QUESTION 1
The top three sales representatives for a company consistently include non-allowable charges on their expense reports. Line management is reluctant to deny reimbursement of the charges for fear of losing the sales representatives. This situation has the greatest negative impact on which of the following internal control components?
A. Monitoring.
B. Controlenvironment.
C. Information and communication. D. Control activities.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 2
Which of the following factors affects the control risk of a company?
A. Potentialproblemsliketechnologicalobsolescence. B. Unusualpressuresonmanagement.
C. Complex accounts that require expert valuations. D. Segregation of duties.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 3
Human resources and payroll are separate departments. Which of the following combinations would provide the best segregation of duties?
A. Humanresourcespersonneladdemployees,payrollpersonnelprocesshours,andhumanresourcespersonneldeliverpaycheckstoemployees.
B. Humanresourcespersonneladdemployees,reviewandsubmitpayrollhourstothepayrolldepartmentforprocessing,anddeliverpaycheckstoemployees.
C. Human resources personnel add employees, and payroll personnel process hours and enter employee bank account numbers. Paychecks are automatically deposited in the employee's bank account.
D. Payroll personnel add employees and enter employee bank account numbers but process hours only as approved by the human resources department. Paychecks are automatically deposited in the employee's bank account.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference:
QUESTION 4
Which of the following is an appropriate role for the board in governance?
A. Preparingwrittenorganizationalpoliciesthatrelatetocompliancewithlaws,regulations,ethics,andconflictsofinterest.
B. Ensuringthatfinancialstatementsareunderstandable,transparent,andreliable.
C. Assistingtheinternalauditactivityinperformingannualreviewsofgovernance.
D. Working with the organization's attorneys to develop a strategy regarding current litigation, pending litigation, or regulatory proceedings governance.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 5
According to the International Professional Practices Framework, which of the following is the appropriate division of responsibilities for the coordination of internal and external audit efforts?
I. Oversight of Work Coordination of Activities
Chief audit executive Senior management
II. Board
Chief audit executive
III. Chief financial officer Chief audit executive
IV. Board
Chief financial officer
A. I B. II. C. III. D. IV.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 6
According to the Standards, the organizational status of the internal audit activity:
A. Mustbesufficienttopermittheaccomplishmentofitsauditresponsibilities.
B. Isbestwhenthereportingrelationshipisdirecttotheboardofdirectors.
C. Requires the board's annual approval of the audit schedules, plans, and budgets. D. Is guaranteed when the charter specifically defines its independence.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 7
A high-volume retailer of consumer goods has used point-of-sale data to record sales and update inventory records for several years. When price changes are scheduled, corporate headquarters downloads a price change file to a computer server system at each store. Each store's assistant manager is responsible for checking the server for downloads and running the program that updates the store's price file at the authorized price update time. In comparison with having headquarters initiate the price update centrally, this approach to price updating will most likely:
A. Decreasetheriskthatcustomerswillbeunderchargedconsistentlyforsalesitems. B. Decreasetheriskthatitempriceswillsometimesbeinaccurate.
C. Increase the risk that customers will be undercharged consistently for sales items. D. Increase the risk that item prices will sometimes be inaccurate.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 8
An internal auditor is reviewing a new automated human resources system. The system contains a table of pay rates which are matched to the employee job classifications. The best control to ensure that the table is updated correctly for only valid pay changes would be to:
A. Limitaccesstothedatatabletomanagementandlinesupervisorswhohavetheauthoritytodeterminepayrates.
B. Requireasupervisorinthedepartment,whodoesnothavetheabilitytochangethetable,tocomparethechangestoasignedmanagementauthorization. C. Ensure that adequate edit and reasonableness checks are built into the automated system.
D. Require that all pay changes be signed by the employee to verify that the change goes to a bona fide employee.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 9
According to the International Professional Practices Framework, internal auditors should possess which of the following competencies? I. Proficiency in applying internal auditing standards, procedures, and techniques.
II. Proficiency in accounting principles and techniques.
III. An understanding of management principles.
IV. An understanding of the fundamentals of economics, commercial law, taxation, finance, and quantitative methods.
A. Ionly
B. IIonly
C. I and III only
D. I, III, and IV only
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 10
Which of the following is not an appropriate role for internal auditors after a disaster occurs?
A. Monitortheeffectivenessoftherecoveryandcontrolofoperations.
B. Correctdeficienciesoftheentity'sbusinesscontinuityplan.
C. Recommend future improvements to the entity's business continuity plan.
D. Assist in the identification of lessons learned from the disaster and the recovery operations.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 11
Which of the following lists the audit activities in the order in which they would generally be completed during a preliminary survey? I. Write detailed audit procedures.
II. Identify client objectives, goals, and standards.
III. Identify risks and controls intended to prevent associated losses.
IV. Determine relevant engagement objectives.
A. II,I,IV,III. B. II,III,IV,I. C. III, IV, II, I. D. II, IV, I, III.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 12
During the planning phase of an audit of suspected overbilling on contracts for security services, an auditor should perform all of the following except:
A. Interviewinganofficialofthesecurityservicescompanytodeterminethecauseofrecentincreasesinbillingsforservices. B. Interviewingthemanagerwhorequestedtheauditengagement.
C. Obtaining a copy of the contract between the two organizations.
D. Preparing an engagement program.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 13
Which of the following statements regarding segregation of duties is true?
A. Whenevaluatinganorganization'spolicyonsegregationofduties,employeecompetencedoesnotneedtobeconsidered.
B. Anorganizationalchartprovidesanaccuratedefinitionofsegregationofduties.
C. A restrictive segregation-of-duties policy can help improve an organization's communication.
D. Policies on segregation of duties in information systems must recognize the difference between logical and physical access to assets.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 14
An auditor plans to analyze customer satisfaction, including. (1) customer complaints recorded by the customer service department during the last three months; (2)
merchandise returned in the last three months; and (3) responses to a survey of customers who made purchases in the last three months. Which of the following statements regarding this audit approach is correct?
A. Althoughuseful,suchananalysisdoesnotaddressanyriskfactors.
B. Thesurveywouldnotconsidercustomerswhodidnotmakepurchasesinthelastthreemonths.
C. Steps 1 and 2 of the analysis are not necessary or cost-effective if the customer survey is comprehensive. D. Analysis of three months' activity would not evaluate customer satisfaction.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 15
If an internal auditor discloses confidential information in response to a lawsuit, the internal auditor has violated.
A. TheIIACodeofEthics.
B. TheStandards.
C. Both the IIA Code of Ethics and the Standards. D. Neither the IIA Code of Ethics nor the Standards.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 16
In developing an appropriate work program for an audit engagement, the most important factor for an audit supervisor to consider is the:
A. Availabilityofrecordsanddata.
B. Potentialimpactofrisks.
C. Audit personnel's knowledge and experience. D. Time required to complete the engagement.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 17
An organization has a policy requiring two signatures on all checks written for amounts in excess of $10, 000. When evaluating controls over disbursements, an auditor would conclude that a greater risk exists if.
A. Theauditorlocatedtwochecksfor$9,000eachthatcontainedoneauthorizedsignature.
B. The$10,000wasanimmaterialamounttotheorganizationandveryfewcashdisbursementsrequiredanamountinexcessof$10,000.
C. The director of accounting was not one of the authorized signers.
D. There were several instances in which successively numbered checks for amounts between $5, 000 and $10, 000 were made payable to the same vendor.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 18
Which of the following is not an appropriate type of coordination between the internal audit activity and regulatory auditors?
A. Regulatoryauditorssharetheirperspectiveonriskmanagement,control,andgovernancewiththeinternalauditors. B. Internalauditorsperformfieldworkatthedirectionoftheregulatoryauditors.
C. Internal auditors review copies of regulatory reports in planning related internal engagements.
D. Regulatory and internal auditors exchange information about planned activities.
Correct Answer: B
Section: Volume A Explanation
Explanation/Reference:
QUESTION 19
Which of the following activities most significantly increases the risk that a bank will make poor-quality loans to its customers?
A. Borrowersmaynotsignallrequiredmortgageloandocumentation.
B. Feespaidbytheborroweratthetimeoftheloanmaynotbedepositedinatimelymanner. C. The bank's loan documentation may not meet the government's disclosure requirements. D. Loan officers may override the lending criteria established by senior management.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 20
An organization that outsources much of its internal audit work to an external service provider is planning for an external quality assessment. Which of the following options would accomplish this task and be in conformance with the Standards?
A. Externalindustryassociatethatperformedasimilarreviewforasupplieroftheorganization.
B. Ateamfromanindependententitythatpreviouslyemployedthechiefauditexecutiveoftheorganization.
C. A team under the direction of the organization's chief audit executive with validation by a former manager of the internal audit activity. D. The same external service provider because of its competency and experience with the organization.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 21
Which of the following would not be a factor for senior management to consider when determining the internal audit activity's role in an organization's risk
management process?
A. Theextenttowhichtheinternalauditactivityisoutsourced.
B. Thematuritylevelofriskmanagementpracticesintheorganization.
C. The competency of the internal auditors in risk management.
D. The nature of the business and the environment in which the organization operates.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 22
Which of the following best describes the underlying premise of the COSO enterprise risk management framework?
A. Managementshouldsetobjectivesbeforeassessingrisk.
B. Everyentityexiststoprovidevalueforitsstakeholders.
C. Policies are established to ensure that risk responses are performed effectively.
D. Enterprise risk management can minimize the impact and likelihood of unanticipated events.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 23
An internal auditor is assigned to conduct an audit of security for a local area network (LAN) in the finance department of the organization. Investment decisions, including the use of hedging strategies and financial derivatives, use data and financial models which run on the LAN. The LAN is also used to download data from the mainframe to assist in decisions. Which of the following should be considered outside the scope of this security audit engagement?
A. InvestigationofthephysicalsecurityoveraccesstothecomponentsoftheLAN.
B. TheabilityoftheLANapplicationtoidentifydataitemsatthefieldorrecordlevelandimplementuseraccesssecurityatthatlevel.
C. Interviews with users to determine their assessment of the level of security in the system and the vulnerability of the system to compromise. D. The level of security of other LANs in the company which also utilize sensitive data.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 24
When internal auditors perform consulting services that add value and improve an organization's operations, these services:
A. Impairtheinternalauditors'objectivitywithrespecttoanassuranceserviceinvolvingthesameengagementclient. B. Wouldprecludetheachievementofassurancefromtheconsultingengagement.
C. Should be consistent with the internal audit activity's empowerment reflected in the charter.
D. Impose no responsibility to communicate information other than to the engagement client.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference:
QUESTION 25
A manufacturing firm uses hazardous materials in the production of its products. An audit of the firm's processes related to hazardous materials should include. I. Recommending an environmental management system as part of policies and procedures.
II. Verifying the existence of tracking records for these materials from creation to destruction.
III. Using consultants to avoid self-incrimination of the firm in the event illegalities were detected in an environmental audit.
IV. Evaluating the cost provided for in an environmental liability accrual account.
A. IIonly
B. IIIandIVonly C. I, II, and IV only D. I, III, and IV only
Correct Answer: C Section: Volume A Explanation
Explanation/Reference:
QUESTION 26
An organization's accounts payable function improved its internal controls significantly after it received an unsatisfactory audit report.
When planning a follow-up audit of the function, what level of detection risk should be expected if the audit and sampling procedures used are unchanged from the prior audit?
A. Detectionriskislowerbecausecontrolriskislower.
B. Detectionriskislowerbecausecontrolriskishigher.
C. Detection risk is higher because control risk is lower.
D. Detection risk is unchanged although control risk is lower.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 27
Which of the following risk assessment tools would best facilitate the matching of controls to risks?
A. Controlmatrix.
B. Internalcontrolquestionnaire.
C. Control flowchart.
D. Program evaluation and review technique (PERT) analysis.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 28
Which of the following is an example of sharing risk?
A. Anorganizationredesignedabusinessprocesstochangetheriskpattern.
B. Anorganizationoutsourcedaportionofitsservicestoathird-partyserviceprovider.
C. An organization sold an unprofitable business unit to its competitor.
D. In order to spread total risk, an organization used multiple vendors for critical materials.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 29
Which of the following components influences the risk consciousness of an organization's people and is the basis for all other components of enterprise risk management?
A. Objectivesetting.
B. InformationandCommunication. C. Risk Assessment.
D. Internal Environment.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 30
Which of the following is an appropriate consideration by the auditor when preparing an engagement program for a human resource audit?
A. Statetheworkstepsintheformofquestions.
B. UsestandardauditprogramforHRfrompreviousyears.
C. Include in the audit program certain audit tests requested by audit client. D. Defer preparation of the audit program after the field work.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference:
QUESTION 31
Which of the following would be a violation of the IIA Code of Ethics?
A. Reportinginformationthatcouldbedamagingtotheorganization,attherequestofacourtoflaw.
B. Includinganissueinthefinalauditreportaftermanagementhasresolvedtheissue.
C. Participating in an audit engagement for which the auditor does not have the necessary experience or training. D. Accepting a gift that is a commercial advertisement available to the public.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference:
QUESTION 32
During a payroll audit of a large organization, an auditor noted that the assistant personnel director is responsible for many aspects of the computerized payroll system, including adding new employees in the system; entering direct-deposit information for employees; approving and entering all payroll changes; and providing training for system users. After discussions with the director of personnel, the auditor concluded that the director was not comfortable dealing with information technology issues and felt obliged to support all actions taken by the assistant director. The auditor should:
A. Continuetofollowtheengagementprogrambecausetheengagementscopeandobjectiveshavealreadybeendiscussedwithmanagement. B. Reviewtheengagementprogramtoensuretestingofdirectdepositstoemployeebankaccountsisadequatelycovered.
C. Recommend to the chief audit executive that a fraud investigation be started.
D. Test a sample of payroll changes to ensure that they were approved by the assistant director before being processed.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 33
The chief audit executive should periodically report the internal audit activity's purpose, authority, responsibility, and performance, as well as significant risk exposures and control issues, to which of the following?
I. Board of directors.
II. Senior management. III. Shareholders.
IV. External auditors.
A. IIonly
B. IandIIonly
C. I, II, and III only D. I, III, and IV only
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 34
An audit to test the system of controls over the purchase, distribution, and use of radioactive material is being conducted at a company's plants. The process is well documented, and employees in the safety department are very familiar with the department's procedures. Since the purchasing and facilities departments are involved in the process, the auditor is considering reviewing their radioactive material-handling procedures as well. The auditor should:
A. Haveconfidenceintherigorousanddetailedsafetydepartmentprocedures,sincethatdepartmenthasthemainresponsibilityforradiationsafety,andshould not use audit time to review other departments.
B. Adjusttheengagementscheduleandbudget,ifneeded,andinterviewtheappropriateindividualsinthepurchasingandfacilitiesdepartmentstoascertain whether additional controls exist that complement those identified within the safety department.
C. Test the controls identified within the safety department; if results are unfavorable, the auditor should consider whether to involve the other departments. D. Defer questions regarding purchasing, facilities, and other departments until audit projects can be scheduled for those departments.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 35
If an engagement client's operating standards are vague and thus subject to interpretation, the auditor should:
A. Seekagreementwiththeclientastothestandardstobeusedtomeasureoperatingperformance.
B. Determinebestpracticesintheareaandusethemasthestandard.
C. Interpret the standards in their strictest sense because standards are otherwise only minimum measures of acceptance.
D. Omit any comments on standards and the client's performance in relationship to those standards, because such an analysis would be meaningless.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 36
An employee who recently transferred into the internal audit activity has been assigned to audit the accounts payable system. Which function, if previously performed by the auditor, would represent a conflict of interest?
A. Monitoringtheallowancefordoubtfulaccounts.
B. Writingproceduresforthehandlingofduplicatepayments. C. Signing timekeeping cards for subordinates.
D. Reviewing shipping documents for accuracy.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 37
Which of the following describes a control weakness?
A. Purchasingproceduresarewelldesignedandarefollowedunlessotherwisedirectedbythepurchasingsupervisor.
B. Pre-numberedblankpurchaseordersaresecuredwithinthepurchasingdepartment.
C. Normal operational purchases fall in the range from $500 to $1, 000 with two signatures required for purchases over $1, 000.
D. The purchasing agent invests in a publicly traded mutual fund that lists the stock of one of the company's suppliers in its portfolio.
Correct Answer: A Section: Volume A
Explanation Explanation/Reference:
QUESTION 38
Management has requested that an internal auditor serve as member of a task force that will review current receivables practices and make recommendations to improve processes. Which of the following is the most appropriate response by the internal auditor?
A. Accepttheassignmentprovidedthatsuchconsultingservicesaredefinedinthecharter.
B. Declinetheassignmentbecauseparticipationontaskforceswillimpairtheauditor'sobjectivityinfutureauditengagements. C. Accept the assignment if the auditor believes that it will not impair objectivity in future audit engagements.
D. Do not accept the assignment because the assignment is not part of an approved audit plan.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 39
Senior management at a financial institution has received allegations of fraud at its derivatives trading desk and has asked the internal audit activity to investigate and issue a report concerning the allegations. The internal audit activity has not yet developed sufficient proficiency regarding derivatives trading to conduct a thorough fraud investigation in this area. Which of the following courses of action should the chief audit executive (CAE) take to comply with the Standards?
A. Engagetheformerheadoftheinstitution'sderivativestradingdesktoperformtheinvestigationandsubmitareportwithsupportingdocumentationtotheCAE.
B. Requestthatseniormanagementallowadelayofthefraudinvestigationuntiltheinternalauditactivity'son-staffcertifiedfraudexaminerisabletoobtainthe appropriate training regarding the analysis of derivatives trading.
C. Request that senior management exclude the internal audit activity from the investigation completely and instead contract with an external certified fraud examiner with derivatives experience to perform all aspects of the investigation and subsequent reporting.
D. Contract with an external certified fraud examiner with derivatives experience to perform the investigation and subsequent reporting, with the chief audit
executive approving the scope of the investigation and evaluating the adequacy of the work performed.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 40
Which of the following corporate travel policies is least likely to be cost-effective?
A. Negotiatingcorporateagreementswithhotels,airlines,andcarrentalfirms.
B. Trackingcreditsforcanceledairlinereservations.
C. Selecting the least expensive airline travel available, without regard to total travel time and distance. D. Traveling to facilities in tourist areas during the off-season when possible.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference:
QUESTION 41
Which of the following characteristics could indicate high risk?
A. Managementdecisionsaremadebyacommitteeofmidtohigherlevelmanagementpersonnel. B. Thecompanyisnotinarapidlygrowingindustry.
C. The company's profitability is lower than the industry norm.
D. Management turnover has been very low.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference:
QUESTION 42
An auditor is using audit software to check inventory accuracy. Which of the following would be an indicator of poor input edit controls?
A. Negativequantitiesonhand.
B. Totaldollarvaluesofzeroforsomeparts.
C. Alpha characters in the field for order lead time. D. Reorder levels set too high.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference:
QUESTION 43
Two individuals are being considered for an audit team that is to perform a highly technical review.
Which of the following situations would preclude selection of the individual for the audit due to an objectivity concern?
I. Person A is a member of the internal audit staff and has the required technical skills. Person A participated in a controls review of the system to be audited when it was being developed.
II. Person B is a technical specialist who understands the audit area but is not a member of the internal audit staff. Although person B has personal credibility in the information systems department to be audited, person B works for another department in the organization.
A. Ionly
B. IIonly
C. Both I and II. D. Neither I nor II.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 44
Which of the following measurements could an auditor use in an audit of the efficiency of a motor vehicle inspection facility?
A. Thetotalnumberofcarsapproved.
B. Theratioofcarsrejectedtototalcarsinspected.
C. The number of cars inspected per inspection agent. D. The average amount of fees collected per cashier.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference:
QUESTION 45
A code of business conduct provides?
A. Afraudavoidanceplanthatdoesnotexplicitlydescribepunishmentsforviolations. B. Apassivemethodoffrauddeterrence.
C. A program to anonymously report irregularities to authorities.
D. Analternativeto"toneatthetop"programs.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 46
Fraud is most frequently detected by:
A. Followingupontipsfromemployeesorcitizens.
B. Followinguponanalyticalreviewofhigh-riskareas.
C. Performing periodic reconciliations over cash and other assets.
D. Performing unannounced audits or reviews of programs or departments.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 47
After several years in the engineering department, an engineer was transferred to the internal audit department. One month later, the new auditor was assigned to an assurance engagement for the engineering department. When the auditor's former engineering supervisor suggested a change in the sample selection method, the auditor consulted with the audit supervisor. They determined that the suggested method would not be as representative and that the original selection method should be used. In this situation, the auditor:
A. Maintainedanindependentmentalattitudeandisthereforeobjective.
B. Hassubordinatedprofessionaljudgment,andobjectivityisthereforeimpaired.
C. Does not have objectivity since the auditor recently transferred from the engineering department.
D. Does not have independent organizational status since the auditor recently transferred from the engineering department.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference:
QUESTION 48
A charitable organization provides substantial grants for important medical research. Assuming marginal controls are in place, which of the following possible frauds or misuses of organization assets should be considered the area of greatest risk?
A. Seniorexecutivesareusingcompanytravelandentertainmentfundsforactivitiesthatmightbeconsideredquestionable. B. Purchasesofofficesuppliesaremadefromfictitiousvendors.
C. Grants are made to organizations associated with senior executives.
D. A payroll clerk has added a fictitious employee.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference:
QUESTION 49
If earnings on financial statements for internal use only have been manipulated in the past, an internal auditor is likely to focus on which of the following?
A. Theproperaccrualofpayablesattheendoftheinterimperiod.
B. Thetimingofrevenuerecognitionandthevaluationofinventories.
C. Whether accounting estimates are reasonable given past actual results.
D. Whether there have been changes in accounting principles that materially affect the financial statements.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 50
Which of the following procedures would provide the best evidence of the effectiveness of a credit-granting function?
A. Observetheprocess.
B. Reviewthetrendinreceivableswrite-offs.
C. Ask the credit manager about the effectiveness of the function.
D. Check for evidence of credit approval on a sample of customer orders.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 51
Which of the following best describes how the increased use of computerization may impact an auditor's assessment of the risk of fraud?
A. Accesstoassetsmaybeavailabletoinformationsystemspersonnelaswellastocomputerusers. B. Computercontrolsaregenerallylesseffectivethanhumanreview.
C. Overrides of key controls may require less collaboration.
D. Audit trails are less effective.
Correct Answer: A Section: Volume A
Explanation Explanation/Reference:
QUESTION 52
An internal auditor plans to use an analytical review to verify the correctness of various operating expenses in a division. The use of an analytical review as a verification technique would not be a preferred approach if.
A. Theauditornotesstrongindicatorsofaspecificfraudinvolvingthisaccount.
B. Thecompanyhasrelativelystableoperationswhichhavenotchangedmuchoverthepastyear.
C. The auditor would like to identify large, unusual, or non-recurring transactions during the year.
D. The operating expenses vary in relation to other operating expenses, but not in relation to revenue.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 53
Which of the following is not a benefit of using information technology in solving audit problems?
A. Ithelpsreduceauditrisk.
B. Itimprovesthetimelinessoftheauditengagement. C. It increases audit opportunities.
D. It improves the auditor's judgment.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 54
An organization has developed a large database that tracks employees, employee benefits, payroll deductions, job classifications, and other similar information. In order to test whether data currently within the automated system are correct, an auditor should:
A. Usetestdataanddeterminewhetherallthedataenteredarecapturedcorrectlyintheupdateddatabase.
B. Selectasampleofdatatobeenteredforafewdaysandtracethedatatotheupdateddatabasetodeterminethecorrectnessoftheupdates. C. Use generalized audit software to provide a printout of all employees with invalid job descriptions. Investigate the causes of the problems.
D. Use generalized audit software to select a sample of employees from the database. Verify the data fields.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 55
In order to ensure that the internal auditors have the objectivity required by the Standards, the chief audit executive should:
A. Demonstratewillingnesstoincludeinengagementfinalcommunicationsallmattersbelievedtobeimportant.
B. Requireallauditorstosignstatementsattestingtotheirindependentmentalattitudesandhonestbeliefintheirworkproduct. C. Carefully assign personnel to individual audit engagements and require auditors to disclose all conflicts of interest.
D. Appraise each auditor's performance on each audit assignment.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference:
QUESTION 56
Which of the following audit activities is within the scope of assurance activities as stated in the International Professional Practices Framework?
A. Reviewamake-or-buydecisionandreportarecommendationtomanagementforapproval. B. Participateinnegotiationsforacorporateacquisition.
C. Assess financing alternatives for a new generator.
D. Perform an evaluation of management's planning process.
Correct Answer: D Section: Volume A
Explanation Explanation/Reference:
QUESTION 57
Which of the following would be most effective in determining if the percentage of medication orders containing errors improved after a hospital installed a computerized medication-tracking system?
A. Comparetheproportionoferroneousmedicationordersbeforeandaftersysteminstallationforsimilarperiods.
B. Comparethenumberoferrorsbeforeandaftersysteminstallationforsimilarperiods.
C. Compare, after adjusting for the number of patients, the proportion of erroneous medication orders before and after system installation. D. Compare, after adjusting for the number of patients, the number of errors before and after system installation for similar periods.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 58
Which of the following would be the best source of information for a chief audit executive to use in planning future audit staff requirements?
A. Discussionsofauditneedswithexecutivemanagementandtheauditcommittee.
B. Reviewofauditstaffeducationandtrainingrecords.
C. Review of audit staff size and composition of similar-sized companies in the same industry. D. Interviews with existing audit staff.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 59
An auditor for a large wholesaler is evaluating the controls over the approval and oversight of credit sales. Which of the following procedures would be a control weakness?
A. Thecreditdepartmentisresponsibleforapprovingshipmentstoallcustomers.
B. Thefinancecommitteeoftheboardofdirectorsperiodicallyreviewscreditstandards.
C. Customers who fail to meet credit requirements must pay cash for shipments upon delivery. D. The sales department is responsible for determining the credit ratings of customers.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 60
To determine if a new computer system is improving the use of a manufacturer's limited facilities in serving the largest number of customers, an auditor should compare.
A. Thenumberofreworkedordersandtheircostsbeforeandaftersysteminstallation. B. Inventoryandmaterialshandlingcostsbeforeandaftersysteminstallation.
C. The number of orders filled and their cycle times before and after system installation. D. The number of reworked orders and orders filled before and after system installation.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference:
QUESTION 61
In a manufacturing organization, all sales prices are determined centrally and are electronically sent to the distribution centers to update their sales price tables. Any pricing deviations must be approved by central headquarters. To determine how this process is functioning, an internal auditor should:
A. Documenttheflowofsalespriceinformation,anddeterminehowthetableisaccessedandupdated.
B. Developaflowchartofthesalesorderprocesstodeterminehowordersaretakenandpriced.
C. Identify who approves the shipment of goods and how the goods are priced.
D. Obtain a copy of the existing flowchart for the computer program to determine how price data are accessed.
Correct Answer: A
Section: Volume A Explanation
Explanation/Reference:
QUESTION 62
It would be appropriate for an internal audit activity to use consultants with expertise in health-care benefits when the internal audit activity is:
I. Conducting an audit of the organization's estimate of its liability for post retirement benefits, which include health care benefits. II. Comparing the cost of the organization's health care program with that of other programs offered in the industry.
III. Training its staff to conduct an audit of health care costs in a major division of the organization.
A. Ionly
B. IandIIIonly C. II and III only D. I, II, and III.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 63
To assure that the technical proficiency of internal auditors is appropriate for the audit engagements to be performed, a chief audit executive should:
A. Considerthescopeofworkandlevelofresponsibilitywhenestablishingcriteriaforeducationandexperienceinfillinginternalauditingpositions. B. Ensurethateachnewlyhiredauditorisqualifiedinallofthedisciplinesneededtoaccomplishthedepartment'sauditmission.
C. Oversee a training program that matches the actual training provided with the interests of individual auditors.
D. Require all of the audit staff to pursue a minimum number of continuing professional education hours each year.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 64
Which of the following best describes the most important criteria when assigning responsibility for specific tasks required in an audit engagement?
A. Auditorsmustbegivenassignmentsbasedprimarilyupontheiryearsofexperience.
B. Allauditorsassignedanaudittaskmusthavetheknowledgeandskillsnecessarytocompletethetasksatisfactorily.
C. Tasks must be assigned to the audit team member who is most qualified to perform them.
D. Allauditteammembersmusthavetheskillsnecessarytosatisfactorilycompleteanytaskthatwillberequiredintheauditengagement.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 65
In advance of a preliminary survey, a chief audit executive sends a memorandum and questionnaire to the supervisors of the department to be audited. What is the most likely result of that procedure?
A. Itcreatesapprehensionabouttheauditengagement.
B. Itinvolvestheengagementclient'ssupervisorypersonnelintheaudit. C. It is an uneconomical approach to obtaining information.
D. It is only useful for audits of distant locations.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 66
Which of the following steps would not be included in a program of selecting and developing human resources for an internal audit department?
A. Schedulingperiodicmeetingswithindividualauditors,duringwhichthechiefauditexecutiveprovidescounselregardingeachauditor'sperformanceand professional career development.
B. Establishinganinternalreviewteamtoassesstheauditors'andauditdepartment'scompliancewithstandards,levelofauditeffectiveness,andcompliancewith departmental policy.
C. Developing specific job descriptions for audit staff, audit managers, and other auditing positions.
D. Establishing in-house training programs and requiring continuing education for audit staff.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 67
Auditors 1, 2, and 3 work out of various offices. Each must be assigned to one, and only one, of three audit locations (A, B, or C). The cost of sending each auditor to each location is listed below:
Audit Locations
Auditor 1 A
B
C
Auditor 2 $200 $300 $400
Auditor 3 $400 $300 $600
Auditor 4 $200 $200 $500
The minimum cost with which this assignment can be accomplished is:
A. $800 B. $900 C. $1, 000 D. $1, 100
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 68
An audit of the quality control department is being planned. Which of the following would least likely be used in the preparation of a preliminary survey questionnaire?
A. Ananalysisofqualitycontroldocuments.
B. Thepermanentauditfile.
C. The prior audit report.
D. Management's charter for the quality control department.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 69
An objective for an audit of a medical research corporation is to evaluate management's controls to ensure that timely reports are submitted to sponsors of contracted research projects. In planning the audit to achieve this objective, the auditor should begin by:
A. Reviewingpoliciesandprocedures.
B. Interviewingagroupofresearchmanagers.
C. Observing report preparation in a number of laboratories. D. Sending a questionnaire to a sample of research sponsors.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 70
Which of the following internal control weaknesses would an auditor most likely detect while reviewing a flowchart that depicts the purchasing function of an organization?
A. Purchasingpolicieshavenotbeenupdated.
B. Theorganizationisnottakingadvantageofquantitydiscountsavailablefromitssuppliers. C. Payments for goods received have not been authorized at the appropriate level.
D. Payments to suppliers are made before goods are received.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 71
Which source of audit evidence would provide the least value in flowcharting an organization's purchasing process?
A. Aninterviewwiththepurchasingsupervisor.
B. Areviewofasampleofpurchaseorderswhichwerecompletedduringthelastmonth. C. A review of the purchasing policies and procedures manual.
D. A walk-through of the process with a member of the purchasing staff.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 72
Internal auditors exercise judgment about the type and amount of information to be collected. The primary purpose of this judgment is to:
A. Eliminatetheriskofdrawingincorrectconclusions.
B. Minimizethecostoftheauditengagement.
C. Comply with the Standards.
D. Provide a sound basis for audit observations and recommendations.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 73
Which of the following is a benefit from reduced testing during a particular phase of an audit engagement?
A. Thesizeoftheinternalauditactivitycanbereduced.
B. Thereislessconcernaboutassessinginherentrisk.
C. The level of planned audit risk is lowered.
D. Additional audit hours are available for pursuing other engagement objectives.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 74
Which of the following would be the least desirable criteria against which to judge current operations of a company's treasury function?
A. Theoperationsofthetreasuryfunctionasdocumentedduringthelastauditengagement. B. Companypoliciesandproceduresdelegatingauthorityandassigningresponsibilities.
C. Finance textbook illustrations of generally accepted good treasury function practices.
D. Codification of best practices of the treasury function in relevant industries.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 75
A bakery chain has a statistical model that can be used to predict daily sales at individual stores based on a direct relationship to the cost of ingredients used and an inverse relationship to rainy days. What conditions would an auditor look for as an indicator of employee theft of food from a specific store?
A. Onarainyday,totalsalesaregreaterthanexpectedwhencomparedtothecostofingredientsused. B. Onasunnyday,totalsalesarelessthanexpectedwhencomparedtothecostofingredientsused. C. Both total sales and cost of ingredients used are greater than expected.
D. Both total sales and cost of ingredients used are less than expected.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 76
To promote a positive image within an organization, a chief audit executive (CAE) adjusted the audit plan to focus on assurance engagements that highlighted potential costs to be saved. Negative observations were to be omitted from engagement final communications. Which action taken by the CAE would be considered a violation of the Standards?
I. The focus of the audit function was changed without modifying the audit charter or notifying the audit committee. II. Negative observations were omitted from the engagement final communications.
III. Cost savings and recommendations were highlighted in the engagement final communications.
A. IIonly
B. IandIIonly C. I and III only D. I, II, and III.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 77
Which of the following actions would be considered a violation of the Standards?
I. Drafts of engagement communications were reviewed with the audit client to obtain input. The client's comments were considered when developing the
engagement final communication.
II. An auditor participated as part of a development team to review the control procedures to be incorporated into a major computer application under development. III. Given limited resources, the chief audit executive performed a risk analysis to determine which functions to audit.
A. IIonly
B. IandIIIonly
C. I, II, and III.
D. None of the above.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 78
A manufacturer uses a materials requirements planning (MRP) system to track inventory, orders, and raw materials requirements. What condition should an auditor search for in the MRP database if a preliminary assessment indicated that inventory is understated?
I. Item cost set at zero.
II. Negative quantities on hand.
III. Order quantity exceeding requirements.
IV. Inventory lead times exceeding delivery schedule.
A. IandIIonly B. IandIVonly C. II and IV only D. III and IV only
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 79
To identify those components of a telecommunications system that present the greatest risk, an internal auditor should first:
A. Reviewtheopensystemsinterconnectnetworkmodel.
B. Identifythenetworkoperatingcosts.
C. Determine the business purpose of the network.
D. Map the network software and hardware products into their respective layers.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference:
QUESTION 80
The chief audit executive's responsibility regarding control processes includes:
A. Assistingseniormanagementandtheauditcommitteeinthedevelopmentofanannualassessmentaboutinternalcontrol. B. Overseeingtheestablishmentofinternalcontrolprocesses.
C. Maintaining the organization's governance processes.
D. Ensuring that the internal audit activity assesses all control processes annually.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 81
In order to save time, an audit manager no longer required that a standard internal control questionnaire be completed for each audit engagement. Does this represent a violation of the Standards?
A. Yes,becauseinternalcontrolshouldbeevaluatedoneveryengagementandtheinternalcontrolquestionnaireisthemandatedapproachtoevaluatecontrols. B. Yes,becauseinternalcontrolshouldbeevaluatedoneveryengagementandtheinternalcontrolquestionnaireisthemostefficientmethodtodoso.
C. No, because auditors may omit necessary procedures if there is a time constraint, based on audit judgment.
D. No, because auditors are not required to complete internal control questionnaires on every engagement.
Correct Answer: D Section: Volume A
Explanation Explanation/Reference:
QUESTION 82
The primary reason that a bank would maintain a separate compliance function is to:
A. Bettermanageperceivedhighrisks.
B. Strengthencontrolsoverthebank'sinvestments.
C. Ensure the independence of line and senior management. D. Better respond to shareholder expectations.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 83
Which of the following would be the most useful in developing an annual audit plan?
A. Generalpurposeauditsoftware.
B. Votingsoftwareandhardware.
C. Flowcharting and data capture software. D. Risk assessment software.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 84
Which of the following is not an appropriate control related to sales in a manufacturing company? A. Customers'ordersarerecordedpromptly.
B. Goodsshippedarematchedwithvalidcustomerorders.
C. Goods returned are inspected for damage by the sales department and then entered into inventory. D. Credit department approval is required for credit sales transactions.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference:
QUESTION 85
Inadequate risk assessment would have the strongest negative impact in which of the following phases of an audit engagement?
A. Determiningthescope.
B. Reviewinginternalcontrols. C. Testing.
D. Evaluating findings.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 86
In order to exercise due professional care as defined in the International Professional Practices Framework, an internal auditor should:
I. Consider the probability of significant noncompliance in each audit engagement.
II. Perform assurance procedures with sufficient care to ensure that all risks are identified. III. Weigh the cost of assurance against the benefits.
A. IandIIonly B. IandIIIonly C. II and III only D. I, II, and III.
Correct Answer: B
Section: Volume A Explanation
Explanation/Reference:
QUESTION 87
In developing an appropriate work program for an audit engagement, the most important factor for an audit supervisor to consider is the:
A. Availabilityofrecordsanddata.
B. Potentialimpactofrisks.
C. Capabilities of audit personnel.
D. Time required to complete the engagement.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 88
Organizations that use a highly structured command-and-control management approach are at greater risk of:
A. Delayedresponseduetotheinabilitytoreachconsensusamongdecisionmakers.
B. Negativeconsequencesthatresultfromlower-levelstaff'sunwillingnesstoconfronterrorsbysuperiors. C. Erosion of staff morale due to perceptions of ineffective leadership.
D. Waste and abuse of organizational resources resulting from management override of controls.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 89
In order to provide the most useful information for an organization's risk management decisions, which of the following should be assessed?
A. Risklevelsforfutureeventsbasedonthedegreeofuncertaintyofthoseeventsandtheircostofmitigation.
B. Inherentandcontrolrisksandtheirimpactontheextentoffinancialmisstatements.
C. Risk levels of current and future events, their effect on the achievement of the organization's objectives, and their underlying causes.
D. Risk levels of current and future events, their impact on the organization's mission, and the potential for the elimination of
Certified Internal Auditor Questions + Answers Part 1
-
answerhappygod
- Site Admin
- Posts: 899603
- Joined: Mon Aug 02, 2021 8:13 am