Noncompliance with which of the following would cause a control deficiency related to privacy protection practices?
I. An organization's internal privacy policies.
II. Financial accounting standards.
III. Privacy laws and regulations.
IV.
The Standards.
A.
I and III only
B.
II and IV only
C.
II, III, and IV only
D.
I, II, III, and IV.
Which of the following statements regarding organizational governance is not correct?
A. An effective internal audit function is one of the four cornerstones of good governance.
B. Those performing governance activities are accountable to the customer.
C. Accountability is one of the key elements of organizational governance.
D. Governance principles and the need for an internal audit function are applicable to governmental and not-for-profit activities.
A chief audit executive would most likely use risk assessment for audit planning because it provides:
A. A systematic process for assessing and integrating professional judgment about probable adverse conditions.
B. A listing of potentially adverse effects on the organization.
C. A list of auditable activities in the organization.
D. The probability that an event or action may adversely affect the organization.
When developing the annual audit plan and reviewing risk assessment priorities, a chief audit executive should always identify the:
A. Potential recommendations for each auditable activity.
B. Persons to whom engagement reports will be communicated.
C. Engagement procedures to be used during the engagements.
D. Internal audit resources required to achieve the audit plan.
Which of the following actions by a chief audit executive would be most effective in preventing fraud?
A. Ensure that the board is aware of all fraud that has been identified or reported.
B. Train the internal audit staff in identifying fraud indicators.
C. Review the adequacy of all policies that describe prohibited activities.
D. Submit an annual report to the board on all fraud that has been detected.
Which of the following is not an appropriate role of the internal audit activity in governance activities?
A. Support the board in enterprise-wide risk assessment.
B. Ensure the timely implementation of audit recommendations.
C. Monitor compliance with the organization's ethics policies.
D. Discuss areas of significant risk.
In selecting an instructional strategy for developing internal audit staff, a chief audit executive should first review the:
A. Department's budget constraints.
B. Internal auditors' personal development needs.
C. Content of potential training courses.
D. Organization's objectives.
A company has entered into a $20, 000, 000 fixed-price contract with a general contractor for the construction of a new retail outlet. For this contract, which of the following would represent the greatest risk?
A. Excessive labor charged to the project.
B. Poor physical protection of materials and equipment.
C. Failure to complete the project within budget.
D. Substitution of inferior materials.
What role, if any, should the internal audit activity have in the process of following up on observations and recommendations made by the external auditors?
A. The internal audit activity should have no role in this process in order to ensure independence.
B. The internal audit activity should become involved only if the chief audit executive has sufficient evidence that the follow-up is not occurring.
C. The internal audit activity should review the adequacy and effectiveness of management's follow-up actions.
D. The internal audit activity should become involved only if specifically requested by management or the board of directors.
The chief audit executive for an organization has just completed a risk assessment process, identified the areas with the highest risk, and assigned an audit priority to each. Which of the following statements is true and consistent with the International Professional Practices Framework?
I. Items should be ranked in the order of quantifiable dollar exposure to the organization.
II. The audit priorities should be in order of major control deficiencies.
III.
The risk assessment, though quantified, is the result of professional judgments about both exposures and probability of occurrences.
A.
I only
B.
III only
C.
II and III only
D.
I, II, and III.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your IIA-CIA-PART1 exam preparations and IIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.