Certified Internal Auditor Questions + Answers Part 17
Posted: Tue Mar 01, 2022 5:11 am
QUESTION 125
During a review of performance measures in an organization's purchasing function, the preliminary survey indicates that most of the measures have been in use for some time. The internal auditor should:
A. Reviewthedatathatwasusedtodevelopthemeasures.
B. Performbenchmarkinginordertoverifythatthemeasuresbeingusedaremeaningful. C. Establish the history of the measures and reasons for use.
D. Report that the measures being used are out-of-date and should be improved.
Correct Answer: B Section: Volume B Explanation
Explanation/Reference: QUESTION 126
What is the primary reason for having audit management approve audit engagement reports?
A. Toensurethatclientconcernsareappropriatelyaddressed.
B. Toconfirmproperformat,grammar,andpunctuation.
C. To verify that senior management supports the report's conclusions. D. To validate that report findings are substantiated.
Correct Answer: D Section: Volume B Explanation
Explanation/Reference: QUESTION 127
Which of the following best defines an audit opinion?
A. Asummaryofthesignificantauditobservationsandrecommendations.
B. Anauditor'sevaluationoftheeffectsoftheobservationsandrecommendationsontheactivitiesreviewed. C. A conclusion which must be included in the audit report.
D. A recommendation for corrective action.
Correct Answer: B Section: Volume B Explanation
Explanation/Reference: QUESTION 128
In reviewing the appropriateness of the minimum quantity level of inventory established by a department, an auditor would be least likely to consider:
A. Stockoutcosts,includinglostcustomers.
B. Seasonalvariationsinforecastinginventorydemand.
C. Optimal order sizes determined by an economic order quantity model. D. The potential for obsolescence of inventory items.
Correct Answer: C Section: Volume C Explanation
Explanation/Reference:
QUESTION 129
During an audit, an employee, who does not want to be identified, offers to provide information that would be damaging to the organization and may concern illegal activities. Which of the following actions by the auditor would not be consistent with the IIA Code of Ethics and Standards?
A. Promisingtomaintaintheemployee'sanonymityandlisteningtotheinformation.
B. Suggestingthattheemployeeconsidertalkingtolegalcounsel.
C. Informing the employee that an attempt will be made to keep the source of the information confidential while looking into the matter further. D. Informing the employee of other methods of communicating this type of information.
Correct Answer: A Section: Volume C Explanation
Explanation/Reference: QUESTION 130
Which of the following would have the least impact (either positive or negative) on an assessment of a department's control environment?
A. Thedepartmentmanagedlong-terminvestments,includinginvestmentinderivativesandotherfinancialinstruments,tomaximizereturn.
B. Thedepartmentmanagersetsatoneofhonestyandintegrityinallbusinessdealingsandthistoneisemulatedbydepartmentpersonnel.
C. Many department functions were duplicated or verified by other department employees as part of the department's normal procedures.
D. Audittestsdesignedtoverifycompliancewithcontrolproceduresdetectedageneralfailuretofollowstandardproceduresfortransactionauthorization.
Correct Answer: A Section: Volume C Explanation
Explanation/Reference:
QUESTION 131
A bank uses a risk analysis matrix to quantify the relative risk of auditable entities. The analysis involves rating auditable entities on risk factors using a scale of 1 to 10, with 10 representing the greatest risk. A partial list of risk factors and the ratings given to three of the bank's departments is provided below:
Which of the following statements regarding risk in the department is true?
A. AscomparedtodepartmentsAandC,departmentBhasastrongercontrolsystemtocompensateforthegreatercomplexityofthedepartment'stransactions and dollar value of its assets.
B. TheinternalauditactivityshouldscheduleauditsofdepartmentBmoreoftenthanauditsofdepartmentCbecauseoftherelativecontrolstrengthofdepartment C as compared to department B.
C. The nature of department A's control structure may be justified by the nature of the department's assets and the complexity of its transactions. D. The relative ranking of the departments in order of their risk, from greatest to least risk, is: A; C; B.
Correct Answer: C Section: Volume C Explanation
Explanation/Reference:
QUESTION 132
A chief audit executive (CAE) is evaluating four potential audit engagements based on the following factors: the engagement's ability to reduce risk to the organization, the engagement's ability to save the organization money, and the extent of change in the area since the last engagement. The CAE has scored the engagements for each factor from low to high, assigned points, and calculated an overall ranking. The results are shown below with the points in parentheses:
Risk Reduction Cost Savings Changes
High (3) Medium (2) Low (1)
High (3) Low (1) High (3)
Low (1) High (3) Medium (2)
Medium (2) Medium (2) High (3)
If the organization has asked the CAE to consider the cost savings factor to be twice as important as any other factor, which engagements should the CAE pursue?
A. 1and2only B. 1and3only
C. 2and4only D. 3and4only
Correct Answer: D Section: Volume C Explanation
Explanation/Reference: QUESTION 133
Which of the following is least likely to vary when conducting audit engagements in different regions of an international organization?
A. Applicationofgovernmentalregulationstobusinessactivities.
B. Workschedulesandholidaysoftheindividualregions.
C. Level of workpaper documentation needed to support audit observations. D. Availabilityoftechnologyandtechnicalsupport.
Correct Answer: C Section: Volume C Explanation
Explanation/Reference: QUESTION 134
Which of the following is not likely to be included as an audit step when assessing vendor performance policies?
A. Determinewhetheragreed-uponlotsizesweresentbyvendors.
B. Determinewhetheronlyauthorizeditemswerereceivedfromvendors.
C. Determine whether the balances owed to vendors are correct.
D. Determine whether the quality of the goods purchased from the vendors has been satisfactory.
Correct Answer: C Section: Volume C Explanation
Explanation/Reference:
QUESTION 135
An organization has developed a large database that tracks employees, employee benefits, payroll deductions, job classifications, and other similar information. The internal auditor reviews the retirement benefits plan and determines that the pension and medical benefits have been changed several times in the past ten years. The auditor wishes to determine whether there is justification to perform further audit investigation. The most appropriate audit procedure would be to:
A. Reviewthetrendofoverallretirementexpenseoverthelasttenyears.Iftheretirementexpenseincreased,itwouldindicatetheneedforfurtherinvestigation.
B. Usegeneralizedauditsoftwaretoselectamonetary-unitsampleofretirementpay,anddeterminewhethereachretiredemployeewaspaidcorrectly.
C. Review reasonableness of retirement pay and medical expenses on a per-person basis stratified by which plan was in effect when the employee retired.
D. Use generalized audit software to select an attributes sample of retirement pay, and perform detailed testing to determine whether each person chosen was given the proper benefits.
Correct Answer: C Section: Volume C Explanation
Explanation/Reference: QUESTION 136
Risk assessments can vary in format, but generally include:
1. A description of identified risks. 2. Tests of audit controls.
3. A system of rating risks.
4. Sample size identification.
A. 1and2only
B. 1and3only
C. 1,3,and4only D. 2,3,and4only
Correct Answer: B Section: Volume C Explanation
Explanation/Reference: QUESTION 137
An internal auditor has just undertaken an organization-wide risk assessment. In identifying potential audit engagements, the internal auditor should consider least:
A. Focusingonthehighriskareasassourcesofpotentialengagements. B. Focusinginareasnotauditedlastyear.
C. Factoring in management requests.
D. Focusing on those risks highlighted by the external auditor.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference: QUESTION 138
When planning an audit engagement, what should an internal auditor first consider when assessing the risk of fraud in the area to be audited?
A. Impactofandexposuretofraud. B. Existenceofevidenceoffraud. C. Organizational structure.
D. Management's risk appetite.
Correct Answer: A Section: Volume C Explanation
Explanation/Reference: QUESTION 139
Which of the following actions is related to the preliminary survey process?
A. Determiningifcontrolsareeffective.
B. Preparingtheengagementworkprogram. C. Identifying the current controls.
D. Completing a detailed test of controls.
Correct Answer: C
Section: Volume C Explanation
Explanation/Reference: QUESTION 140
A code of business conduct provides:
A. Afraudavoidanceplanthatdoesnotexplicitlydescribepunishmentsforviolations. B. Apassivemethodoffrauddeterrence.
C. A program to anonymously report irregularities to authorities.
D. Analternativeto"toneatthetop"programs.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference:
QUESTION 141
The chief executive officer has requested that the chief audit executive (CAE) coordinate the establishment of an enterprise risk management (ERM) program for the organization. Which of the following would be the most appropriate action for the CAE?
A. AccepttherequestastheroleofcoordinatingERMisacorefunctionofinternalaudit.
B. DeclinetherequestasthisrolecompromisestheCAE'sobjectivity.
C. Accept the request after consulting with the board and adhering to proper safeguards.
D. Decline the request as internal audit has limited knowledge and experience of risk at the enterprise level to undertake the assignment.
Correct Answer: C Section: Volume C Explanation
Explanation/Reference: QUESTION 142
Which of the following is the most common method management can use to manage risk within its risk appetite?
A. Implementationofcontrols.
B. Useofriskregistersanddashboard.
C. Frequent communication of risk appetite for operating personnel. D. Continuous evaluations and audits.
Correct Answer: A Section: Volume C Explanation
Explanation/Reference: QUESTION 143
Which of the following is an effective way for an internal auditor to improve communications with the client during a contentious audit?
A. Encouragetheclienttoparticipateasapartnerinthedecision-makingprocesstodeterminethechangesthatneedtobemade. B. Clearlyexplaintotheclienttheroleoftheinternalauditactivityinthechangeprocess.
C. Obtain the support of the board of directors for proposed changes before discussing the changes with operating management. D. Speak privately with key client personnel immediately after proposed changes are announced to address their concerns.
Correct Answer: A Section: Volume C Explanation
Explanation/Reference: QUESTION 144
The chief audit executive's responsibility regarding control processes includes:
A. Assistingseniormanagementandtheauditcommitteeinthedevelopmentofanannualassessmentaboutinternalcontrol. B. Overseeingtheestablishmentofinternalcontrolprocesses.
C. Maintaining the organization's governance processes.
D. Ensuring that the internal audit activity assesses all control processes annually.
Correct Answer: A Section: Volume C
Explanation Explanation/Reference:
QUESTION 145
Inadequate risk assessment would have the strongest negative impact in which of the following phases of an audit engagement?
A. Determiningthescope.
B. Reviewinginternalcontrols. C. Testing.
D. Evaluating findings.
Correct Answer: A Section: Volume C Explanation
Explanation/Reference: QUESTION 146
The best method for assessing the relative importance of risk factors is to:
A. Changetheratingofthefactorsfroma1-3scaletoa1-5scale. B. Assignweightstothefactorsbasedonthecomparativeimpact. C. List the risk factors in a priority order.
D. Use data from an independent source.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference: QUESTION 147
Which of the following audit planning activities adds the least value in understanding the current risk exposures facing the corporation? A. Reviewoforganizationalstrategicplansandoperationalplans.
B. Consultationwithseniormanagementandtheauditcommittee. C. Review of the external auditor's risk assessment.
D. Review of corporate performance reporting and benchmarking.
Correct Answer: D Section: Volume C Explanation
Explanation/Reference: QUESTION 148
The internal audit activity's primary responsibility in a review or examination of the organization by an external regulatory body is to:
A. Verifythatregulatoryreviewsoccurwithadequatefrequency.
B. Providefollow-uptodetermineiftheregulator'sfindingsareappropriatelyresolvedbymanagement. C. Prepare documentation for the regulator.
D. Document the responses to the regulator's findings.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference: QUESTION 149
Under what circumstances would internal audit not become involved when intentional misconduct is suspected?
A. Managementisinvolvedinwrongdoing.
B. Managementisrunningaparallelinvestigation.
C. Management does not believe a trusted employee could be guilty. D. Management does not maintain strong internal controls.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference:
QUESTION 150
During a payroll audit of a large organization, an internal auditor noted that the assistant personnel director is responsible for many aspects of the computerized payroll system, including adding new employees in the system; entering direct-deposit information for employees; approving and entering all payroll changes; and providing training for system users. After discussions with the director of personnel, the auditor concluded that the director was not comfortable dealing with information technology issues and felt obliged to support all actions taken by the assistant director. The auditor should:
A. Continuetofollowtheengagementprogrambecausetheengagementscopeandobjectiveshavealreadybeendiscussedwithmanagement. B. Reviewtheengagementprogramtoensuretestingofdirectdepositstoemployeebankaccountsisadequatelycovered.
C. Recommend to the chief audit executive that a fraud investigation be started.
D. Test a sample of payroll changes to ensure that they were approved by the assistant director before being processed.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference: QUESTION 151
The most effective procedure to verify compliance with a requirement that materials be purchased from the lowest-priced source is to compare:
A. Pricespaidforselectedmaterialswithpriceslistedonrelatedpurchaseorders. B. Bidsobtainedforselectedpurchaseswithrelatedpurchaseorders.
C. Vendors' current prices with prices listed on related purchase orders.
D. Approved vendor lists with bids obtained for selected purchases.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference:
QUESTION 152
A major insurance company provides a discount on automobile insurance if the vehicle meets certain safety criteria. Which of the following audit tests would provide an internal auditor with the best evidence that all qualifying insured automobiles are receiving the discount?
A. Comparethepercentageofautomobilesreceivingdiscountsthisyeartothatoflastyear.
B. Askmanagerswhethertheyareawareofthediscountcriteriaandwhethertheyareprovidingthediscounttoallqualifyingautomobiles. C. Select a sample of automobiles that are not receiving the discount and determine if they have been properly excluded.
D. Select a sample of automobiles receiving the discount and determine that the required discount criteria are being met.
Correct Answer: C Section: Volume C Explanation
Explanation/Reference: QUESTION 153
Which of the following best describes the most important criteria when assigning responsibility for specific tasks required in an audit engagement?
A. Auditorsmustbegivenassignmentsbasedprimarilyupontheiryearsofexperience.
B. Allauditorsassignedanaudittaskmusthavetheknowledgeandskillsnecessarytocompletethetasksatisfactorily.
C. Tasks must be assigned to the audit team member who is most qualified to perform them.
D. Allauditteammembersmusthavetheskillsnecessarytosatisfactorilycompleteanytaskthatwillberequiredintheauditengagement.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference:
QUESTION 154
During an engagement, an internal auditor discovered that an organization’s policy on delegation of authority listed six individuals who were no longer employed with the organization. In addition, four individuals acting with disbursement authority were not identified in the policy as having such authority. Which of the following is the most effective course of action to address the control weakness?
A. Immediatelyinitiateacompleteauditofthedisbursementfunctiontodetermineifsignificantfraudshaveoccurred.
B. Recommendthatmanagementreviewtheprocesssupportingthepolicyandmakeimprovements.
C. Advise management to add the four additional names and remove the incorrect names from the policy to make it current. D. Review further to ensure that the four individuals do not have the appropriate authority through delegation.
Correct Answer: B Section: Volume C
Explanation Explanation/Reference:
QUESTION 155
In which of the following cases is it appropriate for an audit report to not contain management's response either within the report or as an attachment?
A. Management’sresponsetoanauditreportisgenerallynotarequirement.
B. Internalcontrolswerefoundtobeproperlydesignedandoperatingeffectivelyalthoughoperationsaredeemedinefficient. C. There was insufficient time to obtain management’s response during the draft reporting process.
D. An internal audit report contains no observations.
Correct Answer: D Section: Volume C Explanation
Explanation/Reference: QUESTION 156
When performing a compliance audit of the organization’s outsourced services, which of the following is considered the primary engagement objective?
A. Verifyingthattheorganizationdoesnothavetheappropriateknowledgeandresourcesin-house. B. Ensuringtheproviderhasadequateinternalcontrolsinordertoprotectthequalityoftheirservice. C. Evaluating the efficiency, effectiveness, economy, and sufficiency of the services provided.
D. Assessingtheprovider'sadherencetocontractandregulatoryrequirements.
Correct Answer: D Section: Volume C Explanation
Explanation/Reference: QUESTION 157
Which of the following actions has the least influence on the chief audit executive's development of an audit plan? A. Inputfromseniormanagementandtheboard.
B. Anevaluationofthecomplexityofeachauditengagement.
C. Changes in the organizations structure or budget.
D. An assessment of risk and exposures affecting the organization.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference: QUESTION 158
Which role is not considered a change agent when an organization wants to implement structural changes?
A. Seniormanagement.
B. Linemanagement.
C. Independent consultant. D. Shareholder.
Correct Answer: D Section: Volume C Explanation
Explanation/Reference:
QUESTION 159
Because of an abundance of high priority requests from management, an internal audit activity no longer has the resources to meet all of its commitments contained in the annual audit plan. Which of the following would be the best course of action for the chief audit executive to follow?
A. Continuewiththeplanandseekopportunitiestoadjustprioritiesandreallocateresources.
B. Presentareassessmentoftheplantotheboardandseniormanagementforconsideration.
C. Reassess the plan and either cancel or divert resources away from the lowest priority activities.
D. Advise the board immediately and seek their support for additional resources to meet the needs of the plan.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference: QUESTION 160
Why should internal auditors develop a strong relationship with the external auditors?
A. Externalauditorsofferanadditionallayerofapprovaltointernalauditors'reports.
B. Externalauditorscanhelpimprovetheeffectivenessofinternalcontrolsamplingtechniques. C. External auditors can offer an independent and knowledgeable viewpoint.
D. External auditors can share information gained from work with similar clients.
Correct Answer: C Section: Volume C Explanation
Explanation/Reference: QUESTION 161
An internal auditor is planning an assurance engagement. The auditor first reviews the department's business objectives. What is the next step?
A. Reviewcontrolactivities.
B. Evaluatepotentialrisks.
C. Establish risk management roles. D. Set the scope of the engagement.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference: QUESTION 162
Which characteristic of risk assessment makes it a useful tool for audit planning?
A. Itprovidesalistofauditableactivitiesintheorganization.
B. Itrankstheseverityofpotentiallyadverseeffectsontheorganization.
C. It provides a process for identifying and analyzing potentially adverse effects.
D. It evaluates the probability that an event or action may adversely affect the organization.
Correct Answer: C Section: Volume C Explanation
Explanation/Reference:
QUESTION 163
An internal audit manager is supervising an engagement. A senior auditor deviates from the approved engagement plan but meets all deadlines in the approved time schedule. Which activity is not required for the audit manager to provide proper engagement supervision?
A. Activelyparticipateinauditprocedures.
B. Ensurethatallengagementobjectivesaremet. C. Approve the deviation from the engagement plan. D. Ensure compliance with the time schedule.
Correct Answer: A Section: Volume C Explanation
Explanation/Reference: QUESTION 164
Which of the following statements is correct regarding the assessment of risk in the annual audit planning process?
1. Activities requested by management should be considered higher risk than those requested by the audit committee. 2. Activities with lower budgets can be as high risk as those with higher budgets.
3. The potential financial or adverse exposure should always be considered in the assessment of risk.
A. 1only
B. 2only
C. 3 only
D. 2and3only
Correct Answer: D Section: Volume C Explanation
Explanation/Reference:
QUESTION 165
Management has asked the internal audit activity to perform an operational audit of a division that recently reported an increase in expenditures in addition to a decrease in profits. However, existing internal audit resources are currently engaged in a legal compliance audit. Which factor would be considered least important in deciding whether resources should be removed from the legal compliance audit to the operational audit?
A. Theincreaseinexpendituresatthedivisionoverthepastyear.
B. Theprobabilitythatthelegalcomplianceauditwilldetectfraud.
C. The results of the external auditor's most recent financial audit.
D. The potential for regulatory fines associated with the legal compliance audit.
Correct Answer: C Section: Volume C Explanation
Explanation/Reference:
QUESTION 166
Given the scarcity of internal audit resources, a chief audit executive (CAE) decides not to schedule a follow-up of audit recommendations when developing engagement work schedules. Why does the CAE’s decision violate the Standards?
A. ItisnottheCAE'sresponsibilitytoestablishaprocessforafollow-up.
B. Lackofresourcesisnotasufficientreasontoforgoafollow-up.
C. Follow-up actions should take priority over new engagements in scheduling.
D. When resources are scarce, the follow-up can be incorporated into the next engagement.
Correct Answer: B Section: Volume C
Explanation Explanation/Reference:
QUESTION 167
As part of a preliminary survey of the purchasing function, an internal auditor reads the department's policies and procedures manual and concludes that the manual describes the processing steps clearly and contains an appropriate internal control design. The next engagement objective is to evaluate the operating effectiveness of internal controls. Which procedure would fulfill this objective most effectively?
A. Performadesigntest.
B. Performacompliancetest. C. Perform a systems test.
D. Perform an efficiency test.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference:
QUESTION 168
An organization has recently incurred significant cost overruns on one of its construction projects. Management suspects that these overruns were caused by the contractor improperly charging for costs related to contract change orders. Which of the following procedures are appropriate for testing this suspicion?
1. Determine if the contractor has received proper approval of change orders from management.
2. Determine if the contractor has billed for original contract work cancelled by the change orders.
3. Determine if the contractor has charged change orders with costs already billed to the original contract. 4. Determine if the contractor has been paid for change orders that have not yet been completed.
A. 1and2only B. 1and3only C. 2and3only D. 3and4only
Correct Answer: C Section: Volume C Explanation
Explanation/Reference:
QUESTION 169
A consumer electronics company is considering acquiring a small flash memory manufacturer. An internal auditor has been assigned to determine if the manufacturer's accounts payable contain all outstanding liabilities. Which audit procedure is not relevant for this objective?
A. Verifytheperiodofliabilityofsubsequentcashdisbursementsusingrelatedsupportingdocumentation.
B. Sendconfirmations,includingzero-balanceaccounts,tovendorswithwhomthemanufacturernormallydoesbusiness. C. Trace receiving reports issued before the period end to the accounts payable list and vendor invoices.
D. Verify a sample of accounts payable by using related invoices, receiving reports, and purchase orders.
Correct Answer: D Section: Volume C Explanation
Explanation/Reference:
QUESTION 170
An internal auditor notices that a division has recorded uncharacteristically high sales and gross margins for the past three months and now suspects the division is reporting fictitious sales. Which course of action should the auditor follow to determine whether fraud has occurred?
A. Traceasampleofshippingdocumentstorelatedsalesinvoicestoverifyproperbilling.
B. Sendaccountsreceivablebalanceconfirmationstocustomers.
C. Compare the division's sales and gross margins to those of the prior three-month period.
D. Estimate the sales and cost of goods sold for the three-month period by using regression analysis.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference:
QUESTION 171
An audit of an organization's fulfillment department discovered that problems in the order processing system led to a significant number of orders being fulfilled multiple times. During the exit conference, the head of the department informed the auditors that the processing system would be enhanced within six months to correct the problems. Which course of action should the chief audit executive follow?
A. Adjustthescopeofthenextscheduledaudittodeterminethattheproblemshavebeenresolved. B. Monitorthestatusofcorrectiveactionandscheduleafollow-upengagementwhenappropriate. C. Meet with the audit committee to determine the appropriate follow-up action.
D. Assess the status of corrective action in a follow-up engagement in six months.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference: QUESTION 172
When interviewing an individual in relation to a fraud investigation, which course of action should the internal auditor follow?
A. Assuretheindividualthattheresultsoftheinterviewwillremainconfidential. B. Establisharapportwiththesubjecttoencourageopenness.
C. Discontinue questioning once the individual has confessed to the fraud.
D. Refrain from deviating from the list of questions prepared before the interview.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference: QUESTION 173
While performing a follow-up of a concern about equipment-inventory tracking, which course of action is not necessary for the auditor to take?
A. Ensurethatthestepsbeingtakenresolvetheconditiondisclosedbytheinitialfinding.
B. Ensurethatcontrolshavebeenimplementedtopreventtheissuefromoccurringagain. C. Ensure that the entity has begun to experience benefits as a result of resolving the issue. D. Ensure that the inherent risk has been eliminated as a result of resolving the issue.
Correct Answer: D Section: Volume C Explanation
Explanation/Reference:
QUESTION 174
Because of a new marketing initiative, an organization has reduced requirements for extending credit to new customers. As a result, outstanding accounts receivable as a percentage of revenue has increased significantly during the past two years. Which of the following would be least useful in monitoring this finding?
A. Updatesfromthemanagerofaccountsreceivableregardingcollectionofoutstandingreceivables.
B. Updatesfromtheinformationtechnologydivisionregardingdevelopmentofanewaccountsreceivablesystem. C. Updates from the controller regarding the status of corrective actions.
D. Updates from the credit and marketing personnel tasked with reevaluating credit policies.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference: QUESTION 175
Which of the following tasks would be considered unusual for planning a control self-assessment workshop?
A. Conductinginterviewstoidentifyrelevantissuesforthediscussion.
B. Identifyingkeystakeholdersandensuringtheyarerepresentedinthegroup. C. Securing an external subject matter expert to arbitrate disputes.
D. Ensuring that managers are willing to accept constructive criticism.
Correct Answer: C Section: Volume C Explanation
Explanation/Reference: QUESTION 176
An internal auditor has been assigned to perform a quality audit on a manufacturing plant. Which course of action should the
During a review of performance measures in an organization's purchasing function, the preliminary survey indicates that most of the measures have been in use for some time. The internal auditor should:
A. Reviewthedatathatwasusedtodevelopthemeasures.
B. Performbenchmarkinginordertoverifythatthemeasuresbeingusedaremeaningful. C. Establish the history of the measures and reasons for use.
D. Report that the measures being used are out-of-date and should be improved.
Correct Answer: B Section: Volume B Explanation
Explanation/Reference: QUESTION 126
What is the primary reason for having audit management approve audit engagement reports?
A. Toensurethatclientconcernsareappropriatelyaddressed.
B. Toconfirmproperformat,grammar,andpunctuation.
C. To verify that senior management supports the report's conclusions. D. To validate that report findings are substantiated.
Correct Answer: D Section: Volume B Explanation
Explanation/Reference: QUESTION 127
Which of the following best defines an audit opinion?
A. Asummaryofthesignificantauditobservationsandrecommendations.
B. Anauditor'sevaluationoftheeffectsoftheobservationsandrecommendationsontheactivitiesreviewed. C. A conclusion which must be included in the audit report.
D. A recommendation for corrective action.
Correct Answer: B Section: Volume B Explanation
Explanation/Reference: QUESTION 128
In reviewing the appropriateness of the minimum quantity level of inventory established by a department, an auditor would be least likely to consider:
A. Stockoutcosts,includinglostcustomers.
B. Seasonalvariationsinforecastinginventorydemand.
C. Optimal order sizes determined by an economic order quantity model. D. The potential for obsolescence of inventory items.
Correct Answer: C Section: Volume C Explanation
Explanation/Reference:
QUESTION 129
During an audit, an employee, who does not want to be identified, offers to provide information that would be damaging to the organization and may concern illegal activities. Which of the following actions by the auditor would not be consistent with the IIA Code of Ethics and Standards?
A. Promisingtomaintaintheemployee'sanonymityandlisteningtotheinformation.
B. Suggestingthattheemployeeconsidertalkingtolegalcounsel.
C. Informing the employee that an attempt will be made to keep the source of the information confidential while looking into the matter further. D. Informing the employee of other methods of communicating this type of information.
Correct Answer: A Section: Volume C Explanation
Explanation/Reference: QUESTION 130
Which of the following would have the least impact (either positive or negative) on an assessment of a department's control environment?
A. Thedepartmentmanagedlong-terminvestments,includinginvestmentinderivativesandotherfinancialinstruments,tomaximizereturn.
B. Thedepartmentmanagersetsatoneofhonestyandintegrityinallbusinessdealingsandthistoneisemulatedbydepartmentpersonnel.
C. Many department functions were duplicated or verified by other department employees as part of the department's normal procedures.
D. Audittestsdesignedtoverifycompliancewithcontrolproceduresdetectedageneralfailuretofollowstandardproceduresfortransactionauthorization.
Correct Answer: A Section: Volume C Explanation
Explanation/Reference:
QUESTION 131
A bank uses a risk analysis matrix to quantify the relative risk of auditable entities. The analysis involves rating auditable entities on risk factors using a scale of 1 to 10, with 10 representing the greatest risk. A partial list of risk factors and the ratings given to three of the bank's departments is provided below:
Which of the following statements regarding risk in the department is true?
A. AscomparedtodepartmentsAandC,departmentBhasastrongercontrolsystemtocompensateforthegreatercomplexityofthedepartment'stransactions and dollar value of its assets.
B. TheinternalauditactivityshouldscheduleauditsofdepartmentBmoreoftenthanauditsofdepartmentCbecauseoftherelativecontrolstrengthofdepartment C as compared to department B.
C. The nature of department A's control structure may be justified by the nature of the department's assets and the complexity of its transactions. D. The relative ranking of the departments in order of their risk, from greatest to least risk, is: A; C; B.
Correct Answer: C Section: Volume C Explanation
Explanation/Reference:
QUESTION 132
A chief audit executive (CAE) is evaluating four potential audit engagements based on the following factors: the engagement's ability to reduce risk to the organization, the engagement's ability to save the organization money, and the extent of change in the area since the last engagement. The CAE has scored the engagements for each factor from low to high, assigned points, and calculated an overall ranking. The results are shown below with the points in parentheses:
Risk Reduction Cost Savings Changes
High (3) Medium (2) Low (1)
High (3) Low (1) High (3)
Low (1) High (3) Medium (2)
Medium (2) Medium (2) High (3)
If the organization has asked the CAE to consider the cost savings factor to be twice as important as any other factor, which engagements should the CAE pursue?
A. 1and2only B. 1and3only
C. 2and4only D. 3and4only
Correct Answer: D Section: Volume C Explanation
Explanation/Reference: QUESTION 133
Which of the following is least likely to vary when conducting audit engagements in different regions of an international organization?
A. Applicationofgovernmentalregulationstobusinessactivities.
B. Workschedulesandholidaysoftheindividualregions.
C. Level of workpaper documentation needed to support audit observations. D. Availabilityoftechnologyandtechnicalsupport.
Correct Answer: C Section: Volume C Explanation
Explanation/Reference: QUESTION 134
Which of the following is not likely to be included as an audit step when assessing vendor performance policies?
A. Determinewhetheragreed-uponlotsizesweresentbyvendors.
B. Determinewhetheronlyauthorizeditemswerereceivedfromvendors.
C. Determine whether the balances owed to vendors are correct.
D. Determine whether the quality of the goods purchased from the vendors has been satisfactory.
Correct Answer: C Section: Volume C Explanation
Explanation/Reference:
QUESTION 135
An organization has developed a large database that tracks employees, employee benefits, payroll deductions, job classifications, and other similar information. The internal auditor reviews the retirement benefits plan and determines that the pension and medical benefits have been changed several times in the past ten years. The auditor wishes to determine whether there is justification to perform further audit investigation. The most appropriate audit procedure would be to:
A. Reviewthetrendofoverallretirementexpenseoverthelasttenyears.Iftheretirementexpenseincreased,itwouldindicatetheneedforfurtherinvestigation.
B. Usegeneralizedauditsoftwaretoselectamonetary-unitsampleofretirementpay,anddeterminewhethereachretiredemployeewaspaidcorrectly.
C. Review reasonableness of retirement pay and medical expenses on a per-person basis stratified by which plan was in effect when the employee retired.
D. Use generalized audit software to select an attributes sample of retirement pay, and perform detailed testing to determine whether each person chosen was given the proper benefits.
Correct Answer: C Section: Volume C Explanation
Explanation/Reference: QUESTION 136
Risk assessments can vary in format, but generally include:
1. A description of identified risks. 2. Tests of audit controls.
3. A system of rating risks.
4. Sample size identification.
A. 1and2only
B. 1and3only
C. 1,3,and4only D. 2,3,and4only
Correct Answer: B Section: Volume C Explanation
Explanation/Reference: QUESTION 137
An internal auditor has just undertaken an organization-wide risk assessment. In identifying potential audit engagements, the internal auditor should consider least:
A. Focusingonthehighriskareasassourcesofpotentialengagements. B. Focusinginareasnotauditedlastyear.
C. Factoring in management requests.
D. Focusing on those risks highlighted by the external auditor.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference: QUESTION 138
When planning an audit engagement, what should an internal auditor first consider when assessing the risk of fraud in the area to be audited?
A. Impactofandexposuretofraud. B. Existenceofevidenceoffraud. C. Organizational structure.
D. Management's risk appetite.
Correct Answer: A Section: Volume C Explanation
Explanation/Reference: QUESTION 139
Which of the following actions is related to the preliminary survey process?
A. Determiningifcontrolsareeffective.
B. Preparingtheengagementworkprogram. C. Identifying the current controls.
D. Completing a detailed test of controls.
Correct Answer: C
Section: Volume C Explanation
Explanation/Reference: QUESTION 140
A code of business conduct provides:
A. Afraudavoidanceplanthatdoesnotexplicitlydescribepunishmentsforviolations. B. Apassivemethodoffrauddeterrence.
C. A program to anonymously report irregularities to authorities.
D. Analternativeto"toneatthetop"programs.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference:
QUESTION 141
The chief executive officer has requested that the chief audit executive (CAE) coordinate the establishment of an enterprise risk management (ERM) program for the organization. Which of the following would be the most appropriate action for the CAE?
A. AccepttherequestastheroleofcoordinatingERMisacorefunctionofinternalaudit.
B. DeclinetherequestasthisrolecompromisestheCAE'sobjectivity.
C. Accept the request after consulting with the board and adhering to proper safeguards.
D. Decline the request as internal audit has limited knowledge and experience of risk at the enterprise level to undertake the assignment.
Correct Answer: C Section: Volume C Explanation
Explanation/Reference: QUESTION 142
Which of the following is the most common method management can use to manage risk within its risk appetite?
A. Implementationofcontrols.
B. Useofriskregistersanddashboard.
C. Frequent communication of risk appetite for operating personnel. D. Continuous evaluations and audits.
Correct Answer: A Section: Volume C Explanation
Explanation/Reference: QUESTION 143
Which of the following is an effective way for an internal auditor to improve communications with the client during a contentious audit?
A. Encouragetheclienttoparticipateasapartnerinthedecision-makingprocesstodeterminethechangesthatneedtobemade. B. Clearlyexplaintotheclienttheroleoftheinternalauditactivityinthechangeprocess.
C. Obtain the support of the board of directors for proposed changes before discussing the changes with operating management. D. Speak privately with key client personnel immediately after proposed changes are announced to address their concerns.
Correct Answer: A Section: Volume C Explanation
Explanation/Reference: QUESTION 144
The chief audit executive's responsibility regarding control processes includes:
A. Assistingseniormanagementandtheauditcommitteeinthedevelopmentofanannualassessmentaboutinternalcontrol. B. Overseeingtheestablishmentofinternalcontrolprocesses.
C. Maintaining the organization's governance processes.
D. Ensuring that the internal audit activity assesses all control processes annually.
Correct Answer: A Section: Volume C
Explanation Explanation/Reference:
QUESTION 145
Inadequate risk assessment would have the strongest negative impact in which of the following phases of an audit engagement?
A. Determiningthescope.
B. Reviewinginternalcontrols. C. Testing.
D. Evaluating findings.
Correct Answer: A Section: Volume C Explanation
Explanation/Reference: QUESTION 146
The best method for assessing the relative importance of risk factors is to:
A. Changetheratingofthefactorsfroma1-3scaletoa1-5scale. B. Assignweightstothefactorsbasedonthecomparativeimpact. C. List the risk factors in a priority order.
D. Use data from an independent source.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference: QUESTION 147
Which of the following audit planning activities adds the least value in understanding the current risk exposures facing the corporation? A. Reviewoforganizationalstrategicplansandoperationalplans.
B. Consultationwithseniormanagementandtheauditcommittee. C. Review of the external auditor's risk assessment.
D. Review of corporate performance reporting and benchmarking.
Correct Answer: D Section: Volume C Explanation
Explanation/Reference: QUESTION 148
The internal audit activity's primary responsibility in a review or examination of the organization by an external regulatory body is to:
A. Verifythatregulatoryreviewsoccurwithadequatefrequency.
B. Providefollow-uptodetermineiftheregulator'sfindingsareappropriatelyresolvedbymanagement. C. Prepare documentation for the regulator.
D. Document the responses to the regulator's findings.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference: QUESTION 149
Under what circumstances would internal audit not become involved when intentional misconduct is suspected?
A. Managementisinvolvedinwrongdoing.
B. Managementisrunningaparallelinvestigation.
C. Management does not believe a trusted employee could be guilty. D. Management does not maintain strong internal controls.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference:
QUESTION 150
During a payroll audit of a large organization, an internal auditor noted that the assistant personnel director is responsible for many aspects of the computerized payroll system, including adding new employees in the system; entering direct-deposit information for employees; approving and entering all payroll changes; and providing training for system users. After discussions with the director of personnel, the auditor concluded that the director was not comfortable dealing with information technology issues and felt obliged to support all actions taken by the assistant director. The auditor should:
A. Continuetofollowtheengagementprogrambecausetheengagementscopeandobjectiveshavealreadybeendiscussedwithmanagement. B. Reviewtheengagementprogramtoensuretestingofdirectdepositstoemployeebankaccountsisadequatelycovered.
C. Recommend to the chief audit executive that a fraud investigation be started.
D. Test a sample of payroll changes to ensure that they were approved by the assistant director before being processed.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference: QUESTION 151
The most effective procedure to verify compliance with a requirement that materials be purchased from the lowest-priced source is to compare:
A. Pricespaidforselectedmaterialswithpriceslistedonrelatedpurchaseorders. B. Bidsobtainedforselectedpurchaseswithrelatedpurchaseorders.
C. Vendors' current prices with prices listed on related purchase orders.
D. Approved vendor lists with bids obtained for selected purchases.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference:
QUESTION 152
A major insurance company provides a discount on automobile insurance if the vehicle meets certain safety criteria. Which of the following audit tests would provide an internal auditor with the best evidence that all qualifying insured automobiles are receiving the discount?
A. Comparethepercentageofautomobilesreceivingdiscountsthisyeartothatoflastyear.
B. Askmanagerswhethertheyareawareofthediscountcriteriaandwhethertheyareprovidingthediscounttoallqualifyingautomobiles. C. Select a sample of automobiles that are not receiving the discount and determine if they have been properly excluded.
D. Select a sample of automobiles receiving the discount and determine that the required discount criteria are being met.
Correct Answer: C Section: Volume C Explanation
Explanation/Reference: QUESTION 153
Which of the following best describes the most important criteria when assigning responsibility for specific tasks required in an audit engagement?
A. Auditorsmustbegivenassignmentsbasedprimarilyupontheiryearsofexperience.
B. Allauditorsassignedanaudittaskmusthavetheknowledgeandskillsnecessarytocompletethetasksatisfactorily.
C. Tasks must be assigned to the audit team member who is most qualified to perform them.
D. Allauditteammembersmusthavetheskillsnecessarytosatisfactorilycompleteanytaskthatwillberequiredintheauditengagement.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference:
QUESTION 154
During an engagement, an internal auditor discovered that an organization’s policy on delegation of authority listed six individuals who were no longer employed with the organization. In addition, four individuals acting with disbursement authority were not identified in the policy as having such authority. Which of the following is the most effective course of action to address the control weakness?
A. Immediatelyinitiateacompleteauditofthedisbursementfunctiontodetermineifsignificantfraudshaveoccurred.
B. Recommendthatmanagementreviewtheprocesssupportingthepolicyandmakeimprovements.
C. Advise management to add the four additional names and remove the incorrect names from the policy to make it current. D. Review further to ensure that the four individuals do not have the appropriate authority through delegation.
Correct Answer: B Section: Volume C
Explanation Explanation/Reference:
QUESTION 155
In which of the following cases is it appropriate for an audit report to not contain management's response either within the report or as an attachment?
A. Management’sresponsetoanauditreportisgenerallynotarequirement.
B. Internalcontrolswerefoundtobeproperlydesignedandoperatingeffectivelyalthoughoperationsaredeemedinefficient. C. There was insufficient time to obtain management’s response during the draft reporting process.
D. An internal audit report contains no observations.
Correct Answer: D Section: Volume C Explanation
Explanation/Reference: QUESTION 156
When performing a compliance audit of the organization’s outsourced services, which of the following is considered the primary engagement objective?
A. Verifyingthattheorganizationdoesnothavetheappropriateknowledgeandresourcesin-house. B. Ensuringtheproviderhasadequateinternalcontrolsinordertoprotectthequalityoftheirservice. C. Evaluating the efficiency, effectiveness, economy, and sufficiency of the services provided.
D. Assessingtheprovider'sadherencetocontractandregulatoryrequirements.
Correct Answer: D Section: Volume C Explanation
Explanation/Reference: QUESTION 157
Which of the following actions has the least influence on the chief audit executive's development of an audit plan? A. Inputfromseniormanagementandtheboard.
B. Anevaluationofthecomplexityofeachauditengagement.
C. Changes in the organizations structure or budget.
D. An assessment of risk and exposures affecting the organization.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference: QUESTION 158
Which role is not considered a change agent when an organization wants to implement structural changes?
A. Seniormanagement.
B. Linemanagement.
C. Independent consultant. D. Shareholder.
Correct Answer: D Section: Volume C Explanation
Explanation/Reference:
QUESTION 159
Because of an abundance of high priority requests from management, an internal audit activity no longer has the resources to meet all of its commitments contained in the annual audit plan. Which of the following would be the best course of action for the chief audit executive to follow?
A. Continuewiththeplanandseekopportunitiestoadjustprioritiesandreallocateresources.
B. Presentareassessmentoftheplantotheboardandseniormanagementforconsideration.
C. Reassess the plan and either cancel or divert resources away from the lowest priority activities.
D. Advise the board immediately and seek their support for additional resources to meet the needs of the plan.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference: QUESTION 160
Why should internal auditors develop a strong relationship with the external auditors?
A. Externalauditorsofferanadditionallayerofapprovaltointernalauditors'reports.
B. Externalauditorscanhelpimprovetheeffectivenessofinternalcontrolsamplingtechniques. C. External auditors can offer an independent and knowledgeable viewpoint.
D. External auditors can share information gained from work with similar clients.
Correct Answer: C Section: Volume C Explanation
Explanation/Reference: QUESTION 161
An internal auditor is planning an assurance engagement. The auditor first reviews the department's business objectives. What is the next step?
A. Reviewcontrolactivities.
B. Evaluatepotentialrisks.
C. Establish risk management roles. D. Set the scope of the engagement.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference: QUESTION 162
Which characteristic of risk assessment makes it a useful tool for audit planning?
A. Itprovidesalistofauditableactivitiesintheorganization.
B. Itrankstheseverityofpotentiallyadverseeffectsontheorganization.
C. It provides a process for identifying and analyzing potentially adverse effects.
D. It evaluates the probability that an event or action may adversely affect the organization.
Correct Answer: C Section: Volume C Explanation
Explanation/Reference:
QUESTION 163
An internal audit manager is supervising an engagement. A senior auditor deviates from the approved engagement plan but meets all deadlines in the approved time schedule. Which activity is not required for the audit manager to provide proper engagement supervision?
A. Activelyparticipateinauditprocedures.
B. Ensurethatallengagementobjectivesaremet. C. Approve the deviation from the engagement plan. D. Ensure compliance with the time schedule.
Correct Answer: A Section: Volume C Explanation
Explanation/Reference: QUESTION 164
Which of the following statements is correct regarding the assessment of risk in the annual audit planning process?
1. Activities requested by management should be considered higher risk than those requested by the audit committee. 2. Activities with lower budgets can be as high risk as those with higher budgets.
3. The potential financial or adverse exposure should always be considered in the assessment of risk.
A. 1only
B. 2only
C. 3 only
D. 2and3only
Correct Answer: D Section: Volume C Explanation
Explanation/Reference:
QUESTION 165
Management has asked the internal audit activity to perform an operational audit of a division that recently reported an increase in expenditures in addition to a decrease in profits. However, existing internal audit resources are currently engaged in a legal compliance audit. Which factor would be considered least important in deciding whether resources should be removed from the legal compliance audit to the operational audit?
A. Theincreaseinexpendituresatthedivisionoverthepastyear.
B. Theprobabilitythatthelegalcomplianceauditwilldetectfraud.
C. The results of the external auditor's most recent financial audit.
D. The potential for regulatory fines associated with the legal compliance audit.
Correct Answer: C Section: Volume C Explanation
Explanation/Reference:
QUESTION 166
Given the scarcity of internal audit resources, a chief audit executive (CAE) decides not to schedule a follow-up of audit recommendations when developing engagement work schedules. Why does the CAE’s decision violate the Standards?
A. ItisnottheCAE'sresponsibilitytoestablishaprocessforafollow-up.
B. Lackofresourcesisnotasufficientreasontoforgoafollow-up.
C. Follow-up actions should take priority over new engagements in scheduling.
D. When resources are scarce, the follow-up can be incorporated into the next engagement.
Correct Answer: B Section: Volume C
Explanation Explanation/Reference:
QUESTION 167
As part of a preliminary survey of the purchasing function, an internal auditor reads the department's policies and procedures manual and concludes that the manual describes the processing steps clearly and contains an appropriate internal control design. The next engagement objective is to evaluate the operating effectiveness of internal controls. Which procedure would fulfill this objective most effectively?
A. Performadesigntest.
B. Performacompliancetest. C. Perform a systems test.
D. Perform an efficiency test.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference:
QUESTION 168
An organization has recently incurred significant cost overruns on one of its construction projects. Management suspects that these overruns were caused by the contractor improperly charging for costs related to contract change orders. Which of the following procedures are appropriate for testing this suspicion?
1. Determine if the contractor has received proper approval of change orders from management.
2. Determine if the contractor has billed for original contract work cancelled by the change orders.
3. Determine if the contractor has charged change orders with costs already billed to the original contract. 4. Determine if the contractor has been paid for change orders that have not yet been completed.
A. 1and2only B. 1and3only C. 2and3only D. 3and4only
Correct Answer: C Section: Volume C Explanation
Explanation/Reference:
QUESTION 169
A consumer electronics company is considering acquiring a small flash memory manufacturer. An internal auditor has been assigned to determine if the manufacturer's accounts payable contain all outstanding liabilities. Which audit procedure is not relevant for this objective?
A. Verifytheperiodofliabilityofsubsequentcashdisbursementsusingrelatedsupportingdocumentation.
B. Sendconfirmations,includingzero-balanceaccounts,tovendorswithwhomthemanufacturernormallydoesbusiness. C. Trace receiving reports issued before the period end to the accounts payable list and vendor invoices.
D. Verify a sample of accounts payable by using related invoices, receiving reports, and purchase orders.
Correct Answer: D Section: Volume C Explanation
Explanation/Reference:
QUESTION 170
An internal auditor notices that a division has recorded uncharacteristically high sales and gross margins for the past three months and now suspects the division is reporting fictitious sales. Which course of action should the auditor follow to determine whether fraud has occurred?
A. Traceasampleofshippingdocumentstorelatedsalesinvoicestoverifyproperbilling.
B. Sendaccountsreceivablebalanceconfirmationstocustomers.
C. Compare the division's sales and gross margins to those of the prior three-month period.
D. Estimate the sales and cost of goods sold for the three-month period by using regression analysis.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference:
QUESTION 171
An audit of an organization's fulfillment department discovered that problems in the order processing system led to a significant number of orders being fulfilled multiple times. During the exit conference, the head of the department informed the auditors that the processing system would be enhanced within six months to correct the problems. Which course of action should the chief audit executive follow?
A. Adjustthescopeofthenextscheduledaudittodeterminethattheproblemshavebeenresolved. B. Monitorthestatusofcorrectiveactionandscheduleafollow-upengagementwhenappropriate. C. Meet with the audit committee to determine the appropriate follow-up action.
D. Assess the status of corrective action in a follow-up engagement in six months.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference: QUESTION 172
When interviewing an individual in relation to a fraud investigation, which course of action should the internal auditor follow?
A. Assuretheindividualthattheresultsoftheinterviewwillremainconfidential. B. Establisharapportwiththesubjecttoencourageopenness.
C. Discontinue questioning once the individual has confessed to the fraud.
D. Refrain from deviating from the list of questions prepared before the interview.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference: QUESTION 173
While performing a follow-up of a concern about equipment-inventory tracking, which course of action is not necessary for the auditor to take?
A. Ensurethatthestepsbeingtakenresolvetheconditiondisclosedbytheinitialfinding.
B. Ensurethatcontrolshavebeenimplementedtopreventtheissuefromoccurringagain. C. Ensure that the entity has begun to experience benefits as a result of resolving the issue. D. Ensure that the inherent risk has been eliminated as a result of resolving the issue.
Correct Answer: D Section: Volume C Explanation
Explanation/Reference:
QUESTION 174
Because of a new marketing initiative, an organization has reduced requirements for extending credit to new customers. As a result, outstanding accounts receivable as a percentage of revenue has increased significantly during the past two years. Which of the following would be least useful in monitoring this finding?
A. Updatesfromthemanagerofaccountsreceivableregardingcollectionofoutstandingreceivables.
B. Updatesfromtheinformationtechnologydivisionregardingdevelopmentofanewaccountsreceivablesystem. C. Updates from the controller regarding the status of corrective actions.
D. Updates from the credit and marketing personnel tasked with reevaluating credit policies.
Correct Answer: B Section: Volume C Explanation
Explanation/Reference: QUESTION 175
Which of the following tasks would be considered unusual for planning a control self-assessment workshop?
A. Conductinginterviewstoidentifyrelevantissuesforthediscussion.
B. Identifyingkeystakeholdersandensuringtheyarerepresentedinthegroup. C. Securing an external subject matter expert to arbitrate disputes.
D. Ensuring that managers are willing to accept constructive criticism.
Correct Answer: C Section: Volume C Explanation
Explanation/Reference: QUESTION 176
An internal auditor has been assigned to perform a quality audit on a manufacturing plant. Which course of action should the