The chief risk officer (CRO) of a large manufacturing organization decided to facilitate a workshop for process managers and staff to identify opportunities for improving productivity and reducing defects. Which of the following is the most likely reason the CRO chose the workshop approach?
During the filework phase of an assurance engagement the internal auditor decides that she wants to adjust the audit work program. Which of the following is the most appropriate next step for the auditor to take9
Which of the following is true about surveys?
An internal auditor accessed accounts payable records and extracted data related to fuel purchased tor the organization's vehicles As a first step, she sorted the data by vehicle and used spreadsheet functions to identify all instances of refueling on the same or sequential dates She then performed other tests Based on the auditor's actions which of the following is most likely the objective of this engagement1?
Which of the blowing is an example of a compliance assurance engagement?
Which of the following would most Holy reflect the best possible engagement objectives?
During a review of the treasury function an internal auditor identified a risk that all bank accounts may net to include in the daily reconciliation process.
Which of the following responses would be most effective to mitigate this risk?
A chief audit executive (CAE) is trying to balance the internal audit activity's needs for technical audit skills budget efficiency and staff development opportunities. Which of the following would best assist the CAE in achieving this balance1?
Which of the following is not a direct benefit of control self-assessment (CSA)?
Which of the following sources of testimonial evidence would be considered the most reliable regarding whether a process is effectively performed according to its design?
The chief audit executive (CAE) of a small internal audit activity (IAA) plans to test conformance with the Standards through a quality assurance review. According to the Standards, which of the following are acceptable practice for this review?
1. Use an external service provider.
2. Conduct a self-assessment with independent validation.
3. Arrange for a review by qualified employees outside of the IAA.
4. Arrange for reciprocal peer review with another CAE.
An employee in the sales department completes a purchase requisition and forwards it to the purchaser. The purchaser places competitive bids and orders the requested items using approved purchase orders. When the employee receives the ordered items, she forwards the packing slips to the accounts payable department. The invoice for the ordered items is sent directly to the sales department, and an administrative assistant in the sales department forwards the invoices to the accounts payable department for payment. Which of the following audit steps best addresses the risk of fraud in the cash receipts process?
Which of the following internal audit procedures commonly involves sampling?
An engagement supervisor reviewed a staff internal auditor's documentation and noted that several edits should be made. The internal audit activity uses an electronic workpaper database and does not maintain paper files for its system of record. A system error prevents the engagement supervisor from adding her electronic signature to any workpaper in the database Given this situation which is the most appropriate response to provide evidence of supervisory review?
According to IIA guidance, which of the following is least likely to be a key financial control in an organization's accounts payable process?
In which of the following populations would the internal auditor most likely choose to use a stratified sampling approach?
An engagement team is being assembled to audit of one of the organization's vendors Which of the following statements best applies to this scenario?
Acceding to MA guidance, when of the Mowing strategies would like provide the most assurance to the chief audit executive (CAE) that the internal audit activity's recommendations are being acted upon?
During an assurance engagement, an internal auditor noted that the time staff spent accessing customer information in large Excel spreadsheets could be reduced significantly through the use of macros. The auditor would like to train staff on how to use the macros. Which of the following is the most appropriate course of action for the internal auditor to take?
According to IIA guidance, which of the following are appropriate actions for the chief audit executive regarding management's response to audit recommendations?
During follow-up, the chief audit executive (CAE) is having a discussion with management about the internal audit team's recommendations related to a significant issue Management accepted the issue but took no remedial action What is the next step for the CAE?
As part of the preliminary survey, an internal auditor sent an internal control questionnaire to the accounts payable function Based on the questionnaire responses, the auditor determines that there is no established procedure for adding and approving new vendors. What would the auditor do next?
In order to obtain background information on an assigned audit of data center operations an internal auditor administers control questionnaires to select individuals who have primary responsibilities within the process. Which of the following is a drawback of this approach?
Which of The following best describes a risk that is deemed "unacceptable" to the organization?
An organization's internal audit plan includes a recurring assurance review of the human resources (HR) department. Which of the following statements is true regarding preliminary communication between the auditor in charge (AIC) and the HR department?
1. The AIC should notify HR management when the draft audit plan is being developed, as a courtesy.
2. The AIC should notify HR management before the planning stage begins.
3. The AIC should schedule formal status meetings with HR management at the start of the engagement.
4. The AIC should finalize the scope of the engagement before communicating with HR management.
According to the MA guidance, which of the following does the engagement work program test in a review of an organizational process?
An internal auditor is asked to perform an assurance engagement in the organization's newly acquired subsidiary When developing the objectives tor the engagement which ot the following statements describes the most important items that the auditor needs to consider?
Which of the following is a disadvantage of using flowcharts during a risk assessment?
An internal auditor wants to assess the completeness of sales invoices issued by the organization over a period of time Providing that at the necessary data and analytics software is which of the following types of analyse would be appropriate to satisfy the auditor's objective?
An internal auditor develops an engagement observation related to an organization's accumulation of large travel advances. The auditor observes that the organization's procedures do not require justification for travel advances greater than a specific amount Which of the following best describes the organization's procedures?
The engagement supervisor would like lo change the audit program's scope poor to beginning fieldwork According to IIA guidance before any change is implemented what is the most important action that should be undertaken?
Which of the following factors should a chief audit executive consider when determining the audit universe?
1. Components of the organization's strategic plan.
2. Inputs from senior management and the board.
3. Views of competitors and business associates.
4. Results of exit interviews with departing employees.
An organization has a mature control environment but limited internal audit resources Given this scenario, on which of the following should the internal auditors focus their testing?
A large investment organization hired a chief risk officer (CRO) to be responsible for the organization's risk management processes. Which of the following people should prioritize risks to be used for the audit plan?
An internal auditor is conducting a review of the procurement function and uncovers a potential conflict of interest between the chief operating officer and a significant supplier of IT software development services. Which of the following actions is most appropriate for the internal auditor to take?
The final internal audit report should be distributed to which of the following individuals?
'Internal policy prohibits employees from entering into contacts with financial obligations without proper approval.
A project manager signed a change to an important service agreement without obtaining the proper approval As a result the organization is receiving $5,000 per month less for its services.’’
Which of the following should be added to the observation?
The chief audit executive (CAE) determined that the internal audit activity lacks the resources needed to complete the internal audit plan Which of the following would be the most appropriate action tor the CAE to take?
Which of the following is the primary reason the chief audit executive should consider the organization's strategic plans when developing the annual audit plan?
Which of the following is least likely to help ensure that risk is considered in a work program?
Which of the following attribute sampling methods would be most appropriate to use to measure the total misstatement posted to an accounts payable ledger?
According to IIA guidance, which of the following is true regarding audit supervision?
1. Supervision should be performed throughout the planning, examination, evaluation, communication, and follow-up stages of the audit engagement.
2. Supervision should extend to training, time reporting, and expense control, as well as administrative matters.
3. Supervision should include review of engagement workpapers, with documented evidence of the review.
A healthcare organization's chief audit executive (CAE) noted that the organization's IT team relies heavily on a vendor. Therefore an IT vendor assessment review was added to the annual audit plan. During the review, the audit team discovered that the vendor had not been performing proper monitoring to ensure that the subcontractors it hired comply with the organization requirements. The organization's chief information officer (ClO) does not agree with the audit team's recommendation for the IT team to monitor the compliance level of vendor subcontractors. How should the audit team proceed to resolve this situation?
At a construction company, an internal auditor is planning an audit of the company's process for designing and building grid connections The process involves customers making payments m three parts
• The first payment of 10% after approval of the customer s application
• The second payment of 70% prior to construction
• The third payment of 20% after construction is complete
Which of the following key controls should the auditor test to ensure that the company is not taking any unwanted credit risks?
According to IIA guidance, which of the following statements is true regarding the authority of the chief audit executive (CAE) to release previous audit reports to outside parties?
The chief audit executive (CAF) determined that the residual risk identified in an assurance engagement is acceptable. When should this be communicated to senior management?
An organization s inventory is stored m multiple warehouses. During an inventory audit which of the following activities would most benefit from the use of computerized audit tools?
Which of the following engagement supervision activities should be performed first?
Which of the following statements is false regarding roles and responsibilities pertaining to risk management and control?
When constructing a staffing schedule for the internal audit activity (IAA), which of the following criteria are most important for the chief audit executive to consider for the effective use of audit resources?
1. The competency and qualifications of the audit staff for specific assignments.
2. The effectiveness of IAA staff performance measures.
3. The number of training hours received by staff auditors compared to the budget.
4. The geographical dispersion of audit staff across the organization.
An organization is experiencing a significant risk that threatens its financial well-being Senior management requested that the chief audit executive (CAE) meet with them to discuss the risk. Which of the following would best describe the CAE's responsibility at the meeting?
An organization buys crude oil on the open market and refines it into a high-quality gasoline. The price of crude oil is extremely volatile. Which of the following is the most appropriate risk management technique to protect the organization against these price fluctuations?
Which of the following approaches would best help an internal auditor determine whether a retailer database of 100,000 customers has nay duplicate accounts?
The chief audit executive of an international organization is planning an audit of the treasury function located at the organization's headquarters. The current internal audit team at headquarters lacks expertise in the area of financial markets which is needed tor the engagement When of the following would be the most approbate solution considering the time constraint?