Essentials of Internal Auditing Questions and Answers
In addition to her internal audit activity responsibilities, the chief audit executive has been asked to oversee the organization's insurance function. Which of the following responses is most appropriate?
A financial services organization's board is assessing increased regulations and its effect on current industry lending practices. Which of the following committees would help the board identify and assess the effects of the increased regulations?
Which of the following is a detective control?
According to MA guidance, which of the following is an appropriate role for the internal audit activity?
During an audit of company expenses, the internal auditor performed a test using data analytics and identified a violation of the company's expenses policy. The auditor who discovered the issue considered it a potential fraudulent transaction and informed the chief financial officer (CFO). The CFO dismissed the concern because he did not understand the data analytics test that was performed and the transaction was of a low value. Given this situation, which skills or competencies should this internal auditor seek to improve?
Which of the following best demonstrates organizational independence of the internal audit activity?
An iniernal auditor creates a professional development plan to obtain more experience in the organization's environmental, social, and corporate governance initiatives. Which of the following would the auditor include in the plan to support these objectives?
Which of the following qualifies as an acceptable consulting service provided by the internal audit activity?
During a monthly internal audit staff meeting, the chief audit executive (CAE) decided to reinforce the importance of internal audit staff being objective in their work. Which of the following examples would be most appropriate for the CAE to include as part of the meeting presentation?
Which of the following must be considered by the chief audit executive before writing the internal audit charter?
During an audit of an organization's accounts payable area, an internal auditor identified anomalies in the information examined that may indicate potential fraud. Which test should the auditor perform first to verify this?
Which of the following situations undermines the independence of the internal audit activity?
An internal auditor in a busy internal audit activity reviews her continuing professional development records toward the end of the year and is concerned to find she has undertaken limited training and formal professional development. Which of the following actions is the most appropriate for her to take?
According to IIA guidance, which of the following most appropriately justifies the CEO’s decision that the internal audit activity shall be responsible for risk management and investigation at a multinational organization?
Which of the following is an indicator that the internal audit activity does not fully conform with the Standards?
Which of the following practices is generally most effective to protect internal audit objectivity?
An internal auditor failed to identify transactions between the parent organization and a subsidiary. What is the most likely reason for the failure?
Senior management and the board have expressed concerns about the length of engagements and whether their outcome aligns with the organization's strategies and objectives. Which of the following actions, if taken by the chief audit executive, could address these concerns?
Which of the following accurately describes the concept of inherent risk?
According to the IIA Code of Ethics, which of the following best describes the conduct of an internal auditor who demonstrates the principle of competency?
A global manufacturing company has three regional offices. The chief audit executive (CAE) is concerned about the cost of an upcoming external quality assessment of the internal audit activity. The last external assessment was performed six years ago. Recently, the internal audit staff at one of the regional offices performed an internal assessment. To ensure conformance with the Standards, what is the most appropriate action for the CAE to take?
The internal audit activity conducted an organization wide risk assessment. One of the most significant risks identified is associated with the oil price market. The chief audit executive (CAE) is considering including in the annual aud
it plan an assessment of the effectiveness of oil price risk management. The manager responsible commented that the assessment was not needed, as market risks were regularly addressed by the financial risk committee. If the CAE decides to include this activity in the annual audit plan anyway, how should it be recorded?
What would be the proper sequence of steps for an internal auditor to take in order to draw a conclusion on internal control effectiveness and adequacy after ascertaining the key controls?
The internal auditor of a small manufacturer noted that the accounting department has insufficient staff to achieve proper segregation of duties. What type of controls would the auditor likely recommend to management to specifically address this problem?
Once an organization's risks are identified, what would be the next step to ensure resources are properly allocated to manage those risks?
Which of the following statements is true regarding how the scope of a consulting engagement should be established?
What is an appropriate first step in an internal auditor’s fraud risk assessment to evaluate how the organization manages such risk?
At the beginning of an IT development project key risks were identified and assessed and risk owners were appointed Six months later the IT development team reported that the project Is significantly over budget, it will not be completed on time and key personnel had left the organization. Which of the following risk management practices should be improved for future projects?
Which of the following Code of Ethics principles specifically requires internal auditors to disclose all material facts known to them that, if not disclosed, may distort the reporting of activities under review?
An internal audit team was assigned to review the organization’s information security protocol After fieldwork was completed an internal auditor identified an error in the review of security access The error could affect the overall results of the engagement Which of the following is the most appropriate course of action for the internal auditor?
Which of the following is ultimately responsible for the continuing professional development of internal audit activity staff?
The internal audit activity is undergoing a self-assessment as part of its quality assurance and improvement program Which of the following observations must be addressed in order for the internal audit activity to achieve conformance with the Standards?
Which combination of strategies would provide the best evaluation of the effectiveness of the organization's risk assessment activity?
1. Interview staff at various levels to discuss the organization's objectives, significant risks, and risk appetite.
2. Review board meeting minutes to determine whether the significant risks identified are communicated timely to the board.
3. Evaluate the adequacy and timeliness of management remediation actions by reviewing the control design, testing the controls, and reviewing monitoring procedures.
4. Review the professional development plans of internal audit staff to ensure all are competent to assess the organization's risk assessment activity.
According to IIA guidance, which of the following actions by the chief audit executive (CAE) best demonstrates the organizational independence of the internal audit activity?