learning.

D.

Financial measures, learning and growth, customers, and internal processes.

Buy Now
Questions 37

According to IIA guidance, which of the following individuals should receive the final audit report on a compliance engagement for the organization's cash disbursements process?

Options:

A.

The accounts payable supervisor, accounts payable manager, and controller.

B.

The accounts payable manager, purchasing manager, and receiving manager.

C.

The accounts payable supervisor, controller, and treasurer.

D.

The accounts payable manager, chief financial officer, and audit committee.

Buy Now
Questions 38

If observed during fieldwork by an internal auditor, which of the following activities is least important to communicate formally to the chief audit executive?

Options:

A.

Acts that may endanger the health or safety of individuals.

B.

Acts that favor one party to the detriment of another.

C.

Acts that damage or have an adverse effect on the environment.

D.

Acts that conceal inappropriate activities in the organization.

Buy Now
Questions 39

Faced with a complex, highly technical construction audit engagement, the chief audit executive (CAE) considered complementing the current internal audit resources by engaging the services of a civil engineer.

Which of the following should the CAE consider in determining whether the engineer possesses the necessary skills to perform the engagement?

1. Professional certification, license, or other recognition of the engineer's competence in the relevant discipline.

2. Experience of the engineer in the type of work being considered.

3. Compensation or other incentives that the engineer may receive.

4. The extent of other ongoing services that the engineer may be performing for the organization.

Options:

A.

1 and 4 only

B.

2 and 3 only

C.

3 and 4 only

D.

1, 2, and 4 only

Buy Now
Questions 40

Which of the following is the best way to detect fraud?

Options:

A.

Conduct anti-fraud training.

B.

Perform background investigations.

C.

Implement process controls.

D.

Activate a whistleblower hotline.

Buy Now
Questions 41

Which of the following are components of the ISO 31000 risk management process?

1. Setting the context.

2. Risk treatment.

3. Risk avoidance.

4. Communication.

Options:

A.

1 and 2 only.

B.

2 and 3.

C.

3 and 4.

D.

1,2, and 4.

Buy Now
Questions 42

Which of the following is an appropriate role for the internal audit activity with regard to the organization's risk management program?

Options:

A.

Identify and manage risks in line with the organization's risk appetite.

B.

Ensure that a proper and effective risk management process exists.

C.

Attain an adequate understanding of the organization's key risk mitigation strategies.

D.

Identify and ensure that appropriate controls exist to mitigate risks.

Buy Now
Questions 43

According to IIA guidance, which of the following statements is false regarding a review of the controls in place to prevent fraud?

Options:

A.

The review should focus on the efficiency of the controls in place to prevent fraud.

B.

The scope of the review does not need to include all operating areas of the organization.

C.

The cost of the control should be compared to the benefit of mitigating the related risk.

D.

The review should assess whether the internal controls can be circumvented.

Buy Now
Questions 44

An internal auditor is conducting a financial audit. Which of the following audit procedures is most appropriate when existing internal controls are weak?

Options:

A.

Analytical procedures.

B.

Detail testing.

C.

Test of design.

D.

Test of control.

Buy Now
Questions 45

Which of the following is the primary reason the chief audit executive should consider the organization's strategic plans when developing the annual audit plan?

Options:

A.

Strategic plans reflect the organization's business objectives and overall attitude toward risk.

B.

Strategic plans are helpful to identify major areas of activity, which may direct the allocation of internal audit activity resources.

C.

Strategic plans are likely to show areas of weak financial controls.

D.

The strategic plan is a relatively stable document on which to base audit planning.

Buy Now
Questions 46

According to IIA guidance, which of the following is true when the internal audit activity is asked to investigate potential ethics violations in a foreign subsidiary?

Options:

A.

Communication of any internal ethics violations to external parties may occur with appropriate safeguards.

B.

Cultural impacts are less critical where the organization practices uniform polices around the globe.

C.

Cross-cultural differences should always be handled by the staff of the same cultural background.

D.

Local law enforcement should be involved as they are more familiar with the applicable local laws.

Buy Now
Questions 47

The external auditor has identified a number of production process control deficiencies involving several departments. As a result, senior management has asked the internal audit activity to complete internal control training for all related staff. According to IIA guidance, which of the following would be the most appropriate course of action for the chief audit executive to follow?

Options:

A.

Refuse to accept the consulting engagement because it would be a violation of independence.

B.

Collaborate with the external auditor to ensure the most efficient use of resources.

C.

Accept the engagement but hire an external training specialist to provide the necessary expertise.

D.

Accept the engagement even if the audit engagement staff was previously responsible for operational areas being trained.

Buy Now
Questions 48

During an audit of the accounts receivable (AR) process, an internal auditor noted that reconciliations are still not performed regularly by the AR staff, a recommendation that was made following a previous audit. Monitoring by the financial reporting function has failed to detect the shortcoming. Both the financial reporting function and AR report to the controller, who is responsible for implementing action plans. Which of the following supports the internal auditor's decision to combine both observations into one reported finding?

Options:

A.

The observation was made during the same audit, and the action plan has a common owner.

B.

The observation relates to the same control activity within a common process.

C.

The observation has a common control, and it was noted in a prior audit.

D.

The observation has a common process, and the action plan for the observation has a common owner.

Buy Now
Questions 49

Which of the following factors should a chief audit executive consider when determining the audit universe?

1. Components of the organization's strategic plan.

2. Inputs from senior management and the board.

3. Views of competitors and business associates.

4. Results of exit interviews with departing employees.

Options:

A.

1 and 2 only

B.

2 and 4 only

C.

1, 2, and 4

D.

2, 3, and 4

Buy Now
Questions 50

According to IIA guidance, which of the following are appropriate actions for the chief audit executive regarding management's response to audit recommendations?

Options:

A.

Evaluate and verify management's response, and determine the need and scope for additional work.

B.

Evaluate and verify management's response, and establish timelines for corrective action by management.

C.

Oversee the corrective actions undertaken by management, and determine the need and scope for additional work.

D.

Oversee the corrective actions undertaken by management, and establish timelines for corrective action by management.

Buy Now
Questions 51

Which of the following situations would justify the removal of a finding from the final audit report?

Options:

A.

Management disagrees with the report findings and conclusions in their responses.

B.

Management has already satisfactorily completed the recommended corrective action.

C.

Management has provided additional information that contradicts the findings.

D.

Management believes that the finding is insignificant and unfairly included in the report.

Buy Now
Questions 52

Which of the following factors would the auditor in charge be least likely to consider when assigning tasks to audit team members for an engagement?

Options:

A.

The amount of experience the auditors have conducting audits in the specific area of the organization.

B.

The availability of the auditors in relation to the availability of key client staff.

C.

Whether the budgeted hours are sufficient to complete the audit within the current scope.

D.

Whether outside resources will be needed, and their availability.

Buy Now
Questions 53

An organization's internal audit plan includes a recurring assurance review of the human resources (HR) department. Which of the following statements is true regarding preliminary communication between the auditor in charge (AIC) and the HR department?

1. The AIC should notify HR management when the draft audit plan is being developed, as a courtesy.

2. The AIC should notify HR management before the planning stage begins.

3. The AIC should schedule formal status meetings with HR management at the start of the engagement.

4. The AIC should finalize the scope of the engagement before communicating with HR management.

Options:

A.

1 and 3

B.

1 and 4

C.

2 and 3

D.

2 and 4

Buy Now
Questions 54

For which of the following fraud engagement activities would it be most appropriate to involve a forensic auditor?

Options:

A.

Independently evaluating conflicts of interests.

B.

Assessing contracts for relevant terms and conditions.

C.

Performing statistical analysis for data anomalies.

D.

Preparing evidentiary documentation.

Buy Now
Questions 55

An internal auditor and engagement client are deadlocked over the auditor's differing opinion with management on the adequacy of access controls for a major system. Which of the following strategies would be the most helpful in resolving this dispute?

Options:

A.

Conduct a joint brainstorming session with management.

B.

Ask the chief audit executive to mediate.

C.

Disclose the client's differing opinion in the final report.

D.

Escalate the issue to senior management for a decision.

Buy Now
Questions 56

Which of the following recommendations made by the internal audit activity (IAA) is most likely to help prevent fraud?

Options:

A.

A review of password policy compliance found that employees frequently use the same password more than once during a year. The IAA recommends that the access control software reject any password used more than once during a 12-month period.

B.

A review of internal service-level agreement compliance in financial services found that requests for information frequently are fulfilled up to two weeks late. The IAA recommends that the financial services unit be eliminated for its ineffectiveness.

C.

A vacation policy compliance review found that employees frequently leave on vacation before their leave applications are signed by their manager. The IAA recommends that the manager attend to the leave applications in a more timely fashion.

D.

A review of customer service-level agreements found that orders to several customers are frequently delivered late. The IAA recommends that the organization extend the expected delivery time advertised on its website.

Buy Now
Questions 57

When forming an opinion on the adequacy of management's systems of internal control, which of the following findings would provide the most reliable assurance to the chief audit executive?

• During an audit of the hiring process in a law firm, it was discovered that potential employees' credentials were not always confirmed sufficiently. This process remained unchanged at the following audit.

• During an audit of the accounts payable department, auditors calculated that two percent of accounts were paid past due. This condition persisted at a follow up audit.

• During an audit of the vehicle fleet of a rental agency, it was determined that at any given time, eight percent of the vehicles were not operational. During the next audit, this figure had increased.

• During an audit of the cash handling process in a casino, internal audit discovered control deficiencies in the transfer process between the slot machines and the cash counting area. It was corrected immediately.

Options:

A.

1 and 3 only

B.

1 and 4 only

C.

2 and 3 only

D.

2 and 4 only

Buy Now
Questions 58

Which of the following would not be a typical activity for the chief audit executive to perform following an audit engagement?

Options:

A.

Report follow-up activities to senior management.

B.

Implement follow-up procedures to evaluate residual risk.

C.

Determine the costs of implementing the recommendations.

D.

Evaluate the extent of improvements.

Buy Now
Questions 59

Which of the following statements describes an engagement planning best practice?

Options:

A.

It is best to determine planning activities on a case-by-case basis because they can vary widely from engagement to engagement.

B.

If the engagement subject matter is not unique, it is not necessary to outline specific testing procedures during the planning phase.

C.

The engagement plan includes the expected distribution of the audit results, which should be kept confidential until the audit report is final.

D.

Engagement planning activities include setting engagement objectives that align with audit client's business objectives.

Buy Now
Questions 60

An organization has a health and safety division that conducts audits to meet regulatory requirements. The chief health and safety officer reports directly to the CEO. Which of the following describes an appropriate role for the chief audit executive (CAE) with regard to the organization's health and safety program?

Options:

A.

The CAE has no role to play, because the chief health and safety officer reports to a senior executive.

B.

The CAE should coordinate with, and review the work of, the chief health and safety officer to gain an understanding of whether risks related to health and safety are managed properly.

C.

The CAE should give periodic reports directly to the regulator regarding health and safety issues, as it is the appropriate regulatory oversight body.

D.

The CAE should hire an independent external specialist to conduct an annual assessment and provide assurance over the effectiveness of the health and safety program and the reliability of its reports.

Buy Now
Questions 61

An organization's board would like to establish a formal risk management function and has asked the chief audit executive (CAE) to be involved in the process. According to IIA guidance, which of the following roles should the CAE not undertake?

Options:

A.

Manage and coordinate risk management processes.

B.

Audit risk management processes.

C.

Become involved in risk oversight committees, monitoring activities, and status reporting.

D.

Accept management's responsibility for risk management without board approval.

Buy Now
Questions 62

According to IIA guidance, which of the following statements is true regarding the authority of the chief audit executive (CAE) to release previous audit reports to outside parties?

Options:

A.

The CAE can release prior internal audit reports with the approval of the board and senior management.

B.

The CAE can employ judgment and release prior audit results as they deem appropriate and necessary.

C.

The CAE can only release prior information outside the organization when mandated by legal or statutory requirements.

D.

The CAE can release prior information provided it is as originally published and distributed within the organization.

Buy Now
Questions 63

According to IIA guidance, which of the following statements best justifies a chief audit executive's request for external consultants to complement internal audit activity (IAA) resources?

Options:

A.

The organization's audit universe is extensive and diverse.

B.

There has been an increase in unanticipated requests for advisory work.

C.

Previous work provided by the external service provider has been of great quality and value.

D.

A recent benchmarking study found that using external service providers is a common practice of similarly-sized IAAs in other organizations.

Buy Now
Questions 64

Which of the followings statements describes a best practice regarding assurance engagement communication activities?

Options:

A.

All assurance engagement observations should be communicated to the audit committee.

B.

All assurance engagement observations should be included in the main section of the engagement communication.

C.

During the "communicate" phase of an assurance engagement, it is best to define the methods and timing of engagement communications.

D.

A detailed escalation process should be developed during the planning stage of an assurance engagement.

Buy Now
Questions 65

After the team member who specialized in fraud investigations left the internal audit team, the chief audit executive decided to outsource fraud investigations to a third party service provider on an as needed basis. Which of the following is most likely to be a disadvantage of this outsourcing decision?

Options:

A.

Cost.

B.

Independence.

C.

Familiarity.

D.

Flexibility.

Buy Now
Questions 66

The board has asked the internal audit activity (IAA) to be involved in the organization's enterprise risk management process. Which of the following activities is appropriate for IAA to perform without safeguards?

Options:

A.

Coach management in responding to risks.

B.

Develop risk management strategies for board approval.

C.

Facilitate identification and evaluation of risks.

D.

Evaluate risk management processes.

Buy Now
Questions 67

The internal audit activity (IAA) wants to measure its performance related to the quality of audit recommendations. Which of the following client survey questions would best help the IAA meet this objective?

Options:

A.

Were audit findings relevant and useful to management?

B.

Does the audit report format present issues clearly and concisely?

C.

Does the IAA work with a high degree of professionalism and objectivity?

D.

Were the findings reported in a timely manner?

Buy Now
Questions 68

Which of the following should be included in a privacy audit engagement?

1. Assess the appropriateness of the information gathered.

2. Review the methods used to collect information.

3. Consider whether the information collected is in compliance with applicable laws.

4. Determine how the information is stored.

Options:

A.

1 and 3 only

B.

2 and 4 only

C.

1, 3, and 4 only

D.

1, 2, 3, and 4

Buy Now
Questions 69

An internal auditor wants to determine whether employees are complying with the information security policy, which prohibits leaving sensitive information on employee desks overnight. The auditor checked a sample of 90 desks and found eight that contained sensitive information. How should this observation be reported, if the organization tolerates 4 percent noncompliance?

Options:

A.

The matter does not need to be reported, because the noncompliant findings fall within the acceptable tolerance limit.

B.

The deviations are within the acceptable tolerance limit, so the matter only needs to be reported to the information security manager.

C.

The incidents of noncompliance fall outside the acceptable tolerance limit and require immediate corrective action, as opposed to reporting.

D.

The incidents of noncompliance exceed the tolerance level and should be included in the final engagement report.

Buy Now
Questions 70

According to IIA guidance, which of the following is least likely to be a key financial control in an organization's accounts payable process?

Options:

A.

Require the approval of additions and changes to the vendor master listing, where the inherent risk of false vendors is high.

B.

Monitor amounts paid each period and compare them to the budget to identify potential issues.

C.

Compare employee addresses to vendor addresses to identify potential employee fraud.

D.

Monitor customer quality complaints compared to the prior period to identify vendor issues.

Buy Now
Questions 71

During a fraud interview, it was discovered that unquestioned authority enabled a vice president to steal funds from the organization. Which of the following best describes this condition?

Options:

A.

Scheme.

B.

Opportunity.

C.

Rationalization.

D.

Pressure.

Buy Now
Questions 72

Which of the following would most likely cause an internal auditor to consider adding fraud work steps to the audit program?

Options:

A.

Improper segregation of duties.

B.

Incentives and bonus programs.

C.

An employee's reported concerns.

D.

Lack of an ethics policy.

Buy Now
Questions 73

An auditor identifies three errors in the sample of 25 entries selected for review (a 12 percent error rate). Based on this result, the auditor assumes that approximately 59 of the total population of 492 entries are incorrect. To reach this assumption, the auditor has used a technique known as which of the following?

Options:

A.

Variability tolerance.

B.

Ratio estimation.

C.

Stratification.

D.

Acceptance sampling.

Buy Now
Questions 74

An internal auditor completed an audit of a bank's loan department and found all significant risks to be managed adequately through effective internal controls. Which of the following would be an appropriate conclusion to report to management?

Options:

A.

The residual risk is lower than or equal to the risk appetite.

B.

The residual risk is higher than or equal to the risk appetite.

C.

The inherent risk is lower than or equal to the risk tolerance.

D.

The inherent risk is higher than or equal to the risk tolerance.

Buy Now
Questions 75

According to The MA Global Internal Audit Competency Framework, which of the following areas of training would best assist the internal audit activity in improving its use of tools and techniques?

Options:

A.

Negotiation and conflict resolution.

B.

Project management.

C.

Financial accounting.

D.

Ethics and fraud.

Buy Now
Questions 76

A large sales organization maintains a system of internal control according to the COSO model and has updated its code of conduct. This change relates to which component of the COSO framework?

Options:

A.

Control activities.

B.

Information and communication.

C.

Commitment.

D.

Control environment.

Buy Now
Questions 77

Which of the following statements is true regarding assurance services provided to clients outside of the organization?

Options:

A.

Assurance services for outside clients are not covered under the internal audit charter.

B.

Assurance services for outside clients must be approved on a case-by-case basis by the board of directors.

C.

The nature of assurance services for outside clients should be defined in the internal audit charter.

D.

The nature of assurance services for outside clients is the same as for internal clients.

Buy Now
Questions 78

Which of the following is a detective control strategy against fraud?

Options:

A.

Requiring employees to attend ethics training.

B.

Performing background checks on employees.

C.

Implementing a control self-assessment.

D.

Performing a surprise audit.

Buy Now
Questions 79

Reviewing prior audit reports and supporting workpapers before an engagement starts enables an internal auditor to do which of the following?

1. To understand better the activity and processes that will be audited.

2. To identify the audit procedures that will be used during the engagement.

3. To ensure that matters of greatest vulnerability will be addressed.

4. To use the information obtained as evidence in the current engagement.

Options:

A.

4 only

B.

1 and 3 only

C.

1 and 4 only

D.

2, 3, and 4 only

Buy Now
Questions 80

According to IIA guidance, which of the following are macro-level audit activities performed for an assurance engagement of the purchasing department?

1. Obtain and review all purchasing-related audit reports issued within the past year.

2. Meet with the quality assurance group to discuss its previous reports of any purchasing-related findings.

3. Review a memo written by the purchasing manager that outlines ongoing problems with the purchasing software.

4. Request a copy of the report from a purchasing audit conducted last year by an external service provider.

Options:

A.

1 and 2.

B.

1 and 3.

C.

2 and 4.

D.

3 and 4.

Buy Now
Questions 81

Which of the following are core responsibilities to be included in the internal audit charter?

1. Review reliability and integrity of financial and operating information and the means used to identify, measure, classify, and report such information.

2. Determine the adequacy and effectiveness of the organization’s systems of internal accounting and operating controls.

3. Participate in the planning and performance of audits of potential acquisitions with the organization's outside accountants and other members of the corporate staff.

4. Report to those members of management who should be informed of results of audit examinations, the audit opinions formed, and the recommendations made.

Options:

A.

1 and 2.

B.

1 and 4.

C.

2 and 3.

D.

2 and 4.

Buy Now
Questions 82

Which of the following strategies is most appropriate for an industry that is in decline?

Options:

A.

Invest in marketing.

B.

Invest in research and development.

C.

Control costs.

D.

Shift toward mass production.

Buy Now
Questions 83

According to IIA guidance, which of the following steps are most important for an internal auditor to perform when evaluating an organization's social and environmental impact on the local community?

  • Determine whether previous incidents have been reported, managed, and resolved.
  • Determine whether a business contingency plan exists.
  • Determine the extent of transparency in reporting.
  • Determine whether a cost/benefit analysis was performed for all related projects.

Options:

A.

1 and 3.

B.

1 and 4.

C.

2 and 3.

D.

2 and 4.

Buy Now
Questions 84

A brand manager in a consumer food products organization suspected that several days of the point-of-sale data on the spreadsheet from one grocery chain were missing. The best approach for detecting missing rows in spreadsheet data would be to:

Options:

A.

Sort on product identification code and identify missing product identification codes.

B.

Review store identification code and identify missing product identification codes.

C.

Compare product identification codes for consecutive periods.

D.

Compare product identification codes by store for consecutive periods.

Buy Now
Questions 85

When an organization is choosing a new external auditor, which of the following is the most appropriate role for the chief audit executive to undertake?

Options:

A.

Review and acquire the external audit service.

B.

Assess the appraisal and actuarial services.

C.

Determine the selection criteria.

D.

Identify regulatory requirements to be considered.

Buy Now
Questions 86

A multinational organization has multiple divisions that sell their products internally to other divisions. When selling internally, which of the following transfer prices would lead to the best decisions for the organization?

Options:

A.

Full cost

B.

Full cost plus a markup.

C.

Market price of the product

D.

Variable cost plus a markup

Buy Now
Questions 87

Which of the following activities most significantly increases the risk that a bank will make poor-quality loans to its customers?

Options:

A.

Borrowers may not sign all required mortgage loan documentation.

B.

Fees paid by the borrower at the time of the loan may not be deposited in a timely manner.

C.

The bank's loan documentation may not meet the government's disclosure requirements.

D.

Loan officers may override the lending criteria established by senior management.

Buy Now
Questions 88

Which of the following is classified as a product cost using the variable costing method?

1. Direct labor costs

2. Insurance on a factory.

3. Manufacturing supplies.

4. Packaging and shipping costs

Options:

A.

1 and 2

B.

1 and 3

C.

2 and 4

D.

3 and 4

Buy Now
Questions 89

Which of the following statements is correct regarding risk analysis?

Options:

A.

The extent to which management judgments are required in an area could serve as a risk factor in assisting the auditor in making a comparative risk analysis.

B.

The highest risk assessment should always be assigned to the area with the largest potential loss.

C.

The highest risk assessment should always be assigned to the area with the highest probability of occurrence.

D.

Risk analysis must be reduced to quantitative terms in order to provide meaningful comparisons across an organization.

Buy Now
Questions 90

All of the following are possible explanations for a significant unfavorable material efficiency variance except:

Options:

A.

Cutbacks in preventive maintenance.

B.

An inadequately trained and supervised labor force.

C.

A large number of rush orders.

D.

Production of more units than planned for in the master budget.

Buy Now
Questions 91

Which type of bond sells at a discount from face value, then increases in value annually until it reaches maturity and provides the owner with the total payoff?

Options:

A.

High-yield bonds.

B.

Commodity-backed bonds.

C.

Zero coupon bonds.

D.

Junk bonds.

Buy Now
Questions 92

Which of the following is not a common feature of cumulative preferred stock?

Options:

A.

Priority over common stock with regard to dilution of shares.

B.

Priority over common stock with regard to earnings.

C.

Priority over common stock with regard to dividend payment.

D.

Priority over common stock with regard to assets.

Buy Now
Questions 93

Which of the following evaluation criteria would be the most useful to help the chief audit executive determine whether an external service provider possesses the knowledge, skills, and other competencies needed to perform a review?

Options:

A.

The financial interest the service provider may have in the organization.

B.

The relationship the service provider may have had with the organization or the activities being reviewed.

C.

Compensation or other incentives that may be applicable to the service provider.

D.

The service provider's experience in the type of work being considered.

Buy Now
Questions 94

According to IIA guidance, which of the following would not be a consideration for the internal audit activity (IAA) when determining the need to follow-up on recommendations?

Options:

A.

Degree of effort and cost needed to correct the reported condition.

B.

Complexity of the corrective action.

C.

Impact that may result should the corrective action fail.

D.

Amount of resources required to conduct the follow-up activities.

Buy Now
Questions 95

While auditing an organization's credit approval process, an internal auditor learns that the organization has made a large loan to another auditor's relative. Which course of action should the auditor take?

Options:

A.

Proceed with the audit engagement, but do not include the relative's information.

B.

Have the chief audit executive and management determine whether the auditor should continue with the audit engagement.

C.

Disclose in the engagement final communication that the relative is a customer.

D.

Immediately withdraw from the audit engagement.

Buy Now
Questions 96

In the area of business acumen, which of the following competencies would be the sole responsibility of an internal audit staff member?

Options:

A.

Maintaining industry-specific knowledge appropriate to the organization.

B.

Assessing how IT contributes to organization objectives, risks, and relevance to audit.

C.

Maintaining technical aspects of accounting standards and reporting processes.

D.

Understanding regulatory and legal framework and assessing its relevance.

Buy Now
Questions 97

An internal auditor wants to sample data to test an audit theory in a cost-effective way. Which of the following sampling strategies should she use?

Options:

A.

Statistical sampling only

B.

Nonstatistical sampling only

C.

A combination of both statistical and nonstatistical sampling.

D.

Neither approach to testing the audit theory would be cost effective.

Buy Now
Questions 98

Which of the following scenarios best illustrates a rationalization as the root cause of potential fraud?

Options:

A.

Managers who have been with the organization for several decades become aware that newly hired, younger managers are being moved more quickly into senior positions.

B.

The controller at a nationwide manufacturing company recently opted to no longer require two-week mandatory vacations for accounting staff.

C.

Security cameras that monitor cash handling at the register are not functioning.

D.

The organization is slowly phasing out three mature products that produce the highest commissions for the sales staff.

Buy Now
Questions 99

The chief audit executive (CAE) of a small internal audit activity (IAA) performs all high-risk engagements on the annual audit plan to make use of his knowledge and experience and to maximize the efficient use of audit resources. Which of the following statements is most relevant regarding this practice?

Options:

A.

The CAE's work may be reviewed by any other experienced staff member within the IAA.

B.

The CAE's work should be reviewed by an individual with the appropriate background and knowledge.

C.

The CAE may self-review his work, provided he discloses this practice in the final report.

D.

The CAE should avoid performing engagements to ensure he is able to review all audit work objectively.

Buy Now
Questions 100

Forty-five percent of an organization's customer payments are submitted online. Eight percent of online payments are rejected. Executive management decides to outsource its online payment services to a contractor that will assume 75 percent of the total value of rejected payments. The organization estimates $1.25 million customer payments due during the contract period.

Which of the following represents the organization's residual risk for online customer payments due?

Options:

A.

$11, 250

B.

$25, 000

C.

$33, 750

D.

$45, 000

Buy Now
Questions 101

The management at a national consumer goods organization implements a fair work and pay practice as well as a policy to treat employees equitably and consistently. Which common characteristics of fraud will the practice and policy most likely reduce?

Options:

A.

Pressure or incentive.

B.

Opportunity.

C.

Rationalization.

D.

Commitment.

Buy Now
Questions 102

To fill a critical vacancy, an internal auditor is assigned temporarily to a nonaudit role in the purchasing department, where she worked previously before joining the internal audit activity. According to IIA guidance, which of the following statements is true regarding these circumstances?

Options:

A.

The chief audit executive (CAE) should review all work performed by the auditor during her temporary assignment to ensure no impairments.

B.

The CAE may conduct audits in the purchasing department during the auditor's temporary assignment.

C.

The auditor should obtain the CAE's approval as to the nature and scope of the duties she is permitted to perform during her temporary assignment.

D.

Any work performed by the auditor during her temporary assignment must conform to the internal audit charter.

Buy Now
Questions 103

An internal audit activity is using the auditing-by-element approach to audit the organization's controls around corporate social responsibility. Which of the following would be an element for the internal audit activity to consider?

Options:

A.

Working conditions.

B.

Employees' families.

C.

Marketplace competition.

D.

Shareholders and investors.

Buy Now
Questions 104

The chief audit executive (CAE) is planning to conduct an internal assessment of the internal audit activity (IAA). Part of this assessment will include benchmarking. According to IIA guidance, which of the following qualitative metrics would be appropriate for the CAE to use?

1. Average client customer satisfaction score for a given year.

2. Client survey comments on how to improve the IAA.

3. Auditor interviews once an audit has been completed.

4. Percentage of audits completed within 90 days.

Options:

A.

1 and 2.

B.

1 and 3.

C.

2 and 3.

D.

3 and 4.

Buy Now
Questions 105

The chief audit executive (CAE) has assigned an internal auditor to an upcoming engagement. Which of the following requirements would most likely indicate that the internal auditor was assigned to an assurance engagement?

Options:

A.

The assigned internal auditor must determine the objectives, scope, and techniques of the engagement.

B.

The CAE must personally obtain the needed skills, knowledge, or other competencies if the internal auditor does not have them.

C.

The assigned internal auditor must not assume management responsibilities while performing the engagement.

D.

The assigned internal auditor must maintain objectivity while performing the engagement.

Buy Now
Questions 106

According to the COSO enterprise risk management (ERM) framework, which of the following is not part of the new paradigm in ERM?

Options:

A.

Assessing the risk factors.

B.

Aligning risk appetite and strategy.

C.

Enhancing risk response decisions.

D.

Reducing operational surprises and losses.

Buy Now
Questions 107

A multinational organization has asked the internal audit activity to assist in setting up the organization's risk management system. The chief audit executive (CAE) agrees to take on the engagement as a consultant. Which of the following tasks is appropriate for the CAE to undertake?

Options:

A.

Coordinate and facilitate risk workshops for management to attend.

B.

Establish the degree of risk appetite for management to accept.

C.

Set risk indicators and mitigation plans for management to implement.

D.

Determine the number of significant risks for management to report to the board.

Buy Now
Questions 108

A new internal audit activity is creating its first charter. According to IIA guidance, which of the following objectives would be appropriate for inclusion in the charter?

Options:

A.

Continuously monitor the organization's overall risk activities in relation to its risk appetite.

B.

Evaluate the adequacy and effectiveness of the organization's governance activities.

C.

Oversee the establishment and administration of an effective risk management program.

D.

Assist management in implementing recommended control improvements.

Buy Now
Questions 109

According to IIA guidance, which of the following statements describes one of the similarities between assurance and consulting services?

Options:

A.

When planning assurance and consulting engagements, internal auditors must consider the strategies and objectives of the activity being reviewed.

B.

Internal auditors determine the engagement objectives, scope, and work program for both assurance and consulting services.

C.

Internal auditors must not provide assurance or consulting services for an activity for which they had responsibility within the previous year.

D.

Both assurance and consulting services generally involve the internal auditor, the area under review, senior management, and the board.

Buy Now
Questions 110

In which of the following scenarios would the chief audit executive (CAE) be required to decline the assignment?

Options:

A.

The CAE would need to procure external services to deliver the internal audit assurance program.

B.

There is no expertise within the internal audit team for detecting and investigating fraud.

C.

There is no expertise within the internal audit team for auditing an IT engagement.

D.

There is no available expertise on the internal audit team to perform a consulting engagement.

Buy Now
Questions 111

According to IIA guidance, which of the following is ultimately responsible for seeing that the internal control system of an organization's social responsibility program is effective?

Options:

A.

Senior management.

B.

Internal audit activity.

C.

All employees.

D.

Board of directors.

Buy Now
Questions 112

In which of the following functions would fraud be most likely to occur?

Options:

A.

Maintaining custody of inventory records.

B.

Collecting payments on accounts.

C.

Approving changes to employee records.

D.

Preparing customer statements.

Buy Now
Questions 113

Which of the following scenarios best illustrates the principle of due professional care?

Options:

A.

An internal auditor evaluates the significant risks arising from a consulting engagement.

B.

An internal auditor declares that he would have a conflict of interest in providing planned audit support.

C.

An internal auditor has been given sufficient authority to access documents needed to make an appraisal of an issue.

D.

An internal auditor uses technology-based audit techniques to ensure that all significant risks are identified.

Buy Now
Questions 114

Which of the following statements describes impairment to the internal auditor's objectivity?

Options:

A.

An internal auditor reviews a purchasing agent's contract drafts prior to their execution.

B.

An internal auditor reduces the scope of an audit engagement due to budget restrictions.

C.

An internal auditor receives a promotional gift that is available to the organization's employees.

D.

An internal auditor performs an assessment of the operations for which he was recently responsible.

Buy Now
Questions 115

A furniture manufacturer has installed a new fire sprinkler system at its central warehouse and canceled the existing fire insurance policy on that property. What change of risk response strategy does this course of action most likely reflect?

Options:

A.

From sharing to reduction.

B.

From acceptance to reduction.

C.

From sharing to avoidance.

D.

From acceptance to avoidance.

Buy Now
Questions 116

What is the primary benefit to the internal audit activity for undertaking an internal quality assessment?

Options:

A.

To help the internal audit activity complete its annual assurance plan.

B.

To identify inefficiencies within the internal audit team.

C.

To help improve the overall quality of the internal audit activity's work.

D.

To identify key risks and areas of concern within the organization.

Buy Now
Questions 117

Which of the following documents is most appropriate in promoting the objectivity of the internal audit activity?

Options:

A.

Usage of IT system policy.

B.

Risk management framework.

C.

Acceptance of gifts policy.

D.

Personal responsibility policy.

Buy Now
Questions 118

An organization is beginning to implement an enterprise risk management program. One of the first steps is to develop a common risk language. Which of the following statements about a common risk language is true?

Options:

A.

Management will be able to reduce inherent risk because they will have a better understanding of risk.

B.

Internal auditors will be able to reduce their sample sizes because controls will be more consistent.

C.

Stakeholders will have more assurance that the risks are assessed consistently.

D.

Decision makers will understand that the likelihood of missing or ineffective controls will be reduced.

Buy Now
Questions 119

A chief audit executive (CAE) is selecting an internal audit team to perform an audit engagement that requires a high level of knowledge in the areas of finance, investment portfolio management, and taxation. If neither the CAE nor the existing internal audit staff possess the required knowledge, which of the following actions should the CAE take?

Options:

A.

Postpone the audit until the CAE hires internal audit staff with the required knowledge.

B.

Ask the audit committee to decide the course of action.

C.

Select the most experienced auditors in the department to perform the engagement.

D.

Hire consultants who possess the required knowledge to perform the engagement.

Buy Now
Questions 120

Which of the following factors have the greatest influence on the independence of the internal audit activity?

Options:

A.

Quality assessments and cultural biases of the internal audit activity.

B.

Rotational assignments and familiarity of the internal audit activity.

C.

Employee incentives and self review of the internal audit activity.

D.

Organizational positioning and scope control of the internal audit activity.

Buy Now
Questions 121

According to IIA guidance, which of the following scenarios demonstrates an internal auditor exercising due professional care?

When auditing investments, the auditor identified instruments with which he was unfamiliar. He decided not to select that type of investment in his sample, as he did not have the knowledge needed to A. perform a proper assessment.

B. An auditor was reviewing inventory counts conducted by the warehouse staff. One truck containing an immaterial amount of inventory was off-site and wasn't verified by the auditor.

C. An auditor visited a plant that produces a significant portion of the organization's inventory. The day he arrived, the plant manager was out sick, so the auditor issued the report without interviewing the manager.

D. An auditor in charge needed to have testing completed by the end of the month, but was behind schedule. He identified a junior auditor to conduct the work for him on a complex area of the organization.

Options:

Buy Now
Questions 122

Which of the following is a requirement for an assurance engagement that may not be for a consulting engagement?

Options:

A.

The internal audit activity has to ensure team members' objectivity is not impaired.

B.

Auditors cannot participate in an assurance engagement of a function for which they previously performed a consulting engagement.

C.

The scope and objective of the engagement is agreed upon based on the engagement client's needs.

D.

The internal audit activity must ensure management actions have been implemented effectively or risk accepted.

Buy Now
Questions 123

According to IIA guidance, which of the following should be included in the internal audit charter?

Options:

A.

The minimum resources and competencies needed for the internal audit activity.

B.

Identification of the organizational units where engagements are to be performed.

C.

Organizational relationships and reporting lines.

D.

Assigned responsibilities for designing and implementing controls.

Buy Now
Questions 124

Which of the following responsibilities would fall under the role of the chief audit executive, rather than internal audit staff or the audit manager?

Options:

A.

Manage and support a quality assurance and improvement program.

B.

Maintain industry-specific knowledge appropriate to the audit engagements

C.

Set clear performance standards for internal auditors and the internal audit activity.

D.

Apply problem-solving techniques for routine situations.

Buy Now
Questions 125

Which of the following types of social responsibilities is voluntary and guided purely by the organization's desire to make social contributions?

Options:

A.

The bottom of the pyramid responsibility.

B.

Innovative responsibility.

C.

Ethical responsibility.

D.

Discretionary responsibility.

Buy Now
Questions 126

Which of the following is an example of collusion?

Options:

A.

An employee includes a faked receipt in his expense claim, and the claim is signed by the employee's manager.

B.

A vendor inflates the price of an item and remits a portion of the excess to the purchasing manager.

C.

A vendor sends a duplicate invoice with a new invoice number, and the accounts payable system fails to detect the duplication.

D.

An employee works with the IT manager to develop a program for identifying duplicate invoice payments.

Buy Now
Questions 127

Which of the following is an activity that an internal auditor must not perform?

Options:

A.

Establish and provide continuing assurance on an anti-money laundering program for new hires.

B.

Survey employees for their understanding of anti-money laundering practices.

C.

Provide assurance for the effectiveness of anti-money laundering training.

D.

Assess the risk of being fined for ineffective anti-money laundering practices.

Buy Now
Questions 128

Which of the following control methods is effective in reducing the risk of purchasing-scheme fraud?

1. Periodically reviewing the vendor list for unusual vendors and addresses.

2. Segregating duties for amount purchasing, receiving, shipping, and accounting.

3. Validating sequential integrity of purchase orders.

4. Verifying the validity of invoices with post office box addresses.

Options:

A.

1 and 2 only

B.

3 and 4 only

C.

1, 2, and 4 only

D.

1, 2, 3, and 4

Buy Now
Questions 129

Which of the following is most likely to be considered a control weakness?

Options:

A.

Vendor invoice payment requests are accompanied by a purchase order and receiving report.

B.

Purchase orders are typed by the purchasing department using prenumbered forms.

C.

Buyers promptly update the official vendor listing as new supplier sources become known.

D.

Department managers initiate purchase requests that must be approved by the plant superintendent.

Buy Now
Questions 130

A large trucking organization wants to reduce traffic accidents by improving its system of internal controls.

Which of the following controls is correctly classified?

1. Review of speeding violations to identify repetitive locations and drivers is an example of a preventive control.

2. Defensive driver training is an example of a directive control.

3. The installation of tracking devices in delivery vehicles is an example of a corrective control.

4. Providing a vehicle driver handbook is an example of a detective control.

Options:

A.

1 and 2.

B.

1 and 4.

C.

2 and 3.

D.

3 and 4.

Buy Now
Questions 131

What is the additional advantage of facilitated workshops, in comparison with structured interviews, used when testing the effectiveness of entity-level controls?

Options:

A.

During facilitated workshops, people more openly say things to internal auditors than during private interviews.

B.

Internal auditors do not need other sources of information, as the data gathered during facilitated workshops is sufficient.

C.

Facilitated workshops create a synergy of discussion that can bring multiple perspectives to the same issue.

D.

The testimonial evidence obtained during facilitated workshops is generally considered more reliable.

Buy Now
Questions 132

According to the COSO enterprise risk management framework, which of the following best describes the activity that helps ensure risk responses are carried out effectively?

Options:

A.

Objective setting.

B.

Control activities.

C.

Information and communication.

D.

Event identification.

Buy Now
Questions 133

According to IIA guidance, which of the following is an area in which the internal auditor should be proficient?

Options:

A.

Management principles.

B.

Computerized information systems.

C.

Internal audit standards, procedures, and techniques.

D.

Fundamentals of accounting, economics, and finance.

Buy Now
Questions 134

An internal auditor who is carrying out an engagement to review controls related to corporate tax reporting must possess which of the following competencies?

1. Proficiency in analyzing key IT risks and controls.

2. The ability to recognize significant deviations from good business practices.

3. Knowledge of key indicators of fraud in tax reporting.

4. The ability to recognize the existence of problems related to tax accounting.

Options:

A.

1 and 4 only.

B.

3 and 4 only.

C.

2, 3, and 4 only.

D.

1,2, 3, and 4.

Buy Now
Questions 135

Which of the following is an example of a directive control?

Options:

A.

Segregation of duties.

B.

Exception reports.

C.

Incentive compensation plans.

D.

Automated reconciliations.

Buy Now
Questions 136

Which of the following options is the most cost-effective and efficient way for internal auditors to keep current with the latest developments in the internal audit profession?

Options:

A.

Attending annual professional conferences and seminars.

B.

Participating in on-the-job training in various departments of the organization.

C.

Pursuing as many professional certifications as possible.

D.

Maintaining membership in The HA and similar professional organizations and subscribing to relevant email updates or news feeds.

Buy Now
Questions 137

According to The MA Code of Ethics, which of the following is one of the rules of conduct for objectivity?

Options:

A.

Internal auditors shall continually improve their proficiency and effectiveness and quality of their services.

B.

Internal auditors shall respect and contribute to legitimate and ethical objectives of the organization.

C.

Internal auditors shall not accept anything that may impair or be presumed to impair their professional judgment.

D.

Internal auditors shall be prudent in the use and protection of information acquired in the course of their duties.

Buy Now
Questions 138

Which of the following describes a key characteristic related to effective organizational communication?

Options:

A.

Comprehensive supervisory and verification procedures.

B.

A well-designed system of internal controls.

C.

A culture of integrity and transparency.

D.

Unique operating environments with varying complexity.

Buy Now
Questions 139

With regard To IT governance, which of the following is the most effective and appropriate role for the internal audit activity?

Options:

A.

Independently evaluate the skills and experience of potential chief information officer candidates to assess the best fit based on the organization's risk appetite.

B.

Evaluate the organization's governance standards and assess IT-related activities to identify gaps and develop policies, ensuring alignment with the organization's risk appetite.

C.

Assist management in interpreting complex IT-related privacy and security risk exposures and evaluating potential mitigation strategies.

D.

Assess whether governance activities are aligned with the organization's risk appetite and take into consideration emerging risks.

Buy Now
Questions 140

A global business organization is selecting managers to post to various international (expatriate) assignments. In the screening process, which of the following traits would be required to make a manager a successful expatriate?

1. Superior technical competence.

2. Willingness to attempt to communicate in a foreign language.

3. Ability to empathize with other people.

Options:

A.

1 and 2 only

B.

1 and 3 only

C.

2 and 3 only

D.

1, 2, and 3

Buy Now
Questions 141

Which of the following types of data analytics would be used by a hospital to determine which patients are likely to require readmittance for additional treatment?

Options:

A.

Predictive analytics

B.

Prescriptive analytics

C.

Descriptive analytics

D.

Diagnostic analytics

Buy Now
Questions 142

Data encryption is an example of which of the following controls?

Options:

A.

Application control.

B.

IT general control

C.

Data input control

D.

Data output control

Buy Now
Questions 143

Which of the following is a key characteristic of a zero-based budget?

Options:

A.

A zero-based budget provides estimates of costs that would be incurred under different levels of activity.

B.

A zero-based budget maintains focus on the budgeting process.

C.

A zero-based budget is prepared each year and requires each item of expenditure to be justified.

D.

A zero-based budget uses input from lower-level and middle-level managers to formulate budget plans.

Buy Now
Questions 144

A capital investment project will have a higher net present value, everything else being equal, if it has:

Options:

A.

A higher initial investment level.

B.

A higher discount rate.

C.

Cash inflows that are larger in the later years of the life of the project.

D.

Cash inflows that are larger in the earlier years of the life of the project.

Buy Now
Questions 145

Which of the following are likely indicators of ineffective change management?

1. IT management is unable to predict how a change will impact interdependent systems or business processes.

2. There have been significant increases in trouble calls or in support hours logged by programmers.

3. There is a lack of turnover in the systems support and business analyst development groups.

4. Emergency changes that bypass the normal control process frequently are deemed necessary.

Options:

A.

1 and 3 only

B.

2 and 4 only

C.

1, 2, and 4 only

D.

1, 2, 3, and 4

Buy Now
Questions 146

Which of the following is most important for an internal auditor to check with regard to the database version?

Options:

A.

Verify whether the organization uses the most recent database software version

B.

Verify whether the database software version is supported by the vendor.

C.

Verify whether the database software version has been recently upgraded

D.

Verify whether access to database version information is appropriately restricted

Buy Now
Questions 147

Which of the following would not impair the objectivity of internal auditor?

Options:

A.

Management assurance on risks.

B.

Implementing risk responses on behalf of management.

C.

Providing assurance that risks assessed are correctly evaluated.

D.

Setting the risk appetite.

Buy Now
Questions 148

Which of the following is an example of a physical security control that should be in place at an organization's data center?

Options:

A.

Backup servers in the data center are stored in an environmentally controlled location

B.

All users have a unique ID and password to access data

C.

Swipe cards are used to access the data center

D.

Firewalls and antivirus protection are in place to prevent unauthorized access to data.

Buy Now
Questions 149

Which of the following is a disadvantage of selecting a commercial software package rather than developing an application internally?

Options:

A.

Lack of flexibility.

B.

Incompatibility with client/server technology.

C.

Employee resistance to change.

D.

Inadequate technical support.

Buy Now
Questions 150

International marketing activities often begin with:

Options:

A.

Standardization.

B.

Global marketing.

C.

Limited exporting.

D.

Domestic marketing.

Buy Now
Questions 151

According to MA guidance, which of the following would indicate poor change management control?

1. Low change success rate

2. Occasional planned outages

3. Low number of emergency changes.

4. Instances of unauthorized changes

Options:

A.

1 and 3

B.

1 and 4

C.

2 and 3

D.

2 and 4

Buy Now
Questions 152

Which of the following statements accurately describes one of the characteristics that distinguishes a multinational company from a domestic company?

Options:

A.

A multinational company has stockholders in other countries.

B.

A multinational company exports its products to other countries.

C.

A multinational company operates outside of its country of origin.

D.

A multinational company uses raw materials and components from more than one country.

Buy Now
Questions 153

Which of the following methods, if used in conjunction with electronic data interchange (EDI), will improve the organization's cash management program, reduce transaction data input time and errors, and allow the organization to negotiate discounts with EDI vendors based on prompt payment?

Options:

A.

Electronic funds transfer.

B.

Knowledge-based systems.

C.

Biometrics.

D.

Standardized graphical user interface.

Buy Now
Questions 154

The decision to implement enhanced failure detection and back-up systems to improve data integrity is an example of which risk response?

Options:

A.

Risk acceptance.

B.

Risk sharing.

C.

Risk avoidance.

D.

Risk reduction.

Buy Now
Questions 155

Which of the following does not provide operational assurance that a computer system is operating properly?

Options:

A.

Performing a system audit.

B.

Making system changes.

C.

Testing policy compliance.

D.

Conducting system monitoring.

Buy Now
Questions 156

According to IIA guidance on IT. which of the following plans would pair the identification of critical business processes with recovery time objectives?

Options:

A.

The business continuity management charter.

B.

The business continuity risk assessment plan

C.

The business impact analysis plan

D.

The business case for business continuity planning

Buy Now
Questions 157

During the last year, an organization had an opening inventory of $300,000, purchases of $980,000, sales of $1,850,000, and a gross margin of 40 percent. What is the closing inventory if the periodic inventory system is used?

Options:

A.

$170,000

B.

$280,000

C.

$300,000

D.

$540,000

Buy Now
Questions 158

Which of the following professional organizations sets standards for quality and environmental audits?

Options:

A.

The Committee of Sponsoring Organizations of the Treadway Commission.

B.

The Board of Environmental, Health, and Safety Auditor Certifications.

C.

The International Organization of Supreme Audit Institutions.

D.

The International Standards Organization.

Buy Now
Questions 159

Which mindset promotes the most comprehensive risk management strategy?

Options:

A.

Increase shareholder value.

B.

Maximize market share.

C.

Improve operational efficiency.

D.

Mitigate losses.

Buy Now
Questions 160

An organization with global headquarters in the United States has subsidiaries in eight other nations. If the organization operates with an ethnocentric attitude, which of the following statements is true?

Options:

A.

Standards used for evaluation and control are determined at local subsidiaries, not set by headquarters.

B.

Orders, commands and advice are sent to the subsidiaries from headquarters.

C.

People of local nationality are developed for the best positions within their own country

D.

There is a significant amount of collaboration between headquarters and subsidiaries.

Buy Now
Questions 161

A supervisor receives a complaint from an employee who is frustrated about having to learn a new software program. The supervisor responds that the new software will enable the employee to work more efficiently and with greater accuracy. This response is an example of:

Options:

A.

Empathetic listening.

B.

Reframing.

C.

Reflective listening.

D.

Dialogue.

Buy Now
Questions 162

The economic order quantity for inventory is higher for an organization that has:

Options:

A.

Lower annual unit sales.

B.

Higher fixed inventory ordering costs.

C.

Higher annual carrying costs as a percentage of inventory value.

D.

A higher purchase price per unit of inventory.

Buy Now
Questions 163

Which of the following techniques is the most relevant when an internal auditor conducts a valuation of an organization's physical assets?

Options:

A.

Observation.

B.

Inspection.

C.

Original cost.

D.

Vouching.

Buy Now
Questions 164

According to IIA guidance, which of the following corporate social responsibility (CSR) evaluation activities may be performed by the internal audit activity?

1. Consult on CSR program design and implementation.

2. Serve as an advisor on CSR governance and risk management.

3. Review third parties for contractual compliance with CSR terms.

4. Identify and mitigate risks to help meet the CSR program objectives.

Options:

A.

1, 2, and 3

B.

1, 2, and 4

C.

1, 3, and 4

D.

2, 3, and 4

Buy Now
Questions 165

When assessing the adequacy of a risk mitigation strategy, an internal auditor should consider which of the following?

1. Management’s tolerance for specific risks.

2. The cost versus benefit of implementing a control.

3. Whether a control can mitigate multiple risks.

4. The ability to test the effectiveness of the control.

Options:

A.

1, 2, and 3

B.

1, 2, and 4

C.

1, 3, and 4

D.

2, 3, and 4

Buy Now
Questions 166

An organization is projecting sales of 100,000 units, at a unit price of $12. Unit variable costs are $7. If fixed costs are $350,000, what is the projected total contribution margin?

Options:

A.

$350,000

B.

$500,000

C.

$850,000

D.

$1,200,000

Buy Now
Questions 167

Which of the following phases of a business cycle are marked by an underuse of resources?

1. The trough.

2. The peak.

3. The recovery.

4. The recession.

Options:

A.

1 and 3 only

B.

1 and 4 only

C.

2 and 3 only

D.

2 and 4 only

Buy Now
Questions 168

What kind of strategy would be most effective for an organization to adopt in order to implement a unique advertising campaign for selling identical product lines across all of its markets?

Options:

A.

Export strategy

B.

Transnational strategy.

C.

Multi-domestic strategy

D.

Globalization strategy.

Buy Now
Questions 169

An internal auditor performed a review of IT outsourcing and found that the service provider was failing to meet the terms of the service level agreement. Which of the following approaches is most appropriate to address this concern?

Options:

A.

The organization should review the skill requirements and ensure that the service provider is maintaining sufficient expertise and retaining skilled resources.

B.

The organization should proactively monitor the performance of the service provider, escalate concerns, and use penalty clauses in the contract where necessary.

C.

The organization should ensure that there is a clear management communication strategy and path for evaluating and reporting on all outsourced services concerns.

D.

The organization should work with the service provider to review the current agreement and expectations relating to objectives, processes, and overall performance.

Buy Now
Questions 170

An organization is considering the outsourcing of its business processes related to payroll and information technology functions. Which of the following is the most significant area of concern for management regarding this proposed agreement?

Options:

A.

Ensuring that payments to the vendor are appropriate and timely for the services delivered.

B.

Ensuring that the vendor has complete management control of the outsourced process.

C.

Ensuring that there are means of monitoring the efficiency of the outsourced process.

D.

Ensuring that there are means of monitoring the effectiveness of the outsourced process.

Buy Now
Questions 171

Which of the following stages of group development is associated with accepting team responsibilities?

Options:

A.

Forming stage.

B.

Performing stage.

C.

Norming stage.

D.

Storming stage.

Buy Now
Questions 172

Which of the following is an element of effective negotiating?

Options:

A.

Ensuring that the other party has a personal stake in the agreement.

B.

Focusing on interests rather than on obtaining a winning position.

C.

Considering a few select choices during the settlement phase.

D.

Basing the agreement on negotiating power and positioning leverage.

Buy Now
Questions 173

A software that translates hypertext markup language (HTML) documents and allows a user to view a remote web page is called:

Options:

A.

A transmission control protocol/Internet protocol (TCP/IP).

B.

An operating system.

C.

A web browser.

D.

A web server.

Buy Now
Questions 174

According to MA guidance, which of the following best describes an adequate management (audit) trail application control for the general ledger?

Options:

A.

Report identifying data that is outside of system parameters

B.

Report identifying general ledger transactions by time and individual

C.

Report comparing processing results with original input

D.

Report confirming that the general ledger data was processed without error.

Buy Now
Questions 175

Which of the following factors is most likely to lead to a lack of cohesiveness in a project team?

Options:

A.

Prestige

B.

Small size.

C.

Competition

D.

Common threat

Buy Now
Questions 176

The percentage of sales method, rather than the percentage of receivables method, would be used to estimate uncollectible accounts if an organization seeks to:

Options:

A.

Use an aging schedule to more closely estimate uncollectible accounts.

B.

Eliminate the need for an allowance for doubtful accounts.

C.

Emphasize the accuracy of the net realizable value of the receivables on the balance sheet.

D.

Use a method that approximates the matching principle.

Buy Now
Questions 177

Which of the following costs would be incurred in an inventory stockout?

Options:

A.

Lost sales, lost customers, and backorder.

B.

Lost sales, safety stock, and backorder.

C.

Lost customers, safety stock, and backorder.

D.

Lost sales, lost customers, and safety stock.

Buy Now
Questions 178

Which of the following distinguishes the added-value negotiation method from traditional negotiating methods?

Options:

A.

Each party's negotiator presents a menu of options to the other party.

B.

Each party adopts one initial position from which to start.

C.

Each negotiator minimizes the information provided to the other party.

D.

Each negotiator starts with an offer, which is optimal from the negotiator's perspective.

Buy Now
Questions 179

Which of the following statements best describes the frameworks set forth by the International Standards Organization?

Options:

A.

Globally accepted standards for industries and processes.

B.

Bridging the gaps among control requirements, technical issues, and business risks.

C.

Practical guidance and benchmarks for all organizations that use information systems.

D.

Frameworks and guidance on enterprise risk management, internal control, and fraud deterrence.

Buy Now
Questions 180

Which of the following is the best example of a compliance risk that is likely to arise when adopting a bring-your-own-device (BYOD) policy?

Options:

A.

The risk that users try to bypass controls and do not install required software updates.

B.

The risk that smart devices can be lost or stolen due to their mobile nature.

C.

The risk that an organization intrusively monitors personal information stored on smart devices.

D.

The risk that proprietary information is not deleted from the device when an employee leaves.

Buy Now
Questions 181

An internal auditor has been asked to conduct an investigation involving allegations of independent contractor fraud. Which of the following controls would be least effective in detecting any potential fraudulent activity?

Options:

A.

Exception report identifying payment anomalies.

B.

Documented policy and procedures.

C.

Periodic account reconciliation of contractor charges.

D.

Monthly management review of all contractor activity.

Buy Now
Exam Code: IIA-ACCA
Exam Name: ACCA CIA Challenge Exam
Last Update: Jun 18, 2024
Questions: 604
$64  $159.99
$48  $119.99
$40  $99.99
buy now IIA-ACCA