Certified Internal Auditor - Part 1 The Internal Audit Activitys Role in Governance Risk and Control
Last exam update: Jul 20 ,2024
Page 1 out of 12. Viewing questions 1-15 out of 187
Question 1
With regard To IT governance, which of the following is the most effective and appropriate role for the internal audit activity?
A. Independently evaluate the skills and experience of potential chief information officer candidates to assess the best fit based on the organization's risk appetite.
B. Evaluate the organization's governance standards and assess IT-related activities to identify gaps and develop policies, ensuring alignment with the organization's risk appetite.
C. Assist management in interpreting complex IT-related privacy and security risk exposures and evaluating potential mitigation strategies.
D. Assess whether governance activities are aligned with the organization's risk appetite and take into consideration emerging risks.
Answer:
D
User Votes:
A
50%
B
50%
C
50%
D 1 votes
50%
Discussions
0/ 1000
Question 2
As a matter of policy, the chief audit executive routinely rotates internal audit staff assignments and periodically interviews the staff to discuss the potential for conflicts of interest. These actions help fulfill which of the following internal audit mandates?
A. Organizational independence.
B. Professional objectivity.
C. Due professional care.
D. Individual proficiency.
Answer:
B
User Votes:
A 1 votes
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 3
The manager for an organization's accounts payable department resigned her post in that capacity. Three months later, she was recruited to the internal audit activity and has been working with the audit team for the last eight months. Which of the following assignments would the newly hired internal auditor be able to execute without any impairments to independence or objectivity?
A. An operations audit of the accounts payable department.
B. A consulting engagement related to a new accounts payable optimization initiative.
C. A review of the employees' sports club finances, which are overseen by the chief audit executive.
D. An assurance review for a sales program on which she previously provided consultation.
Answer:
C
User Votes:
A
50%
B 1 votes
50%
C
50%
D
50%
Discussions
0/ 1000
Question 4
An internal auditor needs to recommend a policy element to be included in an organization's code of ethics. Which of the following recommendations would be most effective?
A. Ethics should vary with local customs in the organization's foreign operations.
B. Whistleblowing should be discouraged because it can cause distrust among employees.
C. Ethical behavior should be incorporated into performance evaluations.
D. Senior management should be granted specific exemptions to the code of ethics.
Answer:
C
User Votes:
A
50%
B
50%
C 1 votes
50%
D
50%
Discussions
0/ 1000
Question 5
Which of the following types of fraud includes embezzlement?
A. Fraudulent statements.
B. Bribery.
C. Misappropriation of assets.
D. Corruption.
Answer:
C
User Votes:
A
50%
B
50%
C 1 votes
50%
D
50%
Discussions
0/ 1000
Question 6
According to IIA guidance, which of the following statements describes one of the similarities between assurance and consulting services?
A. When planning assurance and consulting engagements, internal auditors must consider the strategies and objectives of the activity being reviewed.
B. Internal auditors determine the engagement objectives, scope, and work program for both assurance and consulting services.
C. Internal auditors must not provide assurance or consulting services for an activity for which they had responsibility within the previous year.
D. Both assurance and consulting services generally involve the internal auditor, the area under review, senior management, and the board.
Answer:
A
User Votes:
A
50%
B
50%
C
50%
D 1 votes
50%
Discussions
0/ 1000
Question 7
Evidence discovered during the course of an engagement suggests that multiple incidents of fraud have occurred. There do not appear to be sufficient controls in place to prevent reoccurrence. Which of the following is the internal auditor's most appropriate next step?
A. Immediately notify management of the area under review and the other internal auditors involved in the engagement.
B. Discuss the situation with the engagement supervisor to determine whether fraud investigation experts are required to investigate the matter properly.
C. Fully document in the workpapers the evidence that has been discovered and recommend appropriate controls to address the fraud.
D. Provide the evidence that was discovered to local law enforcement for possible prosecution of the suspected fraud.
Answer:
A
User Votes:
A
50%
B 1 votes
50%
C
50%
D
50%
Discussions
0/ 1000
Question 8
The chief audit executive (CAE) has assigned an internal auditor to an upcoming engagement. Which of the following requirements would most likely indicate that the internal auditor was assigned to an assurance engagement?
A. The assigned internal auditor must determine the objectives, scope, and techniques of the engagement.
B. The CAE must personally obtain the needed skills, knowledge, or other competencies if the internal auditor does not have them.
C. The assigned internal auditor must not assume management responsibilities while performing the engagement.
D. The assigned internal auditor must maintain objectivity while performing the engagement.
Answer:
A
User Votes:
A
50%
B
50%
C 1 votes
50%
D
50%
Discussions
0/ 1000
Question 9
An internal audit activity includes in its audit reports the assertion that its work is performed in conformance with the International Standards for the Professional Practice of Internal Auditing {Standards). A recent external quality assessment concluded that the internal audit activity had substantial deficiencies that impact its overall operations. According to IIA guidance, which of the following is the most appropriate action for issuing future audit reports?
A. Refrain from indicating that the internal audit activity operates in conformance with the Standards until the chief audit executive confirms that the internal audit activity has addressed all areas of nonconformance and the audit committee has been notified.
B. Refrain from indicating that the internal audit activity operates in conformance with the Standards until another external assessment confirms that the significant areas of nonconformance have been addressed.
C. Indicate that the internal audit activity operates in partial conformance with the Standards, as the internal audit activity has a quality assurance and improvement program in place to address deficiencies and has met the requirement for conducting an external assessment.
D. Update and reissue previous audit reports, removing the assertion that the internal audit activity operates in conformance with the Standards, and distribute them to all parties who received the original reports.
Answer:
B
User Votes:
A
50%
B
50%
C
50%
D 1 votes
50%
Discussions
0/ 1000
Question 10
The management at a national consumer goods organization implements a fair work and pay practice as well as a policy to treat employees equitably and consistently. Which common characteristics of fraud will the practice and policy most likely reduce?
A. Pressure or incentive.
B. Opportunity.
C. Rationalization.
D. Commitment.
Answer:
A
User Votes:
A 1 votes
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 11
Upon joining the internal audit activity, each new auditor receives a copy of the audit handbook. Which of the following handbook policies has the greatest risk of compromising audit objectivity?
A. Internal auditors should obtain 80 hours of continuing professional education every two years, 20 of which should be audit-related, and the remainder may be operations-related.
B. Internal auditors should rotate to other areas of the organization for nonaudit assignments to gain an understanding of the organization's operations.
C. Internal auditors should have direct and unrestricted access to personnel and information throughout the organization and the governing board.
D. Internal auditors should undergo annual performance appraisals conducted by the chief audit executive, who reports administratively to the chief financial officer.
Answer:
B
User Votes:
A
50%
B
50%
C
50%
D 1 votes
50%
Discussions
0/ 1000
Question 12
According to IIA guidance, which of the following roles would be appropriate for an internal auditor regarding fraud risk? 1. Identification. 2. Mitigation. 3. Remediation. 4. Reduction.
A. 1 only. |
B. 1 and 4 only.
C. 1, 3, and 4 only.
D. 1,2, 3, and 4.
Answer:
B
User Votes:
A 1 votes
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 13
During an audit engagement, the internal auditor discussed a risk mitigation recommendation with the manager of the area under review. The manager disagreed with the risk assessment and recommendation. The two failed to come up with an alternative solution, and the auditor decided to proceed with including the original recommendation in the engagement report. Which of the following is especially important in dealing with this type of situation?
A. Soft skills in communication, negotiation, and collaboration.
B. Technical skills in the area under review.
C. Professional qualifications and certification in internal auditing.
D. Confidentiality and independence.
Answer:
A
User Votes:
A 1 votes
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 14
According to the International Professional Practices Framework, which of the following are allowable activities for an internal auditor? 1. Advocating the establishment of a risk management function. 2. Identifying and evaluating significant risk exposures during audit engagements. 3. Developing a risk response for the organization if there is no chief risk officer. 4. Benchmarking risk management activities with other organizations. 5. Documenting risk mitigation strategies and techniques.
A. 4 and 5 only.
B. 1.2, and 3 only.
C. 1.2. 4. and 5 only.
D. 2. 3. 4. and 5 only.
Answer:
C
User Votes:
A
50%
B
50%
C
50%
D 1 votes
50%
Discussions
0/ 1000
Question 15
If appropriate safeguards exist, which of the following is considered a legitimate internal audit role within risk management at an organization?