Free IIA-ACCA Practice Test Questions 2026

Which of the following activities is most likely to require a fraud specialist to supplement the knowledge and skills of the internal audit activity?

A. Planning an engagement of the area in which fraud is suspected.

B. Employing audit tests to detect fraud.

C. Interrogating a suspected fraudster.

D. Completing a process review to improve controls to prevent fraud.

Which of the following is a common type of payroll fraud?

A. Unauthorized overtime.

B. Fictitious employees.

C. Unearned bonuses or commissions.

D. Skimming.

According to The MA Code of Ethics, which of the following is one of the rules of conduct for objectivity?

A. Internal auditors shall continually improve their proficiency and effectiveness and quality of their services.

B. Internal auditors shall respect and contribute to legitimate and ethical objectives of the organization.

C. Internal auditors shall not accept anything that may impair or be presumed to impair their professional judgment.

D. Internal auditors shall be prudent in the use and protection of information acquired in the course of their duties.

Which of the following is the most common way that occupational fraud is detected?

A. Internal audits.

B. Whistleblower hotline.

C. Key controls.

D. External audits.

In which of the following functions would fraud be most likely to occur?

A. Maintaining custody of inventory records.

B. Collecting payments on accounts.

C. Approving changes to employee records.

D. Preparing customer statements.

Internal auditors must exercise due professional care by considering which of the following?

1. Cost of assurance in relation to potential benefits.
2. Adequacy and effectiveness of governance, risk management, and control processes.
3. Management's competency level in the area being evaluated.
4. Probability of significant errors, fraud, or noncompliance.

A. 1 and 2 only

B. 1, 2, and 3 only

C. 1, 2, and 4 only

D. 2, 3, and 4 only

A snow removal company is conducting a scenario planning exercise where participating employees consider the potential impacts of a significant reduction in annua snowfall for the coming winter. Which of the following best describes this type of risk?

A. Residual.

B. Net.

C. Inherent.

D. Accepted.

Management is developing and implementing a risk and control framework for use throughout the organization. Which of the following elements should be included in the organization's control framework?

1. Appropriate levels of authority and responsibility.
2. Supervision of staff and appropriate review of work.
3. The seniority of management in the organization.
4. The ability to trace each transaction to an accountable and responsible individual.

A. 1,2, and 3.

B. 1.2, and 4.

C. 1.3, and 4.

D. 2, 3, and 4.

Which of the following controls could an internal auditor reasonably conclude is effective by observing the physical controls of a large server room?

A. Adequate signs are in place to assist in locating safety equipment.

B. Servers are secured individually to their racks by locks.

C. Foam fire extinguishers are operable to protect against electrical fires.

D. Swipe card access is required to gain access to the server room.

Which two of the following are preventive controls in a check disbursement process?

1. Daily reconciliation of the bank account used for check disbursements and prompt follow-up of un-reconciled items.
2. Segregation of the following duties: establishing new vendors, approving checks, and reconciling the bank account.
3. An activity report detailing who accesses the check disbursement system and the nature of any action taken in the system.
4. Evidence of strong access controls ensuring that authorized individuals have access only to the functions related to their responsibilities.

A. 1 and 3.

B. 1 and 4.

C. 2 and 3.

D. 2 and 4.

An internal auditor uses a predefined macro provided in a popular spreadsheet application to verify the present value of the organization's investments. Which of the following is the most appropriate course of action regarding the auditor's use of this functionality?

A. The auditor should accept the calculations generated by the function, as any further work or documentation would be inefficient.

B. The auditor should perform a manual recalculation of several results to validate and document the results.

C. The auditor should review the programming of the macro before its use to ensure that it is appropriate for the required calculations.

D. The auditor should tabulate the results in the spreadsheet to ensure the macro has generated the correct results for all calculations.

Which segregation of duties would best reduce the risk of payroll fraud?

A. Human resources personnel add employees, and payroll personnel process hours and enter employee bank account numbers. Paychecks are automatically deposited in the employee's bank account.

B. Human resources personnel add employees, payroll personnel process hours, and human resources personnel deliver paychecks to employees.

C. Human resources personnel add employees, review and submit payroll hours to the payroll department for processing, and deliver paychecks to employees.

D. Human resources personnel add employees and enter employee bank information. Payroll personnel process hours, and paychecks are automatically deposited in the employee's bank account.