Practice of Internal Auditing
According to IIA guidance, which of the following would not be a consideration for the internal audit activity (IAA) when determining the need to follow-up on recommendations?
A. Degree of effort and cost needed to correct the reported condition.
B. Complexity of the corrective action.
C. Impact that may result should the corrective action fail.
D. Amount of resources required to conduct the follow-up activities.
After finalizing an assurance engagement concerning safety operations in the oil mining process, the audit team concluded that no key controls were compromised. However, some opportunities for improvement were noted. Which of the following would be the most appropriate way for the chief audit executive (CAE) to report these results?
A. The CAE should send the final report to operational and senior management and the audit committee.
B. The CAE should send the final report to operational management only, as there is no need to communicate this information to higher levels.
C. The CAE should notify operational and senior management that the audit engagement was completed with no significant findings to report.
D. The CAE should send the final report to operational management and notify senior management and the audit committee that no significant findings were identified.
The final internal audit report should be distributed to which of the following individuals?
A. Audit client management only
B. Executive management only
C. Audit client management, executive management, and others approved by the chief audit executive.
D. Audit client management, executive management, and any those who request a copy.
An internal auditor determines that certain information from the engagement results is not appropriate for disclosure to all report recipients because it is privileged. In this situation, which of the following actions would be most appropriate?
A. Disclose the information in a separate report.
B. Distribute the information in a confidential report to the board only
C. Distribute the reports through the use of blind copies.
D. Exclude the results from the report and verbally report the conditions to senior management and the board.
According to IIA guidance, which of the following statements best justifies a chief audit executive's request for external consultants to complement internal audit activity (IAA) resources?
A. The organization's audit universe is extensive and diverse.
B. There has been an increase in unanticipated requests for advisory work.
C. Previous work provided by the external service provider has been of great quality and value.
D. A recent benchmarking study found that using external service providers is a common practice of similarly-sized IAAs in other organizations.
For which of the following fraud engagement activities would it be most appropriate to involve a forensic auditor?
A. Independently evaluating conflicts of interests.
B. Assessing contracts for relevant terms and conditions.
C. Performing statistical analysis for data anomalies.
D. Preparing evidentiary documentation.
A large retail organization, which sells most of its products online, experiences a computer hacking incident. The chief IT officer immediately investigates the incident and concludes
that the attempt was not successful. The chief audit executive (CAE) learns of the attack in
a casual conversation with an IT auditor. Which of the following actions should the CAE
take?
1. Meet with the chief IT officer to discuss the report and control improvements that will be
implemented as a result of the security breach, if any.
2. Immediately inform the chair of the audit committee of the security breach, because thus
far only the chief IT officer is aware of the incident.
3. Meet with the IT auditor to develop an appropriate audit program to review the
organization's Internet-based sales process and key controls.
4. Include the incident in the next quarterly report to the audit committee.
A. 1 and 2
B. 1 and 3
C. 2 and 4
D. 3 and 4
Which of the following statements is true pertaining to interviewing a fraud suspect?
1. Information gathered can be subjective as well as objective to be useful.
2. The primary objective is to obtain a voluntary written confession.
3. The interviewer is likely to begin the interview with open-ended questions.
4. Video recordings always should be used to provide the highest quality evidence.
A. 1 only
B. 4 only
C. 1 and 3
D. 2 and 4
Which of the following evaluation criteria would be the most useful to help the chief audit executive determine whether an external service provider possesses the knowledge, skills, and other competencies needed to perform a review?
A. The financial interest the service provider may have in the organization.
B. The relationship the service provider may have had with the organization or the activities being reviewed.
C. Compensation or other incentives that may be applicable to the service provider.
D. The service provider's experience in the type of work being considered.
The board has asked the internal audit activity (IAA) to be involved in the organization's enterprise risk management process. Which of the following activities is appropriate for IAA to perform without safeguards?
A. Coach management in responding to risks.
B. Develop risk management strategies for board approval.
C. Facilitate identification and evaluation of risks.
D. Evaluate risk management processes.
An internal auditor notes that employees continue to violate segregation-of-duty controls in several areas of the finance department, despite previous audit recommendations. Which of the following recommendations is the most appropriate to address this concern?
A. Recommend additional segregation-of-duty reviews.
B. Recommend appropriate awareness training for all finance department staff.
C. Recommend rotating finance staff in this area.
D. Recommend that management address these concerns immediately.
According to IIA guidance, which of the following actions might place the independence of the internal audit function in jeopardy?
A. Having no active role or involvement in the risk management process.
B. Auditing the risk management process for reasonableness.
C. Coordinating and managing the risk management process.
D. Participating with management in identifying and evaluating risks.
| Page 17 out of 51 Pages |
| 9101112131415161718192021222324 |
| IIA-ACCA Practice Test Home |
Real-World Scenario Mastery: Our IIA-ACCA practice exam don't just test definitions. They present you with the same complex, scenario-based problems you'll encounter on the actual exam.
Strategic Weakness Identification: Each practice session reveals exactly where you stand. Discover which domains need more attention, before ACCA CIA Challenge Exam exam day arrives.
Confidence Through Familiarity: There's no substitute for knowing what to expect. When you've worked through our comprehensive IIA-ACCA practice exam questions pool covering all topics, the real exam feels like just another practice session.
Copyright © All Rights Reserved