An internal auditor for a large telecommunications organization identified potential risk factors related to a planned billing system conversion. Which of the following risk factors would present the least potential exposure to the organization?
A. Critical customer support functions are not available for a short period.
B. Invoice generation disruptions due to required maintenance.
C. Inaccurate billing of telephone calls due to database error.
D. End user criticism and lack of support for the new system.
The chief audit executive of a large publicly held bank is using a risk based approach to update the annual audit plan. Which of the following sources of information will have the least impact on the plan?
A. The 12 month forecast of commercial property values.
B. Recent changes to the bank's strategic plan.
C. Regulatory changes impacting capitalization for all publicly traded banks.
D. Continuous changes in the prime lending rate set by the country's central bank.
According to IIA guidance,when performing a compliance audit of data security standards for a large e-commerce retailer, which of the following would represent the least likely area of risk exposure?
A. Operational risks.
B. Change or configuration risks.
C. Access risks.
D. Physical security risks.
Which of the following statements is true regarding the communication of audit engagement observations?
A. Criteria, condition, cause, and effect must be communicated for material observations only
B. Criteria, condition, cause, and effect must be communicated for material observations and significant deficiencies only
C. Criteria, condition, cause, and effect must be communicated for all engagement observations.
D. Criteria, condition, cause, and effect do not need to be communicated for insignificant observations with adequate compensating key controls.
Which of the following situations justifies the release of an interim report to management and the board?
1.
The internal auditor is convinced that the audit observations require immediate attention.
2.
The internal auditor would like to communicate a change in engagement scope for the activity under review.
3.
The internal auditor notes that the engagement may extend over a longer time period.
4.
The audit supervisor believes that issuing interim reports eases supervisory review and controls over working papers.
A. 1 and 3 only
B. 2 and 3 only
C. 1, 2, and 3 only
D. 2, 3, and 4 only
An audit engagement objective at a manufacturer is to determine the quality of raw materials purchased. Which of the following actions would best enable an internal auditor to satisfy this objective?
A. Analyze the provision for sales allowances.
B. Analyze the percentage of scrap incurred during production.
C. Research the rationale for customer returns.
D. Evaluate the volume and characteristics of products rejected during processing.
Which of the following is the least relevant when preparing the internal audit activity's annual engagement plan?
A. Senior management's requests for internal audit engagements.
B. A rotation of internal audit engagements selected on a time basis.
C. The organization's current risk priority and exposure.
D. Coordination with the audit plans of the external auditor.
Which of the following statements is true?
A. If management chooses not to take action on internal audit's assurance engagement observation, the chief audit executive (CAE) has a responsibility to propose an action plan to the board.
B. Internal audit's responsibility for an assurance engagement observation ends when management implements changes to remediate the observation.
C. When management decides to accept the risk of not taking action on an assurance observation, the (CAE) is responsible for judging whether or not that decision is prudent.
D. An assurance engagement observation is considered remediated when management's corrective action plan is approved by the board.
An internal auditor is conducting an assessment of the organization's fraud controls. Which of the following would not be considered a preventive control?
1.
Daily report that identifies unsuccessful system log-in attempts.
2.
Weekly management communication with tips on identifying possible fraud.
3.
E-mail alert sent to management for checks issued over $100,000.00.
4.
New hire training to explain fraud and employee misconduct.
A. 1 and 2 only
B. 1 and 3 only
C. 2 and 4 only
D. 3 and 4 only
According to the Standards, which of the following control strategies would be the most effective in helping to prevent fraud?
A. Have employees annually sign a code of conduct requiring that they report any known violations.
B. Implement a whistleblower hotline where individuals can make anonymous phone calls to report fraudulent activities.
C. Provide periodic fraud awareness training to employees and test their understanding of the training through online surveys.
D. Conduct routine employee surveys to solicit their knowledge of fraud and unethical behavior within the organization.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your IIA-CIA-PART2 exam preparations and IIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.