A healthcare organization ' s chief audit executive (CAE) noted that the organization ' s IT team relies heavily on a vendor. Therefore an IT vendor assessment review was added to the annual audit plan. During the review, the audit team discovered that the vendor had not been performing proper monitoring to ensure that the subcontractors it hired comply with the organization requirements. The organization ' s chief information officer (ClO) does not agree with the audit team ' s recommendation for the IT team to monitor the compliance level of vendor subcontractors. How should the audit team proceed to resolve this situation?
Which of the following actions best describes an internal auditor ' s use of test data to determine whether an organization ' s new accounts payable system avoids processing questionable invoices for payment?
According to IIA guidance, which of the following reflects a characteristic of sufficient and reliable information?
In order to obtain background information on an assigned audit of data center operations an internal auditor administers control questionnaires to select individuals who have primary responsibilities within the process. Which of the following is a drawback of this approach?
An internal auditor developed a list of internal and external risk considerations across the organization ' s processes, developed a scale to assess each risk and allocated the relative importance of each risk. When of the following approaches did the auditor take?
A bakery chain has a statistical model that can be used to predict daily sales at individual stores based on a direct relationship to the cost of ingredients used and an inverse relationship to rainy days What conditions would an auditor look for as an Indicator of employee theft of food from a specific store?
Which of the following is the next step in understanding a business process once an internal auditor has identified the process?
What is the primary reason that audit supervision includes approval of the engagement report?
As a result of server managements assumption of risk there is residual risk that exceeds me organisation ' s risk appetite. Which of the following actions would be most appropriate for the chief audit executive to take?
An internal auditor reviewed the tender documents for the procurement of manufacturing equipment and observed the following:
Tender technical specifications were compliant with internal policies.
The sole assessment criterion of the tender was economic feasibility.
All bids were submitted to a designated software and could not be opened before the submission deadline.
The winner was approved by senior management.
The winner was selected based on which bidder offered the newest technology.
Which of the following is the most appropriate conclusion?
An engagement work program o of greatest value to audit management when which of the following is true?
A technology organization is developing an artificial intelligence (AI) program for use on its social media platform. The AI program is meant to help content creators with images and posts that will acquire followers more efficiently. The internal audit function is planning an engagement of the AI program development. Which of the following should be considered a significant, immediate, and inherent risk?
During an internal audit engagement, which of the following is true regarding the decision to use statistical sampling or nonstatistical sampling?
A chief audit executive (CAE) a developing a work program for an upcoming engagement that will review an organization’s small contracting services. When of the following would the CAT need to consider most when developing the work program?
Which of the following situations best applies to an organization that uses a project, rather than a process, to accomplish its business activities?
|
PDF + Testing Engine
|
|---|
|
$49.5 |
|
Testing Engine
|
|---|
|
$37.5 |
|
PDF (Q&A)
|
|---|
|
$31.5 |
IIA Free Exams |
|---|
|