Free IIA IIA-CIA-Part2 Practice Exam with Questions & Answers | Set: 10

 Role of Internal Audit Charter: The internal audit charter is a formal document that defines the purpose, authority, and responsibility of the internal audit activity. It establishes the internal audit activity’s position within the organization, including the nature of the chief audit executive’s functional reporting relationship with the board.

 CEO’s Decision Justification: According to IIA guidance, the internal audit activity can take on responsibilities related to risk management and investigation if it is defined within the internal audit charter. The charter must outline the scope of the internal audit activity, which can include risk management functions if approved by the board and senior management.

 Authority and Proficiency: While the CEO has the authority to assign responsibilities, the decision must align with the provisions of the internal audit charter. The level of proficiency of the CAE and the recommendation of external auditors can support the decision but are not primary justifications.

 IIA Standards: Standard 1000 – Purpose, Authority, and Responsibility – requires that the internal audit activity’s purpose, authority, and responsibility be formally defined in an internal audit charter, consistent with the Mission of Internal Audit and the mandatory elements of the International Professional Practices Framework.

 References:

The internal audit charter is the primary document that justifies the scope and responsibilities of the internal audit activity, including risk management and investigation roles. It ensures that such roles are formally acknowledged and authorized by the board and senior management​​​​.

A. The sample rate of occurrence plus the precision exceeds the acceptable error rate:Correct. If the sample rate of occurrence (estimated error rate in the sample) plus the margin of error exceeds the acceptable error rate, it indicates a potential issue. To refine the estimate and maintain the desired confidence level and precision, the sample size needs to be increased.

B. The sample rate of occurrence is less than the acceptable error rate:If the sample rate is below the acceptable error rate, there is no immediate need to adjust the sample size.

C. The acceptable rate of occurrence less the precision exceeds the sample rate of occurrence:This condition does not imply the need to increase sample size but rather suggests acceptable results.

D. The sample rate of occurrence plus the precision equals the acceptable error rate:This indicates the estimate is at the threshold, but it does not necessitate increasing the sample size unless more precision is required.

CIA Exam Syllabus Reference:

Domain II: Risk Management and Control – Sampling and Error Analysis.

An engagement work program is of greatest value to audit management when it helps ensure the achievement of the engagement objectives. The work program outlines the audit procedures and tests that need to be performed to gather sufficient and appropriate evidence to support the audit findings and conclusions. By aligning the work program with the engagement objectives, auditors can focus their efforts on the most critical areas, ensure that all necessary steps are taken, and ultimately achieve the intended outcomes of the audit.

Institute of Internal Auditors (IIA), International Standards for the Professional Practice of Internal Auditing (Standards), Standard 2240 – Engagement Work Program.

The appropriate conclusion that can be drawn from the findings is that the internal controls guiding contract management are not operating effectively. The listed findings, such as noncompliance with contract provisions, lack of monitoring compliance with contract obligations and deliverables, and absence of contract agreements with key vendors, indicate significant control deficiencies in the contract management process. These deficiencies suggest that the controls intended to ensure compliance and effective management of contracts are either inadequate or not functioning as intended.

IIA's Guide on Internal Controls and Audit Findings.

The efficiency of an audit is greatly influenced by the adequacy of preliminary survey information. Thorough preliminary surveys help auditors understand the audit scope, identify potential issues early, and plan their work efficiently, thereby increasing overall audit efficiency. References: = IIA Practice Guide: “Engagement Planning: Establishing Objectives and Scope” and IIA Standard 2201 - Planning Considerations.

Stratified sampling is a technique that involves dividing a population into subgroups (strata) that share similar characteristics and then taking a sample from each subgroup. In the context of testing purchase transactions by different procurement officers, the transactions can be stratified based on the officers, ensuring that the audit team selects a sample that represents each officer's transactions. This method helps in achieving a more accurate and reliable assessment of the procurement process across all officers.

The Institute of Internal Auditors (IIA), Practice Guide on Sampling

"Auditing and Assurance Services: An Integrated Approach" by Alvin A. Arens, Randal J. Elder, Mark S. Beasley

Management-by-Objectives (MBO): This method involves setting clear, measurable objectives that employees and management agree on. It aligns individual performance with organizational goals.

Inclusive Goal-Setting: When goal-setting is inclusive, involving all team members, it fosters a sense of ownership and commitment to the goals. This collaboration enhances motivation and accountability.

Empirical Evidence: Research and practical experience indicate that MBO is more effective when employees at all levels are involved in the goal-setting process, as it leads to better performance and job satisfaction.

IIA Standards and Best Practices: Encouraging participation from all levels aligns with the principles of good governance and effective management, which are central to the IIA's standards and best practices.

According to the Institute of Internal Auditors (IIA) guidance, the independence and objectivity of the internal audit function are fundamental principles. Independence is compromised if the internal audit function takes on roles or responsibilities that are part of management's duties. Coordinating and managing the risk management process is a management responsibility. If internal auditors assume this role, it impairs their ability to remain independent and objective when auditing the effectiveness of the risk management process. References: IIA Standard 1112 – Chief Audit Executive Roles Beyond Internal Auditing

Comprehensive and Detailed Explanation:

Per Standard 1210 – Proficiency, internal auditors must possess the necessary knowledge, skills, and competencies to perform engagements. If expertise is lacking internally, the CAE can obtain it through training, consulting, or external resources. In this case, the best solution is to engage another trained employee from within the organization (C) who has the required technical expertise in quality control equipment.

Canceling or postponing the audit (A) undermines risk-based planning.

Removing testing (B) weakens assurance and fails to meet objectives.

Outsourcing to external auditors (D) may be possible but is less efficient than leveraging internal expertise already available.

Thus, Option C aligns best with IIA standards, ensuring proper expertise while maintaining the audit’s integrity.

The primary reason for audit supervision, including the approval of the engagement report, is to ensure that the findings presented in the report are substantiated by adequate and appropriate evidence. This step is crucial to maintain the credibility and reliability of the audit process and its outcomes.

Substantiation of Findings: Ensuring that findings are substantiated helps in providing a clear and defensible basis for the conclusions and recommendations made in the report.

Audit Quality: This step ensures the quality and integrity of the audit process, confirming that the evidence collected during the audit is sufficient and appropriate to support the findings.

Credibility: By substantiating findings, the report gains credibility, which is essential for the stakeholders who rely on the audit report for decision-making.

When developing the scope of an audit engagement, the internal auditor typically considers factors that directly impact the audit’s objectives, risks, and execution. This includes the potential impact of key risks (Option B), the expected outcomes and deliverables (Option C), and the operational and geographic boundaries (Option D). While the need and availability of automated support (Option A) may be a practical consideration for how the audit is conducted, it is not fundamental to defining the scope of the audit engagement itself. The scope is primarily concerned with what is to be audited and why, rather than how the audit will be performed.

IIA Standard 2200: Engagement Planning.

IIA Practice Guide on Audit Engagement Planning.

When the chief audit executive (CAE) evaluates the possibility of relying on external auditors' work, the primary focus should be on examining the objectivity and any perceived or actual conflicts of interest that might affect the external auditors' work. Ensuring that the external auditors are objective and free from conflicts is crucial for determining whether their work can be relied upon by the internal audit activity.

IIA Standard 2050 – Coordination and Reliance:

This standard requires that the internal audit activity coordinates its efforts with external auditors to ensure proper coverage and minimize duplication of efforts. When relying on external auditors, the CAE must assess the external auditors’ objectivity and independence.

Objectivity and Conflicts of Interest:

Objectivity refers to the unbiased mental attitude that allows external auditors to perform their work with integrity and impartiality. Conflicts of interest, whether perceived or actual, can compromise this objectivity. The CAE needs to ensure that external auditors are free from any relationships or interests that could affect their judgment.

IIA Practice Advisory 2050-2:

The advisory suggests that the internal audit activity should evaluate the competence, objectivity, and independence of external auditors before relying on their work. A thorough examination of potential conflicts of interest is essential to ensure that the reliance on their work is justified.

Option A (Perform comprehensive background checks): While background checks may be useful, the primary focus should be on objectivity and conflicts of interest.

Option B (Recalculate all financial calculations): This approach is excessive and unnecessary if the external auditors’ work can be relied upon.

Option D (Review audit tests in previous audits): While reviewing previous work is important, it does not address the key issue of objectivity and independence.

Detailed Explanation:Why Not Other Options?Conclusion: Option C is correct because the CAE must focus on ensuring that external auditors are objective and free from conflicts of interest, which is essential for relying on their work, in accordance with IIA standards.

Data analytics is the most efficient technique to identify patterns and anomalies that may indicate the splitting of planned purchases to avoid the approval process. By applying data analytics, the internal auditor can analyze the entire dataset to detect unusual patterns, such as multiple purchases just below the approval threshold made within a short timeframe. This method is more effective than random sampling or manual examination as it can quickly and accurately identify instances of potential malpractice across large volumes of transactions.

The Institute of Internal Auditors (IIA) - Practice Guide: Data Analytics

According to IIA guidance, a draft work program prepared by the engagement supervisor after concluding a preliminary assessment would test the process controls. The work program outlines the specific procedures and steps the internal audit team will take to evaluate the effectiveness of the controls in place to mitigate identified risks.

IIA Standards: 2240 - Engagement Work Program

IIA Practice Guide: Engagement Planning

The accounting treatment should reflect the actual costs incurred. Training costs are recognized as they are completed, regardless of the delivery status of the aircraft. For the aircraft production, the costs should be accounted for based on the actual production hours completed to date. This ensures that the financial records accurately represent the work performed and the expenses incurred. References: = Generally Accepted Accounting Principles (GAAP) and International Financial Reporting Standards (IFRS) on contract accounting and cost recognition.