Free IIA-ACCA Practice Test Questions 2026

An organization has a health and safety division that conducts audits to meet regulatory requirements. The chief health and safety officer reports directly to the CEO. Which of the following describes an appropriate role for the chief audit executive (CAE) with regard to the organization's health and safety program?

A. The CAE has no role to play, because the chief health and safety officer reports to a senior executive.

B. The CAE should coordinate with, and review the work of, the chief health and safety officer to gain an understanding of whether risks related to health and safety are managed properly.

C. The CAE should give periodic reports directly to the regulator regarding health and safety issues, as it is the appropriate regulatory oversight body.

D. The CAE should hire an independent external specialist to conduct an annual assessment and provide assurance over the effectiveness of the health and safety program and the reliability of its reports.

An internal auditor has been assigned to facilitate a risk and control self-assessment for the finance group. Which of the following is the most appropriate role that she should assume when facilitating the workshop?

A. Express an opinion on the participants' inputs and conclusions as the assessment progresses.

B. Provide appropriate techniques and guidelines on how the exercise should be undertaken.

C. Evaluate and report on all issues that may be uncovered during the exercise.

D. Screen and vet participants so that the most appropriate candidates are selected to participate in the exercise.

After the team member who specialized in fraud investigations left the internal audit team, the chief audit executive decided to outsource fraud investigations to a third party service provider on an as needed basis. Which of the following is most likely to be a disadvantage of this outsourcing decision?

A. Cost.

B. Independence.

C. Familiarity.

D. Flexibility.

A draft internal audit report that cites deficient conditions generally should be reviewed with which of the following groups?

1. The client manager and her superior.
2. Anyone who may object to the report’s validity.
3. Anyone required to take action.
4. The same individuals who receive the final report.

A. 1 only

B. 1 and 2 only

C. 1, 2, and 3

D. 1, 2, and 4

Which of the following behaviors could represent a significant ethical risk if exhibited by an organization's board?

1. Intervening during an audit involving ethical wrongdoing.
2. Discussing periodic reports of ethical breaches.
3. Authorizing an investigation of an unsafe product.
4. Negotiating a settlement of an employee claim for personal damages.

A. 1 and 2

B. 1 and 4

C. 2 and 3

D. 3 and 4

The chief audit executive of a medium-sized financial institution is evaluating the staffing model of the internal audit activity (IAA). According to IIA guidance, which of the following are the most appropriate strategies to maximize the value of the current IAA resources?

• The annual audit plan should include audits that are consistent with the skills of the IAA.
• Audits of high-risk areas of the organization should be conducted by internal audit staff.
• External resources may be hired to provide subject-matter expertise but should be supervised.
• Auditors should develop their skills by being assigned to complex audits for learning opportunities.

A. 1 and 2 only

B. 1 and 4 only

C. 2 and 3 only

D. 3 and 4 only

According to the Standards, which of the following is leastimportant in determining the adequacy of an annual audit plan?

A. Sufficiency.

B. Appropriateness.

C. Effective deployment.

D. Cost effectiveness.

According to IIA guidance, which of the following are appropriate actions for the chief audit executive regarding management's response to audit recommendations?

A. Evaluate and verify management's response, and determine the need and scope for additional work.

B. Evaluate and verify management's response, and establish timelines for corrective action by management.

C. Oversee the corrective actions undertaken by management, and determine the need and scope for additional work.

D. Oversee the corrective actions undertaken by management, and establish timelines for corrective action by management.

A newly promoted chief audit executive (CAE) is faced with a backlog of assurance engagement reports to review for approval. In an attempt to attach a priority for this review, the CAE scans the opinion statement on each report. According to IIA guidance, which of the following opinions would receive the lowest review priority?

1. Graded positive opinion.
2. Negative assurance opinion.
3. Limited assurance opinion.
4. Third-party opinion.

A. 1 and 3

B. 1 and 4

C. 2 and 3

D. 2 and 4

When creating the internal audit plan, the chief audit executive should prioritize engagements based primarily on which of the following?

A. The last available risk assessment.

B. Requests from senior management and the board.

C. The longest interval since the last examination of each audit universe item.

D. The auditable areas required by regulatory agencies.

An audit identified a number of weaknesses in the configuration of a critical client/server system. Although some of the weaknesses were corrected prior to the issuance of the audit report, correction of the rest will require between 6 and 18 months for completion. Consequently, management has developed a detailed action plan, with anticipated completion dates, for addressing the weaknesses. What is the most appropriate course of action for the chief audit executive to take?

A. Assess the status of corrective action during a follow-up audit engagement after the action plan has been completed.

B. Assess the effectiveness of corrections by reviewing statistics related to unplanned system outages, and denials of service.

C. Reassign information systems auditors to assist in implementing management's action plan.

D. Evaluate the ability of the action plan to correct the weaknesses and monitor key dates and deliverables.

A chief audit executive is preparing interview questions for the upcoming recruitment of a senior internal auditor. According to IIA guidance, which of the following attributes shows a candidate's ability to probe further when reviewing incidents that have the appearance of misbehavior?

A. Integrity.

B. Flexibility.

C. Initiative.

D. Curiosity.