Which of the following best describes the risk contained in an initial public offering for a new stock?
According to NA guidance, which of the following practices by the chief audit executive (CAE) best enhances the organizational independence of the internal audit activity?
Which of the following scenarios would most significantly restrict the areas where internal audit could perform assurance services?
Which of the following best describes the type of risk that an adequately designed and effectively operating system of internal controls should mitigate?
Which of the following best demonstrates conformance with the Standards relating to continuing professional development of internal auditors?
The board of a newly established organization was discussing the contents of the draft internal audit charter One board member suggested adding to the charter an obligation for the internal audit activity to develop controls in business procedures. The board member explained that the new organization needs professional-level developers, internal auditors have the necessary skills and competencies, and the internal audit activity is well positioned to assume this responsibility. Which of the following would be a potential concern if the board member’s suggestion is adopted?
When taken by a chief audit executive, which of the following actions would be most likely to prevent division management from exaggerating sales reports?
1. Announcing a series of internal audit engagements focusing on compliance with corporate sales-reporting policies.
2. Asking the president and the board to issue a statement of corporate policy stressing the importance of accurate management
reporting and the negative consequences of intentional misreporting.
3. Setting up a hotline for employees to report fraudulent behavior anonymously,
4. Assisting the controller in developing and monitoring a series of business process indicators, which are historically correlated with, but independent of sales.
Evidence discovered during the course of an engagement suggests that multiple incidents of fraud have occurred. There do not appear to be sufficient controls in place to prevent reoccurrence. Which of the following is the internal auditor's most appropriate next step?
Which of the following would be considered a monitoring activity in organization wide risk management?
Which of the following best demonstrates that the internal audit activity is using due professional care?
Management would like to self-assess the overall effectiveness of the controls in place for its 200-person manufacturing department. Which of the following client-facilitated approaches is likely to be the most efficient way to accomplish this objective?
Which of the following documents are internal auditors most likely to be asked to sign as a demonstration of due professional care?
A description of their job responsibilities,
The internal audit activity completed its analysis of sample transactions to determine occurrences of double billings According to If A guidance, which of the following best demonstrates that internal auditors exercised due professional care during the review?
The chief audit executive (CAE) of a new internal audit activity is creating an internal audit charter According to IIA guidance, which of the following terms is most likely to
be included in the charter?
Which of the following resources would be most effective for an organization that would like to improve how it informs stakeholders of its social responsibility performance?
Which of the following statements best describes the difference between risk appetite and risk tolerance?
According to NA guidance, which of the following conditions would enhance the independence of the internal audit activity?
Which of the following types of policies best helps promote objectivity in the interna! audit activity's work?
During an assurance engagement, an internal auditor uses benchmarking research to support preparation of a report to stakeholders that contains significant findings about control deficiencies. Which of the following skills did the auditor demonstrate?
According to IIA guidance, which of the following statements regarding the internal audit charter is true?
An internal auditor believes that the internal audit activity's independence is impaired. Which of the following actions should the internal auditor take first?
A series of incidents over the past year reveals several members of senior management possess a limited understanding of the concept and impact of fraud. Which of the following would be the most effective way to approach this issue?
Which of the following statements is true with regard to services provided by the internal audit activity?
Which of the following is most likely to be considered a control weakness?
An internal auditor is performing testing to gather evidence regarding an organization’s inventory account balance and is mindful of the possibility that the sample used might support the conclusion that the recorded account balance is not materially misstated when, in fact, it is. The auditor's concern best describes which of the following risks?
Operational management in the IT department has developed key performance indicator reports, which are reviewed in detail during monthly staff meetings. This activity is designed to prevent which of the following conditions?
An internal audit activity maintains a quality assurance and improvement program that includes annual self-assessments. The internal audit activity includes in each engagement report a clause that the engagement is conducted in conformance with the International! Standards for the Professional Practice of Internal Auditing (Standards). Which of the following justifies inclusion of this clause in the reports?
Which of the following best demonstrates internal auditors performing their work with proficiency?
Which of the following should a general internal auditor be able to characterize as an IT-related risk?
In an assurance engagement focused on the adequacy of organizationwide risk management practices, which of the following best describes a primary area of interest for the engagement?
Which of the following actions would best help the internal audit activity promote continuous improvement in control effectiveness within the organization?
Which of the following is an appropriate roe fa the internal audit activity?
At what point in time can an organization conclude that the established organizational governance framework was correctly implemented?
An internal auditor is finalizing an audit report on the effectiveness of the organization's overall system of internal control. Several audit tests were performed, and the only issue identified was that the CEO frequently asks employees to make exceptions or bypass the organization's standard written policies and procedures. Which of the following conclusions is most appropriate for the auditor to report?
Which of the following demonstrates that the internal audit activity exercises due professional care?
Which type(s) of assessments in an internal audit activity’s quality assurance and improvement program requires ongoing monitoring to evaluate internal audit activity's efficiency and effectiveness?
An internal auditor notes that inventory counts are conducted on Mondays only and that all documentation is on paper as there are no computers in the underground warehouses. Also she notices that the person responsible for receiving the goods is the same one who distributes materials and spare parts Finally, she sees that spare parts are written off and taken by the heads of mining units to different underground locations to wait for their turn to be installed. Which of the described findings requires more consideration from a fraud risk perspective?
According to IIA guidance, which of the following statements is true regarding the internal audit activity's quality assurance and improvement program (QAIP)?
According to MA guidance, which of the following is true with regard to the internal audit charter?
1. It specifies the minimum resources needed for assurance engagements.
2. It requires final approval from senior management.
3. It defines the internal audit activity's authority and responsibilities.
4. It describes the expectations for communicating the results of a quality assurance and Improvement program.
Which of the following actions best demonstrates an internal auditor exercising due professional care?
Which of the following is true regarding the stakeholder theory of corporate social responsibility?
Which of the following would best serve to deter unethical behavior and encourage internal auditors to be objective in their work?
An internal auditor is assessing fraud risks and creating a fraud risk matrix for a particular branch location. Which of the following is most likely to be included in the matrix?
Which of the following options describes the reason that conformance with The IIA's Code of Ethics is mandatory for internal auditors?
Which of the following best describes a purpose for the internal audit charter?
Management of an area under review is aggressive, upset, and questioning the knowledge and experience of the organization's internal auditors, as the audit results highlight critical findings. The relationship between the internal audit activity and management has continued to degenerate. as previous audit reports also showed a large number of issues. What would be the best strategy for working through the current audit results while also attempting to repair the relationship with management?
Which of the following scenarios best illustrates the Fraud Triangle component known as "perceived opportunity"?
Which of the following would most likely be classified as a consulting engagement?
A chief audit executive (CAE) was asked by senior management to establish and manage a risk management function. A new chief risk officer was hired a year later to assume these responsibilities. As this function was included in the current annual audit plan, the CAE engaged an external resource for a risk management engagement. Which of the following potential threats to objectivity was the CAE likely addressing?
The internal audit activity was asked to conduct an investigation for potential fraud in the treasury department and subsequently contracted with a forensic accountant to join the team for the engagement. Which of the following parties has the primary responsibility for resolving any fraud incidents found as a result of this investigation?
In which of the following situations would the organizational independence of an internal audit activity be impaired?
As a result of a high-profile processing error, respective business unit managers are implementing new controls. The internal audit team was asked for their advice regarding the controls. The objective of this consulting engagement would be determined by which of the following?
The manager of the payroll department requested a review of the payroll process, but only wants the engagement to include processes related to approval of time worked. What type of activity is this?
While preparing the audit plan for an automobile manufacturing company, the chief audit executive (CAE) noted that the company's engineering department received a high risk ranking. However, the internal audit activity is understaffed, and current staff do not possess the necessary skills to adequately assess the effectiveness of the engineering department. What is the most appropriate course of action for the CAE to take?
In order for an internal auditor to assess the opportunity for fraud to occur in an organization, which of the following does the auditor first need to understand?
Which of the following is a key determinant used by external auditors to decide whether they can rely on work performed by the internal audit activity?
Which of the following is a preventive control the organization could implement to mitigate fraudulent activity in the accounts payable department?
The internal audit activity is responsible for conducting fraud investigations. A potential fraud instance was identified during an audit engagement. The chief audit executive appoints a lead investigate. Which of the following would most likely be the next step?
It is important for the chief audit executive to consider the level of competence of the internal audit staff because their competence influences which of the following?
According to MA guidance, which of the following statements is true regarding an effective governance process?
An organization allows the same individuals to physical access inventory and purchase new assets when supplies are depleted. Which of the following would best help the organization manage the risk of fraud?
Which of the following is an example of the chief audit executive (CAE) demonstrating due professional care?
Upon completion of an external assessment as part of the quality assurance and improvement program (QAIP), the chief audit executive (CAE) reported the results to senior management and the board The CAE included the following elements in the report
- Qualifications and independence of me external assessment team
- Conclusions of assessors
- Corrective action plans
How should the CAE improve the aforementioned approach to reporting the resets of QAIP?
Which of the following statements is true regarding reporting results of the quality assurance and improvement program to senior management and the board?
During a monthly internal audit staff meeting, the chief audit executive (CAE) decided to reinforce the importance of internal audit staff being objective in their work. Which of the following examples would be most appropriate for the CAE to include as part of the meeting presentation?
According to IIA guidance, which of the following best demonstrates due professional care?
The organization s procurement manager asks the internal auditor to deliver training to the procurement team on the organization’s third-party risk management process. Which of the following is the most appropriate response?
A newly hired chief audit executive is reviewing available documentation to provide evidence of conformance with the standard for continuing professional development. Which of the following documents is the most reliable source for this purpose?
With regard to governance, which of the following is a board-level responsibility rather than a management responsibility?
An internal auditor believes that a weakness exists in the control environment relating to the delegation of authority and responsibility within the management structure. Which of the following actions should the internal auditor first consider in this matter?
Which of the following is the internal audit activity expected to do with respect to the organization's governance processes?
An internal auditor is assessing the effectiveness of the organization's risk management practices She checks to see whether risk management is an intégrai part of decision making and whether risk management is transparent, responsive to change and addresses uncertainty. According to HA guidance on risk management frameworks, which of the following approaches is the auditor most likely using?
Which of the following describes a responsibility of operating management in an organization's corporate social responsibility (CSR) efforts?
An internal auditor creates a professional development plan to obtain more experience in the organization's environmental, social, and corporate governance initiatives. Which of the following would the auditor include in the plan to support these objectives?
Which of the following requests, if accepted by the internal audit activity, would impair its independence?
When the chief audit executive Is responsible for risk management in an organization, which of the following parties is responsible for overseeing the internal audit activity's assurance over risk management?
Nearing the completion of fieldwork, an internal auditor shared the draft report findings with management prior to the closing meeting. During the closing meeting, management expressed dissatisfaction in that they were not familiar with some of the findings. Management also noted that some aspects of the report seemed confusing. Which of the following competencies appears to have been lacking in this scenario?
According to IIA guidance, the internal audit activity must be free from interference in which of the following areas in order to maintain organizational independence?
Which of the following is ultimately responsible for the continuing professional development of internal audit activity staff?
According to The IIA’s Code of Ethics, which of the following best describes the principle of integrity?
According to IIA guidance, which of the following is an appropriate role for the internal audit activity?
An internal auditor believes that a weakness exists in the control environment relating to the delegation of authority and responsibility within the management structure. Which of the following actions should the internal auditor first consider in this matter?
Internal audit is performing an engagement to determine whether there were indications of questionable bidding on a city s infrastructure project. As part of the engagement the internal audit activity became aware that certain firms tend to receive the contracts for large city projects. How should the internal audit activity proceed with the engagement and identify questionable bidding practices?
Which of the following should play a leading role in overseeing ihe ethical atmosphere of an organization?
Which of the following approaches will internal audit utilize when developing a set of performance standards to measure an organization’s risk management process against?
Which of the following statements is true regarding the importance of risk management?
An engagement supervisor notes that an internal auditor usually documents and submits draft audit reports for review without giving the process owners the opportunity to state their position on the issues raised. How should the engagement supervisor respond?
Which of the following must be considered by the chief audit executive before writing the internal audit charter?
Once an organization's risks are identified, what would be the next step to ensure resources are properly allocated to manage those risks?
A new chief audit executive realized that the internal audit charter has not been updated in five years and only includes the Core Principles for the Professional Practice of Internal Auditing, the Code of Ethics, and the Standards. What mandatory component is missing?
According to the Standards, in today's technology and business environments, how much computer and information systems-related knowledge and skills must an internal auditor have to be effective in fulfilling his job responsibilities?
According to HA guidance, which of the following would best support the internal auditor's conclusion that the organization's risk management processes are effective?
Which statement accurately describes the authority of the internal audit activity as outlined in the audit charter?
Which of the following should be considered in developing a risk and control model for use in an engagement?
Which of the following is (he most effective way any organization can ensure proper governance over its internal controls?
Due to unfavorable economic conditions management decided to postpone new investments for the next year. Which of the following best describes the risk management strategy used to address this situation?
The internal audit activity conducted an organization wide risk assessment. One of the most significant risks identified is associated with the oil price market. The chief audit executive (CAE) is considering including in the annual audit plan an assessment of the effectiveness of oil price risk management. The manager responsible commented that the assessment was not needed, as market risks were regularly addressed by the financial risk committee. If the CAE decides to include this activity in the annual audit plan anyway, how should it be recorded?
Which of the following internal control components has COSO identified as the most important?
An engagement supervisor noticed that a newly hired internal auditor struggles with large data samples because he appears reluctant to apply available spreadsheet statistical functions and tends to perform testing of transactions manually In which of the following areas does the internal auditor most likely need training?
Due to the increased operational responsibility of the CEO the chief audit executive (CAE) of an organization currently reports to the chief financial officer (CFO) What is the likely impact of such a situation?
Which of the following best demonstrates the authority of the internal audit activity?
Which of the following is true regarding the use of a formal risk management framework?
1. It facilitates a methodical approach to risk mitigation.
2. It defines and standardizes the terminology used in risk communication.
3. It establishes the risk tolerance levels to be accommodated in the strategy.
4. It facilitates the alignment of risk mitigation strategies with management priorities.
During an assurance engagement internal auditors interview operational management to gather and evaluate information. Which approach is most important for internal auditors to be able to listen effectively to interviewees in the given situation?
During the audit of taxation processes in the organization internal auditors have verified that all employees of the finance department received training on taxation guidelines. The training is mandatory and is automatically assigned via email invitation to all new employees in the department. Which type of controls have the auditors tested?
An internal auditor performed a risk assessment and concluded that the controls over access privileges to a bank account were appropriate. Later, the auditor learned that a contractor was using a shared password provided by an authorized user of the account. Which of the following statements best describes the auditor's application of due professional care?
Which of the following statements would typically be included in the responsibility section of the internal audit charter?
According to IIA guidance, which of the following statements is true regarding ISO 31000?
Recently an organization’s internal audit activity discovered ghost employees who receive payments Senior management decides to strengthen the internal control measures to address this Which of the following is considered an effective control to mitigate payments to ghost employees?
An internal auditor has suspicions that some fictitious vendors have been created in the organization's computer system. Which of the following would be the best technique to detect this fraud?
What should be the first step for a newly hired chief audit executive to build and maintain the proficiency of the internal audit activity'?
According to IIA guidance, which of the following best describes expense reimbursement fraud?
Which of the following situations undermines the independence of the internal audit activity?
Which of the following would provide the best support for internal auditors to meet their continuing professional development requirements?
Which of the following actions taken during an audit engagement is the best demonstration of an internal auditor's due professional care?
A newly appointed chief audit executive (CAE) is tasked with creating a new internal audit activity within the organization. Which of the following would the CAE need to include in the new internal audit charter?
Which of the following is a primary responsibility of senior management with respect to ethical violations?
A large commercial bank was fined by regulators for fraudulent practices when employees, over a period of time, opened thousands of new accounts for existing clients without the clients' consent. It was later found that employees were given unrealistic new account targets and were aggressively monitored by management on a daily basis.
Which of the following controls would have most likely reduced the likelihood of the fraudulent practice from occurring?
According to IIA guidance, which of the following would the internal audit activity examine in order to evaluate the organization's governance process for strategic and operational decisions'?
Which of the following is a consulting service the internal audit activity can perform with respect to the organization's risk management?
Outsourcing a business activity is considered which of the following risk management techniques?
Which of the following statements is most likely to be true regarding a consulting engagement involving an organization's new payroll system?
Following a quality assurance review of a small internal audit activity, the external reviewer and the chief audit executive (CAE) cannot agree on the importance of several deficiencies noted during the review. Which of the following would be the most appropriate next step for the reviewer to take?
Which of the following actions should the audit committee take to promote organizational independence for the internal audit activity?
According to IIA guidance, which of the following actions best demonstrates that due professional care has been considered by the internal audit activity when conducting a review of an organization's assets?
The internal audit activity audited an organization's risk management function multiple times, and the recommendations that were made remain unaddressed by the head of risk management. Which of the following would be the next step for the internal audit activity?
According to IIA guidance, which of the following best describes the chief audit executive s responsibility for confirming to the board the organizational independence of the internal audit activity'?
According to IIA guidance, which of the following statements is true regarding the internal audit activity’s responsibilities in providing consulting services?
Management is installing security cameras to identify unauthorized physical access to the organization's warehouse. This is an example of which of the following types of controls?
Guidelines need to be set for various levels of suspected fraud within an organization and when it would be reported to the audit committee. Which of the following would be
reported at the next meeting?
Regarding assurance and consulting services provided by the internal audit activity which of the following statements is correct?
After the final audit report was issued, the engagement supervisor received an expensive gift from management recognizing her assistance in improving the business, if the gift is accepted, which of the following would be true?
Which of the following is a legitimate requirement for an internal audit activity’s quality assurance and improvement program (QAIP)?
In which of the following audits would the internal auditors most likely contribute to the assessment of organizational governance?
When dealing with various stakeholders which of the following is true regarding an internal auditor's responsibility to remain objective and independent?
The management team of an agricultural organization has prioritized corporate social responsibility (CSR) initiatives. Which of the following would be considered a CSR activity?
Which of the following best demonstrates conformance with IIA standards related to continuing professional development?
Which of the following statements is true regarding management's use of judgement to design, implement, and conduct internal control?
Which of the following is the most appropriate reason for a chief audit executive to conduct an external assessment more frequently than five years?
An automobile manufacturer will become one of the first in the industry to adopt a new inventory management software. Despite the system being new to the market, senior management believes that the benefits are great enough to offset the potential risks. Which of the following aspects of risk management does senior management’s decision best illustrate?
Which of the following preventative controls would be most effective for organizations facing business disruptions and respective financial losses?
According to IIA guidance, which of the following actions by the chief audit executive (CAE) best demonstrates the organizational independence of the internal audit activity?
Which of the following actions would an internal auditor perform primarily during a consulting engagement of a debt collections process?
Which of the following statements is true regarding corporate social responsibility (CSR)?
According to IIA guidance, which of the following actions is a chief audit executive required to take with regard to reporting the results of the quality assurance and improvement program?
A chief audit executive (CAE) is considering hiring a candidate who most recently worked for a large public accounting firm What would be the CAE’s most likely concern regarding this candidate*?
According to IIA guidance, which of the following best demonstrates how the chief audit executive may ensure that due professional care is applied?
During a complex financial compliance engagement, a senior internal auditor determines that current audit procedures are not sufficient for adequate testing She consults with a colleague and learns that a spreadsheet application contains a helpful tool She proceeds to use the tool to properly complete the evaluation Which of the following best describes the core competency displayed by the senior auditor?
Which of the following statements is true regarding the independent peer review process undertaken to fulfill the requirement for an external quality assessment?
The internal audit activity is undergoing a self-assessment as part of its quality assurance and improvement program Which of the following observations must be addressed in order for the internal audit activity to achieve conformance with the Standards?
In which of the following scenarios is the internal auditor in conformance with The IIA's Code of Ethics and the Standards?
Senior management purchased surveillance cameras and installed them over a door that provides entry to an area where according to a recent internal audit report, hazardous materials exist and there is a high risk of explosion Which type of control was implemented in this situation?
Which of the following is most likely to impair the organizational independence of the internal audit activity?
Which of the following disclosures must the chief audit executive (CAE) include when communicating the results of the quality assurance and improvement program to senior management and the board?
An internal auditor was assigned to work in the procurement department for six months to gam m-depth knowledge about the procurement process. Which of the following personnel development practices was applied in this situation?
Which of the following is a true statement regarding controls such as ethical values, tone at the top and operational style?
Which of the following actions is the internal audit activity best positioned within the organization to perform?
Which of the following statements is true regarding organizational culture and an audit of the control environment?
Which of the following activities would an internal auditor perform as a consulting engagement for an organization?
An organization’s senior management team is awarding substantial bonuses if employees meet financial targets. Which of the following motivators to potentially commit fraud would become most likely in this scenario?
Which of the following would be a red flag for potential issues in the control environment?
Which of the following is an example of an impairment to an internal auditor's independence?
Which of the following statements is true regarding the quality assurance and improvement program (QAIP)?
Which of the following can be used to minimize employees’ resentment of controls?
An internal auditor is providing consulting services on an area he was responsible for three years ago. Part of the consulting scope covers a review of a performance measuring system that the auditor helped to develop. What is the best course of action for the auditor to take concerning the consulting service?
According to IIA guidance, which of the following activities would typically be examined when using the maturity model approach for assessing an organization's risk management program?
Why is it imperative for the chief audit executive to track and develop the educational qualifications of internal audit staff?
According to MA guidance, which of the following statements is true regarding internal auditors' use of technology-based techniques?
Which of the following is a responsibility of the internal audit activity as it relates to risk and risk management?
According to NA guidance which of the following should be documented in the internal audit chatter?
Which of the following indicates an appropriate disclosure of a potential nonconformance with the Standards?
The chief audit executive (CAE) planned an in-person group training to help internal auditors perform onsite inspections of an automobile manufacturing facility. The training would have allowed the auditors to better understand the production of the organization's automobiles. However, a global health crisis has impacted the training by prohibiting in-person contact at the facility. Which of the following could the CAE use to provide auditors with a better understanding of the organization s production process?
Which of the following statements is true regarding the role of the internal audit activity in the organization's risk management process?
Which of the following organizations is adopting an acceptance technique in terms of its risk response?
An internal audit of an organization's disbursement department revealed that multiple payments were made to legitimate vendors bearing fraudulent banking information belonging lo employees in the department. These vendors were initially set up with accurate banking information but were subsequently modified by disbursement officers with access to the vendor management system. Which of the following controls would have likely prevented the fraudulent modification of vendors' banking information?
Which of the following statements is true with regard to the quality assurance and improvement program (GAIP)?
The results of an assessment of the adequacy of controls would be considered incomplete or misleading unless the internal auditor considers which of the following?
Which of the following represents a deficiency in the control environment?
Which of the following would be the most appropriate first step for the board to take when developing an effective system of governance?
An organization's board recommends revising the internal audit charter by adding requirements regarding the hiring and compensation of the chief audit executive as well as information on approving the internal audit budget. Which of the following is the board most likely defining in the charter?
Which of the following scenarios is a characterize of an organization with a highly effective ethical culture?
Which of the following would be the best choice for a continuing professional development requirement for a newly created internal audit activity?
Which type of engagement requires that the client agrees with the techniques used by the internal audit activity?
The management at a national consumer goods organization implements a fair work and pay practice as well as a policy to treat employees equitably and consistently.
Which common characteristics of fraud will the practice and policy most likely reduce?
Which of the following situations presents the lowest risk of impairing an internal audit activity's independence?
When beginning an engagement to assess the effectiveness of the organization's newly revamped risk management processes, which of the following should internal auditors review first?
As part of a fraud investigation by regulators, a court order was issued to a bank. The court order requested the chief audit executive (CAE) to provide access to a number of audit reports and workpapers, some of which included customers' confidential information such as transaction activity and other personal details. What is the appropriate response by the CAE?
The collaborating style for conflict resolution, where the parties promote assertiveness and work together to develop a mutually beneficial solution, is best used in which of the following situations?
During fieldwork, an internal auditor located a significant internal control issue. Without identifying the origins of the issue, the auditor concluded the engagement and included the issue in the final audit report. To enhance audit quality, which of the following skills should the internal auditor improve?
During an assurance engagement the internal audit team discovers that employees performing a control do not understand the principles behind it. Before the engagement concludes, at management's request the audit team facilitates several formal training sessions to help explain those principles to the employees. Which of the following best describes the engagement provided by the internal audit activity in this scenario?
Which of the following is a way to demonstrate an individual internal auditor's competency through continuing professional development?
Which of the following scenarios violates The IIA's standard regarding internal audit independence?
Which principle of the HA Code of Ethics focuses on continuing education and professional development?
According to IIA guidance, which of the following actions by a new chief audit executive would be most appropriate to gain an understanding of the current level of knowledge, skills, and competencies required by an internal audit activity to fulfill its responsibilities?
An organization employs ongoing monitoring and is considering implementing periodic evaluations to assess the continuing effectiveness of its risk management process. Which of the following statements Is true with regard to such periodic evaluations?
Management has implemented a segregation-of-duties policy for handling inventory. Which of the following fraud risks would be more concerning to an internal auditor following the implementation of this new policy?
Which of the following best demonstrates the board of directors' governance over internal control?