In response to an audit finding, senior management informed the auditor that the issue would be investigated and resolved when time permitted. According to the International Professional Practices Framework, this action was not acceptable because:
A. The appropriate level of management was not involved in the review and resolution of the issue.
B. Responses should include sufficient information to evaluate the adequacy and timeliness of corrective action.
C. The board had not reviewed management's responses to the engagement observations and recommendations.
D. Other departments should have been contacted to determine if they shared responsibility for corrective action.
Which of the following is a preventive control strategy against fraud?
A. Performing a surprise audit.
B. Maintaining a whistleblower hotline.
C. Implementing control self-assessment.
D. Performing background checks on employees.
An internal auditor is reviewing purchases made through the organization's corporate credit card program. Which of the following statements best describes a root cause of a deficiency?
A. A personal computer was purchased from a non-approved vendor.
B. Company policy limits card use to $500 per transaction.
C. A control to detect split purchases has not been activated in the credit card system.
D. Sample testing found 10% non-compliance with the organization's business travel policy.
According to the International Professional Practices Framework, which of the following should be excluded from a final communication for a performance audit engagement?
A. Recommendations and conclusions.
B. The internal auditor's unbiased opinion.
C. Timely and relevant information.
D. Legal opinions related to illegal acts.
Which of the following would be an appropriate role of the internal audit function?
A. Determine the consequences for ethics violations.
B. Be responsible for the management of a whistle blowing hotline.
C. Establish the ethics policies for the organization.
D. Evaluate the effectiveness of the organization's ethics-related activities.
Due to the expanded role of internal audit in the organization, the chief audit executive (CAE) of a construction company decides to employ the services of an outsourced audit service provider to augment the internal audit staff. What does the CAE need to consider in determining whether the outsourced audit service provider possesses the necessary knowledge, skills and other competencies to perform an audit engagement?
A. Specific matters expected to be covered in the engagement communications.
B. The financial interest that the external service provider may have in the organization.
C. The extent of other ongoing services the external service provider may be performing for the organization.
D. The reputation of the external service provider.
Which of the following are key characteristics of enterprise risk management?
1.
It considers risk in the formulation of strategy.
2.
It applies risk management in some units of an entity.
3.
It takes a portfolio view of risks throughout the enterprise.
4.
It restricts the organization's ability to seize opportunities inherent in future events.
A. 2 and 3 only
B. 1 and 3 only
C. 2 and 4 only
D. 1 and 4 only
Ordinarily, which of the following would not be an objective of an internal audit quality assurance review?
A. Ensuring that the internal audit activity meets the external auditor's expectations.
B. Ensuring that the internal audit activity has an audit charter approved by the board of directors.
C. Complying with specific standards for the professional practice of internal auditing.
D. Ensuring the adequacy of the goals, mission and vision of the internal audit activity.
An organization has adopted an enterprise-wide risk management process and has appointed a chief risk officer (CRO) to manage the process. The board has requested that the audit committee have oversight over the risk management function. Which of the following statements is not true regarding this situation?
A. The audit committee should get assurance on the adequacy and effectiveness of the risk management process from the CRO.
B. The chief audit executive has the mandate to conduct risk assessments and give assurance to the audit committee.
C. The audit committee, on behalf of the board, has overall responsibility for the risk management process in the organization.
D. Senior management is accountable to the board for monitoring the system of internal controls.
During the planning phase of an audit of the treasury function, an internal auditor conducted a risk assessment of the function in order to:
A. Report any high-risk exposures of the treasury function to management and the board.
B. Determine whether appropriate resources are present to carry out the treasury function.
C. Comply with the internal audit charter and applicable regulatory requirements.
D. Identify areas of the treasury function that should be considered for potential engagement objectives.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your IIA-CIA-PART2 exam preparations and IIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.