Summer Goodies - 55% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: av5rz84q

Exact2Pass Menu

Question # 4

According to the International Professional Practices Framework, which of the following situations is an indicator of a healthy relationship between the audit committee and the internal audit function?

A.

The chief audit executive (CAE) has direct access to the audit committee and the board but typically does not interact directly with them unless a material weakness in the control environment is identified.

B.

The CAE sends the audit committee all communications between the internal audit department and the audit client in order to keep the audit committee up to date on the engagement.

C.

The CAE does not distribute audit reports to the audit committee. However, the audit committee is made aware of the scope and findings of audits performed.

D.

Whenever a potential audit finding or testing exception is first identified, the audit committee is immediately notified, as well as for any subsequent changes in the status of the engagement.

Full Access
Question # 5

The chief audit executive (CAE) notes that management has adopted the option of not taking action on an audit issue involving a sizeable risk which has been accepted in the past. Which would be an appropriate action by the CAE?

A.

Close the issue by noting that follow-up will be completed as part of the next engagement.

B.

Discuss the matter with management to determine a resolution.

C.

Accept management's decision as the same risk has been accepted in the past.

D.

Report the situation to the board for immediate resolution.

Full Access
Question # 6

According to IIA guidance,when performing a compliance audit of data security standards for a large e-commerce retailer, which of the following would represent the least likely area of risk exposure?

A.

Operational risks.

B.

Change or configuration risks.

C.

Access risks.

D.

Physical security risks.

Full Access
Question # 7

According to the International Professional Practices Framework, which of the following would not be considered when performing an initial risk assessment in engagement planning?

A.

The reliability of management’s assessment of risk.

B.

Management’s process for monitoring, reporting, and resolving risk issues.

C.

Management's methodology for defining risk criteria.

D.

Risks in related activities relevant to the activity under review.

Full Access
Question # 8

An organization has acquired a new line of business. None of the organization's internal auditors have the required expertise to perform an internal audit of the new business line; therefore, the chief audit executive (CAE) has contracted the services of an external audit firm to perform the engagement. The CAE has assigned a member of the internal audit team to assist the external team with the engagement. According to the Standards, which of the following statements is true regarding supervision of the engagement?

A.

The CAE may rely upon the external firm's auditor in charge to supervise the engagement.

B.

The external firm's auditor in charge must defer to the judgment of the CAE for any disputes.

C.

The CAE is not responsible for the quality of an audit performed by an external firm.

D.

The CAE should not assign an inexperienced staff member to assist with the engagement.

Full Access
Question # 9

According to the International Professional Practices Framework, the responsibility for establishing and maintaining a system to monitor the disposition of results communicated to management falls upon:

A.

Compliance officer.

B.

Chief audit executive.

C.

Senior management.

D.

Risk manager.

Full Access
Question # 10

In response to an audit finding, senior management informed the auditor that the issue would be investigated and resolved when time permitted. According to the International Professional Practices Framework, this action was not acceptable because:

A.

The appropriate level of management was not involved in the review and resolution of the issue.

B.

Responses should include sufficient information to evaluate the adequacy and timeliness of corrective action.

C.

The board had not reviewed management's responses to the engagement observations and recommendations.

D.

Other departments should have been contacted to determine if they shared responsibility for corrective action.

Full Access
Question # 11

The chief audit executive (CAE) decided that based on management's oral response, the action taken on an audit observation for a minor improvement in the client's process is sufficient and no further follow-up is necessary. Which of the following would be the best statement regarding the action of the CAE?

A.

The CAE action is not acceptable, as a follow-up audit is needed to ensure that action is really taken by management.

B.

The CAE action is not acceptable, as follow-up on the issue is critical until a written response is obtained from management.

C.

The CAE action is acceptable as long as the follow-up is sufficient when weighed against the relative importance of the recommendation.

D.

The CAE action is acceptable as long as the issue has been escalated to the board to get their position on the issue.

Full Access
Question # 12

Which of the following events would most likely cause the chief audit executive to consider changing the current year's audit plan?

The government announced that new regulatory requirements will be introduced in the coming years which may significantly impact the organization's primary product.

A major competitor unexpectedly introduced a new model at a lower price point to compete with the organization's market leading product.

The organization announced a new joint venture with a long time corporate partner to introduce a new product with development costs and sales beginning next fiscal year.

An equal joint venture partner filed a lawsuit against the organization and requested that the court issue an immediate suspension of future product shipments.

A.

1 and 2 only

B.

1 and 3 only

C.

2 and 4 only

D.

3 and 4 only

Full Access
Question # 13

Which of the following statements is true?

A.

If management chooses not to take action on internal audit's assurance engagement observation, the chief audit executive (CAE) has a responsibility to propose an action plan to the board.

B.

Internal audit's responsibility for an assurance engagement observation ends when management implements changes to remediate the observation.

C.

When management decides to accept the risk of not taking action on an assurance observation, the (CAE) is responsible for judging whether or not that decision is prudent.

D.

An assurance engagement observation is considered remediated when management's corrective action plan is approved by the board.

Full Access
Question # 14

An internal auditor compares real-time gasoline production data to corresponding final gasoline production reports and finds minor but consistent daily discrepancies. If the auditor is concerned about theft, which of the following next steps is most consistent with IIA guidance?

A.

Reconcile online data and the final production reports to gasoline sales reports.

B.

Contact security personnel as evidence suggests gasoline is being stolen from production premises.

C.

Confront the production manager and ask her to explain the differences between real-time and reported data.

D.

Review the processes used to collect the production data and to compile the final production reports.

Full Access
Question # 15

An organization does not have a formal risk management function. According to the Standards, which of the following are conditions where the internal audit activity (IAA) may provide risk management consulting?

1. There is a clear strategy and timeline to migrate risk management responsibility back to management.

2. The IAA has the final approval on any risk management decisions.

3. The IAA does not give objective assurance on any part of the risk management framework for which it is responsible.

4. The nature of services provided to the organization is documented in the internal audit charter.

A.

1, 2, and 3 only

B.

1, 2, and 4 only

C.

1, 3, and 4 only

D.

2, 3, and 4 only

Full Access
Question # 16

Which of the following should be included in the scope of an audit of a third-party contractor?

1. Budgets and financial forecasts for the project.

2. Contractor's information and control systems.

3. Contractor's financial position.

4. Progress of the project and costs incurred.

A.

1 and 4 only

B.

1, 2, and 3 only

C.

2, 3, and 4 only

D.

1, 2, 3, and 4

Full Access
Question # 17

When establishing the internal audit activity's annual plan, which of the following would be the best source of potential audit engagement topics?

A.

The organization's budget.

B.

Operations involving cash transactions.

C.

Recent changes in management objectives.

D.

Risk factors utilized in the organization's risk models.

Full Access
Question # 18

Management requested the chief audit executive (CAE) to include an audit of the organization's health and safety program in next year's annual audit plan. However, the internal audit department has no expertise in this area. Which of the following would be the most appropriate action by the CAE?

A.

With management's agreement, amend the scope of the audit to ensure that areas examined do not require specialized knowledge and expertise.

B.

Meet with management to explain that the audit cannot be undertaken and discuss alternative strategies that can be implemented until internal audit can develop its capability in the area.

C.

Accept the request provided management has conducted a thorough risk assessment prior to the engagement to help guide the audit.

D.

Advise management that compliance audits of this type should only be conducted by the corresponding regulatory agency to ensure independence.

Full Access
Question # 19

A consumer electronics company is considering acquiring a small flash memory manufacturer. An internal auditor has been assigned to determine if the manufacturer's accounts payable contain all outstanding liabilities. Which audit procedure is not relevant for this objective?

A.

Verify the period of liability of subsequent cash disbursements using related supporting documentation.

B.

Send confirmations, including zero-balance accounts, to vendors with whom the manufacturer normally does business.

C.

Trace receiving reports issued before the period end to the accounts payable list and vendor invoices.

D.

Verify a sample of accounts payable by using related invoices, receiving reports, and purchase orders.

Full Access
Question # 20

Which of the following tasks would be considered unusual for planning a control self-assessment workshop?

A.

Conducting interviews to identify relevant issues for the discussion.

B.

Identifying key stakeholders and ensuring they are represented in the group.

C.

Securing an external subject matter expert to arbitrate disputes.

D.

Ensuring that managers are willing to accept constructive criticism.

Full Access
Question # 21

An auditor-in-charge is preparing her audit team for a consulting engagement at one of the organization's foreign subsidiaries. According to the Standards, which of the following would not be a necessary step prior to beginning the engagement?

A.

Verify that none of the audit team worked for the foreign subsidiary within the last year to ensure independence.

B.

Agree, in writing, with the subsidiary's senior management regarding the scope of the engagement.

C.

Communicate a time frame as well as a contingency plan in the event the engagement may take longer than expected.

D.

Communicate what logistical support will be provided by the subsidiary for the duration of the engagement.

Full Access
Question # 22

Confirmation would be most effective in addressing the existence assertion for:

A.

The addition of a milling machine to a machine shop.

B.

Sales of merchandise during the regular course of business.

C.

Inventory held on consignment.

D.

The granting of a patent for a special process developed by the organization.

Full Access
Question # 23

Given the scarcity of internal audit resources, a chief audit executive (CAE) decides not to schedule a follow-up of audit recommendations when developing engagement work schedules. Why does the CAE’s decision violate the Standards?

A.

It is not the CAE's responsibility to establish a process for a follow-up.

B.

Lack of resources is not a sufficient reason to forgo a follow-up.

C.

Follow-up actions should take priority over new engagements in scheduling.

D.

When resources are scarce, the follow-up can be incorporated into the next engagement.

Full Access
Question # 24

In which of the following cases is it appropriate for an audit report to not contain management's response either within the report or as an attachment?

A.

Management’s response to an audit report is generally not a requirement.

B.

Internal controls were found to be properly designed and operating effectively although operations are deemed inefficient.

C.

There was insufficient time to obtain management’s response during the draft reporting process.

D.

An internal audit report contains no observations.

Full Access
Question # 25

With which of the following would the internal audit activity discuss findings, conclusions and recommendations prior to issuance of internal audit report?

1. Business unit management.

2. Chief audit executive.

3. Audit committee.

4. Chief executive officer.

A.

1 and 2 only

B.

1 and 3 only

C.

2 and 3 only

D.

1, 2, 3, and 4

Full Access
Question # 26

What type of analysis is performed when an auditor tests for unusual variations in information by comparing the number of employees working at a factory site with the direct cost of production each month over a period of one year?

A.

Trend analysis.

B.

Ratio analysis.

C.

Regression analysis.

D.

Horizontal analysis.

Full Access
Question # 27

The chief audit executive (CAE) of a multinational entity with highly automated and complex operations has just completed the update of the risk-based audit plan. Interviews with management revealed the introduction of new technology and a significant increase in both the number and severity of technology-based risk exposures. According to the International Professional Practices Framework, which of the following would be the best course of action for the CAE to undertake next?

A.

Develop a detailed audit plan that makes the most efficient use and reallocation of existing internal audit resources.

B.

Arrange for the outsourcing of some technology intensive audit processes and procedures based on the plan changes.

C.

Evaluate whether appropriate skills and knowledge required to perform the necessary audit work currently exist in the department.

D.

Begin planning to recruit information technology audit specialists and other expert personnel into the internal audit activity.

Full Access
Question # 28

An internal auditor recommended that an organization implement computerized controls in its sales system in order to prevent sales representatives from executing contracts in excess of their delegated authority levels. A follow-up review found that the sales system had not been modified, but a process had been implemented to obtain written approval by the vice president of sales for all contracts in excess of $1 million. The chief audit executive (CAE) would be justified in reporting this situation to the organization's board iF.

I.

In the opinion of the CAE, the level of residual risk assumed by senior management is too high.

II.

Testing of compliance with the new process finds that all new contracts in excess of $1 million have been approved by the vice president of sales.

III.

The cost of modifying the sales system to include a preventive control is less than $100,000.

A.

I only

B.

III only

C.

I and III only

D.

I, II, and III

Full Access
Question # 29

While performing a follow-up of a concern about equipment-inventory tracking, which course of action is not necessary for the auditor to take?

A.

Ensure that the steps being taken resolve the condition disclosed by the initial finding.

B.

Ensure that controls have been implemented to prevent the issue from occurring again.

C.

Ensure that the entity has begun to experience benefits as a result of resolving the issue.

D.

Ensure that the inherent risk has been eliminated as a result of resolving the issue.

Full Access
Question # 30

Because of a new marketing initiative, an organization has reduced requirements for extending credit to new customers. As a result, outstanding accounts receivable as a percentage of revenue has increased significantly during the past two years. Which of the following would be least useful in monitoring this finding?

A.

Updates from the manager of accounts receivable regarding collection of outstanding receivables.

B.

Updates from the information technology division regarding development of a new accounts receivable system.

C.

Updates from the controller regarding the status of corrective actions.

D.

Updates from the credit and marketing personnel tasked with reevaluating credit policies.

Full Access
Question # 31

An audit of an organization's fulfillment department discovered that problems in the order processing system led to a significant number of orders being fulfilled multiple times. During the exit conference, the head of the department informed the auditors that the processing system would be enhanced within six months to correct the problems. Which course of action should the chief audit executive follow?

A.

Adjust the scope of the next scheduled audit to determine that the problems have been resolved.

B.

Monitor the status of corrective action and schedule a follow-up engagement when appropriate.

C.

Meet with the audit committee to determine the appropriate follow-up action.

D.

Assess the status of corrective action in a follow-up engagement in six months.

Full Access
Question # 32

An internal auditor compared the number of human resources professionals per employee with industry standards. This comparison would assist the auditor in evaluating which of the following areas?

A.

Sufficiency of controls over payroll rate increases.

B.

Current level of performance of the human resources department.

C.

Adequacy of controls over hiring new employees.

D.

Degree of compliance with human resources policies.

Full Access
Question # 33

Which of the following best describes the most important criteria when assigning responsibility for specific tasks required in an audit engagement?

A.

Auditors must be given assignments based primarily upon their years of experience.

B.

All auditors assigned an audit task must have the knowledge and skills necessary to complete the task satisfactorily.

C.

Tasks must be assigned to the audit team member who is most qualified to perform them.

D.

All audit team members must have the skills necessary to satisfactorily complete any task that will be required in the audit engagement.

Full Access
Question # 34

Which of the following would be the least desirable criteria against which to judge current operations of an organization's treasury function?

A.

The operations of the treasury function as documented during the last audit engagement.

B.

Company policies and procedures delegating authority and assigning responsibilities.

C.

Finance textbook illustrations of generally accepted good treasury function practices.

D.

Codification of best practices of the treasury function in relevant industries.

Full Access
Question # 35

Audit supervision includes approval of the engagement report in order to ensure that:

A.

The client's objectives are met.

B.

Senior management supports the report's conclusions.

C.

Report style and grammar are appropriate.

D.

Report findings are substantiated.

Full Access
Question # 36

To furnish useful and timely information and promote improvements in operations, internal auditors should provide:

A.

Senior management with reports that emphasize the operational details of defective conditions.

B.

Operating management with reports that emphasize general concerns and risks.

C.

Information in written form before it is discussed with the engagement client.

D.

Reports that meet the expectations of both operational and senior management.

Full Access
Question # 37

During an operational audit of a chain of pizza delivery stores, an auditor determined that cold pizzas were causing customer dissatisfaction. A review of oven calibration records for the last six months revealed that adjustments were made on over 40 percent of the ovens. Based on this, the auditor:

A.

Has enough evidence to conclude that improperly functioning ovens are the cause.

B.

Needs to conduct further inquiries and reviews to determine the impact of the oven variations on the pizza temperature.

C.

Has enough evidence to recommend the replacement of some of the ovens.

D.

Must search for another cause since approximately 60 percent of the ovens did not require adjustment.

Full Access
Question # 38

Which of the following situations would best support the decision of a chief audit executive (CAE) to defer follow-up activity at a branch office until the next audit engagement?

A.

An audit of the branch office is routinely scheduled every three years.

B.

On-site follow-up of a remote branch may not be feasible due to travel costs.

C.

Branch office management states that correction of the audit issue may take longer than expected.

D.

The CAE and management agree that the corrective action taken to date is sufficient.

Full Access
Question # 39

If an auditor expects to find numerous discrepancies between recorded values and audited values of sample selections, which sampling technique would be most appropriate?

A.

Attributes sampling.

B.

Probability-proportional-to-size sampling.

C.

Difference estimation sampling.

D.

Discovery sampling.

Full Access
Question # 40

An internal audit activity implemented an integrated test facility to test payroll processing. The auditors identified the key controls and processing steps built into the computer program and developed test data to test them. The auditors submitted test transactions throughout the year and did not find any differences in their test results. The auditors can conclude that:

A.

The system is properly capturing the hours worked by employees during the year and the hours have been properly submitted to payroll and processed correctly.

B.

All employees were correctly paid during the year and their pay was correctly computed.

C.

The computer application and its control procedures were processing payroll transactions correctly during the past year.

D.

All of the above.

Full Access
Question # 41

An internal auditor is discussing an audit problem with an engagement client. While listening to the client, the internal auditor should:

A.

Prepare a response to the client.

B.

Take mental notes on the speaker's nonverbal communication, as it is more important than what is being said.

C.

Make sure that all details, as well as the main ideas of the client, are remembered.

D.

Integrate the incoming information from the client with information that is already known.

Full Access
Question # 42

An auditor prepared a workpaper that consisted of a list of employee names and identification numbers as well as the following statement:

“A statistical sample of 40 employee personnel files was selected to verify that they contain all documents required by company policy 501 (copy attached). No exceptions were noted.”

The auditor did not place any audit verification symbols on this workpaper. Which of the following changes would most improve the auditor's workpaper?

A.

Use of audit verification symbols to show that each file was examined.

B.

Removal of the employee names to protect their confidentiality.

C.

Justification for the sample size.

D.

Listing of the actual documents examined for each employee.

Full Access
Question # 43

An internal auditor provided the following statement about division A's performance during the month: "Because supplies of raw material X were scarce, division A's profits declined by 15 percent."

Which of the following can be validly concluded from the auditor's statement?

I. Division A's production level declined by 15 percent.

II. Division A could have sold more products than it produced.

III. Division A usually sells all of the products that it produces.

A.

I only

B.

II only

C.

III only

D.

I and II only

Full Access
Question # 44

If management expects 100 percent compliance with a procedure, which of the following sampling approaches would be most appropriate?

A.

Attributes sampling.

B.

Discovery sampling.

C.

Targeted sampling.

D.

Variables sampling.

Full Access
Question # 45

A company's policy requires that all customers be treated in a fair and consistent manner. Which of the following audit procedures would provide the most persuasive evidence that the policy was followed?

A.

Compare the aging of outstanding receivables due from each customer.

B.

Compare credit reports with annual sales for a sample of customers.

C.

Compare the ratio of outstanding receivables to the authorized credit limit for each customer.

D.

Compare the sales discounts offered to each customer.

Full Access
Question # 46

New credit policies have been implemented in an automated order-entry system to improve the collection of receivables. Sales management has compiled several examples that show decreased sales and delayed order entry, and contends that these examples are a direct result of the new credit-policy constraints. Sales management's data and information provide.

A.

Feedback control data.

B.

Irrelevant and argumentative information.

C.

Evidence that the new credit policies do not meet the stated corporate objective to improve collections.

D.

A statistically valid conclusion about the impact of the new credit policies on customer goodwill.

Full Access
Question # 47

The balanced scorecard approach differs from traditional performance measurement approaches because it adds which of the following measures?

I. Financial measures.

II. Internal business process measures.

III. Client satisfaction measures.

IV. Innovation and learning measures.

A.

I only

B.

II and IV only

C.

III and IV only

D.

II, III, and IV only

Full Access
Question # 48

An organization's internal auditors are reviewing production costs at a gas-powered electrical generating plant. They identify a serious problem with the accuracy of carbon dioxide emissions reported to the environmental regulatory agency, due to computer errors. The auditors should immediately report the concern to:

A.

The regulatory agency.

B.

Plant management.

C.

A plant health and safety officer.

D.

The risk management function.

Full Access
Question # 49

Which of the following would provide the best audit evidence regarding the effectiveness of an applied research department?

A.

Develop a cost-per-product analysis for products developed over the past five years.

B.

Develop a report on revenue generated by or cost savings directly attributable to newly developed products.

C.

Compare research as a percentage of revenue between this company and all major competitors in the same industry.

D.

Compare the number of this year's new product developments to the number of new product developments for the past five years.

Full Access
Question # 50

After partially completing an internal control review of the accounts payable department, an auditor suspects that some type of fraud has occurred. To ascertain whether the fraud is present, the best sampling approach would be to usE.

A.

Simple random sampling to select a sample of vouchers processed by the department during the past year.

B.

Probability-proportional-to-size sampling to select a sample of vouchers processed by the department during the past year.

C.

Discovery sampling to select a sample of vouchers processed by the department during the past year.

D.

Judgmental sampling to select a sample of vouchers processed by clerks who were identified by the department manager as acting suspiciously.

Full Access
Question # 51

A retail company uses a computer program that matches electronic vendor invoices with the applicable purchase orders and receiving information, which are also maintained electronically.

If an invoice does not match the other items within predefined ranges, a report is generated and sent to the accounts payable department for further investigation. All of the applicable documents are electronically marked, cross-referenced, and retained in open files. Both an integrated test facility and a systems control audit review file (SCARF) have been included in the system.

An auditor wants to determine the extent to which items are not matched at year end and to investigate the potential causes of the unmatched items. Which of the following audit procedures would be most effective in determining the items to investigate?

A.

Use generalized audit software to read the electronically marked unmatched items.

B.

Use generalized audit software to read the purchase orders and trace to applicable receiving and vendor invoice files.

C.

Use the SCARF to identify unusual items. Select an attributes sample and trace to the underlying documentation.

D.

Submit test data to identify attributes of unmatched items. Follow up by investigating the identified attributes.

Full Access
Question # 52

Which of the following procedures would be most helpful in providing additional evidence when an auditor suspects that an unidentified employee is submitting and approving invoices for payment?

A.

Use generalized audit software to identify invoices from vendors with post office box numbers or other unusual features. Select a sample of those invoices and trace to supporting documents such as receiving reports.

B.

Select a sample of payments made during the year and investigate each one for approval.

C.

Select a sample of receiving reports representative of the period under investigation and trace to approved payment. Note any items not properly processed.

D.

Select a sample of invoices paid during the past month and trace them to appropriate vendor accounts.

Full Access
Question # 53

Which of the following is used to identify and prioritize critical business applications to determine those that must be restored and the order of restoration in the event that a disaster impairs information systems processing?

A.

Contingent facility contract analysis.

B.

System backup analysis.

C.

Vendor supply agreement analysis.

D.

Risk analysis.

Full Access
Question # 54

Which of the following does not represent a difficulty in using red flags as fraud indicators?

A.

Many common red flags are also associated with situations where no fraud exists.

B.

Some red flags are difficult to quantify or to evaluate.

C.

Red flag information is only gathered in extraordinary circumstances.

D.

The red flags literature is not well enough established to have a positive impact on auditing.

Full Access
Question # 55

After completing a net present value (NPV) calculation on a proposed project, an analyst explores the change in NPV with changes in the interest rate. This additional analysis is referred to as:

A.

Decision analysis.

B.

simul-ation.

C.

Sensitivity analysis.

D.

Variance analysis.

Full Access
Question # 56

Which of the following would be the least important reason for a company to merge with another company?

A.

To diversify risk.

B.

As a response to new government policy.

C.

To reduce labor costs.

D.

To increase stock prices.

Full Access
Question # 57

All of the following tools are employed to control large-scale projects except:

A.

Program evaluation and review technique (PERT).

B.

Critical path method.

C.

Statistical process control.

D.

Gantt charts.

Full Access
Question # 58

Which of the following items should be addressed in an organization's privacy statement?

I.

Intended use of collected information.

II.

Data storage and security.

III.

Network/infrastructure authentication controls.

IV.

Data retention policy of the organization.

Parties authorized to access information.

A.

I and II only

B.

I and IV only

C.

I, II, and V only

D.

II, III, IV, and V only

Full Access
Question # 59

After completing a fraud investigation but before publishing a formal written report, the chief audit executive should submit a draft of the final report to the organization's:

A.

Legal counsel.

B.

External auditor.

C.

Audit committee chairperson.

D.

Chief executive officer.

Full Access
Question # 60

An internal auditor for a financial institution has just completed an audit of loan processing. Of the 81 loans approved by the loan committee, the auditor found seven loans which exceeded the approved amount. Which of the following actions would be inappropriate on the part of the auditor?

A.

Examine the seven loans to determine if there is a pattern. Summarize amounts and include in the engagement final communication.

B.

Report the amounts to the loan committee and leave it up to them to correct. Take no further follow-up action at this time and do not include the items in the engagement final communication.

C.

Follow up with the appropriate vice president and include the vice president's acknowledgment of the situation in the engagement final communication.

D.

Determine the amount of the differences and make an assessment as to whether the dollar differences are material. If the amounts are not material, not in violation of government regulations, and can be rationally explained, omit the observation from the engagement final communication.

Full Access
Question # 61

An auditor is performing a review of a complex process to identify opportunities to increase efficiency. What is the most practical way to document the process to identify areas of inefficiency?

A.

Write a description of the process activities in sequential order.

B.

Develop a PERT (program evaluation and review technique) diagram.

C.

Flowchart the process.

D.

Create a decision tree.

Full Access
Question # 62

A recent survey indicated that residents of a small town take the train to a nearby city eight times per month, on average. The same survey showed that the number of train trips that a resident takes per month (y) is determined by the number of days per month that the resident works in the nearby city (x), according to the equation: y = 2 + 2x. A person who never works in the nearby city is expected to take the train:

A.

Zero times per month.

B.

Two times per month.

C.

Four times per month.

D.

Eight times per month.

Full Access
Question # 63

In response to an accounts receivable confirmation, a customer indicated that the invoice listed on the confirmation letter had been paid two months earlier.

This may indicate that:

A.

The receivable was selected for confirmation in error.

B.

The customer is a bad credit risk.

C.

The receivable should be written off.

D.

Fraudulent activity has occurred.

Full Access
Question # 64

Questions used to interrogate individuals suspected of fraud should:

A.

Adhere to a predetermined order.

B.

Cover more than one subject or topic.

C.

Move from general to specific.

D.

Direct the individual to a desired answer.

Full Access
Question # 65

Which of the following is an advantage of control self-assessment (CSA) over conventional auditing techniques?

A.

CSA evaluates control activities and human resource practices.

B.

CSA provides assurance about whether business objectives will be met.

C.

CSA facilitates obtaining input from subject-matter experts efficiently.

D.

CSA provides assurance that action will be taken to improve deficiencies.

Full Access
Question # 66

Which of the following methods would an auditor most likely use to document a complex sales order process?

A.

Develop a horizontal flowchart, with supporting documentation for key control points.

B.

Create a critical path method chart, noting the processes involved for each step.

C.

Perform a process review, assigning time and cost to each step of the process to develop a hierarchy flowchart.

D.

Utilize a systems narrative, which can be updated during subsequent audits.

Full Access
Question # 67

Senior management of an organization has requested that the internal audit activity provide ongoing internal control training for all managerial personnel. This is best addressed by:

A.

A formal consulting engagement.

B.

An informal consulting engagement.

C.

A performance assurance engagement.

D.

An operational assurance engagement.

Full Access
Question # 68

As a result of a recent discovery of false information on employment applications, an internal auditor has reviewed hiring procedures. Which of the following represents a weakness in the control system?

I. Applicants are not required to have their signed applications legally authenticated.

II. Applicants' educational information is not validated with the educational institution before employment is offered.

III. Information related to applicants' long-term work history is not validated before employment is offered.

A.

III only

B.

I and II only

C.

II and III only

D.

I, II, and III

Full Access
Question # 69

Recommendations should be included in the audit report in order to:

A.

Provide management with options for addressing audit findings.

B.

Ensure that audit findings are resolved in the manner suggested by the auditor.

C.

Minimize the amount of time required to correct audit findings.

D.

Ensure that audit findings are addressed by management.

Full Access
Question # 70

A manager of one of a retailer's several retail outlets is stealing cash from cash sales, recording the sales as accounts receivable, and subsequently writing off the fictitious accounts receivable as bad debts. Which of the following comparisons would be most effective in signaling the possibility of such a fraud?

A.

Bad debt expense as a percentage of sales, compared to that of the other outlets.

B.

Bad debt expense as a percentage of sales, compared to that of previous years.

C.

Percentage of past-due accounts receivable, compared to that of the other outlets.

D.

Percentage of past-due accounts receivable, compared to that of previous years.

Full Access
Question # 71

Which of the following activities would be performed during a benchmarking consulting engagement?

I. Collect data relevant to the benchmarking process.

II. Review all business processes.

III. Define critical success factors.

IV. Identify performance gaps.

A.

I and III only

B.

II and IV only

C.

I, II, and III only

D.

I, III, and IV only

Full Access
Question # 72

The use of standard operating procedure questionnaires in audit fieldwork can be beneficial because.

A.

These questionnaires can both identify discrepancies and educate clients.

B.

Standard operating procedures are essential to the effectiveness and efficiency of operations.

C.

These questionnaires are more comprehensive than are other types of techniques for gathering data during fieldwork.

D.

These questionnaires do not normally require prior clearance with management of the audited area.

Full Access
Question # 73

According to IIA guidance, organizations have the most influence on which element of fraud?

A.

Opportunity.

B.

Rationalization.

C.

Pressure.

D.

Incentives.

Full Access
Question # 74

When creating the internal audit plan, the chief audit executive should prioritize engagements based primarily on which of the following?

A.

The last available risk assessment.

B.

Requests from senior management and the board.

C.

The longest interval since the last examination of each audit universe item.

D.

The auditable areas required by regulatory agencies.

Full Access
Question # 75

Which of the following statements is true pertaining to interviewing a fraud suspect?

1. Information gathered can be subjective as well as objective to be useful.

2. The primary objective is to obtain a voluntary written confession.

3. The interviewer is likely to begin the interview with open-ended questions.

4. Video recordings always should be used to provide the highest quality evidence.

A.

1 only

B.

4 only

C.

1 and 3

D.

2 and 4

Full Access
Question # 76

In which of the following situations would an internal auditor consider the need to outsource competencies and skills9

A.

During the inspection of a wind turbine. an internal auditor notices that some replaced parts took used According to purchase documents, the parts still have a long lifespan.

B.

The auditor believes that the audit client's actions contradict the organization's code of conduct The audit client disagrees and says his actions are for the organization's benefit

C.

An audit team member is allocated to conduct an assurance engagement m the sales unit. However, the same auditor performed an assurance engagement in that area just one year prior

D.

During an inventory count, the auditor ascertained that some goods were missing. The audit client argues that the auditor does not understand how inventory should be counted

Full Access
Question # 77

An internal auditor conducted interviews with several employees, documented the interviews analyzed the summaries, and drew a number of conclusions. What sort of audit evidence has the internal auditor primarily obtained?

A.

Documentary evidence

B.

Testimonial evidence

C.

Analytical evidence

D.

Physical evidence

Full Access
Question # 78

According to IIA guidance, which of the following is true regarding audit supervision?

1. Supervision should be performed throughout the planning, examination, evaluation, communication, and follow-up stages of the audit engagement.

2. Supervision should extend to training, time reporting, and expense control, as well as administrative matters.

3. Supervision should include review of engagement workpapers, with documented evidence of the review.

A.

1 and 2 only

B.

1 and 3 only

C.

2 and 3 only

D.

1, 2, and 3

Full Access
Question # 79

Which of the following is not an outcome of control self-assessment?

A.

Informal, soft controls are omitted, and greater focus is placed on hard controls.

B.

The entire objectives-risks-controls infrastructure of an organization is subject to greater monitoring and continuous improvement.

C.

Internal auditors become involved in and knowledgeable about the self-assessment process.

D.

Nonaudit employees become experienced in assessing controls and associating control processes with managing risks.

Full Access
Question # 80

Which of the following describes (he primary reason why a preliminary risk assessment is conducted during engagement planning?

A.

To identify the greatest risks organizationwide

B.

To ensure that the engagement work program covers all risk areas

C.

To ensure that risks identified during previous audits of the area have been adequately addressed

D.

To ensure that significant risks are included in the engagement scope

Full Access
Question # 81

Which of the following best describes how an internal auditor would use a flowchart during engagement planning?

A.

To prepare for testing the effectiveness of controls

B.

To plan for evaluating potential losses

C.

To prepare a sampling plan for the engagement

D.

To evaluate the design of controls

Full Access
Question # 82

During the filework phase of an assurance engagement the internal auditor decides that she wants to adjust the audit work program. Which of the following is the most appropriate next step for the auditor to take9

A.

Request additional information needed from management of the area under review.

B.

Obtain approval from the engagement supervisor

C.

Obtain the required resources, including IT. to complete the work

D.

Discuss the change in scope with management of the area under review.

Full Access
Question # 83

A newly promoted chief audit executive (CAE) is faced with a backlog of assurance engagement reports to review for approval. In an attempt to attach a priority for this review, the CAE scans the opinion statement on each report. According to IIA guidance, which of the following opinions would receive the lowest review priority?

1. Graded positive opinion.

2. Negative assurance opinion.

3. Limited assurance opinion.

4. Third-party opinion.

A.

1 and 3

B.

1 and 4

C.

2 and 3

D.

2 and 4

Full Access
Question # 84

In which of the following situations would an internal control questionnaire best suit the internal auditor's purpose?

A.

The auditor wants to receive mid-level management insight on how to improve hiring practices

B.

The auditor wants to obtain information on whether adherence to approval matrices is actually taking place in different maintenance units.

C.

The auditor wants to gain assurance that inventory counts are conducted in accordance with established procedures.

D.

The auditor wants to assess whether different subsidiaries apply centrally established procurement rules in the same manner

Full Access
Question # 85

Which of the following statements is false regarding roles and responsibilities pertaining to risk management and control?

A.

Senior management is charged with overseeing the establishment risk management and control processes.

B.

The chief audit executive is responsible for overseeing the evaluation risk management and control processes.

C.

Operating managers are responsible for assessing risks and controls in their departments.

D.

Internal auditors provide assurance about risk management and control process effectiveness.

Full Access
Question # 86

A code of business conduct should include which of the following to increase its deterrent effect?

1. Appropriate descriptions of penalties for misconduct.

2. A notification that code of conduct violations may lead to criminal prosecution.

3. A description of violations that injure the interests of the employer.

4. A list of employees covered by the code of conduct.

A.

1 and 2

B.

1 and 3

C.

2 and 4

D.

3 and 4

Full Access
Question # 87

Management has taken immediate action to address an observation received during an audit of the organization's manufacturing process Which of the following is true regarding the validity of the observation closure?

A.

Valid closure requires evidence that ensures the corrected process will function as expected in the future

B.

Valid closure requires the client lo address not only the condition, but also the cause of the condition

C.

Valid closure of an observation ensures it will be included in the final engagement report

D.

Valid closure requires assurance from management that the original problem will not recur in the future

Full Access
Question # 88

Which of the following computerized audit tools or techniques should be used if the internal auditor wants to extract specific files and records in the database?

A.

An expert or decision support system

B.

Generalized audit software

C.

A system utility program

D.

An integrated test facility

Full Access
Question # 89

Which of the following components should be included in an audit finding?

1. The scope of the audit.

2. The standard(s) used by the auditor to make the evaluation.

3. The engagement's objectives.

4. The factual evidence that the internal auditor found in the course of the examination.

A.

1 and 2

B.

1 and 3 only

C.

2 and 4

D.

1, 3, and 4

Full Access
Question # 90

Which of the following should management action plans include at a minimum?

A.

An implementer for the action plan

B.

An owner of the action plan

C.

The internal auditor's next review date of the action plan

D.

Detailed procedures for the action plan

Full Access