IIA-CIA-PART2 Online Practice Questions and Answers

Once an audit report is drafted, the auditor's supervisor should review it primarily to ensure that all:

A. Statements are supported and can be authenticated.

B. Recommendations for corrective action are clear.

C. Processes within the audited area were reviewed.

D. Sample sizes appear appropriate for any issues found.

Which of the following factors would not be considered in determining appropriate follow-up procedures?

A. The significance of the audit finding.

B. The effort and cost needed to correct the reported condition.

C. The availability of funds in the audited department's budget to correct the reported condition.

D. The potential consequences if the corrective action fails.

During an engagement, an internal auditor discovered that an organization's policy on delegation of authority listed six individuals who were no longer employed with the organization. In addition, four individuals acting with disbursement authority were not identified in the policy as having such authority. Which of the following is the most effective course of action to address the control weakness?

A. Immediately initiate a complete audit of the disbursement function to determine if significant frauds have occurred.

B. Recommend that management review the process supporting the policy and make improvements.

C. Advise management to add the four additional names and remove the incorrect names from the policy to make it current.

D. Review further to ensure that the four individuals do not have the appropriate authority through delegation.

According to IIA guidance, which of the following is the least appropriate role for the internal audit activity in the organization's risk management program?

A. Conducting full investigations of suspected fraud.

B. Monitoring the organization's whistle-blower hotline.

C. Assessing the risk of fraudulent activity in the organization.

D. Providing ethics training sessions to organization staff.

Reviewing internal audit report drafts with clients is:

1.

Required according to the Standards.

2.

A form of courtesy.

3.

Ethically mandated.

4.

A form of validation.

A. 1 and 2 only

B. 2 and 3 only

C. 2 and 4 only

D. 3 and 4 only

The internal auditor is asked to conduct an investigation involving a suspected fraud. According to the Standards, which of the following statements regarding the investigation process is false?

A. The auditor should use anonymous surveys of coworkers to assess the character and behavior of the suspect.

B. The auditor must give consideration to the risk of unidentified co-conspirators whether indications exist or not.

C. The auditor should not limit the collection of information by prejudging its relevance to the investigation.

D. The auditor must consider the risk that audit procedures may inadvertently violate the rights of the suspect.

A chief audit executive (CAE) is determining which engagements to include on the annual audit plan. She would like to consider the organization's attitude toward risk and the degree of difficulty in achieving objectives. Which of the following resources should the CAE consult?

A. The corporate risk register.

B. The strategic plan.

C. Internal and external audit reports.

D. The board's meeting records.

An internal auditor observes a double payment transaction on a supplier invoice during an accounts payable engagement. Which of the following steps would be the most effective in helping the auditor determine whether fraud exists?

A. Switch the existing assurance engagement into a fraud investigation engagement.

B. Extend the audit scope and perform additional testing of controls on other related areas.

C. Review the prior year's transaction volume and amounts paid compared to the prior year's budget.

D. Perform data analytics on the supplier's information, invoiced amounts, and payments performed.

An organization's finance manager plans to implement a state-of-the-art management system to better manage the organization's receivables. The finance manager consulted the chief audit executive (CAE) and asked for her assistance in determining whether the organization is able to accommodate this system. How would the CAE proceed to determine the objectives of this engagement?

A. Ask the CEO to determine the scope and objectives of the engagement.

B. Request that the board disclose its concerns over governance for inclusion in the engagement.

C. Discuss the concerns with the finance manager and work together to agree on the engagement objectives.

D. Review previous audit reports from the area and develop engagement objectives to address the area's key risks and controls.

Which of the following sampling techniques is typically used when an internal auditor wants to test a large sample for fraud?

A. Stratified sampling.

B. Haphazard sampling.

C. Probability-proportional-to-size sampling.

D. Discovery sampling.