Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70track

Free IIA IIA-CIA-Part2 Practice Exam with Questions & Answers

Questions 1

Which of the following is the most important determinant of the objectives and scope of assurance engagements?

The organizational chart, business objectives, and policies and procedures of the area to be reviewed

Options:
A.

The most recent risk assessment conducted by management of the area to be reviewed.

B.

The requests of operational and senior management throughout the organization.

C.

The preliminary risk assessment performed by internal auditors planning the engagement.

IIA IIA-CIA-Part2 Premium Access
Questions 2

Which of the following statistical sampling approaches is the most appropriate for testing a population for fraud?

Options:
A.

Discovery sampling.

B.

Stop-or-go sampling.

C.

Haphazard sampling.

D.

Stratified attribute sampling.

Questions 3

Which of the following best illustrates the primary focus of a risk-based approach to control self-assessment?

Options:
A.

To evaluate controls regarding the computer security of an oil refinery.

B.

To examine the processes involved in exploring, developing, and operating a gold mine.

C.

To assess the likelihood and impact of events associated with operating a finished goods warehouse.

D.

To link a financial institution ' s business objectives to a work unit responsible for the associated risk.

Questions 4

Which of the following is an advantage of utilizing an external fraud specialist in a suspected fraud investigation?

Options:
A.

increased access to the organization ' s employees.

B.

Increased ability to preserve evidence and the chain of command.

C.

Increased ability to scrutinize the organization ' s key business processes.

D.

increased access to the organization ' s software and proprietary data.

Questions 5

Which of the following factors would be the most critical in determining which engagements should be included in the annual internal audit plan?

Options:
A.

Whether an audit is explicitly required by the internal audit charter

B.

The extent to which the work to be performed is an assurance or consulting engagement

C.

The organization ' s annual risk management strategy

D.

Risks that are identified by operations staff or senior management

Questions 6

In a health care organization the internal audit activity provides overall assurance on governance, risk and control The chief audit executive advises and influences senior management, and the audit strategy leverages the organization ' s management of risk According to HA guidance which of the following stages of internal audit maturity best describes this organization?

Options:
A.

Infrastructure.

B.

Emerging.

C.

Managed.

D.

Initial.

Questions 7

Which of the following is an example of internal benchmarking?

Options:
A.

Book value per common share ratio is lower than that of the prior year.

B.

Staff turnover ratio is higher than the comparable organization in the same industry.

C.

Utilities expense of the sales unit is higher than that of the customer service unit.

D.

Sales are significantly higher than the industry’s average for five years.

Questions 8

During follow-up, the chief audit executive (CAE) is having a discussion with management about the internal audit team ' s recommendations related to a significant issue Management accepted the issue but took no remedial action What is the next step for the CAE?

Options:
A.

The CAE should reassess and validate the risk tolerance policy

B.

The CAE should escalate the issue to senior management .

C.

The CAE should reiterate the internal audit team ' s recommendations to management .

D.

The CAE should grant management more time to implement the recommendation and check the status of the issue during the next scheduled follow-up.

Questions 9

Senior management decides to adopt a conservative working capital policy. What would be the expected result for the organization?

Options:
A.

Low levels of inventory

B.

Higher level of profitability

C.

High level of liquidity

D.

Higher level of risk

Questions 10

An audit identified a number of weaknesses in the configuration of a critical client/server system. Although some of the weaknesses were corrected prior to the issuance of the audit report, correction of the rest will require between 6 and 18 months for completion. Consequently, management has developed a detailed action plan, with anticipated completion dates, for addressing the weaknesses. What is the most appropriate course of action for the chief audit executive to take?

Options:
A.

Assess the status of corrective action during a follow-up audit engagement after the action plan has been completed.

B.

Assess the effectiveness of corrections by reviewing statistics related to unplanned system outages, and denials of service.

C.

Reassign information systems auditors to assist in implementing management ' s action plan.

D.

Evaluate the ability of the action plan to correct the weaknesses and monitor key dates and deliverables.

Questions 11

The final engagement communication contains the following observation:

The internal auditor discovered that three of the 10 contracts reviewed failed to meet the organization ' s competitive bidding requirements Management explained that senior management deemed these purchases to be critical and awarded them as sole-source. "

Which of the following components is missing in the documentation of the observation?

Options:
A.

Criteria.

B.

Effect

C.

Condition

D.

Cause

Questions 12

Which statistical sampling approach would an internal auditor typically utilize if she wishes to test for fraud and the expected deviation rate is very low?

Options:
A.

Stratified sampling

B.

Attribute sampling

C.

Discovery sampling

D.

Haphazard sampling

Questions 13

According to IIA guidance, which of the following is the key planning step internal auditors should perform to establish appropriate engagement objectives prior to starting an audit engagement?

Options:
A.

Review the organizational structure, management roles and responsibilities, and operating procedures.

B.

Evaluate management ' s risk assessment and the internal audit activity ' s risk assessment.

C.

Assess process flow and control documents used to meet regulatory requirements.

D.

Review meeting notes from discussions involving management of the area to be reviewed.

Questions 14

Which of the following activities demonstrates an example of the chief audit executive performing residual risk assessment?

Options:
A.

Cost-benefit analysis of management not implementing a recommendation to address an observation.

B.

Inquiry of corrective action to be completed within a certain period.

C.

Reporting the status of every observation for every engagement in a detailed manner.

D.

Soliciting management’s feedback after completion of the audit engagement.

Questions 15

During a review of the organization ' s waste management processes, the internal auditor discovered that wastewater is being disposed of inappropriately. The auditor ' s recommendations, suggested to mitigate the risk of regulatory sanctions and reputational damages, were accepted and timelines for implementation were agreed. However, during the internal audit activity ' s periodic follow-up exercise, management indicated that the recommendation was too expensive to implement and the current disposal method has been cost-effective. What should the chief audit executive do in this case?

Options:
A.

Nothing, as the internal audit activity has fulfilled its responsibility of providing recommendations to mitigate the risks to which the organization is exposed.

B.

Contact the regulatory agency responsible for monitoring such matters in order to convince management to implement the recommendations.

C.

Convene a meeting with senior management and discuss the issue and the potential impact it may have on the organization.

D.

Highlight the current exposure to the external auditors so they too can highlight the issue and further pressure management to address the concern.