Which of the following would be included in an internal audit department's quality assurance and improvement program?
1.
Ongoing internal assessments of the performance of the internal audit department.
2.
Periodic internal reviews through self-assessments.
3.
Assessments conducted by a qualified external reviewer at least once every five years.
A. 1 only
B. 1 and 2 only
C. 2 and 3 only
D. 1, 2, and 3
During a consulting engagement, an internal auditor identifies new risks which will impact the scope and sufficiency of the engagement audit plan. According to the Standards, the internal auditor should:
A. Discuss the potential impact on the scope with the client.
B. Modify the scope to incorporate the new risks and continue the engagement.
C. End the engagement, as the audit scope is no longer sufficient to meet the audit objective.
D. Continue the engagement but highlight the impacts on the audit scope in the final report.
When establishing the internal audit activity's annual plan, which of the following would be the best source of potential audit engagement topics?
A. The organization's budget.
B. Operations involving cash transactions.
C. Recent changes in management objectives.
D. Risk factors utilized in the organization's risk models.
Which of the following is not true regarding the management of internal audit resources?
A. A minimum level of information technology knowledge is necessary.
B. The adequacy of internal audit resources is ultimately a board responsibility.
C. Resources include external service providers and computer-assisted audit techniques.
D. Skills availability must be aligned with financial constraints.
An organization has an opening for an entry-level internal audit position. When interviewing for the position, which of the following is the least important skill for an entry-level internal auditor?
A. Conflict resolution skills.
B. Communication skills.
C. Time management skills.
D. Interpersonal skills.
An organization decides to create an internal audit function and hires a new chief audit executive (CAE). Which of the following should the CAE first consider when developing the internal audit process?
A. Requirements of the external auditors to ensure an efficient coordination of audit effort.
B. Sufficient resources to adequately meet the needs of the annual audit plan.
C. Alignment of internal audit objectives with the organization's strategic plan.
D. An appropriate training plan for audit staff.
According to IIA guidance, which of the following is the least appropriate role for the internal audit activity in the organization's risk management program?
A. Conducting full investigations of suspected fraud.
B. Monitoring the organization's whistle-blower hotline.
C. Assessing the risk of fraudulent activity in the organization.
D. Providing ethics training sessions to organization staff.
An internal auditor compares real-time gasoline production data to corresponding final gasoline production reports and finds minor but consistent daily discrepancies. If the auditor is concerned about theft, which of the following next steps is most consistent with IIA guidance?
A. Reconcile online data and the final production reports to gasoline sales reports.
B. Contact security personnel as evidence suggests gasoline is being stolen from production premises.
C. Confront the production manager and ask her to explain the differences between real-time and reported data.
D. Review the processes used to collect the production data and to compile the final production reports.
According to the International Professional Practices Framework, which of the following is correct regarding conducting and reporting follow-up activities by the internal audit activity (IAA)?
A. Due to management changes, the IAA is advised by management that no further work will be done. Further follow-up work is not required as management has accepted the related risk.
B. A newly appointed auditor immediately proceeds to conduct follow-up testing based on previous work performed for the engagement and then reports the results to the chief audit executive (CAE).
C. Management has stopped implementing several key recommendations citing a growing disagreement with their effectiveness. The auditor communicates the situation to the CAE who then escalates the matter to senior management.
D. In situations where the identified risk may have a significant impact to the business and senior management has accepted the risk, it is not necessary for the CAE to inform the board of the decision.
The chief audit executive (CAE) notes during review of the final report of an assurance engagement that management has decided to accept the risks of two significant exposures identified by the audit. Which of the following actions by the CAE would be least prudent in these circumstances?
A. Implement follow-up procedures to monitor the potential impact of those risks.
B. Review the working papers and conclusions as to the perceived residual risk.
C. Meet with senior management to consider their reasoning for the decision.
D. Meet with the auditor-in-charge to review the conclusions.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your IIA-CIA-PART2 exam preparations and IIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.