IIA-ACCA IIA ACCA CIA Challenge Exam exact Exam Questions

ACCA CIA Challenge Exam

Last Update 15 hours ago Total Questions : 604

The ACCA CIA Challenge Exam content is now fully updated, with all current exam questions added 15 hours ago. Deciding to include IIA-ACCA practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our IIA-ACCA exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these IIA-ACCA sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any ACCA CIA Challenge Exam practice test comfortably within the allotted time.

Question # 136

Which of the following is not a primary reason for outsourcing a portion of the internal audit activity?

To gain access to a wider variety of skills, competencies and best practices.

To complement existing expertise with a required skill and competency for a particular audit engagement.

To focus on and strengthen core audit competencies.

To provide the organization with appropriate contingency planning for the internal audit function.

Question # 137

Which of the following recommendations made by the internal audit activity (IAA) is most likely to help prevent fraud?

A review of password policy compliance found that employees frequently use the same password more than once during a year. The IAA recommends that the access control software reject any password used more than once during a 12-month period.

A review of internal service-level agreement compliance in financial services found that requests for information frequently are fulfilled up to two weeks late. The IAA recommends that the financial services unit be eliminated for its ineffectiveness.

A vacation policy compliance review found that employees frequently leave on vacation before their leave applications are signed by their manager. The IAA recommends that the manager attend to the leave applications in a more timely fashion.

A review of customer service-level agreements found that orders to several customers are frequently delivered late. The IAA recommends that the organization extend the expected delivery time advertised on its website.

Question # 138

According to IIA guidance, which of the following is true regarding audit supervision?

1. Supervision should be performed throughout the planning, examination, evaluation, communication, and follow-up stages of the audit engagement.

2. Supervision should extend to training, time reporting, and expense control, as well as administrative matters.

3. Supervision should include review of engagement workpapers, with documented evidence of the review.

1 and 2 only

1 and 3 only

2 and 3 only

1, 2, and 3

Question # 139

Which of the following statements about internal audit ' s follow-up process is true?

The nature, timing, and extent of follow-up for assurance engagements is standardized to ensure quality performance.

The actions of external auditors and other external assurance providers is not encompassed by internal audit ' s follow-up process.

Internal auditors have responsibility for determining if management and the board have implemented the recommended action or otherwise accepted the risk.

The follow-up process must be complete and documented in the working papers in order to conclude the engagement.

Question # 140

An internal auditor wants to determine whether employees are complying with the information security policy, which prohibits leaving sensitive information on employee desks overnight. The auditor checked a sample of 90 desks and found eight that contained sensitive information. How should this observation be reported, if the organization tolerates 4 percent noncompliance?

The matter does not need to be reported, because the noncompliant findings fall within the acceptable tolerance limit.

The deviations are within the acceptable tolerance limit, so the matter only needs to be reported to the information security manager.

The incidents of noncompliance fall outside the acceptable tolerance limit and require immediate corrective action, as opposed to reporting.

The incidents of noncompliance exceed the tolerance level and should be included in the final engagement report.

Question # 141

A large investment organization hired a chief risk officer (CRO) to be responsible for the organization ' s risk management processes. Which of the following people should prioritize risks to be used for the audit plan?

Operational management, because they are responsible for the day-to-day management of the operational risks.

The CRO, because he is responsible for coordinating and project managing risk activities based on his specialized skills and knowledge.

The chief audit executive, although he is not accountable for risk management in the organization.

The CEO, because he has ultimate responsibility for ensuring that risks are managed within the agreed tolerance limits set by the board.

Question # 142

While conducting an audit of a third party ' s Web-based payment processor, an internal auditor discovers that a programming error allows customers to create multiple accounts for a single mailing address. Management agrees to correct the program and notify customers with multiple accounts that the accounts will be consolidated. Which of the following actions should the auditor take?

1. Schedule a follow-up review to verify that the program was corrected and the accounts were consolidated.

2. Evaluate the adequacy and effectiveness of the corrective action proposed by management.

3. Amend the scope of the subsequent audit to verify that the program was corrected and that accounts were consolidated.

4. Submit management ' s plan of action to the external auditors for additional review.

1 and 2

1 and 4

2 and 3

3 and 4

Question # 143

Which of the following behaviors could represent a significant ethical risk if exhibited by an organization ' s board?

1. Intervening during an audit involving ethical wrongdoing.

2. Discussing periodic reports of ethical breaches.

3. Authorizing an investigation of an unsafe product.

4. Negotiating a settlement of an employee claim for personal damages.

1 and 2

1 and 4

2 and 3

3 and 4

Question # 144

According to IIA guidance, which of the following statements are true regarding the internal audit plan?

1. The audit plan is based on an assessment of risks to the organization.

2. The audit plan is designed to determine the effectiveness of the organization ' s risk management process.

3. The audit plan is developed by senior management of the organization.

4. The audit plan is aligned with the organization ' s goals.

1 and 2 only

3 and 4 only

1, 2, and 4

1, 3, and 4

Question # 145

According to the Standards, which of the following is leastimportant in determining the adequacy of an annual audit plan?

Sufficiency.

Appropriateness.

Effective deployment.

Cost effectiveness.

Question # 146

An internal auditor is assessing the organization ' s risk management framework. Which of the following formulas should he use to calculate the residual risk?

Option A

Option B

Option C

Option D

Question # 147

According to IIA guidance, which of the following actions might place the independence of the internal audit function in jeopardy?

Having no active role or involvement in the risk management process.

Auditing the risk management process for reasonableness.

Coordinating and managing the risk management process.

Participating with management in identifying and evaluating risks.

Question # 148

The external auditor has identified a number of production process control deficiencies involving several departments. As a result, senior management has asked the internal audit activity to complete internal control training for all related staff. According to IIA guidance, which of the following would be the most appropriate course of action for the chief audit executive to follow?

Refuse to accept the consulting engagement because it would be a violation of independence.

Collaborate with the external auditor to ensure the most efficient use of resources.

Accept the engagement but hire an external training specialist to provide the necessary expertise.

Accept the engagement even if the audit engagement staff was previously responsible for operational areas being trained.

Question # 149

A code of business conduct should include which of the following to increase its deterrent effect?

1. Appropriate descriptions of penalties for misconduct.

2. A notification that code of conduct violations may lead to criminal prosecution.

3. A description of violations that injure the interests of the employer.

4. A list of employees covered by the code of conduct.

1 and 2

1 and 3

2 and 4

3 and 4

Question # 150

According to IIA guidance, which of the following is true regarding the exit conference for an internal audit engagement?

A primary purpose of the exit conference is to provide for the timely communication of observations that call for immediate management action.

Both the chief audit executive and the chief executive over the activity or function reviewed must attend the exit conference to validate the findings.

The exit conference provides only anticipated results for inclusion in the final audit communication.

During the exit conference, the performance of the internal auditors who executed the engagement is reviewed.