IIA-CIA-PART2 Online Practice Questions and Answers

When assessing the risk associated with an activity, an internal auditor should:

A. Determine how the risk should best be managed.

B. Provide assurance on the management of the risk.

C. Modify the risk management process based on risk exposures.

D. Design controls to mitigate the identified risks.

Which of the following trends found on financial reports would most likely indicate a possible problem?

A. A material decrease in the receivables turnover.

B. A material increase in inventory turnover.

C. A material increase in daily sales compared to total outstanding receivables.

D. A material increase in the acid-test ratio.

Which of the following is an advantage of an interim report?

I. An interim report provides timely feedback to the audit engagement client.

II. An interim report provides a mechanism for communicating information on red flags promptly while they are being investigated.

III. An interim report provides an opportunity for auditor follow-up of findings before the engagement is completed.

IV.

An interim report increases the probability that corrective action will be initiated more quickly.

A.

I and IV only

B.

II and III only

C.

I, III, and IV only

D.

I, II, III, and IV

An organization's policies allow buyers to authorize expenditures up to $50,000 without any other approval. Which of the following audit procedures would be most effective in determining if fraud in the form of payments to fictitious companies has occurred?

A. Use generalized audit software to list all purchases over $50,000 to determine whether they were properly approved.

B. Develop a snapshot technique to trace all transactions by suspected buyers.

C. Use generalized audit software to take a random sample of all expenditures under $50,000 to determine whether they were properly approved.

D. Use generalized audit software to select a sample of paid invoices to new vendors and examine evidence that shows that services or goods were received.

Which of the following is true regarding roles and responsibilities in risk management processes?

A. Setting strategic direction resides with senior management.

B. Ownership of risks resides with the board.

C. Acceptance of residual risk resides with executive management level.

D. Identifying, assessing, mitigating and monitoring activities on a continuous basis rests with the internal audit activity.

An internal auditor is reviewing purchases made through the organization's corporate credit card program. Which of the following statements best describes a root cause of a deficiency?

A. A personal computer was purchased from a non-approved vendor.

B. Company policy limits card use to $500 per transaction.

C. A control to detect split purchases has not been activated in the credit card system.

D. Sample testing found 10% non-compliance with the organization's business travel policy.

Which of the following situations justifies the release of an interim report to management and the board?

1.

The internal auditor is convinced that the audit observations require immediate attention.

2.

The internal auditor would like to communicate a change in engagement scope for the activity under review.

3.

The internal auditor notes that the engagement may extend over a longer time period.

4.

The audit supervisor believes that issuing interim reports eases supervisory review and controls over working papers.

A. 1 and 3 only

B. 2 and 3 only

C. 1, 2, and 3 only

D. 2, 3, and 4 only

According to IIA guidance, which of the following are appropriate actions for the chief audit executive regarding management's response to audit recommendations?

A. Evaluate and verify management's response, and determine the need and scope for additional work.

B. Evaluate and verify management's response, and establish timelines for corrective action by management.

C. Oversee the corrective actions undertaken by management, and determine the need and scope for additional work.

D. Oversee the corrective actions undertaken by management, and establish timelines for corrective action by management.

Which of the following is not a primary purpose for conducting a walk-through during the initial stages of an assurance engagement?

A. To help develop process maps.

B. To determine segregation of duties.

C. To identify residual risks.

D. To test the adequacy of controls.

Which of the following statements is true regarding internal auditors and other assurance providers?

A. Assurance providers who report to management and/or are part of management cannot provide control self-assessments services.

B. Internal auditors should always reperform and validate audit work completed by external assurance providers.

C. Internal auditors may rely on the work of internal compliance teams to expand their coverage of the organization without increasing direct audit hours.

D. Internal auditors can rely on the work of other assurance providers only if the other assurance providers report directly to the board.