Essentials of Internal Auditing
A multinational organization has asked the internal audit activity to assist in setting up the organization's risk management system. The chief audit executive (CAE) agrees to take on the engagement as a consultant. Which of the following tasks is appropriate for the CAE to undertake?
A. Coordinate and facilitate risk workshops for management to attend.
B. Establish the degree of risk appetite for management to accept.
C. Set risk indicators and mitigation plans for management to implement.
D. Determine the number of significant risks for management to report to the board.
Which of the following best describes the details that must be included in the quality assurance and improvement program (QAIP) report to senior management and the board?
A. The scope and frequency of internal and external assessments as well as the qualifications and independence of the assessor.
B. The scope and cost of the QAIP. frequency of internal and external assessments, and conclusions of the assessor.
C. The scope, findings, risks, recommendations, and agreed-upon improvement actions.
D. The number and types of people involved in the assessment, costs, and duration of the QAIP
Which of the following documents is most appropriate in promoting the objectivity of the internal audit activity?
A. Usage of IT system policy.
B. Risk management framework.
C. Acceptance of gifts policy.
D. Personal responsibility policy.
An internal audit charter, approved by the board, restricts the internal audit activity to providing assurance only on the reliability of financial information and the effectiveness of internal accounting controls. Which of the following statements is true regarding the extent to which the external auditor may rely on the internal audit activity's work?
A. The external auditor may make full use of the work, as the audit charter is very specific as to the work the internal audit activity may undertake.
B. The external auditor may use the work, as the board has approved the charter, thus taking responsibility for any deficiencies.
C. The external auditor must disregard the work, as the scope of the charter may introduce bias and result in a lack of due professional care.
D. The external auditor may use the work with caution, due to the internal audit activity's scope and responsibility restrictions.
An IT contractor applied for an internal audit position at a bank. The contractor worked for the bank's IT security manager two years ago. If the audit manager interviewed the contractor and wants to extend a job offer, which of the following actions should the chief audit executive pursue?
A. Allow the audit manager to hire the contractor and state that the individual is free to perform IT audits, including security.
B. Not allow the audit manager to hire the contractor, as it would be a conflict of interest.
C. Allow the audit manager to hire the contractor, but state that the individual is not allowed to work on IT security audits for one year.
D. Not allow the audit manager to hire the contractor and ask the individual to apply again in one year.
When developing the organization's first risk universe, which of the following would the chief audit executive be least likely to consider?
A. The amount of risk that an organization is willing to seek or accept.
B. The extent and degree of interdependency for identified key risks.
C. The boundaries established to manage the amount of risk taken.
D. The exposure to risks following management's risk responses.
According to IIA guidance, which of the following best describes internal auditors' responsibility regarding fraud?
A. Internal auditors should take a leading role in investigating all fraud-related cases.
B. Internal auditors must have sufficient knowledge to evaluate the risk of fraud.
C. Internal auditors should report all fraud cases to law enforcement agents, in accordance with the Code of Ethics.
D. Internal auditors are responsible for ensuring that fraud does not occur.
Which of the following offers the best evidence that the internal audit activity has achieved organizational independence?
A. An independent third party has assessed the organization's system of internal controls to be adequate and effective.
B. The chief audit executive reports both functionally and administratively to the CEO.
C. The internal audit charter is drafted properly and approved by the appropriate parties.
D. The mission statement and strategy of the internal audit activity demonstrates alignment to organizational objectives.
Which of the following is a detective control strategy against fraud?
A. Requiring employees to attend ethics training.
B. Performing background checks on employees.
C. Implementing a control self-assessment.
D. Performing a surprise audit.
Which of the following statements accurately describes the responsibility of the internal
audit activity regarding IT governance?
1. The internal audit activity does not have any responsibility because IT governance is the
responsibility of the board and senior management of the organization.
2. The internal audit activity must assess whether the IT governance of the organization
supports the organization's strategies and objectives.
3. The internal audit activity may assess whether the IT governance of the organization
supports the organization's strategies and objectives.
4. The internal audit activity may accept requests from management to perform advisory
services regarding how the IT governance of the organization supports the organization's
strategies and objectives.
A. 1 only.
B. 4 only.
C. 2 and 4.
D. 3 and 4.
According to IIA guidance, which of the following are macro-level audit activities performed
for an assurance engagement of the purchasing department?
1. Obtain and review all purchasing-related audit reports issued within the past year.
2. Meet with the quality assurance group to discuss its previous reports of any purchasingrelated
findings.
3. Review a memo written by the purchasing manager that outlines ongoing problems with
the purchasing software.
4. Request a copy of the report from a purchasing audit conducted last year by an external
service provider.
A. 1 and 2.
B. 1 and 3.
C. 2 and 4.
D. 3 and 4.
According to The MA Global Internal Audit Competency Framework, which of the following areas of training would best assist the internal audit activity in improving its use of tools and techniques?
A. Negotiation and conflict resolution.
B. Project management.
C. Financial accounting.
D. Ethics and fraud.
| Page 6 out of 51 Pages |
| 12345678910111213141516 |
| IIA-ACCA Practice Test Home |
Real-World Scenario Mastery: Our IIA-ACCA practice exam don't just test definitions. They present you with the same complex, scenario-based problems you'll encounter on the actual exam.
Strategic Weakness Identification: Each practice session reveals exactly where you stand. Discover which domains need more attention, before ACCA CIA Challenge Exam exam day arrives.
Confidence Through Familiarity: There's no substitute for knowing what to expect. When you've worked through our comprehensive IIA-ACCA practice exam questions pool covering all topics, the real exam feels like just another practice session.
Copyright © All Rights Reserved