Which of the following recommendations made by the internal audit activity (IAA) is most likely to help prevent fraud?
Which of the following sources of testimonial evidence would be considered the most reliable regarding whether a process is effectively performed according to its design?
Which of the following describes the primary objective of an internal audit engagement supervisor?
An internal auditor s examination of accounts receivable generates the following results:
What is the projected misstatement for the population if ratio estimation is used?
During a consulting engagement an internal auditor wants to determine whether all principal stakeholders are involved in a project. Which tool should the auditor use?
According to IIA guidance, which of the following are the most important objectives for helping to ensure the appropriate completion of an engagement?
1. Coordinate audit team members to ensure the efficient execution of all engagement procedures.
2. Confirm engagement workpapers properly support the observations, recommendations, and conclusions.
3. Provide structured learning opportunities for engagement auditors when possible.
4. Ensure engagement objectives are reviewed for satisfactory achievement and are documented properly.
When forming an opinion on the adequacy of management's systems of internal control, which of the following findings would provide the most reliable assurance to the chief audit executive?
• During an audit of the hiring process in a law firm, it was discovered that potential employees' credentials were not always confirmed sufficiently. This process remained unchanged at the following audit.
• During an audit of the accounts payable department, auditors calculated that two percent of accounts were paid past due. This condition persisted at a follow up audit.
• During an audit of the vehicle fleet of a rental agency, it was determined that at any given time, eight percent of the vehicles were not operational. During the next audit, this figure had increased.
• During an audit of the cash handling process in a casino, internal audit discovered control deficiencies in the transfer process between the slot machines and the cash counting area. It was corrected immediately.
An organization is experiencing a significant risk that threatens its financial well-being Senior management requested that the chief audit executive (CAE) meet with them to discuss the risk. Which of the following would best describe the CAE's responsibility at the meeting?
According to IIA guidance which of the following statements is true regarding heat maps?
Which of the following is the primary purpose of financial statement audit engagements?
An internal auditor is examining the organization's internal control processes. Which of the following would the auditor do to test the reliability of a customer database1?
The chief audit executive can illustrate the value of the internal audit activity by reporting which of the following to the board?
A healthcare organization's chief audit executive (CAE) noted that the organization's IT team relies heavily on a vendor. Therefore an IT vendor assessment review was added to the annual audit plan. During the review, the audit team discovered that the vendor had not been performing proper monitoring to ensure that the subcontractors it hired comply with the organization requirements. The organization's chief information officer (ClO) does not agree with the audit team's recommendation for the IT team to monitor the compliance level of vendor subcontractors. How should the audit team proceed to resolve this situation?
Which of the following should be described in the recognition element of a typical internal audit repot?
During an audit of suspense accounts the internal auditor found that there were no written policies on how suspense accounts should be treated. The auditor also found that suspense account balances were cleared once per week, not daily. Which of the following is the most appropriate first response by the auditor?
While planning for an accounts payable audit an internal auditor performs an entity level controls analysis. Which of the following statements is true regarding me approach used by the auditor?
An internal audit activity is planning its first audit of IT shared services. Which of the following controls would typically be evaluated first?
Which of the following is true regarding the monitoring of internal audit activities?
Senior management requested that the internal audit activity perform a consulting project to assist in making a decision on a new software system. Which of the following would be used to determine the engagement objectives?
Which of the following statements about assurance maps is correct?
Which of the following is the most important concept to be included in a consulting engagement agreement?
When presenting an observation m writing which or the Mowing is usually true regarding the level of detail provided?
1. The description of the observation in the final audit report contains more detail then the description m the engagement workpapers
2. The description of the observation m the engagement workpapers contains more detail than the descriptor n a preliminary observation document
3. A preliminary observation document contains more detail than tie observation description in the final audit report
4. A preliminary observation document contains more detail than tie observation description in the engagement workpapers
An organization has a mature control environment but limited internal audit resources Given this scenario, on which of the following should the internal auditors focus their testing?
The internal audit activity has adopted the balanced scorecard approach to assess its performance According to MA guidance which of the following is a key performance indicator relevant to the audit client?
For an action plan to be effective, it should be designed primarily to address which of the following elements of an observation?
According to IIA guidance, which of the following is true when the internal audit activity is asked to investigate potential ethics violations in a foreign subsidiary?
Which of the following would most Holy reflect the best possible engagement objectives?
Which of the following is least likely to help ensure that risk is considered in a work program?
The internal auditor and her supervisor are in dispute about a risk that was not tested during an audit of the procurement function. Which of the following tools would best support the auditor's decision not to test the risk?
Upon the completion of an audit engagement an audit manager performs a review of a staff auditor's workpapers. Which of the following actions by the manager is the most appropriate this review''
During follow-up. the internal auditor discovered that operational management did not implement effective actions to address a significant control breach If the issue is left unresolved it may result in regulatory sanctions and damage the organization's reputation What is the most appropriate next step for the chief audit executive to lake?
During an audit of the accounts receivable (AR) process, an internal auditor noted that reconciliations are still not performed regularly by the AR staff, a recommendation that was made following a previous audit. Monitoring by the financial reporting function has failed to detect the shortcoming. Both the financial reporting function and AR report to the controller, who is responsible for implementing action plans. Which of the following supports the internal auditor's decision to combine both observations into one reported finding?
The chief audit executive (CAE) should determine whether the internal audit activity has confirmed the status of all of management's corrective actions Doing so would help the CAE assess which of the following?
According to IIA guidance, which of re following actions should the internal auditor take immediately after having considered fraud scenarios and identified and prioritized fraud risks?
The internal audit activity (IAA) wants to measure its performance related to the quality of audit recommendations. Which of the following client survey questions would best help the IAA meet this objective?
When addressing the excessive overtime being paid lo employees in an organization's customer service call center, which of the following would be most relevant for the internal auditor to use?
1 Confirmation.
2. Trend analysis.
3 External benchmarking
4. Internal benchmarking
An organization's board would like to establish a formal risk management function and has asked the chief audit executive (CAE) to be involved in the process. According to IIA guidance, which of the following roles should the CAE not undertake?
Which of the following behaviors could represent a significant ethical risk if exhibited by an organization's board?
1. Intervening during an audit involving ethical wrongdoing.
2. Discussing periodic reports of ethical breaches.
3. Authorizing an investigation of an unsafe product.
4. Negotiating a settlement of an employee claim for personal damages.
Which of the following statements is true regarding internal controls?
An internal auditor uses a data query tool in the purchasing process to review the vendor master file for authorizations Which of the following describes the control objective likely being tested?
An internal audit team leader is having difficulties completing the planning phase of an assurance engagement because the business unit lacks a system of internal controls. Which of the following is the most appropriate course of action for the internal audit team leader?
According to IIA guidance which of the following represents sufficient information?
Which of the following should be the focus of the effect section of the preliminary observations document?
An internal auditor is preparing an internal control questionnaire for the procurement department as part of a preliminary survey. Which of the following would provide the best source of information for questions?
The head of customer service asked the chief audit executive (CAE) whether internal auditors could assist her staff with conducting a risk self-assessment in the customer service department The CAE promised to meet with customer service managers analyze relevant business processes and come up with a proposal Who is most likely to be the final approver of the engagement objectives and scope?
In the following risk control map risks have been categorized based on the level of significance and the associated level of control. Which of the following statements is true regarding Risk C?
Considering the five-attribute approach to documenting deficiencies in an area under review which of the following answers the question. "What should be in place?’’
'Internal policy prohibits employees from entering into contacts with financial obligations without proper approval.
A project manager signed a change to an important service agreement without obtaining the proper approval As a result the organization is receiving $5,000 per month less for its services.’’
Which of the following should be added to the observation?
An internal auditor is planning to audit the organization's payroll function, which was recently outsourced. Which of the following is the most appropriate first step for the auditor?
Which of the following is not an outcome of control self-assessment?
What is the purpose of an internal control questionnaire?
In a health care organization the internal audit activity provides overall assurance on governance, risk and control The chief audit executive advises and influences senior management, and the audit strategy leverages the organization's management of risk According to HA guidance which of the following stages of internal audit maturity best describes this organization?
Which of the following statements about including consulting engagements in the annual internal audit plan is true?
The newly appointed chief audit executive (CAE) of a large multinational corporation, with seasoned internal audit departments located around the world, is reviewing responsibilities for engagement reports. According to IIA guidance, which of the following statements is true?