A report prepared by the internal audit activity contains several observations that disclose proprietary information regarding the organization's manufacturing process. According to the International Professional Practices Framework, which of the following is the appropriate treatment for this report?
A. Distribute the report only to the board to protect disclosure.
B. Disclose and distribute this information in a separate report.
C. Remove the observations and report verbally to senior management.
D. Require a separate non-disclosure statement from each recipient.
Which of the following would most likely include recommendations for process improvements?
1.
Due diligence engagement.
2.
Forensic investigation.
3.
Internal audit engagement.
4.
Consulting engagement.
A. 1, 2, and 3 only
B. 1, 2, and 4 only
C. 1, 3, and 4 only
D. 2, 3, and 4 only
According to the Standards, which of the following best describes the responsibility of the chief audit executive (CAE) for approving the final engagement report?
1.
The CAE is responsible for obtaining management approval before issuing the final report.
2.
The CAE has overall responsibility for the report but can delegate the review and approval of the report.
3.
The CAE is responsible for obtaining senior management's approval before releasing the final report.
4.
The CAE is responsible for approving to whom and how the final report will be disseminated.
A. 1 and 3 only
B. 1 and 4 only
C. 2 and 3 only
D. 2 and 4 only
According to the International Professional Practices Framework, which of the following is not an objective of the exit conference?
A. Receive client feedback and clarification.
B. Review audit recommendations.
C. Plan future engagements.
D. Resolve disagreements.
According to the Standards, which of the following objectives is not required to ensure the appropriate completion of an engagement?
A. Determining audit team members are coordinated to ensure the efficient execution of all engagement procedures.
B. Confirming engagement working papers properly support the observations, recommendations and conclusions.
C. Providing structured learning opportunities for engagement auditors when and wherever possible.
D. Ensuring all engagement objectives are reviewed for satisfactory achievement and properly documented.
Which of the following risks assumes an absence of compensating controls in the area being reviewed?
A. Control risk.
B. Detection risk.
C. Inherent risk.
D. Sampling risk.
The chief audit executive (CAE) of a multinational entity with highly automated and complex operations has just completed the update of the risk-based audit plan. Interviews with management revealed the introduction of new technology and a significant increase in both the number and severity of technology-based risk exposures. According to the International Professional Practices Framework, which of the following would be the best course of action for the CAE to undertake next?
A. Develop a detailed audit plan that makes the most efficient use and reallocation of existing internal audit resources.
B. Arrange for the outsourcing of some technology intensive audit processes and procedures based on the plan changes.
C. Evaluate whether appropriate skills and knowledge required to perform the necessary audit work currently exist in the department.
D. Begin planning to recruit information technology audit specialists and other expert personnel into the internal audit activity.
An auditor-in-charge is preparing her audit team for a consulting engagement at one of the organization's foreign subsidiaries. According to the Standards, which of the following would not be a necessary step prior to beginning the engagement?
A. Verify that none of the audit team worked for the foreign subsidiary within the last year to ensure independence.
B. Agree, in writing, with the subsidiary's senior management regarding the scope of the engagement.
C. Communicate a time frame as well as a contingency plan in the event the engagement may take longer than expected.
D. Communicate what logistical support will be provided by the subsidiary for the duration of the engagement.
While performing an audit of the human resources department, an internal auditor discovered unencrypted files containing the personal information of employees stored on a public shared drive. According to IIA guidance, which of the following actions by the auditor would be the most appropriate?
A. Remove the files containing the social security numbers and personal information.
B. Communicate the issue to the chief audit executive as well as IT and legal departments.
C. Change permissions to the shared drive to only allow access to human resources personnel.
D. Immediately review the audit logs to see if anyone has accessed this information and follow-up.
A chief audit executive (CAE) has decided to add an engagement to the current audit plan which will exceed available audit resources. Which of the following is the best course of action for the CAE to take?
A. Present the plan change to senior management and request additional resources before going to the board of directors.
B. Seek approval from senior management and the board of directors for the plan change and advise them of the issue of limited resources.
C. Add this change to the plan and request senior management to indicate which other engagement should be deleted to keep the overall plan within resource constraints.
D. Immediately seek additional resources from senior management and the board of directors to meet the needs of the organization.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your IIA-CIA-PART2 exam preparations and IIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.