Certified Internal Auditor Questions + Answers Part 4
Posted: Tue Mar 01, 2022 4:57 am
QUESTION 1
During a payroll audit of a large organization, an auditor noted that the assistant personnel director is responsible for many aspects of the computerized payroll system, including adding new employees in the system; entering direct-deposit information for employees; approving and entering all payroll changes; and providing training for system users. After discussions with the director of personnel, the auditor concluded that the director was not comfortable dealing with information technology issues and felt obliged to support all actions taken by the assistant director. The auditor should:
A. Continuetofollowtheengagementprogrambecausetheengagementscopeandobjectiveshavealreadybeendiscussedwithmanagement. B. Reviewtheengagementprogramtoensuretestingofdirectdepositstoemployeebankaccountsisadequatelycovered.
C. Recommend to the chief audit executive that a fraud investigation be started.
D. Test a sample of payroll changes to ensure that they were approved by the assistant director before being processed.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 2
The chief audit executive should periodically report the internal audit activity's purpose, authority, responsibility, and performance, as well as significant risk exposures and control issues, to which of the following?
I. Board of directors.
II. Senior management. III. Shareholders.
IV. External auditors.
A. IIonly
B. IandIIonly
C. I, II, and III only
D. I, III, and IV only
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 3
An audit to test the system of controls over the purchase, distribution, and use of radioactive material is being conducted at a company's plants. The process is well documented, and employees in the safety department are very familiar with the department's procedures. Since the purchasing and facilities departments are involved in the process, the auditor is considering reviewing their radioactive material-handling procedures as well. The auditor should:
A. Haveconfidenceintherigorousanddetailedsafetydepartmentprocedures,sincethatdepartmenthasthemainresponsibilityforradiationsafety,andshould not use audit time to review other departments.
B. Adjusttheengagementscheduleandbudget,ifneeded,andinterviewtheappropriateindividualsinthepurchasingandfacilitiesdepartmentstoascertain whether additional controls exist that complement those identified within the safety department.
C. Test the controls identified within the safety department; if results are unfavorable, the auditor should consider whether to involve the other departments. D. Defer questions regarding purchasing, facilities, and other departments until audit projects can be scheduled for those departments.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference: QUESTION 4
If an engagement client's operating standards are vague and thus subject to interpretation, the auditor should:
A. Seekagreementwiththeclientastothestandardstobeusedtomeasureoperatingperformance.
B. Determinebestpracticesintheareaandusethemasthestandard.
C. Interpret the standards in their strictest sense because standards are otherwise only minimum measures of acceptance.
D. Omit any comments on standards and the client's performance in relationship to those standards, because such an analysis would be meaningless.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference: QUESTION 5
An employee who recently transferred into the internal audit activity has been assigned to audit the accounts payable system. Which function, if previously performed by the auditor, would represent a conflict of interest?
A. Monitoringtheallowancefordoubtfulaccounts.
B. Writingproceduresforthehandlingofduplicatepayments. C. Signing timekeeping cards for subordinates.
D. Reviewing shipping documents for accuracy.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference: QUESTION 6
Which of the following describes a control weakness?
A. Purchasingproceduresarewelldesignedandarefollowedunlessotherwisedirectedbythepurchasingsupervisor.
B. Pre-numberedblankpurchaseordersaresecuredwithinthepurchasingdepartment.
C. Normal operational purchases fall in the range from $500 to $1, 000 with two signatures required for purchases over $1, 000.
D. The purchasing agent invests in a publicly traded mutual fund that lists the stock of one of the company's suppliers in its portfolio.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 7
Management has requested that an internal auditor serve as member of a task force that will review current receivables practices and make recommendations to improve processes. Which of the following is the most appropriate response by the internal auditor?
A. Accepttheassignmentprovidedthatsuchconsultingservicesaredefinedinthecharter.
B. Declinetheassignmentbecauseparticipationontaskforceswillimpairtheauditor'sobjectivityinfutureauditengagements. C. Accept the assignment if the auditor believes that it will not impair objectivity in future audit engagements.
D. Do not accept the assignment because the assignment is not part of an approved audit plan.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 8
Senior management at a financial institution has received allegations of fraud at its derivatives trading desk and has asked the internal audit activity to investigate and issue a report concerning the allegations. The internal audit activity has not yet developed sufficient proficiency regarding derivatives trading to conduct a thorough fraud investigation in this area. Which of the following courses of action should the chief audit executive (CAE) take to comply with the Standards?
A. Engagetheformerheadoftheinstitution'sderivativestradingdesktoperformtheinvestigationandsubmitareportwithsupportingdocumentationtotheCAE.
B. Requestthatseniormanagementallowadelayofthefraudinvestigationuntiltheinternalauditactivity'son-staffcertifiedfraudexaminerisabletoobtainthe appropriate training regarding the analysis of derivatives trading.
C. Request that senior management exclude the internal audit activity from the investigation completely and instead contract with an external certified fraud examiner with derivatives experience to perform all aspects of the investigation and subsequent reporting.
D. Contract with an external certified fraud examiner with derivatives experience to perform the investigation and subsequent reporting, with the chief audit executive approving the scope of the investigation and evaluating the adequacy of the work performed.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference: QUESTION 9
Which of the following corporate travel policies is least likely to be cost-effective?
A. Negotiatingcorporateagreementswithhotels,airlines,andcarrentalfirms.
B. Trackingcreditsforcanceledairlinereservations.
C. Selecting the least expensive airline travel available, without regard to total travel time and distance. D. Traveling to facilities in tourist areas during the off-season when possible.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference: QUESTION 10
Which of the following characteristics could indicate high risk?
A. Managementdecisionsaremadebyacommitteeofmidtohigherlevelmanagementpersonnel. B. Thecompanyisnotinarapidlygrowingindustry.
C. The company's profitability is lower than the industry norm.
D. Management turnover has been very low.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference: QUESTION 11
An auditor is using audit software to check inventory accuracy. Which of the following would be an indicator of poor input edit controls?
A. Negativequantitiesonhand.
B. Totaldollarvaluesofzeroforsomeparts.
C. Alpha characters in the field for order lead time. D. Reorder levels set too high.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference: QUESTION 12
Two individuals are being considered for an audit team that is to perform a highly technical review.
Which of the following situations would preclude selection of the individual for the audit due to an objectivity concern?
I. Person A is a member of the internal audit staff and has the required technical skills. Person A participated in a controls review of the system to be audited when it was being developed.
II. Person B is a technical specialist who understands the audit area but is not a member of the internal audit staff. Although person B has personal credibility in the information systems department to be audited, person B works for another department in the organization.
A. Ionly
B. IIonly
C. Both I and II. D. Neither I nor II.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference: QUESTION 13
Which of the following measurements could an auditor use in an audit of the efficiency of a motor vehicle inspection facility?
A. Thetotalnumberofcarsapproved.
B. Theratioofcarsrejectedtototalcarsinspected.
C. The number of cars inspected per inspection agent. D. The average amount of fees collected per cashier.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference: QUESTION 14
A code of business conduct provides?
A. Afraudavoidanceplanthatdoesnotexplicitlydescribepunishmentsforviolations. B. Apassivemethodoffrauddeterrence.
C. A program to anonymously report irregularities to authorities.
D. Analternativeto"toneatthetop"programs.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference: QUESTION 15
Fraud is most frequently detected by:
A. Followingupontipsfromemployeesorcitizens.
B. Followinguponanalyticalreviewofhigh-riskareas.
C. Performing periodic reconciliations over cash and other assets.
D. Performing unannounced audits or reviews of programs or departments.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 16
After several years in the engineering department, an engineer was transferred to the internal audit department. One month later, the new auditor was assigned to an assurance engagement for the engineering department. When the auditor's former engineering supervisor suggested a change in the sample selection method, the auditor consulted with the audit supervisor. They determined that the suggested method would not be as representative and that the original selection method should be used. In this situation, the auditor:
A. Maintainedanindependentmentalattitudeandisthereforeobjective.
B. Hassubordinatedprofessionaljudgment,andobjectivityisthereforeimpaired.
C. Does not have objectivity since the auditor recently transferred from the engineering department.
D. Does not have independent organizational status since the auditor recently transferred from the engineering department.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference:
QUESTION 17
A charitable organization provides substantial grants for important medical research. Assuming marginal controls are in place, which of the following possible frauds or misuses of organization assets should be considered the area of greatest risk?
A. Seniorexecutivesareusingcompanytravelandentertainmentfundsforactivitiesthatmightbeconsideredquestionable. B. Purchasesofofficesuppliesaremadefromfictitiousvendors.
C. Grants are made to organizations associated with senior executives.
D. A payroll clerk has added a fictitious employee.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference: QUESTION 18
If earnings on financial statements for internal use only have been manipulated in the past, an internal auditor is likely to focus on which of the following?
A. Theproperaccrualofpayablesattheendoftheinterimperiod.
B. Thetimingofrevenuerecognitionandthevaluationofinventories.
C. Whether accounting estimates are reasonable given past actual results.
D. Whether there have been changes in accounting principles that materially affect the financial statements.
Correct Answer: B Section: Volume A
Explanation Explanation/Reference:
QUESTION 19
Which of the following procedures would provide the best evidence of the effectiveness of a credit-granting function?
A. Observetheprocess.
B. Reviewthetrendinreceivableswrite-offs.
C. Ask the credit manager about the effectiveness of the function.
D. Check for evidence of credit approval on a sample of customer orders.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference: QUESTION 20
Which of the following best describes how the increased use of computerization may impact an auditor's assessment of the risk of fraud?
A. Accesstoassetsmaybeavailabletoinformationsystemspersonnelaswellastocomputerusers. B. Computercontrolsaregenerallylesseffectivethanhumanreview.
C. Overrides of key controls may require less collaboration.
D. Audit trails are less effective.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 21
An internal auditor plans to use an analytical review to verify the correctness of various operating expenses in a division. The use of an analytical review as a verification technique would not be a preferred approach if.
A. Theauditornotesstrongindicatorsofaspecificfraudinvolvingthisaccount.
B. Thecompanyhasrelativelystableoperationswhichhavenotchangedmuchoverthepastyear.
C. The auditor would like to identify large, unusual, or non-recurring transactions during the year.
D. The operating expenses vary in relation to other operating expenses, but not in relation to revenue.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference: QUESTION 22
Which of the following is not a benefit of using information technology in solving audit problems?
A. Ithelpsreduceauditrisk.
B. Itimprovesthetimelinessoftheauditengagement. C. It increases audit opportunities.
D. It improves the auditor's judgment.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 23
An organization has developed a large database that tracks employees, employee benefits, payroll deductions, job classifications, and other similar information. In order to test whether data currently within the automated system are correct, an auditor should:
A. Usetestdataanddeterminewhetherallthedataenteredarecapturedcorrectlyintheupdateddatabase.
B. Selectasampleofdatatobeenteredforafewdaysandtracethedatatotheupdateddatabasetodeterminethecorrectnessoftheupdates. C. Use generalized audit software to provide a printout of all employees with invalid job descriptions. Investigate the causes of the problems.
D. Use generalized audit software to select a sample of employees from the database. Verify the data fields.
Correct Answer: D Section: Volume A
Explanation Explanation/Reference:
QUESTION 24
In order to ensure that the internal auditors have the objectivity required by the Standards, the chief audit executive should:
A. Demonstratewillingnesstoincludeinengagementfinalcommunicationsallmattersbelievedtobeimportant.
B. Requireallauditorstosignstatementsattestingtotheirindependentmentalattitudesandhonestbeliefintheirworkproduct. C. Carefully assign personnel to individual audit engagements and require auditors to disclose all conflicts of interest.
D. Appraise each auditor's performance on each audit assignment.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference: QUESTION 25
Which of the following audit activities is within the scope of assurance activities as stated in the International Professional Practices Framework?
A. Reviewamake-or-buydecisionandreportarecommendationtomanagementforapproval. B. Participateinnegotiationsforacorporateacquisition.
C. Assess financing alternatives for a new generator.
D. Perform an evaluation of management's planning process.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 26
Which of the following would be most effective in determining if the percentage of medication orders containing errors improved after a hospital installed a computerized medication-tracking system?
A. Comparetheproportionoferroneousmedicationordersbeforeandaftersysteminstallationforsimilarperiods.
B. Comparethenumberoferrorsbeforeandaftersysteminstallationforsimilarperiods.
C. Compare, after adjusting for the number of patients, the proportion of erroneous medication orders before and after system installation. D. Compare, after adjusting for the number of patients, the number of errors before and after system installation for similar periods.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference: QUESTION 27
Which of the following would be the best source of information for a chief audit executive to use in planning future audit staff requirements?
A. Discussionsofauditneedswithexecutivemanagementandtheauditcommittee.
B. Reviewofauditstaffeducationandtrainingrecords.
C. Review of audit staff size and composition of similar-sized companies in the same industry. D. Interviews with existing audit staff.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 28
An auditor for a large wholesaler is evaluating the controls over the approval and oversight of credit sales. Which of the following procedures would be a control weakness?
A. Thecreditdepartmentisresponsibleforapprovingshipmentstoallcustomers.
B. Thefinancecommitteeoftheboardofdirectorsperiodicallyreviewscreditstandards.
C. Customers who fail to meet credit requirements must pay cash for shipments upon delivery. D. The sales department is responsible for determining the credit ratings of customers.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 29
To determine if a new computer system is improving the use of a manufacturer's limited facilities in serving the largest number of customers, an auditor should compare.
A. Thenumberofreworkedordersandtheircostsbeforeandaftersysteminstallation. B. Inventoryandmaterialshandlingcostsbeforeandaftersysteminstallation.
C. The number of orders filled and their cycle times before and after system installation. D. The number of reworked orders and orders filled before and after system installation.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference:
QUESTION 30
In a manufacturing organization, all sales prices are determined centrally and are electronically sent to the distribution centers to update their sales price tables. Any pricing deviations must be approved by central headquarters. To determine how this process is functioning, an internal auditor should:
A. Documenttheflowofsalespriceinformation,anddeterminehowthetableisaccessedandupdated.
B. Developaflowchartofthesalesorderprocesstodeterminehowordersaretakenandpriced.
C. Identify who approves the shipment of goods and how the goods are priced.
D. Obtain a copy of the existing flowchart for the computer program to determine how price data are accessed.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference: QUESTION 31
It would be appropriate for an internal audit activity to use consultants with expertise in health-care benefits when the internal audit activity is:
I. Conducting an audit of the organization's estimate of its liability for post retirement benefits, which include health care benefits. II. Comparing the cost of the organization's health care program with that of other programs offered in the industry.
III. Training its staff to conduct an audit of health care costs in a major division of the organization.
A. Ionly
B. IandIIIonly C. II and III only D. I, II, and III.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference: QUESTION 32
To assure that the technical proficiency of internal auditors is appropriate for the audit engagements to be performed, a chief audit executive should:
A. Considerthescopeofworkandlevelofresponsibilitywhenestablishingcriteriaforeducationandexperienceinfillinginternalauditingpositions. B. Ensurethateachnewlyhiredauditorisqualifiedinallofthedisciplinesneededtoaccomplishthedepartment'sauditmission.
C. Oversee a training program that matches the actual training provided with the interests of individual auditors.
D. Require all of the audit staff to pursue a minimum number of continuing professional education hours each year.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference: QUESTION 33
Which of the following best describes the most important criteria when assigning responsibility for specific tasks required in an audit engagement?
A. Auditorsmustbegivenassignmentsbasedprimarilyupontheiryearsofexperience.
B. Allauditorsassignedanaudittaskmusthavetheknowledgeandskillsnecessarytocompletethetasksatisfactorily.
C. Tasks must be assigned to the audit team member who is most qualified to perform them.
D. Allauditteammembersmusthavetheskillsnecessarytosatisfactorilycompleteanytaskthatwillberequiredintheauditengagement.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 34
In advance of a preliminary survey, a chief audit executive sends a memorandum and questionnaire to the supervisors of the department to be audited. What is the most likely result of that procedure?
A. Itcreatesapprehensionabouttheauditengagement.
B. Itinvolvestheengagementclient'ssupervisorypersonnelintheaudit. C. It is an uneconomical approach to obtaining information.
D. It is only useful for audits of distant locations.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference: QUESTION 35
Which of the following steps would not be included in a program of selecting and developing human resources for an internal audit department?
A. Schedulingperiodicmeetingswithindividualauditors,duringwhichthechiefauditexecutiveprovidescounselregardingeachauditor'sperformanceand professional career development.
B. Establishinganinternalreviewteamtoassesstheauditors'andauditdepartment'scompliancewithstandards,levelofauditeffectiveness,andcompliancewith departmental policy.
C. Developing specific job descriptions for audit staff, audit managers, and other auditing positions. D. Establishing in-house training programs and requiring continuing education for audit staff.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 36
Auditors 1, 2, and 3 work out of various offices. Each must be assigned to one, and only one, of three audit locations (A, B, or C). The cost of sending each auditor to each location is listed below:
Audit Locations
Auditor 1 A
B
C
Auditor 2 $200 $300 $400
Auditor 3 $400 $300 $600
Auditor 4 $200 $200 $500
The minimum cost with which this assignment can be accomplished is:
A. $800 B. $900 C. $1, 000 D. $1, 100
Correct Answer: B
Section: Volume A Explanation
Explanation/Reference: QUESTION 37
Internal auditors exercise judgment about the type and amount of information to be collected. The primary purpose of this judgment is to:
A. Eliminatetheriskofdrawingincorrectconclusions.
B. Minimizethecostoftheauditengagement.
C. Comply with the Standards.
D. Provide a sound basis for audit observations and recommendations.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference: QUESTION 38
Which of the following is a benefit from reduced testing during a particular phase of an audit engagement?
A. Thesizeoftheinternalauditactivitycanbereduced.
B. Thereislessconcernaboutassessinginherentrisk.
C. The level of planned audit risk is lowered.
D. Additional audit hours are available for pursuing other engagement objectives.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference: QUESTION 39
Which of the following would be the least desirable criteria against which to judge current operations of a company's treasury function?
A. Theoperationsofthetreasuryfunctionasdocumentedduringthelastauditengagement. B. Companypoliciesandproceduresdelegatingauthorityandassigningresponsibilities.
C. Finance textbook illustrations of generally accepted good treasury function practices.
D. Codification of best practices of the treasury function in relevant industries.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 40
A bakery chain has a statistical model that can be used to predict daily sales at individual stores based on a direct relationship to the cost of ingredients used and an inverse relationship to rainy days. What conditions would an auditor look for as an indicator of employee theft of food from a specific store?
A. Onarainyday,totalsalesaregreaterthanexpectedwhencomparedtothecostofingredientsused. B. Onasunnyday,totalsalesarelessthanexpectedwhencomparedtothecostofingredientsused. C. Both total sales and cost of ingredients used are greater than expected.
D. Both total sales and cost of ingredients used are less than expected.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 41
To promote a positive image within an organization, a chief audit executive (CAE) adjusted the audit plan to focus on assurance engagements that highlighted potential costs to be saved. Negative observations were to be omitted from engagement final communications. Which action taken by the CAE would be considered a violation of the Standards?
I. The focus of the audit function was changed without modifying the audit charter or notifying the audit committee. II. Negative observations were omitted from the engagement final communications.
III. Cost savings and recommendations were highlighted in the engagement final communications.
A. IIonly
B. IandIIonly
C. I and III only D. I, II, and III.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference: QUESTION 42
Which of the following actions would be considered a violation of the Standards?
I. Drafts of engagement communications were reviewed with the audit client to obtain input. The client's comments were considered when developing the engagement final communication.
II. An auditor participated as part of a development team to review the control procedures to be incorporated into a major computer application under development. III. Given limited resources, the chief audit executive performed a risk analysis to determine which functions to audit.
A. IIonly
B. IandIIIonly
C. I, II, and III.
D. None of the above.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 43
A manufacturer uses a materials requirements planning (MRP) system to track inventory, orders, and raw materials requirements. What condition should an auditor search for in the MRP database if a preliminary assessment indicated that inventory is understated?
I. Item cost set at zero.
II. Negative quantities on hand.
III. Order quantity exceeding requirements.
IV. Inventory lead times exceeding delivery schedule.
A. IandIIonly
B. IandIVonly C. II and IV only D. III and IV only
Correct Answer: A Section: Volume A Explanation
Explanation/Reference: QUESTION 44
To identify those components of a telecommunications system that present the greatest risk, an internal auditor should first:
A. Reviewtheopensystemsinterconnectnetworkmodel.
B. Identifythenetworkoperatingcosts.
C. Determine the business purpose of the network.
D. Map the network software and hardware products into their respective layers.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference: QUESTION 45
The chief audit executive's responsibility regarding control processes includes:
A. Assistingseniormanagementandtheauditcommitteeinthedevelopmentofanannualassessmentaboutinternalcontrol. B. Overseeingtheestablishmentofinternalcontrolprocesses.
C. Maintaining the organization's governance processes.
D. Ensuring that the internal audit activity assesses all control processes annually.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 46
In order to save time, an audit manager no longer required that a standard internal control questionnaire be completed for each audit engagement. Does this represent a violation of the Standards?
A. Yes,becauseinternalcontrolshouldbeevaluatedoneveryengagementandtheinternalcontrolquestionnaireisthemandatedapproachtoevaluatecontrols. B. Yes,becauseinternalcontrolshouldbeevaluatedoneveryengagementandtheinternalcontrolquestionnaireisthemostefficientmethodtodoso.
C. No, because auditors may omit necessary procedures if there is a time constraint, based on audit judgment.
D. No, because auditors are not required to complete internal control questionnaires on every engagement.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference: QUESTION 47
The primary reason that a bank would maintain a separate compliance function is to:
A. Bettermanageperceivedhighrisks.
B. Strengthencontrolsoverthebank'sinvestments.
C. Ensure the independence of line and senior management. D. Better respond to shareholder expectations.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 48
Which of the following would be the most useful in developing an annual audit plan?
A. Generalpurposeauditsoftware.
B. Votingsoftwareandhardware.
C. Flowcharting and data capture software. D. Risk assessment software.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference: QUESTION 49
Which of the following is not an appropriate control related to sales in a manufacturing company?
A. Customers'ordersarerecordedpromptly.
B. Goodsshippedarematchedwithvalidcustomerorders.
C. Goods returned are inspected for damage by the sales department and then entered into inventory. D. Credit department approval is required for credit sales transactions.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference: QUESTION 50
Inadequate risk assessment would have the strongest negative impact in which of the following phases of an audit engagement?
A. Determiningthescope.
B. Reviewinginternalcontrols. C. Testing.
D. Evaluating findings.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference: QUESTION 51
In order to exercise due professional care as defined in the International Professional Practices Framework, an internal auditor should:
I. Consider the probability of significant noncompliance in each audit engagement.
II. Perform assurance procedures with sufficient care to ensure that all risks are identified. III. Weigh the cost of assurance against the benefits.
A. IandIIonly B. IandIIIonly C. II and III only D. I, II, and III.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference: QUESTION 52
In developing an appropriate work program for an audit engagement, the most important factor for an audit supervisor to consider is the:
A. Availabilityofrecordsanddata.
B. Potentialimpactofrisks.
C. Capabilities of audit personnel.
D. Time required to complete the engagement.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 53
Organizations that use a highly structured command-and-control management approach are at greater risk of:
A. Delayedresponseduetotheinabilitytoreachconsensusamongdecisionmakers.
B. Negativeconsequencesthatresultfromlower-levelstaff'sunwillingnesstoconfronterrorsbysuperiors. C. Erosion of staff morale due to perceptions of ineffective leadership.
D. Waste and abuse of organizational resources resulting from management override of controls.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference: QUESTION 54
Regarding an organization's decision to retain an external audit firm, the chief audit executive (CAE) should:
A. Workwiththeorganization'schieffinancialofficertoevaluatetheexternalauditor'sperformanceandtogethermakethedecision. B. NotbeinvolvedinthisdecisionprocessasitwouldcompromisetheCAE'sobjectivity.
C. Evaluate the external auditor's performance and retain the external auditor if quality and cost criteria are met.
D. Assisttheauditcommitteebyfacilitatingthedevelopmentofanappropriateevaluationprocess.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference: QUESTION 55
Which of the following would provide the most reliable information on the risk associated with an auditable activity?
A. Eventscenarioswithregressionanalysis.
B. Pastauditfindingsandinstancesofmanagementfailures.
C. Consequences and economic predictability of loss.
D. Management assessment and corroboration by the internal audit activity.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 56
At the beginning of fieldwork in an audit of investments, an internal auditor noted that the interest rate had declined significantly since the engagement work program was created. The auditor should:
A. Proceedwiththeexistingprogramsincethiswastheoriginalscopeofworkthatwasapproved. B. Modifytheauditprogramandproceedwiththeengagement.
C. Consult with management to verify the interest rate change and proceed with the engagement. D. Determine the effect of the interest rate change and whether the program should be modified.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 57
In publicly held companies, management often requires the internal audit activity's involvement with quarterly financial statements that are made public and used internally. Which of the following is generally not a reason for such involvement?
A. Managementmaybeconcernedaboutitsreputationinthefinancialmarkets.
B. Managementmaybeconcernedaboutpotentialpenaltiesthatcouldoccurifquarterlyfinancialstatementsaremisstated.
C. The Standards state that internal auditors should be involved with reviewing quarterly financial statements.
D. Management may perceive that having quarterly financial information examined by the internal auditors enhances its value for internal decision making.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference:
QUESTION 58
Overall audit efficiency is enhanced between the internal and external audit functions when:
A. Internalauditcoverageisreducedtoavoidpotentialconflictsofinterest.
B. Auditsofthesamedepartmentareconductedatdifferenttimes.
C. The internal audit department reviews functions or departments prior to the external audit. D. External audit scope is reduced based on the internal audit department's activities.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference: QUESTION 59
When reviewing management reports to the board of directors, the internal audit activity should:
A. Evaluatetheprocessusedtopreparethemanagementreports. B. Maintainsupportingdocumentationforthemanagementreports. C. Tie all financial numbers in the reports to the general ledger.
D. Compare to prior-period reports for consistency.
Correct Answer: A Section: Volume B Explanation
Explanation/Reference: QUESTION 60
The internal audit activity's role in the risk assessment and management processes of an organization is determined by the:
A. Boardofdirectors.
B. Chiefauditexecutive.
C. Risk management department. D. External auditors.
Correct Answer: A Section: Volume B Explanation
Explanation/Reference: QUESTION 61
Which of the following best contributes to the effectiveness of the internal audit activity in an organization?
A. Appropriatetermsofinternalauditscopeandresponsibilityinthecharter. B. Appropriatecompliancecoverageintheannualauditplan.
C. Regular review of the audit charter by management.
D. Assuranceofinternalauditobjectivitybytheboard.
Correct Answer: A Section: Volume B Explanation
Explanation/Reference: QUESTION 62
During a review of data center physical security and environmental controls, an auditor should ensure that:
I. Visitors are accompanied by authorized personnel at all times. II. Only developers and operators have access to the data center. III. Fire suppression equipment is tested periodically.
IV. Fire and water detectors have been installed.
A. IandIIIonly
B. IIandIVonly
C. I, III, and IV only D. II, III, and IV only
Correct Answer: C Section: Volume B Explanation
Explanation/Reference: QUESTION 63
To enhance the independence of both the internal and external audit functions, audit committees should be composed of:
A. Arotatingsubcommitteeoftheboardofdirectorsoritsequivalent.
B. Acombinationofexternalmembersoftheboardofdirectorsandcompanyofficers.
C. Members from all important constituencies, specifically including representatives from banking, labor, regulatory agencies, shareholders, and officers. D. Only external members of the board of directors or other similar oversight committees.
Correct Answer: D Section: Volume B Explanation
Explanation/Reference: QUESTION 64
Which of the following is not true with regard to the internal audit charter?
A. Itdefinestheauthoritiesandresponsibilitiesoftheinternalauditactivity. B. Itspecifiestheminimumresourcesneededfortheinternalauditactivity. C. It provides a basis for evaluating the internal audit activity.
D. It should be approved by senior management and the board.
Correct Answer: B Section: Volume B Explanation
Explanation/Reference: QUESTION 65
The primary objective of risk-based auditing is to assess the:
A. Economyofcontrols.
B. Compliancewithcontrols.
C. Adequacyofcontrols. D. Efficiency of controls.
Correct Answer: C Section: Volume B Explanation
Explanation/Reference: QUESTION 66
Which of the following would be most relevant regarding the internal control environment?
A. Assessingcontrolsovercomputerizedapplications.
B. Documentingtheorganizationalstructure.
C. Comparing and validating internal performance with external benchmarking. D. Maintaining and reviewing detailed financial records.
Correct Answer: B Section: Volume B Explanation
Explanation/Reference:
During a payroll audit of a large organization, an auditor noted that the assistant personnel director is responsible for many aspects of the computerized payroll system, including adding new employees in the system; entering direct-deposit information for employees; approving and entering all payroll changes; and providing training for system users. After discussions with the director of personnel, the auditor concluded that the director was not comfortable dealing with information technology issues and felt obliged to support all actions taken by the assistant director. The auditor should:
A. Continuetofollowtheengagementprogrambecausetheengagementscopeandobjectiveshavealreadybeendiscussedwithmanagement. B. Reviewtheengagementprogramtoensuretestingofdirectdepositstoemployeebankaccountsisadequatelycovered.
C. Recommend to the chief audit executive that a fraud investigation be started.
D. Test a sample of payroll changes to ensure that they were approved by the assistant director before being processed.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 2
The chief audit executive should periodically report the internal audit activity's purpose, authority, responsibility, and performance, as well as significant risk exposures and control issues, to which of the following?
I. Board of directors.
II. Senior management. III. Shareholders.
IV. External auditors.
A. IIonly
B. IandIIonly
C. I, II, and III only
D. I, III, and IV only
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 3
An audit to test the system of controls over the purchase, distribution, and use of radioactive material is being conducted at a company's plants. The process is well documented, and employees in the safety department are very familiar with the department's procedures. Since the purchasing and facilities departments are involved in the process, the auditor is considering reviewing their radioactive material-handling procedures as well. The auditor should:
A. Haveconfidenceintherigorousanddetailedsafetydepartmentprocedures,sincethatdepartmenthasthemainresponsibilityforradiationsafety,andshould not use audit time to review other departments.
B. Adjusttheengagementscheduleandbudget,ifneeded,andinterviewtheappropriateindividualsinthepurchasingandfacilitiesdepartmentstoascertain whether additional controls exist that complement those identified within the safety department.
C. Test the controls identified within the safety department; if results are unfavorable, the auditor should consider whether to involve the other departments. D. Defer questions regarding purchasing, facilities, and other departments until audit projects can be scheduled for those departments.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference: QUESTION 4
If an engagement client's operating standards are vague and thus subject to interpretation, the auditor should:
A. Seekagreementwiththeclientastothestandardstobeusedtomeasureoperatingperformance.
B. Determinebestpracticesintheareaandusethemasthestandard.
C. Interpret the standards in their strictest sense because standards are otherwise only minimum measures of acceptance.
D. Omit any comments on standards and the client's performance in relationship to those standards, because such an analysis would be meaningless.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference: QUESTION 5
An employee who recently transferred into the internal audit activity has been assigned to audit the accounts payable system. Which function, if previously performed by the auditor, would represent a conflict of interest?
A. Monitoringtheallowancefordoubtfulaccounts.
B. Writingproceduresforthehandlingofduplicatepayments. C. Signing timekeeping cards for subordinates.
D. Reviewing shipping documents for accuracy.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference: QUESTION 6
Which of the following describes a control weakness?
A. Purchasingproceduresarewelldesignedandarefollowedunlessotherwisedirectedbythepurchasingsupervisor.
B. Pre-numberedblankpurchaseordersaresecuredwithinthepurchasingdepartment.
C. Normal operational purchases fall in the range from $500 to $1, 000 with two signatures required for purchases over $1, 000.
D. The purchasing agent invests in a publicly traded mutual fund that lists the stock of one of the company's suppliers in its portfolio.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 7
Management has requested that an internal auditor serve as member of a task force that will review current receivables practices and make recommendations to improve processes. Which of the following is the most appropriate response by the internal auditor?
A. Accepttheassignmentprovidedthatsuchconsultingservicesaredefinedinthecharter.
B. Declinetheassignmentbecauseparticipationontaskforceswillimpairtheauditor'sobjectivityinfutureauditengagements. C. Accept the assignment if the auditor believes that it will not impair objectivity in future audit engagements.
D. Do not accept the assignment because the assignment is not part of an approved audit plan.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 8
Senior management at a financial institution has received allegations of fraud at its derivatives trading desk and has asked the internal audit activity to investigate and issue a report concerning the allegations. The internal audit activity has not yet developed sufficient proficiency regarding derivatives trading to conduct a thorough fraud investigation in this area. Which of the following courses of action should the chief audit executive (CAE) take to comply with the Standards?
A. Engagetheformerheadoftheinstitution'sderivativestradingdesktoperformtheinvestigationandsubmitareportwithsupportingdocumentationtotheCAE.
B. Requestthatseniormanagementallowadelayofthefraudinvestigationuntiltheinternalauditactivity'son-staffcertifiedfraudexaminerisabletoobtainthe appropriate training regarding the analysis of derivatives trading.
C. Request that senior management exclude the internal audit activity from the investigation completely and instead contract with an external certified fraud examiner with derivatives experience to perform all aspects of the investigation and subsequent reporting.
D. Contract with an external certified fraud examiner with derivatives experience to perform the investigation and subsequent reporting, with the chief audit executive approving the scope of the investigation and evaluating the adequacy of the work performed.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference: QUESTION 9
Which of the following corporate travel policies is least likely to be cost-effective?
A. Negotiatingcorporateagreementswithhotels,airlines,andcarrentalfirms.
B. Trackingcreditsforcanceledairlinereservations.
C. Selecting the least expensive airline travel available, without regard to total travel time and distance. D. Traveling to facilities in tourist areas during the off-season when possible.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference: QUESTION 10
Which of the following characteristics could indicate high risk?
A. Managementdecisionsaremadebyacommitteeofmidtohigherlevelmanagementpersonnel. B. Thecompanyisnotinarapidlygrowingindustry.
C. The company's profitability is lower than the industry norm.
D. Management turnover has been very low.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference: QUESTION 11
An auditor is using audit software to check inventory accuracy. Which of the following would be an indicator of poor input edit controls?
A. Negativequantitiesonhand.
B. Totaldollarvaluesofzeroforsomeparts.
C. Alpha characters in the field for order lead time. D. Reorder levels set too high.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference: QUESTION 12
Two individuals are being considered for an audit team that is to perform a highly technical review.
Which of the following situations would preclude selection of the individual for the audit due to an objectivity concern?
I. Person A is a member of the internal audit staff and has the required technical skills. Person A participated in a controls review of the system to be audited when it was being developed.
II. Person B is a technical specialist who understands the audit area but is not a member of the internal audit staff. Although person B has personal credibility in the information systems department to be audited, person B works for another department in the organization.
A. Ionly
B. IIonly
C. Both I and II. D. Neither I nor II.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference: QUESTION 13
Which of the following measurements could an auditor use in an audit of the efficiency of a motor vehicle inspection facility?
A. Thetotalnumberofcarsapproved.
B. Theratioofcarsrejectedtototalcarsinspected.
C. The number of cars inspected per inspection agent. D. The average amount of fees collected per cashier.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference: QUESTION 14
A code of business conduct provides?
A. Afraudavoidanceplanthatdoesnotexplicitlydescribepunishmentsforviolations. B. Apassivemethodoffrauddeterrence.
C. A program to anonymously report irregularities to authorities.
D. Analternativeto"toneatthetop"programs.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference: QUESTION 15
Fraud is most frequently detected by:
A. Followingupontipsfromemployeesorcitizens.
B. Followinguponanalyticalreviewofhigh-riskareas.
C. Performing periodic reconciliations over cash and other assets.
D. Performing unannounced audits or reviews of programs or departments.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 16
After several years in the engineering department, an engineer was transferred to the internal audit department. One month later, the new auditor was assigned to an assurance engagement for the engineering department. When the auditor's former engineering supervisor suggested a change in the sample selection method, the auditor consulted with the audit supervisor. They determined that the suggested method would not be as representative and that the original selection method should be used. In this situation, the auditor:
A. Maintainedanindependentmentalattitudeandisthereforeobjective.
B. Hassubordinatedprofessionaljudgment,andobjectivityisthereforeimpaired.
C. Does not have objectivity since the auditor recently transferred from the engineering department.
D. Does not have independent organizational status since the auditor recently transferred from the engineering department.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference:
QUESTION 17
A charitable organization provides substantial grants for important medical research. Assuming marginal controls are in place, which of the following possible frauds or misuses of organization assets should be considered the area of greatest risk?
A. Seniorexecutivesareusingcompanytravelandentertainmentfundsforactivitiesthatmightbeconsideredquestionable. B. Purchasesofofficesuppliesaremadefromfictitiousvendors.
C. Grants are made to organizations associated with senior executives.
D. A payroll clerk has added a fictitious employee.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference: QUESTION 18
If earnings on financial statements for internal use only have been manipulated in the past, an internal auditor is likely to focus on which of the following?
A. Theproperaccrualofpayablesattheendoftheinterimperiod.
B. Thetimingofrevenuerecognitionandthevaluationofinventories.
C. Whether accounting estimates are reasonable given past actual results.
D. Whether there have been changes in accounting principles that materially affect the financial statements.
Correct Answer: B Section: Volume A
Explanation Explanation/Reference:
QUESTION 19
Which of the following procedures would provide the best evidence of the effectiveness of a credit-granting function?
A. Observetheprocess.
B. Reviewthetrendinreceivableswrite-offs.
C. Ask the credit manager about the effectiveness of the function.
D. Check for evidence of credit approval on a sample of customer orders.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference: QUESTION 20
Which of the following best describes how the increased use of computerization may impact an auditor's assessment of the risk of fraud?
A. Accesstoassetsmaybeavailabletoinformationsystemspersonnelaswellastocomputerusers. B. Computercontrolsaregenerallylesseffectivethanhumanreview.
C. Overrides of key controls may require less collaboration.
D. Audit trails are less effective.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 21
An internal auditor plans to use an analytical review to verify the correctness of various operating expenses in a division. The use of an analytical review as a verification technique would not be a preferred approach if.
A. Theauditornotesstrongindicatorsofaspecificfraudinvolvingthisaccount.
B. Thecompanyhasrelativelystableoperationswhichhavenotchangedmuchoverthepastyear.
C. The auditor would like to identify large, unusual, or non-recurring transactions during the year.
D. The operating expenses vary in relation to other operating expenses, but not in relation to revenue.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference: QUESTION 22
Which of the following is not a benefit of using information technology in solving audit problems?
A. Ithelpsreduceauditrisk.
B. Itimprovesthetimelinessoftheauditengagement. C. It increases audit opportunities.
D. It improves the auditor's judgment.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 23
An organization has developed a large database that tracks employees, employee benefits, payroll deductions, job classifications, and other similar information. In order to test whether data currently within the automated system are correct, an auditor should:
A. Usetestdataanddeterminewhetherallthedataenteredarecapturedcorrectlyintheupdateddatabase.
B. Selectasampleofdatatobeenteredforafewdaysandtracethedatatotheupdateddatabasetodeterminethecorrectnessoftheupdates. C. Use generalized audit software to provide a printout of all employees with invalid job descriptions. Investigate the causes of the problems.
D. Use generalized audit software to select a sample of employees from the database. Verify the data fields.
Correct Answer: D Section: Volume A
Explanation Explanation/Reference:
QUESTION 24
In order to ensure that the internal auditors have the objectivity required by the Standards, the chief audit executive should:
A. Demonstratewillingnesstoincludeinengagementfinalcommunicationsallmattersbelievedtobeimportant.
B. Requireallauditorstosignstatementsattestingtotheirindependentmentalattitudesandhonestbeliefintheirworkproduct. C. Carefully assign personnel to individual audit engagements and require auditors to disclose all conflicts of interest.
D. Appraise each auditor's performance on each audit assignment.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference: QUESTION 25
Which of the following audit activities is within the scope of assurance activities as stated in the International Professional Practices Framework?
A. Reviewamake-or-buydecisionandreportarecommendationtomanagementforapproval. B. Participateinnegotiationsforacorporateacquisition.
C. Assess financing alternatives for a new generator.
D. Perform an evaluation of management's planning process.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 26
Which of the following would be most effective in determining if the percentage of medication orders containing errors improved after a hospital installed a computerized medication-tracking system?
A. Comparetheproportionoferroneousmedicationordersbeforeandaftersysteminstallationforsimilarperiods.
B. Comparethenumberoferrorsbeforeandaftersysteminstallationforsimilarperiods.
C. Compare, after adjusting for the number of patients, the proportion of erroneous medication orders before and after system installation. D. Compare, after adjusting for the number of patients, the number of errors before and after system installation for similar periods.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference: QUESTION 27
Which of the following would be the best source of information for a chief audit executive to use in planning future audit staff requirements?
A. Discussionsofauditneedswithexecutivemanagementandtheauditcommittee.
B. Reviewofauditstaffeducationandtrainingrecords.
C. Review of audit staff size and composition of similar-sized companies in the same industry. D. Interviews with existing audit staff.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 28
An auditor for a large wholesaler is evaluating the controls over the approval and oversight of credit sales. Which of the following procedures would be a control weakness?
A. Thecreditdepartmentisresponsibleforapprovingshipmentstoallcustomers.
B. Thefinancecommitteeoftheboardofdirectorsperiodicallyreviewscreditstandards.
C. Customers who fail to meet credit requirements must pay cash for shipments upon delivery. D. The sales department is responsible for determining the credit ratings of customers.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 29
To determine if a new computer system is improving the use of a manufacturer's limited facilities in serving the largest number of customers, an auditor should compare.
A. Thenumberofreworkedordersandtheircostsbeforeandaftersysteminstallation. B. Inventoryandmaterialshandlingcostsbeforeandaftersysteminstallation.
C. The number of orders filled and their cycle times before and after system installation. D. The number of reworked orders and orders filled before and after system installation.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference:
QUESTION 30
In a manufacturing organization, all sales prices are determined centrally and are electronically sent to the distribution centers to update their sales price tables. Any pricing deviations must be approved by central headquarters. To determine how this process is functioning, an internal auditor should:
A. Documenttheflowofsalespriceinformation,anddeterminehowthetableisaccessedandupdated.
B. Developaflowchartofthesalesorderprocesstodeterminehowordersaretakenandpriced.
C. Identify who approves the shipment of goods and how the goods are priced.
D. Obtain a copy of the existing flowchart for the computer program to determine how price data are accessed.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference: QUESTION 31
It would be appropriate for an internal audit activity to use consultants with expertise in health-care benefits when the internal audit activity is:
I. Conducting an audit of the organization's estimate of its liability for post retirement benefits, which include health care benefits. II. Comparing the cost of the organization's health care program with that of other programs offered in the industry.
III. Training its staff to conduct an audit of health care costs in a major division of the organization.
A. Ionly
B. IandIIIonly C. II and III only D. I, II, and III.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference: QUESTION 32
To assure that the technical proficiency of internal auditors is appropriate for the audit engagements to be performed, a chief audit executive should:
A. Considerthescopeofworkandlevelofresponsibilitywhenestablishingcriteriaforeducationandexperienceinfillinginternalauditingpositions. B. Ensurethateachnewlyhiredauditorisqualifiedinallofthedisciplinesneededtoaccomplishthedepartment'sauditmission.
C. Oversee a training program that matches the actual training provided with the interests of individual auditors.
D. Require all of the audit staff to pursue a minimum number of continuing professional education hours each year.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference: QUESTION 33
Which of the following best describes the most important criteria when assigning responsibility for specific tasks required in an audit engagement?
A. Auditorsmustbegivenassignmentsbasedprimarilyupontheiryearsofexperience.
B. Allauditorsassignedanaudittaskmusthavetheknowledgeandskillsnecessarytocompletethetasksatisfactorily.
C. Tasks must be assigned to the audit team member who is most qualified to perform them.
D. Allauditteammembersmusthavetheskillsnecessarytosatisfactorilycompleteanytaskthatwillberequiredintheauditengagement.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 34
In advance of a preliminary survey, a chief audit executive sends a memorandum and questionnaire to the supervisors of the department to be audited. What is the most likely result of that procedure?
A. Itcreatesapprehensionabouttheauditengagement.
B. Itinvolvestheengagementclient'ssupervisorypersonnelintheaudit. C. It is an uneconomical approach to obtaining information.
D. It is only useful for audits of distant locations.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference: QUESTION 35
Which of the following steps would not be included in a program of selecting and developing human resources for an internal audit department?
A. Schedulingperiodicmeetingswithindividualauditors,duringwhichthechiefauditexecutiveprovidescounselregardingeachauditor'sperformanceand professional career development.
B. Establishinganinternalreviewteamtoassesstheauditors'andauditdepartment'scompliancewithstandards,levelofauditeffectiveness,andcompliancewith departmental policy.
C. Developing specific job descriptions for audit staff, audit managers, and other auditing positions. D. Establishing in-house training programs and requiring continuing education for audit staff.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 36
Auditors 1, 2, and 3 work out of various offices. Each must be assigned to one, and only one, of three audit locations (A, B, or C). The cost of sending each auditor to each location is listed below:
Audit Locations
Auditor 1 A
B
C
Auditor 2 $200 $300 $400
Auditor 3 $400 $300 $600
Auditor 4 $200 $200 $500
The minimum cost with which this assignment can be accomplished is:
A. $800 B. $900 C. $1, 000 D. $1, 100
Correct Answer: B
Section: Volume A Explanation
Explanation/Reference: QUESTION 37
Internal auditors exercise judgment about the type and amount of information to be collected. The primary purpose of this judgment is to:
A. Eliminatetheriskofdrawingincorrectconclusions.
B. Minimizethecostoftheauditengagement.
C. Comply with the Standards.
D. Provide a sound basis for audit observations and recommendations.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference: QUESTION 38
Which of the following is a benefit from reduced testing during a particular phase of an audit engagement?
A. Thesizeoftheinternalauditactivitycanbereduced.
B. Thereislessconcernaboutassessinginherentrisk.
C. The level of planned audit risk is lowered.
D. Additional audit hours are available for pursuing other engagement objectives.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference: QUESTION 39
Which of the following would be the least desirable criteria against which to judge current operations of a company's treasury function?
A. Theoperationsofthetreasuryfunctionasdocumentedduringthelastauditengagement. B. Companypoliciesandproceduresdelegatingauthorityandassigningresponsibilities.
C. Finance textbook illustrations of generally accepted good treasury function practices.
D. Codification of best practices of the treasury function in relevant industries.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 40
A bakery chain has a statistical model that can be used to predict daily sales at individual stores based on a direct relationship to the cost of ingredients used and an inverse relationship to rainy days. What conditions would an auditor look for as an indicator of employee theft of food from a specific store?
A. Onarainyday,totalsalesaregreaterthanexpectedwhencomparedtothecostofingredientsused. B. Onasunnyday,totalsalesarelessthanexpectedwhencomparedtothecostofingredientsused. C. Both total sales and cost of ingredients used are greater than expected.
D. Both total sales and cost of ingredients used are less than expected.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 41
To promote a positive image within an organization, a chief audit executive (CAE) adjusted the audit plan to focus on assurance engagements that highlighted potential costs to be saved. Negative observations were to be omitted from engagement final communications. Which action taken by the CAE would be considered a violation of the Standards?
I. The focus of the audit function was changed without modifying the audit charter or notifying the audit committee. II. Negative observations were omitted from the engagement final communications.
III. Cost savings and recommendations were highlighted in the engagement final communications.
A. IIonly
B. IandIIonly
C. I and III only D. I, II, and III.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference: QUESTION 42
Which of the following actions would be considered a violation of the Standards?
I. Drafts of engagement communications were reviewed with the audit client to obtain input. The client's comments were considered when developing the engagement final communication.
II. An auditor participated as part of a development team to review the control procedures to be incorporated into a major computer application under development. III. Given limited resources, the chief audit executive performed a risk analysis to determine which functions to audit.
A. IIonly
B. IandIIIonly
C. I, II, and III.
D. None of the above.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 43
A manufacturer uses a materials requirements planning (MRP) system to track inventory, orders, and raw materials requirements. What condition should an auditor search for in the MRP database if a preliminary assessment indicated that inventory is understated?
I. Item cost set at zero.
II. Negative quantities on hand.
III. Order quantity exceeding requirements.
IV. Inventory lead times exceeding delivery schedule.
A. IandIIonly
B. IandIVonly C. II and IV only D. III and IV only
Correct Answer: A Section: Volume A Explanation
Explanation/Reference: QUESTION 44
To identify those components of a telecommunications system that present the greatest risk, an internal auditor should first:
A. Reviewtheopensystemsinterconnectnetworkmodel.
B. Identifythenetworkoperatingcosts.
C. Determine the business purpose of the network.
D. Map the network software and hardware products into their respective layers.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference: QUESTION 45
The chief audit executive's responsibility regarding control processes includes:
A. Assistingseniormanagementandtheauditcommitteeinthedevelopmentofanannualassessmentaboutinternalcontrol. B. Overseeingtheestablishmentofinternalcontrolprocesses.
C. Maintaining the organization's governance processes.
D. Ensuring that the internal audit activity assesses all control processes annually.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 46
In order to save time, an audit manager no longer required that a standard internal control questionnaire be completed for each audit engagement. Does this represent a violation of the Standards?
A. Yes,becauseinternalcontrolshouldbeevaluatedoneveryengagementandtheinternalcontrolquestionnaireisthemandatedapproachtoevaluatecontrols. B. Yes,becauseinternalcontrolshouldbeevaluatedoneveryengagementandtheinternalcontrolquestionnaireisthemostefficientmethodtodoso.
C. No, because auditors may omit necessary procedures if there is a time constraint, based on audit judgment.
D. No, because auditors are not required to complete internal control questionnaires on every engagement.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference: QUESTION 47
The primary reason that a bank would maintain a separate compliance function is to:
A. Bettermanageperceivedhighrisks.
B. Strengthencontrolsoverthebank'sinvestments.
C. Ensure the independence of line and senior management. D. Better respond to shareholder expectations.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference:
QUESTION 48
Which of the following would be the most useful in developing an annual audit plan?
A. Generalpurposeauditsoftware.
B. Votingsoftwareandhardware.
C. Flowcharting and data capture software. D. Risk assessment software.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference: QUESTION 49
Which of the following is not an appropriate control related to sales in a manufacturing company?
A. Customers'ordersarerecordedpromptly.
B. Goodsshippedarematchedwithvalidcustomerorders.
C. Goods returned are inspected for damage by the sales department and then entered into inventory. D. Credit department approval is required for credit sales transactions.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference: QUESTION 50
Inadequate risk assessment would have the strongest negative impact in which of the following phases of an audit engagement?
A. Determiningthescope.
B. Reviewinginternalcontrols. C. Testing.
D. Evaluating findings.
Correct Answer: A Section: Volume A Explanation
Explanation/Reference: QUESTION 51
In order to exercise due professional care as defined in the International Professional Practices Framework, an internal auditor should:
I. Consider the probability of significant noncompliance in each audit engagement.
II. Perform assurance procedures with sufficient care to ensure that all risks are identified. III. Weigh the cost of assurance against the benefits.
A. IandIIonly B. IandIIIonly C. II and III only D. I, II, and III.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference: QUESTION 52
In developing an appropriate work program for an audit engagement, the most important factor for an audit supervisor to consider is the:
A. Availabilityofrecordsanddata.
B. Potentialimpactofrisks.
C. Capabilities of audit personnel.
D. Time required to complete the engagement.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference:
QUESTION 53
Organizations that use a highly structured command-and-control management approach are at greater risk of:
A. Delayedresponseduetotheinabilitytoreachconsensusamongdecisionmakers.
B. Negativeconsequencesthatresultfromlower-levelstaff'sunwillingnesstoconfronterrorsbysuperiors. C. Erosion of staff morale due to perceptions of ineffective leadership.
D. Waste and abuse of organizational resources resulting from management override of controls.
Correct Answer: B Section: Volume A Explanation
Explanation/Reference: QUESTION 54
Regarding an organization's decision to retain an external audit firm, the chief audit executive (CAE) should:
A. Workwiththeorganization'schieffinancialofficertoevaluatetheexternalauditor'sperformanceandtogethermakethedecision. B. NotbeinvolvedinthisdecisionprocessasitwouldcompromisetheCAE'sobjectivity.
C. Evaluate the external auditor's performance and retain the external auditor if quality and cost criteria are met.
D. Assisttheauditcommitteebyfacilitatingthedevelopmentofanappropriateevaluationprocess.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference: QUESTION 55
Which of the following would provide the most reliable information on the risk associated with an auditable activity?
A. Eventscenarioswithregressionanalysis.
B. Pastauditfindingsandinstancesofmanagementfailures.
C. Consequences and economic predictability of loss.
D. Management assessment and corroboration by the internal audit activity.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 56
At the beginning of fieldwork in an audit of investments, an internal auditor noted that the interest rate had declined significantly since the engagement work program was created. The auditor should:
A. Proceedwiththeexistingprogramsincethiswastheoriginalscopeofworkthatwasapproved. B. Modifytheauditprogramandproceedwiththeengagement.
C. Consult with management to verify the interest rate change and proceed with the engagement. D. Determine the effect of the interest rate change and whether the program should be modified.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference:
QUESTION 57
In publicly held companies, management often requires the internal audit activity's involvement with quarterly financial statements that are made public and used internally. Which of the following is generally not a reason for such involvement?
A. Managementmaybeconcernedaboutitsreputationinthefinancialmarkets.
B. Managementmaybeconcernedaboutpotentialpenaltiesthatcouldoccurifquarterlyfinancialstatementsaremisstated.
C. The Standards state that internal auditors should be involved with reviewing quarterly financial statements.
D. Management may perceive that having quarterly financial information examined by the internal auditors enhances its value for internal decision making.
Correct Answer: C Section: Volume A Explanation
Explanation/Reference:
QUESTION 58
Overall audit efficiency is enhanced between the internal and external audit functions when:
A. Internalauditcoverageisreducedtoavoidpotentialconflictsofinterest.
B. Auditsofthesamedepartmentareconductedatdifferenttimes.
C. The internal audit department reviews functions or departments prior to the external audit. D. External audit scope is reduced based on the internal audit department's activities.
Correct Answer: D Section: Volume A Explanation
Explanation/Reference: QUESTION 59
When reviewing management reports to the board of directors, the internal audit activity should:
A. Evaluatetheprocessusedtopreparethemanagementreports. B. Maintainsupportingdocumentationforthemanagementreports. C. Tie all financial numbers in the reports to the general ledger.
D. Compare to prior-period reports for consistency.
Correct Answer: A Section: Volume B Explanation
Explanation/Reference: QUESTION 60
The internal audit activity's role in the risk assessment and management processes of an organization is determined by the:
A. Boardofdirectors.
B. Chiefauditexecutive.
C. Risk management department. D. External auditors.
Correct Answer: A Section: Volume B Explanation
Explanation/Reference: QUESTION 61
Which of the following best contributes to the effectiveness of the internal audit activity in an organization?
A. Appropriatetermsofinternalauditscopeandresponsibilityinthecharter. B. Appropriatecompliancecoverageintheannualauditplan.
C. Regular review of the audit charter by management.
D. Assuranceofinternalauditobjectivitybytheboard.
Correct Answer: A Section: Volume B Explanation
Explanation/Reference: QUESTION 62
During a review of data center physical security and environmental controls, an auditor should ensure that:
I. Visitors are accompanied by authorized personnel at all times. II. Only developers and operators have access to the data center. III. Fire suppression equipment is tested periodically.
IV. Fire and water detectors have been installed.
A. IandIIIonly
B. IIandIVonly
C. I, III, and IV only D. II, III, and IV only
Correct Answer: C Section: Volume B Explanation
Explanation/Reference: QUESTION 63
To enhance the independence of both the internal and external audit functions, audit committees should be composed of:
A. Arotatingsubcommitteeoftheboardofdirectorsoritsequivalent.
B. Acombinationofexternalmembersoftheboardofdirectorsandcompanyofficers.
C. Members from all important constituencies, specifically including representatives from banking, labor, regulatory agencies, shareholders, and officers. D. Only external members of the board of directors or other similar oversight committees.
Correct Answer: D Section: Volume B Explanation
Explanation/Reference: QUESTION 64
Which of the following is not true with regard to the internal audit charter?
A. Itdefinestheauthoritiesandresponsibilitiesoftheinternalauditactivity. B. Itspecifiestheminimumresourcesneededfortheinternalauditactivity. C. It provides a basis for evaluating the internal audit activity.
D. It should be approved by senior management and the board.
Correct Answer: B Section: Volume B Explanation
Explanation/Reference: QUESTION 65
The primary objective of risk-based auditing is to assess the:
A. Economyofcontrols.
B. Compliancewithcontrols.
C. Adequacyofcontrols. D. Efficiency of controls.
Correct Answer: C Section: Volume B Explanation
Explanation/Reference: QUESTION 66
Which of the following would be most relevant regarding the internal control environment?
A. Assessingcontrolsovercomputerizedapplications.
B. Documentingtheorganizationalstructure.
C. Comparing and validating internal performance with external benchmarking. D. Maintaining and reviewing detailed financial records.
Correct Answer: B Section: Volume B Explanation
Explanation/Reference: