Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70track

Free IIA IIA-CIA-Part1 Practice Exam with Questions & Answers | Set: 12

Questions 166

Which of the following is true regarding internal audit role ' s in The IIA ' s Three Lines Model?

Options:
A.

As internal control is part of risk management, the internal audit role in risk management implies reduced emphasis on internal control.

B.

Internal audit can blur the distinction between the second and the third lines as long as value is added.

C.

Internal audit cannot rely on other assurance providers when opining on the effectiveness of risk management.

D.

Internal audit should be aligned with first- and second-line functions through effective communication, cooperation, and collaboration.

IIA IIA-CIA-Part1 Premium Access
Questions 167

Which of the following relates to the concept of due professional care?

Options:
A.

An auditor attempts to obtain information needed to complete an assurance engagement but is denied access.

B.

The appointment of the chief audit executive is ratified by the board.

C.

An auditor demonstrates a good understanding of the steps involved in carrying out a consulting engagement.

D.

The internal audit resource plan is only approved by the chief financial officer.

Questions 168

Which of the following is most important for an internal auditor to consider when developing an approach for an audit engagement in a foreign country?

Options:
A.

Currency exchange rates, as they relate to internal audit-related expenses.

B.

Differences in typical working hours, compared to other countries.

C.

The effects of subtle language nuances on translations.

D.

Accepted practices that may be illegal in other countries.

Questions 169

Which of the following statements is true regarding the internal audit activity ' s quality assurance and improvement program (QAIP)?

Options:
A.

Internal assessments must be performed by the chief audit executive.

B.

An internal assessment must be performed at least once every five years.

C.

It Is permissible to share the results of the QAIP with the organization ' s external auditors.

D.

Results of ongoing monitoring must be validated annually by an independent external assessor.

Questions 170

The internal audit activity conducted an organization wide risk assessment. One of the most significant risks identified is associated with the oil price market. The chief audit executive (CAE) is considering including in the annual audit plan an assessment of the effectiveness of oil price risk management. The manager responsible commented that the assessment was not needed, as market risks were regularly addressed by the financial risk committee. If the CAE decides to include this activity in the annual audit plan anyway, how should it be recorded?

Options:
A.

A consulting engagement independent of the financial risk committee ' s review.

B.

A risk assessment.

C.

An assurance engagement.

D.

A joint consulting engagement with input from the financial risk committee.

Questions 171

Which statement accurately describes the authority of the internal audit activity as outlined in the audit charter?

Options:
A.

The chief audit executive (CAE) shall report directly to the board and administratively to the CEO.

B.

The CAE shall provide senior management and the board with performance updates quarterly.

C.

The internal audit team shall have full access to the organization ' s records, physical property, and personnel required to conduct audit engagements.

D.

The internal audit activity shall maintain a quality assurance and improvement program in conformance with the Standards.

Questions 172

The chief audit executive (CAE) has decided to outsource an audit of the organization ' s cloud governance in the annual audit plan. Why would the CAE outsource this audit?

Options:
A.

Lack of internal audit staff proficiency.

B.

Lack of audit planning.

C.

Lack of internal assessments.

D.

Lack of due professional care.

Questions 173

Which of the following statements best describes internal auditors ' role in fraud detection?

Options:
A.

Internal auditors ' roles are similar to those performed by loss prevention managers or fraud investigators.

B.

Internal auditors ' demonstration of adequate professional skepticism during an audit engagement is of paramount importance.

C.

Internal auditors should consider fraud risks in every assignment and demonstrate due care by detecting fraud instances.

D.

Internal auditors should possess a fraud-related body of knowledge, enabling them to carry out preventative and detective measures.

Questions 174

Which of the following actions by the internal audit activity requires disclosure to the board of nonconformance with the Standards?

Options:
A.

The internal audit activity did not complete an external assessment within the last seven years

B.

The internal audit activity performed an engagement with limited scope due to lack of knowledge

C.

The internal audit activity failed to consider risk when conducting a review of a department

D.

An internal auditor was assigned to an engagement m an area where she previously worked more than 10 years ago

Questions 175

At a construction company, supervisors are entitled to bonus payments if there are no safety rule violations on their teams. There are several channels available for workers to report accidents and violations, and all reported violations are investigated. Bonus payment calculations are approved by managers and the head of safety. Which of the controls best addresses the risk that supervisors will conceal accidents on their teams in order to receive the bonus?

Options:
A.

The investigation of all reported violations

B.

The authorization process for bonus calculations

C.

The variety of reporting channels

D.

The presence of safety rules

Questions 176

Which level of corporate social responsibility does whistleblowing in companies primarily support?

Options:
A.

Ethical responsibility.

B.

Economic responsibility.

C.

Legal responsibility.

D.

Discretionary responsibility.

Questions 177

According to IIA guidance, which of the following statements is true regarding risk management in an organization?

Options:
A.

The risk management function has the sole responsibility for identifying and managing risks in all departments

B.

Risk management is a core responsibility of the internal audit activity

C.

The internal audit activity should consider the organization’s maturity, structure, and the competitive environment to establish the organization’s risk appetite

D.

The internal audit activity may use a risk management or control framework to assist in risk identification

Questions 178

A multinational organization has asked the internal audit activity to assist in setting up the organization’s risk management system. The chief audit executive (CAE) agrees to take on the engagement as a consultant. Which of the following tasks is appropriate for the CAE to undertake?

Options:
A.

Coordinate and facilitate risk workshops for management to attend.

B.

Establish the degree of risk appetite for management to accept.

C.

Set risk indicators and mitigation plans for management to implement

D.

Determine the number of significant risks for management to report to the board.

Questions 179

With regard to IT governance, which of the following is the most effective and appropriate role for the internal audit activity?

Options:
A.

Independently evaluate the skills and experience of potential chief information officer candidates to assess the best fit based on the organization ' s risk appetite.

B.

Evaluate the organization’s governance standards and assess IT-related activities to identify gaps and develop policies, ensuring alignment with the organization’s risk appetite.

C.

Assist management in interpreting complex IT-related privacy and security risk exposures and evaluating potential mitigation strategies.

D.

Assess whether governance activities are aligned with the organization ' s risk appetite and take into consideration emerging risks

Questions 180

During the planning stage of an assurance engagement, a payroll clerk informed the internal auditor that he is often asked to add new employees to the payroll without any formal new-hire documentation from human resources. The auditor is concerned that this increases the risk for fraud. To complete engagement planning, which of the following is the most appropriate next step for the auditor to take?

Options:
A.

Increase the sample size to be tested, ensuring a thorough review of the payroll records.

B.

Advise the chief audit executive of the clerk ' s assertion, despite the lack of supporting evidence.

C.

Ask the clerk to provide a list of any suspicious new employee names on the payroll.

D.

Investigate the matter further to understand precisely how many payroll records were affected.