The chief audit executive's responsibility regarding control processes includes:
A. Assisting senior management and the audit committee in the development of an annual assessment about internal control.
B. Overseeing the establishment of internal control processes.
C. Maintaining the organization's governance processes.
D. Ensuring that the internal audit activity assesses all control processes annually.
Which of the following is an effective way for an internal auditor to improve communications with the client during a contentious audit?
A. Encourage the client to participate as a partner in the decision-making process to determine the changes that need to be made.
B. Clearly explain to the client the role of the internal audit activity in the change process.
C. Obtain the support of the board of directors for proposed changes before discussing the changes with operating management.
D. Speak privately with key client personnel immediately after proposed changes are announced to address their concerns.
Which of the following is the most common method management can use to manage risk within its risk appetite?
A. Implementation of controls.
B. Use of risk registers and dashboard.
C. Frequent communication of risk appetite for operating personnel.
D. Continuous evaluations and audits.
A code of business conduct provides:
A. A fraud avoidance plan that does not explicitly describe punishments for violations.
B. A passive method of fraud deterrence.
C. A program to anonymously report irregularities to authorities.
D. An alternative to "tone at the top" programs.
The chief executive officer has requested that the chief audit executive (CAE) coordinate the establishment of an enterprise risk management (ERM) program for the organization. Which of the following would be the most appropriate action for the CAE?
A. Accept the request as the role of coordinating ERM is a core function of internal audit.
B. Decline the request as this role compromises the CAE's objectivity.
C. Accept the request after consulting with the board and adhering to proper safeguards.
D. Decline the request as internal audit has limited knowledge and experience of risk at the enterprise level to undertake the assignment.
Which of the following actions is related to the preliminary survey process?
A. Determining if controls are effective.
B. Preparing the engagement work program.
C. Identifying the current controls.
D. Completing a detailed test of controls.
When planning an audit engagement, what should an internal auditor first consider when assessing the risk of fraud in the area to be audited?
A. Impact of and exposure to fraud.
B. Existence of evidence of fraud.
C. Organizational structure.
D. Management's risk appetite.
Risk assessments can vary in format, but generally include:
1.
A description of identified risks.
2.
Tests of audit controls.
3.
A system of rating risks.
4.
Sample size identification.
A. 1 and 2 only
B. 1 and 3 only
C. 1, 3, and 4 only
D. 2, 3, and 4 only
An internal auditor has just undertaken an organization-wide risk assessment. In identifying potential audit engagements, the internal auditor should consider least:
A. Focusing on the high risk areas as sources of potential engagements.
B. Focusing in areas not audited last year.
C. Factoring in management requests.
D. Focusing on those risks highlighted by the external auditor.
An organization has developed a large database that tracks employees, employee benefits, payroll deductions, job classifications, and other similar information. The internal auditor reviews the retirement benefits plan and determines that the pension and medical benefits have been changed several times in the past ten years. The auditor wishes to determine whether there is justification to perform further audit investigation. The most appropriate audit procedure would be to:
A. Review the trend of overall retirement expense over the last ten years. If the retirement expense increased, it would indicate the need for further investigation.
B. Use generalized audit software to select a monetary-unit sample of retirement pay, and determine whether each retired employee was paid correctly.
C. Review reasonableness of retirement pay and medical expenses on a per-person basis stratified by which plan was in effect when the employee retired.
D. Use generalized audit software to select an attributes sample of retirement pay, and perform detailed testing to determine whether each person chosen was given the proper benefits.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your IIA-CIA-PART2 exam preparations and IIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.