To promote a positive image within an organization,a chief audit executive (CAE) adjusted
the audit plan to focus on assurance engagements that highlighted potential costs to be
saved. Negative observations were to be omitted from engagement final communications.
Which action taken by the CAE would be considered a violation of the Standards?
I.The focus of the audit function was changed without modifying the audit charter or notifying the audit committee.
II.Negative observations were omitted from the engagement final communications.
III.Cost savings and recommendations were highlighted in the engagement final communications.

A.

IIonly

B.

I and IIonly

C.

I and IIIonly

D.

I,II,and III.

In a manufacturing organization,all sales prices are determined centrally and are
electronically sent to the distribution centers to update their sales price tables. Any pricing
deviations must beapproved by central headquarters. To determine how this process is
functioning,an internal auditorshould:

A.

Document the flow of sales price information,and determine how the table is accessed and updated.

B.

Develop a flowchart of the sales order process to determine how orders are taken and priced.

C.

Identify who approves the shipment of goods and how the goods are priced.

D.

Obtain a copy of the existing flowchart for the computer program to determine how price
data are accessed.

Which of the following activities most significantly increases the risk that a bank will make
poor-quality loans to its customers?

A.

Borrowers may not sign all required mortgage loan documentation.

B.

Fees paid by the borrower at the time of the loan may not be deposited in a timely manner.

C.

The bank's loan documentation may not meet the government's disclosure requirements.

D.

Loan officers may override the lending criteria established by senior management.

Which of the following statements regarding segregation of duties is true?

A.

When evaluating an organization's policy on segregation of duties,employee
competence does not need to be considered.

B.

An organizational chart provides an accurate definition of segregation of duties.

C.

A restrictive segregation-of-duties policy can help improve an organization's communication.

D.

Policies on segregation of duties in information systems must recognize the difference
between logical and physical access to assets.

A high-volume retailer of consumer goods has used point-of-sale data to record sales and
update inventory records for several years. When price changes are scheduled,corporate
headquarters downloads a price change file to a computer server system at each store.
Each store's assistant manager is responsible for checking the server for downloads and
running the program that updates the store's price file at the authorized price update time.
In comparison with having headquarters initiate the price update centrally,this approach to
price updating will most likely:

A.

Decrease the risk that customers will be undercharged consistently for sales items.

B.

Decrease the risk that item prices will sometimes be inaccurate.

C.

Increase the risk that customers will be undercharged consistently for sales items.

D.

Increase the risk that item prices will sometimes be inaccurate.

Which of the following factors affects the control risk of a company?

A.

Potential problems like technological obsolescence.

B.

Unusual pressures on management.

C.

Complex accounts that require expert valuations.

D.

Segregation of duties.

Which of the following should be incorporated in a risk management policy?
I.Boundaries and limit structures.
II.Requirements for reporting risk.
III.Risk authorities.

A.

I and IIonly

B.

I and IIIonly

C.

II and IIIonly

D.

I,II,and III.

A bakery chain has a statistical model that can be used to predict daily sales at individual
stores based on a direct relationship to the cost of ingredients used and an inverse
relationship to rainy days. What conditions would an auditor look for as an indicator of
employee theft of food from a specific store?

A.

On a rainy day,total sales are greater than expected when compared to the cost of ingredients used.

B.

On a sunny day,total sales are less than expected when compared to the cost of ingredients used.

C.

Both total sales and cost of ingredients used are greater than expected.

D.

Both total sales and cost of ingredients used are less than expected.

If an internal auditor discloses confidential information in response to a lawsuit,the internal
auditor hasviolated.

A.

The IIA Code of Ethics.

B.

The Standards.

C.

Both the IIA Code of Ethics and the Standards.

D.

Neither the IIA Code of Ethics nor the Standards.

An employee who recently transferred into the internal audit activity has been assigned to
audit the accounts payable system.
Which function,if previously performed by the auditor,would represent a conflict of interest?

A.

Monitoring the allowance for doubtful accounts.

B.

Writing procedures for the handling of duplicate payments.

C.

Signing timekeeping cards for subordinates.

D.

Reviewing shipping documents for accuracy.

An auditor is using audit software to check inventory accuracy. Which of the following
would be an indicator of poor input edit controls?

A.

Negative quantities on hand.

B.

Total dollar values of zero for some parts.

C.

Alpha characters in the field for order lead time.

D.

Reorder levels set too high.

Which of the following represents the correct order of the risk management process?

A.

Resource allocation,risk management metrics,risk assessment,post-mortem
analysis,effective communication.

B.

Risk management metrics,resource allocation,risk assessment,effective
communication,post-mortem analysis.

C.

Risk assessment,resource allocation,risk governance and reporting,post-mortem
analysis,feedback.

D.

Resource allocation,risk monitoring,risk assessment,feedback,post-mortem analysis.