The final engagement communication contains the following observation:
"The internal auditor discovered that three of the 10 contracts reviewed failed to meet the organization's competitive bidding requirements. Management explained that senior management deemed these purchases to be critical and awarded them as sole-source."
Which of the following components is missing in the documentation of the observation?
A. Criteria.
B. Effect.
C. Condition.
D. Cause.
In which of the following situations would an internal auditor consider the need to outsource competencies and skills?
A. During the inspection of a wind turbine, an internal auditor notices that some replaced parts look used. According to purchase documents, the parts still have a long lifespan.
B. The auditor believes that the audit client's actions contradict the organization's code of conduct. The audit client disagrees and says his actions are for the organization's benefit.
C. An audit team member is allocated to conduct an assurance engagement in the sales unit. However, the same auditor performed an assurance engagement in that area just one year prior.
D. During an inventory count, the auditor ascertained that some goods were missing. The audit client argues that the auditor does not understand how inventory should be counted.
According to IIA guidance, which of the following is the key planning step internal auditors should perform to establish appropriate engagement objectives prior to starting an audit engagement?
A. Review the organizational structure, management roles and responsibilities, and operating procedures.
B. Evaluate management's risk assessment and the internal audit activity's risk assessment.
C. Assess process flow and control documents used to meet regulatory requirements.
D. Review meeting notes from discussions involving management of the area to be reviewed.
Which of the following best describes a risk that is deemed "unacceptable" to the organization?
A. A risk where likelihood and impact are high.
B. A risk where inherent risk exceeds its residual risk.
C. A risk where inherent risk exceeds the tolerance level.
D. A risk where residual risk exceeds the tolerance level.
Which of the following best justifies an internal auditor's decision to issue a preliminary audit report?
A. The internal audit team and audit client have a serious dispute over the scope and objective of the engagement.
B. The internal audit team expects management to address certain issues immediately due to their severe impact.
C. The internal audit team anticipates that the formal final audit report would be undesirable for management due to the significance of outlined risks.
D. The internal audit team would like to issue a clean final audit report without any material observations or risks.
In a health care organization, the internal audit activity provides overall assurance on governance, risk, and control. The chief audit executive advises and influences senior management, and the audit strategy leverages the organization's management of risk. According to IIA guidance, which of the following stages of internal audit maturity best describes this organization?
A. Infrastructure.
B. Emerging.
C. Managed.
D. Initial.
An internal audit manager is planning a contract compliance audit. Which of the following should be done prior to developing the audit work program?
A. Select a sample of invoices for substantive testing.
B. Review the contract for evidence of authorization.
C. Document underlying reasons for noncompliance.
D. Assess the inherent risk of paying duplicate invoices.
Which of the followings statements describes a best practice regarding assurance engagement communication activities?
A. All assurance engagement observations should be communicated to the audit committee.
B. All assurance engagement observations should be included in the main section of the engagement communication.
C. During the "communicate" phase of an assurance engagement, it is best to define the methods and timing of engagement communications.
D. A detailed escalation process should be developed during the planning stage of an assurance engagement.
A chief audit executive (CAE) received a detailed internal report of senior management's internal control assessment. Which of the following subsequent actions by the CAE would provide the greatest assurance over management's assertions?
A. Assert whether the described and reported control processes and systems exist.
B. Assess whether senior management adequately supports and promotes the internal control culture described in the report.
C. Evaluate the completeness of the report and management's responses to identified deficiencies.
D. Determine whether management's operating style and the philosophy described in the report reflect the effective functioning of internal controls.
During an audit of the accounts receivable (AR) process, an internal auditor noted that reconciliations are still not performed regularly by the AR staff, a recommendation that was made following a previous audit. Monitoring by the financial reporting function has failed to detect the shortcoming. Both the financial reporting function and AR report to the controller, who is responsible for implementing action plans. Which of the following supports the internal auditor's decision to combine both observations into one reported finding?
A. The observation was made during the same audit, and the action plan has a common owner.
B. The observation relates to the same control activity within a common process.
C. The observation has a common control, and it was noted in a prior audit.
D. The observation has a common process, and the action plan for the observation has a common owner.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your IIA-CIA-PART2 exam preparations and IIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.