Practice of Internal Auditing Questions and Answers
Which of the following would be the most helpful to a chief audit executive when developing a talent management strategy?
An internal auditor developed a list of internal and external risk considerations across the organization's processes, developed a scale to assess each risk and allocated the relative importance of each risk. When of the following approaches did the auditor take?
An internal auditor discovered that a new employee was granted inappropriate access to the payroll system Apparently the IT specialist had made a mistake and granted access to the wrong new employee. Which of the following management actions would be most effective to prevent a similar issue from occurring again?
Which of the following is an effective approach for internal auditors to take to improve collaboration with audit clients during an engagement?
1. Obtain control concerns from the client before the audit begins so the internal auditor can tailor the scope accordingly.
2. Discuss the engagement plan with the client so the client can understand the reasoning behind the approach.
3. Review test criteria and procedures where the client expresses concerns about the type of tests to be conducted.
4. Provide all observations at the end of the audit to ensure the client is in agreement with the facts before publishing the report.
An internal auditor determines that certain information from the engagement results is not appropriate for disclosure to all report recipients because it is privileged. In this situation, which of the following actions would be most appropriate?
Which of the following statements is true regarding a drawback of using internal control questionnaires (ICQs)?
During a review of the treasury function an internal auditor identified a risk that all bank accounts may net to include in the daily reconciliation process.
Which of the following responses would be most effective to mitigate this risk?
To compete in the global market, an organization is restructuring and consolidating many of its divisions. Prior to the consolidation, senior management requested assistance from tie internal audit activity. Which of the following consulting services would be most appropriate in this situation?
Which of the following is true regarding the monitoring of internal audit activities?
Which of the following constitutes supervisory activity undertaken during the planning phase of an assurance engagement?
Which of the followings statements describes a best practice regarding assurance engagement communication activities?
Which of the following factors should a chief audit executive consider when determining the audit universe?
1. Components of the organization's strategic plan.
2. Inputs from senior management and the board.
3. Views of competitors and business associates.
4. Results of exit interviews with departing employees.
An audit identified a number of weaknesses in the configuration of a critical client/server system. Although some of the weaknesses were corrected prior to the issuance of the audit report, correction of the rest will require between 6 and 18 months for completion. Consequently, management has developed a detailed action plan, with anticipated completion dates, for addressing the weaknesses. What is the most appropriate course of action for the chief audit executive to take?
When addressing the excessive overtime being paid lo employees in an organization's customer service call center, which of the following would be most relevant for the internal auditor to use?
1 Confirmation.
2. Trend analysis.
3 External benchmarking
4. Internal benchmarking
A toy manufacturer receives certain components from an overseas supplier and uses them to assemble final products Recently quality reviews have identified numerous issues regarding the components' compliance with mandatory quality standards. Which type of engagement would be most appropriate to assess the root causes of the quality issues?
An engagement team is being assembled to audit of one of the organization's vendors Which of the following statements best applies to this scenario?
An internal auditor conducted interviews with several employees, documented the interviews analyzed the summaries, and drew a number of conclusions. What sort of audit evidence has the internal auditor primarily obtained?
Which of the following is one of the differences between probability-proportional-to-size (PPS) and attribute sampling?
According to IIA guidance, which of the following accurately describes the responsibilities of the chief audit executive with respect to the final audit report?
1. Coordinate post-engagement conferences to discuss the final audit report with management.
2. Include management's responses in the final audit report.
3. Review and approve the final audit report.
4. Determine who will receive the final audit report.
The chief audit executive (CAE) determined that the internal audit activity lacks the resources needed to complete the internal audit plan Which of the following would be the most appropriate action tor the CAE to take?
Which of The following best justifies an internal auditor's decision to issue a preliminary audit report?
Acceding to IIA guidance, when of the Mowing is an assurance service commonly performed by the internal audit activity?
An internal auditor is asked to review a recently completed renovation to a retail outlet. Which of the following would provide the most reliable evidence that the completed work conformed to the plan?
According to IIA guidance, which of the following individuals should receive the final audit report on a compliance engagement for the organization's cash disbursements process?
Which of the following statements regarding the risk management process' support of the internal audit activity is true?
In which of the following situations has an internal audit of obtained physical evidence?
The engagement supervisor would like lo change the audit program's scope poor to beginning fieldwork According to IIA guidance before any change is implemented what is the most important action that should be undertaken?
An organization recently acquired a subsidiary in a new industry, and management asked the chief audit executive (CAE) to perform a comprehensive audit of the subsidiary prior to recommencing operations The CAE is unsure her team has the necessary skills and knowledge to accept the engagement According to IIAguidance, which of the following responses by the CAE would be most appropriate?
According to the MA guidance, which of the following does the engagement work program test in a review of an organizational process?
The head of customer service asked the chief audit executive (CAE) whether internal auditors could assist her staff with conducting a risk self-assessment in the customer service department The CAE promised to meet with customer service managers analyze relevant business processes and come up with a proposal Who is most likely to be the final approver of the engagement objectives and scope?
The internal auditors available to perform the engagement do not have sufficient skills related to the area under review. Which of the following iss an appropriate action for the chief audit executive to take?
According to HA guidance on IT, which of the following actions would be performed as part of the "Define IT Universe" stage of the IT audit plan development process?
The human resources (HR) department was last reviewed three years ago and is due for an assurance engagement after undergoing recent process changes. Which of the following would the most effective option identify the HR department's risks and controls?
For which of the following fraud engagement activities would it be most appropriate to involve a forensic auditor?
An internal auditor is analyzing sates records and is concerned whether a transaction is recorded in the coned period. The accounting manager explains that the external auditor approved the records and produces an email from the external audit team leader. How should tie internal auditor respond?
According to IIA guidance, which of the following statements is false regarding a review of the controls in place to prevent fraud?
In an organization with a large internal audit activity that has several audit teams performing engagements simultaneously which of the following tasks is an engagement supervisor most likely to perform during the planning phase of a new engagement?
Which of the following is one of the five basic tnanoal statement assertions when an internal auditor evaluates controls over financial reporting? A. Reliability or appropriateness
B. Reasonableness
C. Existence or occurrence
D. Relevance
An internal auditor and engagement client are deadlocked over the auditor's differing opinion with management on the adequacy of access controls for a major system. Which of the following strategies would be the most helpful in resolving this dispute?
A code of business conduct should include which of the following to increase its deterrent effect?
1. Appropriate descriptions of penalties for misconduct.
2. A notification that code of conduct violations may lead to criminal prosecution.
3. A description of violations that injure the interests of the employer.
4. A list of employees covered by the code of conduct.
According to IIA guidance, which of the following is the most appropriate action to be taken by the chief executive (CAE) if management refuses to accept audit recommendations and implement corrective actions, Even after escalation to senior management?
Which of the following best describes the four components of a balanced scorecard?
An internal auditor is preparing for an auditor of newly implemented software that is used by 3,000 employees in South America and Europe. What would be the best way for the auditor to gather relevant feedback?
An internal auditor is planning an engagement at a financial institution. Toe engagement objective is to identify whether loans were granted in accordance with the organization's policies. When of the following approaches would provide the auditor with the best information?
Acceding to IIA guidance, which of the following statements is true regarding the risk assessment process performed by the internal audit activity?
Acceding to MA guidance, when of the Mowing strategies would like provide the most assurance to the chief audit executive (CAE) that the internal audit activity's recommendations are being acted upon?
A draft internal audit report that cites deficient conditions generally should be reviewed with which of the following groups?
1. The client manager and her superior.
2. Anyone who may object to the report’s validity.
3. Anyone required to take action.
4. The same individuals who receive the final report.
An internal auditor observes a double payment transaction on a supplier invoice during an accounts payable engagement. Which of the following steps would be the most effective in helping the auditor determine whether fraud exists?
Which of the following should be the focus of the effect section of the preliminary observations document?
An internal auditor discovered that sales contracts with business clients were not stored in the electronic document management database instead they were scanned and saved in a nonsystematic manner to server folders Which of the following would be an appropriate consequence for the internal auditor to include in the documented observation?
The internal audit activity (IAA) wants to measure its performance related to the quality of audit recommendations. Which of the following client survey questions would best help the IAA meet this objective?
According to IIA guidance, which of the following would be considered necessary for a one-person audit function?
Which of the following statements is false regarding audit criteria?
Which of the following items, included in the preliminary audit communication would be most useful for management to formulate action plans in response to audit recommendations?