Certified Internal Auditor Questions + Answers Part 11
Posted: Tue Mar 01, 2022 5:01 am
QUESTION 135
An organization has developed a large database that tracks employees, employee benefits, payroll deductions, job classifications, and other similar information. The internal auditor reviews the retirement benefits plan and determines that the pension and medical benefits have been changed several times in the past ten years. The auditor wishes to determine whether there is justification to perform further audit investigation. The most appropriate audit procedure would be to:
A. Reviewthetrendofoverallretirementexpenseoverthelasttenyears.Iftheretirementexpense increased, it would indicate the need for further investigation.
B. Usegeneralizedauditsoftwaretoselectamonetary-unitsampleofretirementpay,anddetermine whether each retired employee was paid correctly.
C. Review reasonableness of retirement pay and medical expenses on a per-person basis stratified by which plan was in effect when the employee retired.
D. Use generalized audit software to select an attributes sample of retirement pay, and perform detailed testing to determine whether each person chosen was given the proper benefits.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 136
Risk assessments can vary in format, but generally include: 1. A description of identified risks.
2. Tests of audit controls.
3. A system of rating risks.
4. Sample size identification.
A. 1and2only
B. 1and3only
C. 1,3,and4only D. 2,3,and4only
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 137
An internal auditor has just undertaken an organization-wide risk assessment. In identifying potential audit engagements the internal auditor should consider least:
A. Focusingonthehighriskareasassourcesofpotentialengagements. B. Focusinginareasnotauditedlastyear.
C. Factoring in management requests.
D. Focusing on those risks highlighted by the external auditor.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 138
When planning an audit engagement, what should an internal auditor first consider when assessing the risk of fraud in the area to be audited?
A. Impactofandexposuretofraud. B. Existenceofevidenceoffraud. C. Organizational structure.
D. Management's risk appetite.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 139
Which of the following actions is related to the preliminary survey process?
A. Determiningifcontrolsareeffective.
B. Preparingtheengagementworkprogram. C. Identifying the current controls.
D. Completing a detailed test of controls.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 140
A code of business conduct provides:
A. Afraudavoidanceplanthatdoesnotexplicitlydescribepunishmentsforviolations. B. Apassivemethodoffrauddeterrence.
C. A program to anonymously report irregularities to authorities.
D. An alternative to "tone at the top" programs.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 141
The chief executive officer has requested that the chief audit executive (CAE) coordinate the establishment of an enterprise risk management (ERM) program for the organization. Which of the following would be the most appropriate action for the CAE?
A. AccepttherequestastheroleofcoordinatingERMisacorefunctionofinternalaudit.
B. DeclinetherequestasthisrolecompromisestheCAE'sobjectivity.
C. Accept the request after consulting with the board and adhering to proper safeguards.
D. Decline the request as internal audit has limited knowledge and experience of risk at the enterprise level to undertake the assignment.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 142
Which of the following is the most common method management can use to manage risk within its risk appetite?
A. Implementationofcontrols.
B. Useofriskregistersanddashboard.
C. Frequent communication of risk appetite for operating personnel. D. Continuous evaluations and audits.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 143
Which of the following is an effective way for an internal auditor to improve communications with the client during a contentious audit?
A. Encouragetheclienttoparticipateasapartnerinthedecision-makingprocesstodeterminethe changes that need to be made.
B. Clearlyexplaintotheclienttheroleoftheinternalauditactivityinthechangeprocess.
C. Obtain the support of the board of directors for proposed changes before discussing the changes with operating management.
D. Speak privately with key client personnel immediately after proposed changes are announced to address their concerns.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 144
The chief audit executive's responsibility regarding control processes includes:
A. Assistingseniormanagementandtheauditcommitteeinthedevelopmentofanannualassessment about internal control.
B. Overseeingtheestablishmentofinternalcontrolprocesses.
C. Maintaining the organization's governance processes.
D. Ensuring that the internal audit activity assesses all control processes annually.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 145
Inadequate risk assessment would have the strongest negative impact in which of the following phases of
an audit engagement?
A. Determiningthescope.
B. Reviewinginternalcontrols. C. Testing.
D. Evaluating findings.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 146
The best method for assessing the relative importance of risk factors is to:
A. Changetheratingofthefactorsfroma1-3scaletoa1-5scale. B. Assignweightstothefactorsbasedonthecomparativeimpact. C. List the risk factors in a priority order.
D. Use data from an independent source.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 147
Which of the following audit planning activities adds the least value in understanding the current risk exposures facing the corporation?
A. Reviewoforganizationalstrategicplansandoperationalplans. B. Consultationwithseniormanagementandtheauditcommittee. C. Review of the external auditor's risk assessment.
D. Review of corporate performance reporting and benchmarking.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 148
The internal audit activity's primary responsibility in a review or examination of the organization by an external regulatory body is to:
A. Verifythatregulatoryreviewsoccurwithadequatefrequency.
B. Providefollow-uptodetermineiftheregulator'sfindingsareappropriatelyresolvedbymanagement. C. Prepare documentation for the regulator.
D. Document the responses to the regulator's findings.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 149
Under what circumstances would internal audit not become involved when intentional misconduct is suspected?
A. Managementisinvolvedinwrongdoing.
B. Managementisrunningaparallelinvestigation.
C. Management does not believe a trusted employee could be guilty. D. Management does not maintain strong internal controls.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 150
During a payroll audit of a large organization, an internal auditor noted that the assistant personnel director is responsible for many aspects of the computerized payroll system, including adding new employees in the system; entering direct-deposit information for employees; approving and entering all payroll changes; and providing training for system users. After discussions with the director of personnel, the auditor concluded that the director was not comfortable dealing with information technology issues and felt obliged to support all actions taken by the assistant director. The auditor should:
A. Continuetofollowtheengagementprogrambecausetheengagementscopeandobjectiveshave already been discussed with management.
B. Reviewtheengagementprogramtoensuretestingofdirectdepositstoemployeebankaccountsis adequately covered.
C. Recommend to the chief audit executive that a fraud investigation be started.
D. Test a sample of payroll changes to ensure that they were approved by the assistant director before being processed.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 151
The most effective procedure to verify compliance with a requirement that materials be purchased from the lowest-priced source is to compare:
A. Pricespaidforselectedmaterialswithpriceslistedonrelatedpurchaseorders. B. Bidsobtainedforselectedpurchaseswithrelatedpurchaseorders.
C. Vendors' current prices with prices listed on related purchase orders.
D. Approved vendor lists with bids obtained for selected purchases.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 152
A major insurance company provides a discount on automobile insurance if the vehicle meets certain safety criteria. Which of the following audit tests would provide an internal auditor with the best evidence that all qualifying insured automobiles are receiving the discount?
A. Comparethepercentageofautomobilesreceivingdiscountsthisyeartothatoflastyear.
B. Askmanagerswhethertheyareawareofthediscountcriteriaandwhethertheyareprovidingthe discount to all qualifying automobiles.
C. Select a sample of automobiles that are not receiving the discount and determine if they have been properly excluded.
D. Select a sample of automobiles receiving the discount and determine that the required discount criteria are being met.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 153
Which of the following best describes the most important criteria when assigning responsibility for specific tasks required in an audit engagement?
A. Auditorsmustbegivenassignmentsbasedprimarilyupontheiryearsofexperience.
B. Allauditorsassignedanaudittaskmusthavetheknowledgeandskillsnecessarytocompletethetask satisfactorily.
C. Tasks must be assigned to the audit team member who is most qualified to perform them.
D. Allauditteammembersmusthavetheskillsnecessarytosatisfactorilycompleteanytaskthatwillbe required in the audit engagement.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 154
Cross-referencing individual payroll time cards to personnel department records and reports would allow an internal auditor to determine whether:
A. Individualsarebonafideemployees.
B. Personneldepartmentrecordsagreewithpayrollaccountingrecords. C. Individuals were paid at the proper rates.
D. Individuals were paid only for time worked.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 155
Which of the following would most likely contribute to discrepancies between receiving reports and the number of units in a shipment?
A. Failingtocomparethequalityofgoodsreceivedwithspecifications.
B. Usinginadequatevendorselectionprocedures.
C. Accepting improper authorization for purchases.
D. Indicating the quantities ordered on the receiving department's copy of the purchase order.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 156
Which of the following would have the least significance in an audit of the efficiency of a driver's license testing facility?
A. Clericalstaffadministerwrittenteststoallowexaminersmoretimetosupervisedrivingtests. B. Staffarecross-trainedtoprovidebackupforotherareasofthefacilityasrequired.
C. A point-of-sale cashiering system reduces the need to reenter payment data.
D. Examiners are required to be recertified on an annual basis.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 157
A bakery chain has a statistical model that can be used to predict daily sales at individual stores based on a direct relationship to the cost of ingredients used and an inverse relationship to rainy days. What conditions would an internal auditor look for as an indicator of employee theft of food from a specific store?
A. Onarainyday,totalsalesaregreaterthanexpectedwhencomparedtothecostofingredientsused. B. Onasunnyday,totalsalesarelessthanexpectedwhencomparedtothecostofingredientsused. C. Both total sales and cost of ingredients used are greater than expected.
D. Both total sales and cost of ingredients used are less than expected.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 158
An organization's policies allow buyers to authorize expenditures up to $50,000 without any other approval. Which of the following audit procedures would be most effective in determining if fraud in the form of payments to fictitious companies has occurred?
A. Usegeneralizedauditsoftwaretolistallpurchasesover$50,000todeterminewhethertheywere properly approved.
B. Developasnapshottechniquetotracealltransactionsbysuspectedbuyers.
C. Use generalized audit software to take a random sample of all expenditures under $50,000 to determine whether they were properly approved.
D. Use generalized audit software to select a sample of paid invoices to new vendors and examine evidence that shows that services or goods were received.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 159
Production managers for a manufacturing company are authorized to prepare emergency purchase orders for raw materials. These manually prepared orders do not go through the purchasing department and do not require a receiving report. The managers forward the invoice and purchase order to the accounting department for payment. Which of the following internal controls would efficiently prevent abuse of this system?
A. Instituteacompanypolicyrequiringrotationofordersamongseveralsuppliers. B. Requireamanualreceivingreportfromthewarehousepriortopayment.
C. Forbid the use of emergency purchase orders.
D. Review the level of safety stock.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 160
Which of the following is most appropriate when conducting an interview during the course of a fraud investigation?
A. Scheduletheinterviewwellinadvance.
B. Explainthedetailedpurposetotheinterviewee. C. Assume that the interviewee is guilty.
D. Have a witness present during the interview.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 161
Which of the following types of contracts would provide the least incentive for a contractor to achieve economy and efficiency?
A. Lump-sum contract.
B. Cost-pluscontract.
C. Unit-price contract.
D. Indefinitedeliverycontract.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 162
Which of the following best describes the primary concern of the audit manager upon review of engagement working papers of an auditor?
A. Toensureadequatecontroloverthecustodyofworkingpapersisexercisedbytheauditor.
B. Toensurethataspartofthedocumentationtheauditorcollectedoriginaldocumentsthatcan corroborate the audit findings.
C. To ensure that the work papers create background for subsequent reviews.
D. To ensure that the audit programs are followed by the auditor.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 163
Information gathered in a forensic investigation of business fraud is usually gathered with which of the following standards in mind?
A. GenerallyAcceptedAuditingStandards.
B. GenerallyAcceptedAccountingPrinciples.
C. The International Professional Practices Framework. D. Legal evidence.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Okay.
QUESTION 164
The internal auditor's opinion in terms of due professional care should be:
A. Limitedtotheeffectivenessofinternalcontrols.
B. Expressedonlywhenconsensuswithtopmanagementhasbeenachieved. C. Based on experience and free of all bias.
D. Based on sufficient factual evidence.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 165
According to the Standards, which of the following describes the condition attribute when applied to the observations and recommendations contained in the audit report?
A. Thestandards,measures,orexpectationsusedinmakinganevaluationorverification.
B. Thereasonforthedifferencebetweentheexpectedstateandtheactualstate.
C. The factual evidence that the internal auditor found in the course of the examination.
D. The risk or exposure the organization encounters because the actual state is not consistent with the criteria.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 166
When determining the nature, timing, and extent of follow up, the chief audit executive considers all of the following factors except:
A. Significanceofthereportedobservationorrecommendation,degreeofeffort,andcostneededto correct the reported condition.
B. Impactthatmayresultshouldthecorrectiveactionfail.
C. Authorityandresponsibilityofthepersonrequiredtotakecorrectiveaction.
D. Complexity of the corrective action and time period involved.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
actual answer.
QUESTION 167
With which of the following would the internal audit activity discuss findings, conclusions and recommendations prior to issuance of internal audit report?
1. Business unit management.
2. Chief audit executive.
3. Audit committee.
4. Chief executive officer.
A. 1and2only B. 1and3only C. 2and3only D. 1,2,3,and4
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 168
According to the International Professional Practices Framework, which of the following statements is true regarding the use of the statement, "Conducted in Conformance with the International Standards for the Professional Practice of Internal Auditing," when communicating results of a seven-year-old internal audit activity?
A. Thestatementmaybeusedonlywhenconductinginternationalengagements.
B. Thestatementmaybeusedonlyiftheresultsofthequalityassuranceandimprovementprogram support the statement.
C. The statement may be used whether or not the internal audit department has an external quality assessment review or an independent validation of a self assessment.
D. The statement should not be used for a consulting engagement.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 169
During an engagement, an internal auditor discovered that an organization's policy on delegation of authority listed six individuals who were no longer employed with the organization. In addition, four individuals acting with disbursement authority were not identified in the policy as having such authority. Which of the following is the most effective course of action to address the control weakness?
A. Immediatelyinitiateacompleteauditofthedisbursementfunctiontodetermineifsignificantfraudshave
occurred.
B. Recommendthatmanagementreviewtheprocesssupportingthepolicyandmakeimprovements.
C. Advise management to add the four additional names and remove the incorrect names from the policy to make it current.
D. Review further to ensure that the four individuals do not have the appropriate authority through delegation.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
ALL right.
QUESTION 170
In which of the following cases is it appropriate for an audit report to not contain management's response either within the report or as an attachment?
A. Management'sresponsetoanauditreportisgenerallynotarequirement.
B. Internalcontrolswerefoundtobeproperlydesignedandoperatingeffectivelyalthoughoperationsare deemed inefficient.
C. There was insufficient time to obtain management's response during the draft reporting process.
D. An internal audit report contains no observations.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 171
When performing a compliance audit of the organization's outsourced services, which of the following is considered the primary engagement objective?
A. Verifyingthattheorganizationdoesnothavetheappropriateknowledgeandresourcesin-house. B. Ensuringtheproviderhasadequateinternalcontrolsinordertoprotectthequalityoftheirservice. C. Evaluating the efficiency, effectiveness, economy, and sufficiency of the services provided.
D. Assessingtheprovider'sadherencetocontractandregulatoryrequirements.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
good answer.
QUESTION 172
Which of the following actions has the least influence on the chief audit executive's development of an audit plan?
A. Inputfromseniormanagementandtheboard.
B. Anevaluationofthecomplexityofeachauditengagement.
C. Changes in the organizations structure or budget.
D. An assessment of risk and exposures affecting the organization.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 173
Which role is not considered a change agent when an organization wants to implement structural changes?
A. Seniormanagement.
B. Linemanagement.
C. Independent consultant. D. Shareholder.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 174
Because of an abundance of high priority requests from management, an internal audit activity no longer has the resources to meet all of its commitments contained in the annual audit plan. Which of the following would be the best course of action for the chief audit executive to follow?
A. Continuewiththeplanandseekopportunitiestoadjustprioritiesandreallocateresources.
B. Presentareassessmentoftheplantotheboardandseniormanagementforconsideration.
C. Reassess the plan and either cancel or divert resources away from the lowest priority activities.
D. Advise the board immediately and seek their support for additional resources to meet the needs of the plan.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 175
Why should internal auditors develop a strong relationship with the external auditors?
A. Externalauditorsofferanadditionallayerofapprovaltointernalauditors'reports.
B. Externalauditorscanhelpimprovetheeffectivenessofinternalcontrolsamplingtechniques. C. External auditors can offer an independent and knowledgeable viewpoint.
D. External auditors can share information gained from work with similar clients.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 176
An internal auditor is planning an assurance engagement. The auditor first reviews the department's business objectives. What is the next step?
A. Reviewcontrolactivities.
B. Evaluatepotentialrisks.
C. Establish risk management roles.
D. Set the scope of the engagement.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 177
Which characteristic of risk assessment makes it a useful tool for audit planning?
A. Itprovidesalistofauditableactivitiesintheorganization.
B. Itrankstheseverityofpotentiallyadverseeffectsontheorganization.
C. It provides a process for identifying and analyzing potentially adverse effects.
D. It evaluates the probability that an event or action may adversely affect the organization.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 178
An internal audit manager is supervising an engagement. A senior auditor deviates from the approved engagement plan but meets all deadlines in the approved time schedule. Which activity is not required for the audit manager to provide proper engagement supervision?
A. Activelyparticipateinauditprocedures.
B. Ensurethatallengagementobjectivesaremet. C. Approve the deviation from the engagement plan. D. Ensure compliance with the time schedule.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 179
Which of the following statements is correct regarding the assessment of risk in the annual audit planning process?
1. Activities requested by management should be considered higher risk than those requested by the audit committee.
2. Activities with lower budgets can be as high risk as those with higher budgets.
3. The potential financial or adverse exposure should always be considered in the assessment of risk.
A. 1only
B. 2only
C. 3 only
D. 2and3only
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
An organization has developed a large database that tracks employees, employee benefits, payroll deductions, job classifications, and other similar information. The internal auditor reviews the retirement benefits plan and determines that the pension and medical benefits have been changed several times in the past ten years. The auditor wishes to determine whether there is justification to perform further audit investigation. The most appropriate audit procedure would be to:
A. Reviewthetrendofoverallretirementexpenseoverthelasttenyears.Iftheretirementexpense increased, it would indicate the need for further investigation.
B. Usegeneralizedauditsoftwaretoselectamonetary-unitsampleofretirementpay,anddetermine whether each retired employee was paid correctly.
C. Review reasonableness of retirement pay and medical expenses on a per-person basis stratified by which plan was in effect when the employee retired.
D. Use generalized audit software to select an attributes sample of retirement pay, and perform detailed testing to determine whether each person chosen was given the proper benefits.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 136
Risk assessments can vary in format, but generally include: 1. A description of identified risks.
2. Tests of audit controls.
3. A system of rating risks.
4. Sample size identification.
A. 1and2only
B. 1and3only
C. 1,3,and4only D. 2,3,and4only
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 137
An internal auditor has just undertaken an organization-wide risk assessment. In identifying potential audit engagements the internal auditor should consider least:
A. Focusingonthehighriskareasassourcesofpotentialengagements. B. Focusinginareasnotauditedlastyear.
C. Factoring in management requests.
D. Focusing on those risks highlighted by the external auditor.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 138
When planning an audit engagement, what should an internal auditor first consider when assessing the risk of fraud in the area to be audited?
A. Impactofandexposuretofraud. B. Existenceofevidenceoffraud. C. Organizational structure.
D. Management's risk appetite.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 139
Which of the following actions is related to the preliminary survey process?
A. Determiningifcontrolsareeffective.
B. Preparingtheengagementworkprogram. C. Identifying the current controls.
D. Completing a detailed test of controls.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 140
A code of business conduct provides:
A. Afraudavoidanceplanthatdoesnotexplicitlydescribepunishmentsforviolations. B. Apassivemethodoffrauddeterrence.
C. A program to anonymously report irregularities to authorities.
D. An alternative to "tone at the top" programs.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 141
The chief executive officer has requested that the chief audit executive (CAE) coordinate the establishment of an enterprise risk management (ERM) program for the organization. Which of the following would be the most appropriate action for the CAE?
A. AccepttherequestastheroleofcoordinatingERMisacorefunctionofinternalaudit.
B. DeclinetherequestasthisrolecompromisestheCAE'sobjectivity.
C. Accept the request after consulting with the board and adhering to proper safeguards.
D. Decline the request as internal audit has limited knowledge and experience of risk at the enterprise level to undertake the assignment.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 142
Which of the following is the most common method management can use to manage risk within its risk appetite?
A. Implementationofcontrols.
B. Useofriskregistersanddashboard.
C. Frequent communication of risk appetite for operating personnel. D. Continuous evaluations and audits.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 143
Which of the following is an effective way for an internal auditor to improve communications with the client during a contentious audit?
A. Encouragetheclienttoparticipateasapartnerinthedecision-makingprocesstodeterminethe changes that need to be made.
B. Clearlyexplaintotheclienttheroleoftheinternalauditactivityinthechangeprocess.
C. Obtain the support of the board of directors for proposed changes before discussing the changes with operating management.
D. Speak privately with key client personnel immediately after proposed changes are announced to address their concerns.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 144
The chief audit executive's responsibility regarding control processes includes:
A. Assistingseniormanagementandtheauditcommitteeinthedevelopmentofanannualassessment about internal control.
B. Overseeingtheestablishmentofinternalcontrolprocesses.
C. Maintaining the organization's governance processes.
D. Ensuring that the internal audit activity assesses all control processes annually.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 145
Inadequate risk assessment would have the strongest negative impact in which of the following phases of
an audit engagement?
A. Determiningthescope.
B. Reviewinginternalcontrols. C. Testing.
D. Evaluating findings.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 146
The best method for assessing the relative importance of risk factors is to:
A. Changetheratingofthefactorsfroma1-3scaletoa1-5scale. B. Assignweightstothefactorsbasedonthecomparativeimpact. C. List the risk factors in a priority order.
D. Use data from an independent source.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 147
Which of the following audit planning activities adds the least value in understanding the current risk exposures facing the corporation?
A. Reviewoforganizationalstrategicplansandoperationalplans. B. Consultationwithseniormanagementandtheauditcommittee. C. Review of the external auditor's risk assessment.
D. Review of corporate performance reporting and benchmarking.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 148
The internal audit activity's primary responsibility in a review or examination of the organization by an external regulatory body is to:
A. Verifythatregulatoryreviewsoccurwithadequatefrequency.
B. Providefollow-uptodetermineiftheregulator'sfindingsareappropriatelyresolvedbymanagement. C. Prepare documentation for the regulator.
D. Document the responses to the regulator's findings.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 149
Under what circumstances would internal audit not become involved when intentional misconduct is suspected?
A. Managementisinvolvedinwrongdoing.
B. Managementisrunningaparallelinvestigation.
C. Management does not believe a trusted employee could be guilty. D. Management does not maintain strong internal controls.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 150
During a payroll audit of a large organization, an internal auditor noted that the assistant personnel director is responsible for many aspects of the computerized payroll system, including adding new employees in the system; entering direct-deposit information for employees; approving and entering all payroll changes; and providing training for system users. After discussions with the director of personnel, the auditor concluded that the director was not comfortable dealing with information technology issues and felt obliged to support all actions taken by the assistant director. The auditor should:
A. Continuetofollowtheengagementprogrambecausetheengagementscopeandobjectiveshave already been discussed with management.
B. Reviewtheengagementprogramtoensuretestingofdirectdepositstoemployeebankaccountsis adequately covered.
C. Recommend to the chief audit executive that a fraud investigation be started.
D. Test a sample of payroll changes to ensure that they were approved by the assistant director before being processed.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 151
The most effective procedure to verify compliance with a requirement that materials be purchased from the lowest-priced source is to compare:
A. Pricespaidforselectedmaterialswithpriceslistedonrelatedpurchaseorders. B. Bidsobtainedforselectedpurchaseswithrelatedpurchaseorders.
C. Vendors' current prices with prices listed on related purchase orders.
D. Approved vendor lists with bids obtained for selected purchases.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 152
A major insurance company provides a discount on automobile insurance if the vehicle meets certain safety criteria. Which of the following audit tests would provide an internal auditor with the best evidence that all qualifying insured automobiles are receiving the discount?
A. Comparethepercentageofautomobilesreceivingdiscountsthisyeartothatoflastyear.
B. Askmanagerswhethertheyareawareofthediscountcriteriaandwhethertheyareprovidingthe discount to all qualifying automobiles.
C. Select a sample of automobiles that are not receiving the discount and determine if they have been properly excluded.
D. Select a sample of automobiles receiving the discount and determine that the required discount criteria are being met.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 153
Which of the following best describes the most important criteria when assigning responsibility for specific tasks required in an audit engagement?
A. Auditorsmustbegivenassignmentsbasedprimarilyupontheiryearsofexperience.
B. Allauditorsassignedanaudittaskmusthavetheknowledgeandskillsnecessarytocompletethetask satisfactorily.
C. Tasks must be assigned to the audit team member who is most qualified to perform them.
D. Allauditteammembersmusthavetheskillsnecessarytosatisfactorilycompleteanytaskthatwillbe required in the audit engagement.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 154
Cross-referencing individual payroll time cards to personnel department records and reports would allow an internal auditor to determine whether:
A. Individualsarebonafideemployees.
B. Personneldepartmentrecordsagreewithpayrollaccountingrecords. C. Individuals were paid at the proper rates.
D. Individuals were paid only for time worked.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 155
Which of the following would most likely contribute to discrepancies between receiving reports and the number of units in a shipment?
A. Failingtocomparethequalityofgoodsreceivedwithspecifications.
B. Usinginadequatevendorselectionprocedures.
C. Accepting improper authorization for purchases.
D. Indicating the quantities ordered on the receiving department's copy of the purchase order.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 156
Which of the following would have the least significance in an audit of the efficiency of a driver's license testing facility?
A. Clericalstaffadministerwrittenteststoallowexaminersmoretimetosupervisedrivingtests. B. Staffarecross-trainedtoprovidebackupforotherareasofthefacilityasrequired.
C. A point-of-sale cashiering system reduces the need to reenter payment data.
D. Examiners are required to be recertified on an annual basis.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 157
A bakery chain has a statistical model that can be used to predict daily sales at individual stores based on a direct relationship to the cost of ingredients used and an inverse relationship to rainy days. What conditions would an internal auditor look for as an indicator of employee theft of food from a specific store?
A. Onarainyday,totalsalesaregreaterthanexpectedwhencomparedtothecostofingredientsused. B. Onasunnyday,totalsalesarelessthanexpectedwhencomparedtothecostofingredientsused. C. Both total sales and cost of ingredients used are greater than expected.
D. Both total sales and cost of ingredients used are less than expected.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 158
An organization's policies allow buyers to authorize expenditures up to $50,000 without any other approval. Which of the following audit procedures would be most effective in determining if fraud in the form of payments to fictitious companies has occurred?
A. Usegeneralizedauditsoftwaretolistallpurchasesover$50,000todeterminewhethertheywere properly approved.
B. Developasnapshottechniquetotracealltransactionsbysuspectedbuyers.
C. Use generalized audit software to take a random sample of all expenditures under $50,000 to determine whether they were properly approved.
D. Use generalized audit software to select a sample of paid invoices to new vendors and examine evidence that shows that services or goods were received.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 159
Production managers for a manufacturing company are authorized to prepare emergency purchase orders for raw materials. These manually prepared orders do not go through the purchasing department and do not require a receiving report. The managers forward the invoice and purchase order to the accounting department for payment. Which of the following internal controls would efficiently prevent abuse of this system?
A. Instituteacompanypolicyrequiringrotationofordersamongseveralsuppliers. B. Requireamanualreceivingreportfromthewarehousepriortopayment.
C. Forbid the use of emergency purchase orders.
D. Review the level of safety stock.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 160
Which of the following is most appropriate when conducting an interview during the course of a fraud investigation?
A. Scheduletheinterviewwellinadvance.
B. Explainthedetailedpurposetotheinterviewee. C. Assume that the interviewee is guilty.
D. Have a witness present during the interview.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 161
Which of the following types of contracts would provide the least incentive for a contractor to achieve economy and efficiency?
A. Lump-sum contract.
B. Cost-pluscontract.
C. Unit-price contract.
D. Indefinitedeliverycontract.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 162
Which of the following best describes the primary concern of the audit manager upon review of engagement working papers of an auditor?
A. Toensureadequatecontroloverthecustodyofworkingpapersisexercisedbytheauditor.
B. Toensurethataspartofthedocumentationtheauditorcollectedoriginaldocumentsthatcan corroborate the audit findings.
C. To ensure that the work papers create background for subsequent reviews.
D. To ensure that the audit programs are followed by the auditor.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 163
Information gathered in a forensic investigation of business fraud is usually gathered with which of the following standards in mind?
A. GenerallyAcceptedAuditingStandards.
B. GenerallyAcceptedAccountingPrinciples.
C. The International Professional Practices Framework. D. Legal evidence.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Okay.
QUESTION 164
The internal auditor's opinion in terms of due professional care should be:
A. Limitedtotheeffectivenessofinternalcontrols.
B. Expressedonlywhenconsensuswithtopmanagementhasbeenachieved. C. Based on experience and free of all bias.
D. Based on sufficient factual evidence.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 165
According to the Standards, which of the following describes the condition attribute when applied to the observations and recommendations contained in the audit report?
A. Thestandards,measures,orexpectationsusedinmakinganevaluationorverification.
B. Thereasonforthedifferencebetweentheexpectedstateandtheactualstate.
C. The factual evidence that the internal auditor found in the course of the examination.
D. The risk or exposure the organization encounters because the actual state is not consistent with the criteria.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 166
When determining the nature, timing, and extent of follow up, the chief audit executive considers all of the following factors except:
A. Significanceofthereportedobservationorrecommendation,degreeofeffort,andcostneededto correct the reported condition.
B. Impactthatmayresultshouldthecorrectiveactionfail.
C. Authorityandresponsibilityofthepersonrequiredtotakecorrectiveaction.
D. Complexity of the corrective action and time period involved.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
actual answer.
QUESTION 167
With which of the following would the internal audit activity discuss findings, conclusions and recommendations prior to issuance of internal audit report?
1. Business unit management.
2. Chief audit executive.
3. Audit committee.
4. Chief executive officer.
A. 1and2only B. 1and3only C. 2and3only D. 1,2,3,and4
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 168
According to the International Professional Practices Framework, which of the following statements is true regarding the use of the statement, "Conducted in Conformance with the International Standards for the Professional Practice of Internal Auditing," when communicating results of a seven-year-old internal audit activity?
A. Thestatementmaybeusedonlywhenconductinginternationalengagements.
B. Thestatementmaybeusedonlyiftheresultsofthequalityassuranceandimprovementprogram support the statement.
C. The statement may be used whether or not the internal audit department has an external quality assessment review or an independent validation of a self assessment.
D. The statement should not be used for a consulting engagement.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 169
During an engagement, an internal auditor discovered that an organization's policy on delegation of authority listed six individuals who were no longer employed with the organization. In addition, four individuals acting with disbursement authority were not identified in the policy as having such authority. Which of the following is the most effective course of action to address the control weakness?
A. Immediatelyinitiateacompleteauditofthedisbursementfunctiontodetermineifsignificantfraudshave
occurred.
B. Recommendthatmanagementreviewtheprocesssupportingthepolicyandmakeimprovements.
C. Advise management to add the four additional names and remove the incorrect names from the policy to make it current.
D. Review further to ensure that the four individuals do not have the appropriate authority through delegation.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
ALL right.
QUESTION 170
In which of the following cases is it appropriate for an audit report to not contain management's response either within the report or as an attachment?
A. Management'sresponsetoanauditreportisgenerallynotarequirement.
B. Internalcontrolswerefoundtobeproperlydesignedandoperatingeffectivelyalthoughoperationsare deemed inefficient.
C. There was insufficient time to obtain management's response during the draft reporting process.
D. An internal audit report contains no observations.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 171
When performing a compliance audit of the organization's outsourced services, which of the following is considered the primary engagement objective?
A. Verifyingthattheorganizationdoesnothavetheappropriateknowledgeandresourcesin-house. B. Ensuringtheproviderhasadequateinternalcontrolsinordertoprotectthequalityoftheirservice. C. Evaluating the efficiency, effectiveness, economy, and sufficiency of the services provided.
D. Assessingtheprovider'sadherencetocontractandregulatoryrequirements.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
good answer.
QUESTION 172
Which of the following actions has the least influence on the chief audit executive's development of an audit plan?
A. Inputfromseniormanagementandtheboard.
B. Anevaluationofthecomplexityofeachauditengagement.
C. Changes in the organizations structure or budget.
D. An assessment of risk and exposures affecting the organization.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 173
Which role is not considered a change agent when an organization wants to implement structural changes?
A. Seniormanagement.
B. Linemanagement.
C. Independent consultant. D. Shareholder.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 174
Because of an abundance of high priority requests from management, an internal audit activity no longer has the resources to meet all of its commitments contained in the annual audit plan. Which of the following would be the best course of action for the chief audit executive to follow?
A. Continuewiththeplanandseekopportunitiestoadjustprioritiesandreallocateresources.
B. Presentareassessmentoftheplantotheboardandseniormanagementforconsideration.
C. Reassess the plan and either cancel or divert resources away from the lowest priority activities.
D. Advise the board immediately and seek their support for additional resources to meet the needs of the plan.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 175
Why should internal auditors develop a strong relationship with the external auditors?
A. Externalauditorsofferanadditionallayerofapprovaltointernalauditors'reports.
B. Externalauditorscanhelpimprovetheeffectivenessofinternalcontrolsamplingtechniques. C. External auditors can offer an independent and knowledgeable viewpoint.
D. External auditors can share information gained from work with similar clients.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 176
An internal auditor is planning an assurance engagement. The auditor first reviews the department's business objectives. What is the next step?
A. Reviewcontrolactivities.
B. Evaluatepotentialrisks.
C. Establish risk management roles.
D. Set the scope of the engagement.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 177
Which characteristic of risk assessment makes it a useful tool for audit planning?
A. Itprovidesalistofauditableactivitiesintheorganization.
B. Itrankstheseverityofpotentiallyadverseeffectsontheorganization.
C. It provides a process for identifying and analyzing potentially adverse effects.
D. It evaluates the probability that an event or action may adversely affect the organization.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 178
An internal audit manager is supervising an engagement. A senior auditor deviates from the approved engagement plan but meets all deadlines in the approved time schedule. Which activity is not required for the audit manager to provide proper engagement supervision?
A. Activelyparticipateinauditprocedures.
B. Ensurethatallengagementobjectivesaremet. C. Approve the deviation from the engagement plan. D. Ensure compliance with the time schedule.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 179
Which of the following statements is correct regarding the assessment of risk in the annual audit planning process?
1. Activities requested by management should be considered higher risk than those requested by the audit committee.
2. Activities with lower budgets can be as high risk as those with higher budgets.
3. The potential financial or adverse exposure should always be considered in the assessment of risk.
A. 1only
B. 2only
C. 3 only
D. 2and3only
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: