Weekend Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

The internal audit activity (IAA) wants to measure its performance related to the quality of audit recommendations. Which of the following client survey questions would best help the IAA meet this objective?

A.

Were audit findings relevant and useful to management?

B.

Does the audit report format present issues clearly and concisely?

C.

Does the IAA work with a high degree of professionalism and objectivity?

D.

Were the findings reported in a timely manner?

An internal auditor submitted a report containing recommendations for management to enhance internal controls related to investments. To follow up, which of the following is the most appropriate action for the internal auditor to take?

A.

Observe corrective measures.

B.

Seek a management assurance declaration.

C.

Follow up during the next scheduled audit.

D.

Conduct appropriate testing to verify management responses.

When setting the scope for the identification and assessment of key risks and controls in a process, which of the following would be the least appropriate approach?

A.

Develop the scope of the audit based on a bottom-up perspective to ensure that all business objectives are considered.

B.

Develop the scope of the audit to include controls that are necessary to manage risk associated with a critical business objective.

C.

Specify that the auditors need to assess only key controls, but may include an assessment of non-key controls if there is value to the business in providing such assurance.

D.

Ensure the audit includes an assessment of manual and automated controls to determine whether business risks are effectively managed.

A chief audit executive (CAE) is determining which engagements to include on the annual audit plan. She would like to consider the organization's attitude toward risk and the degree of difficulty in achieving objectives. Which of the following resources should the CAE consult?

A.

The corporate risk register.

B.

The strategic plan.

C.

Internal and external audit reports.

D.

The board's meeting records.

According to IIA guidance, which of the following statements is true regarding the authority of the chief audit executive (CAE) to release previous audit reports to outside parties?

A.

The CAE can release prior internal audit reports with the approval of the board and senior management.

B.

The CAE can employ judgment and release prior audit results as they deem appropriate and necessary.

C.

The CAE can only release prior information outside the organization when mandated by legal or statutory requirements.

D.

The CAE can release prior information provided it is as originally published and distributed within the organization.

Which of the following is the primary purpose of financial statement audit engagements?

A.

To assess the efficiency and effectiveness of the accounting department.

B.

To evaluate organizational and departmental structures, including assessments of process flows related to financial matters.

C.

To provide a review of routine financial reports, including analyses of selected accounts for compliance with generally accepted accounting principles.

D.

To provide an analysis of business process controls in the accounting department, including tests of compliance with internal policies and procedures.

The chief risk officer (CRO) of a large manufacturing organization decided to facilitate a workshop for process managers and staff to identify opportunities for improving productivity and reducing defects. Which of the following is the most likely reason the CRO chose the workshop approach?

A.

It minimizes the amount of time spent and cost incurred to gather the necessary information.

B.

Responses can be confidential, thus encouraging participants to be candid expressing their concerns.

C.

Workshops do not require extensive facilitation skills and are therefore ideal for nonauditors.

D.

Workshop participants have an opportunity to learn while contributing ideas toward the objectives.

Which of the followings statements describes a best practice regarding assurance engagement communication activities?

A.

All assurance engagement observations should be communicated to the audit committee.

B.

All assurance engagement observations should be included in the main section of the engagement communication.

C.

During the "communicate" phase of an assurance engagement, it is best to define the methods and timing of engagement communications.

D.

A detailed escalation process should be developed during the planning stage of an assurance engagement.

Which of the following is least likely to help ensure that risk is considered in a work program?

A.

Risks are discussed with audit client.

B.

All available information from the risk-based plan is used.

C.

Client efforts to affect risk management are considered.

D.

Prior risk assessments are considered.

According to IIA guidance, organizations have the most influence on which element of fraud?

A.

Opportunity.

B.

Rationalization.

C.

Pressure.

D.

Incentives.

Which of the following is an appropriate responsibility for the internal audit activity with regard to the organization's risk management program?

A.

Identifying and managing risks in line with the entity's risk appetite.

B.

Ensuring that a proper and effective risk management process exists.

C.

Attaining an adequate understanding of the entity's key mitigation strategies.

D.

Identifying and ensuring that appropriate controls exist to mitigate risks.

Which of the following actions are appropriate for the chief audit executive to perform when identifying audit resource requirements?

1. Consider employees from other operational areas as audit resources, to provide additional audit coverage in the organization.

2. Approach an external service provider to conduct internal audits on certain areas of the organization, due to a lack of skills in the organization.

3. Suggest to the audit committee that an audit of technology be deferred until staff can be trained, due to limited IT audit skills among the audit staff.

4. Communicate to senior management a summary report on the status and adequacy of audit resources.

A.

1 and 3 only

B.

2 and 4 only

C.

1, 2, and 4

D.

2, 3, and 4

During an assurance engagement, an internal auditor noted that the time staff spent accessing customer information in large Excel spreadsheets could be reduced significantly through the use of macros. The auditor would like to train staff on how to use the macros. Which of the following is the most appropriate course of action for the internal auditor to take?

A.

The auditor must not perform the training, because any task to improve the business process could impact audit independence.

B.

The auditor must create a new, separate consulting engagement with the business process owner prior to performing the improvement task.

C.

The auditor should get permission to extend the current engagement, and with the process owner's approval, perform the improvement task.

D.

The auditor may proceed with the improvement task without obtaining formal approval, because the task is voluntary and not time-intensive.

An internal auditor determines that certain information from the engagement results is not appropriate for disclosure to all report recipients because it is privileged. In this situation, which of the following actions would be most appropriate?

A.

Disclose the information in a separate report.

B.

Distribute the information in a confidential report to the board only

C.

Distribute the reports through the use of blind copies.

D.

Exclude the results from the report and verbally report the conditions to senior management and the board.

An internal auditor is conducting an assessment of the purchasing department. She has worked the full amount of hours budgeted for the engagement; however, the audit objectives are not yet complete. According to IIA guidance, which of the following are appropriate options available to the chief audit executive?

1. Allow the auditor to decide whether to extend the audit engagement.

2. Determine whether the work already completed is sufficient to conclude the engagement.

3. Provide the auditor feedback on areas of improvement for future engagements.

4. Provide the auditor with instructions and directions to complete the audit.

A.

1, 2, and 3

B.

1, 2, and 4

C.

1, 3, and 4

D.

2, 3, and 4