For which of the following fraud engagement activities would it be most appropriate to involve a forensic auditor?
Which of the following is least likely to help ensure that risk is considered in a work program?
The board has asked the internal audit activity (IAA) to be involved in the organization's enterprise risk management process. Which of the following activities is appropriate for IAA to perform without safeguards?
Due to emerging new technologies that greatly affect the organization, the chief audit executive (CAE) wants to conduct frequent IT audit and is particularly focused on improving the quality of these engagements. Which of the following is the most viable solution for the CAE to ensure that IT audit quality is immediately enhanced and maintained long-term?
During a consulting engagement an internal auditor wants to determine whether all principal stakeholders are involved in a project. Which tool should the auditor use?
Which of the following statements is true pertaining to interviewing a fraud suspect?
1. Information gathered can be subjective as well as objective to be useful.
2. The primary objective is to obtain a voluntary written confession.
3. The interviewer is likely to begin the interview with open-ended questions.
4. Video recordings always should be used to provide the highest quality evidence.
An internal auditor discovered that a new employee was granted inappropriate access to the payroll system Apparently the IT specialist had made a mistake and granted access to the wrong new employee. Which of the following management actions would be most effective to prevent a similar issue from occurring again?
Acceding to IIA guidance, when of the Mowing is an assurance service commonly performed by the internal audit activity?
An internal auditor notes that employees continue to violate segregation-of-duty controls in several areas of the finance department, despite previous audit recommendations. Which of the following recommendations is the most appropriate to address this concern?
In which of the following ways can the internal audit activity new engagement opportunities?
The chief audit executive (CAE) should determine whether the internal audit activity has confirmed the status of all of management's corrective actions Doing so would help the CAE assess which of the following?
According to IIA guidance which of the following statements is true regarding the annual audit plan?
According to IIA guidance which of the following represents sufficient information?
A chief audit executive (CAE) is trying to balance the internal audit activity's needs for technical audit skills budget efficiency and staff development opportunities. Which of the following would best assist the CAE in achieving this balance1?
Upon the completion of an audit engagement an audit manager performs a review of a staff auditor's workpapers. Which of the following actions by the manager is the most appropriate this review''
An organization buys crude oil on the open market and refines it into a high-quality gasoline. The price of crude oil is extremely volatile. Which of the following is the most appropriate risk management technique to protect the organization against these price fluctuations?
In which of following scenarios is the internal auditor performing benchmarking?
The head of customer service asked the chief audit executive (CAE) whether internal auditors could assist her staff with conducting a risk self-assessment in the customer service department The CAE promised to meet with customer service managers analyze relevant business processes and come up with a proposal Who is most likely to be the final approver of the engagement objectives and scope?
According to IIA guidance which of the following statements is true regarding heat maps?
Which of the following best describes external benchmarking using trend analysis for a subsidiary of an international company?
An internal auditor is conducting a review of the procurement function and uncovers a potential conflict of interest between the chief operating officer and a significant supplier of IT software development services. Which of the following actions is most appropriate for the internal auditor to take?
Which of the following statements describes an engagement planning best practice?
A corporate merger decision prompts the chief audit executive (CAE) lo propose interim changes to the existing annual audit plan to account for emerging risks Which of the following is the most appropriate action for the CAE to take regarding the changes made to the audit plan''
Which method of examining entity-level controls involves gathering information from work groups that represent different levels in an organization?
Which of the following would most Holy reflect the best possible engagement objectives?
Which of the following best describes the manual audit procedure known as vouching?
Due to a recent system upgrade, an audit is planned to test the payroll process. Which of the following audit objectives would be most important to prevent fraud?
A newly promoted chief audit executive (CAE) is faced with a backlog of assurance engagement reports to review for approval. In an attempt to attach a priority for this review, the CAE scans the opinion statement on each report. According to IIA guidance, which of the following opinions would receive the lowest review priority?
1. Graded positive opinion.
2. Negative assurance opinion.
3. Limited assurance opinion.
4. Third-party opinion.
If observed during fieldwork by an internal auditor, which of the following activities is least important to communicate formally to the chief audit executive?
According to MA guidance, which of the following factors should an internal auditor consider when assessing the likelihood of fraud risk1?
Which of the following is the most important concept to be included in a consulting engagement agreement?
An engagement supervisor reviewed a staff internal auditor's documentation and noted that several edits should be made. The internal audit activity uses an electronic workpaper database and does not maintain paper files for its system of record. A system error prevents the engagement supervisor from adding her electronic signature to any workpaper in the database Given this situation which is the most appropriate response to provide evidence of supervisory review?
An internal auditor developed a list of internal and external risk considerations across the organization's processes, developed a scale to assess each risk and allocated the relative importance of each risk. When of the following approaches did the auditor take?
A chief audit executive (CAE) is determining which engagements to include on the annual audit plan. She would like to consider the organization's attitude toward risk and the degree of difficulty in achieving objectives. Which of the following resources should the CAE consult?
During the planning phase of an assurance engagement, an internal auditor seeks to gam an understanding of now when the area under review is accomplishing its objectives When of the
Following information-gathering techniques is the auditor most likely to use?
According to IIA guidance, which of the following are appropriate actions for the chief audit executive regarding management's response to audit recommendations?
While performing fieldwork for an assurance engagement, a member of the internal audit team identified a key control that was not identified during the planning phase of the engagement Which of the following actions by the internal auditor would be most appropriate?
'Internal policy prohibits employees from entering into contacts with financial obligations without proper approval.
A project manager signed a change to an important service agreement without obtaining the proper approval As a result the organization is receiving $5,000 per month less for its services.’’
Which of the following should be added to the observation?
Which of the following would present the most critical external risk to an organization?
Which of the following is an effective approach for internal auditors to take to improve collaboration with audit clients during an engagement?
1. Obtain control concerns from the client before the audit begins so the internal auditor can tailor the scope accordingly.
2. Discuss the engagement plan with the client so the client can understand the reasoning behind the approach.
3. Review test criteria and procedures where the client expresses concerns about the type of tests to be conducted.
4. Provide all observations at the end of the audit to ensure the client is in agreement with the facts before publishing the report.
An internal auditor is conducting a financial audit. Which of the following audit procedures is most appropriate when existing internal controls are weak?
Which of the following is the primary reason the chief audit executive should consider the organization's strategic plans when developing the annual audit plan?
Which of the following statements is true regarding a drawback of using internal control questionnaires (ICQs)?
An internal auditor collected several employee testimonials Which of the following is the best action for the internal auditor to take before drawing a conclusion?
According to IIA guidance, which of the following is least likely to be a key financial control in an organization's accounts payable process?
According to IIA guidance,which of the following is true about the supervising internal auditor's review notes?
• They are discussed with management prior to finalizing the audit.
• They may be discarded after working papers are amended as appropriate.
• They are created by the auditor to support her fieldwork in case of questions.
• They are not required to support observations issued in the audit report.
According to IIA guidance, which of the following procedures would be least effective in managing the risk of payroll fraud?
The final engagement communication contains the following observation:
The internal auditor discovered that three of the 10 contracts reviewed failed to meet the organization's competitive bidding requirements Management explained that senior management deemed these purchases to be critical and awarded them as sole-source."
Which of the following components is missing in the documentation of the observation?