Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exc65

A medical insurance provider uses an electronic claims-submission process and suspects that a number of physicians have submitted claims for treatments that were not performed. Which of the following control procedures would be most effective to detect this type of fraud?

A.

Require the physician to submit a signed statement attesting that the treatments had been performed.

B.

Send confirmations to the physicians, requesting them to verify the exact nature of the claims submitted to the insurance provider.

C.

Develop an integrated test facility and submit false claims to verify that the system is detecting such claims on a consistent basis.

D.

Use computer software to identify abnormal claims based on the insured's age and medical history.

An internal auditor uses a predefined macro provided in a popular spreadsheet application to verify the present value of the organization's investments. Which of the following is the most appropriate course of action regarding the auditor's use of this functionality?

A.

The auditor should accept the calculations generated by the function, as any further work or documentation would be inefficient.

B.

The auditor should perform a manual recalculation of several results to validate and document the results.

C.

The auditor should review the programming of the macro before its use to ensure that it is appropriate for the required calculations.

D.

The auditor should tabulate the results in the spreadsheet to ensure the macro has generated the correct results for all calculations.

Which of the following best demonstrates the authority of the internal audit activity?

A.

Suggesting alternatives to decision makers.

B.

Improving the integrity of information.

C.

Determining the scope of internal audit services.

D.

Achieving engagement objectives.

Which of the following situations is most likely to impair internal audit objectivity?

A.

An internal auditor reports both functionally and administratively to the chief financial officer (CFO).

B.

An internal auditor, who was an accounts receivable intern for the organization three years prior, performs an audit of the accounts receivable cycle.

C.

According to policy, the internal auditor must obtain approval from the CFO prior to requesting information for internal audit purposes.

D.

An internal auditor performs an audit in a department that is led by the auditor's close friend.

According to IIA guidance, which of the following statements about working papers is false?

A.

They assist in the implementation of recommendations.

B.

They provide support for communication to third parties.

C.

They demonstrate compliance with auditing standards.

D.

They contribute to development of the internal audit staff.

According to IIA guidance, which of the following best describes internal auditors' responsibility regarding fraud?

A.

Internal auditors should take a leading role in investigating all fraud-related cases.

B.

Internal auditors must have sufficient knowledge to evaluate the risk of fraud.

C.

Internal auditors should report all fraud cases to law enforcement agents, in accordance with the Code of Ethics.

D.

Internal auditors are responsible for ensuring that fraud does not occur.

According to IIA guidance, which of the following statements is true regarding the reporting of results from an external quality assessment of the internal audit activity?

A.

The external assessment results are reported upon completion in confidence directly to the board, and senior management is advised only of the recommendations and improvement action plans.

B.

The results of self-assessments with independent external validation are shared with the board upon completion, and monitoring of recommended improvements must be reported monthly.

C.

The external assessment results are communicated upon completion to senior management and the board, but action plans for recommended improvements do not have to be reported.

D.

The requirements for reporting quality assessment results are the same for external assessments and self-assessments with independent external validation.

In which of the following scenarios would the chief audit executive (CAE) be required to decline the assignment?

A.

The CAE would need to procure external services to deliver the internal audit assurance program.

B.

There is no expertise within the internal audit team for detecting and investigating fraud.

C.

There is no expertise within the internal audit team for auditing an IT engagement.

D.

There is no available expertise on the internal audit team to perform a consulting engagement.

According to IIA guidance, which of the following is ultimately responsible for seeing that the internal control system of an organization's social responsibility program is effective?

A.

Senior management.

B.

Internal audit activity.

C.

All employees.

D.

Board of directors.

The security department uncovered what appears to be a complex fraud in the accounting department. The CEO has requested the internal audit activity to investigate the fraud. If the internal audit staff lacks the expertise to conduct the investigation, how should the chief audit executive proceed?

A.

Disclose the deficiency, and request that the investigation be reassigned to the first line of defense.

B.

Proceed with the investigation, as internal auditors are not required to have fraud expertise.

C.

Outsource the sensitive investigation to a third-party consultant with fraud expertise.

D.

Select a member of the accounting department who is not involved in the fraud to join the investigation team in a consulting capacity.

Which of the following options is the most cost-effective and efficient way for internal auditors to keep current with the latest developments in the internal audit profession?

A.

Attending annual professional conferences and seminars.

B.

Participating in on-the-job training in various departments of the organization.

C.

Pursuing as many professional certifications as possible.

D.

Maintaining membership in The HA and similar professional organizations and subscribing to relevant email updates or news feeds.

According to the COSO enterprise risk management (ERM) framework, which of the following is not part of the new paradigm in ERM?

A.

Assessing the risk factors.

B.

Aligning risk appetite and strategy.

C.

Enhancing risk response decisions.

D.

Reducing operational surprises and losses.

Which of the following are generally recognized as essential elements of a corporate social responsibility program?

A.

Human rights and the environment.

B.

Organizational governance and financial reporting.

C.

Fair operating practices and government regulation.

D.

Consumer issues and return on investment.

An organization is beginning to implement an enterprise risk management program. One of the first steps is to develop a common risk language. Which of the following statements about a common risk language is true?

A.

Management will be able to reduce inherent risk because they will have a better understanding of risk.

B.

Internal auditors will be able to reduce their sample sizes because controls will be more consistent.

C.

Stakeholders will have more assurance that the risks are assessed consistently.

D.

Decision makers will understand that the likelihood of missing or ineffective controls will be reduced.

Which of the following is a detective control strategy against fraud?

A.

Requiring employees to attend ethics training.

B.

Performing background checks on employees.

C.

Implementing a control self-assessment.

D.

Performing a surprise audit.