Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70track

Free IIA IIA-CIA-Part2 Practice Exam with Questions & Answers | Set: 4

Questions 46

A healthcare organization ' s chief audit executive (CAE) noted that the organization ' s IT team relies heavily on a vendor. Therefore an IT vendor assessment review was added to the annual audit plan. During the review, the audit team discovered that the vendor had not been performing proper monitoring to ensure that the subcontractors it hired comply with the organization requirements. The organization ' s chief information officer (ClO) does not agree with the audit team ' s recommendation for the IT team to monitor the compliance level of vendor subcontractors. How should the audit team proceed to resolve this situation?

Options:
A.

Write a risk acceptance memo for the CIO to sign acknowledging the observation and indicating a willingness to accept the risk.

B.

Provide an example of the attestation form that vendors must use. Then, recommend that the IT team require vendors to submit the attestation form on a regular basis.

C.

Escalate the issue to the audit committee, as the CIO is unwilling to implement the recommended action plan.

D.

Escalate the issue to the CAE to assess whether the ClO ' s reasoning is acceptable.

IIA IIA-CIA-Part2 Premium Access
Questions 47

Which of the following actions best describes an internal auditor ' s use of test data to determine whether an organization ' s new accounts payable system avoids processing questionable invoices for payment?

Options:
A.

Creating an automated tool that monitors the computer program on a daily basis for potential issues that need corrective actions.

B.

Using an automated system that assists internal auditors with automating the risk analysis of the computer program for invoicing

C.

Embedding tools in the computer program to analyze the review processes of invoices for potential issues that may hamper payments

D.

Adding invoices to the computer program to assess the reliability and effectiveness of the review process and whether controls work.

Questions 48

According to IIA guidance, which of the following reflects a characteristic of sufficient and reliable information?

Options:
A.

The establishment of an audit approach and documentation system

B.

The standardization of workpaper terminology and notations

C.

The ability to reach consistent audit conclusions regardless of who performs the audit

D.

The application of documentation standards m an appropriate and consistent manner

Questions 49

In order to obtain background information on an assigned audit of data center operations an internal auditor administers control questionnaires to select individuals who have primary responsibilities within the process. Which of the following is a drawback of this approach?

Options:
A.

It will be difficult to quantify the information obtained through this approach

B.

This approach does not help the auditor learn about the existence of controls

C.

It takes the auditor a long time to assess the relevant controls using this approach

D.

Information on control functionality is limited

Questions 50

An internal auditor developed a list of internal and external risk considerations across the organization ' s processes, developed a scale to assess each risk and allocated the relative importance of each risk. When of the following approaches did the auditor take?

Options:
A.

Top-down approach

B.

Process-Metrix approach

C.

Risk-factor approach

D.

Bottom up approach

Questions 51

A bakery chain has a statistical model that can be used to predict daily sales at individual stores based on a direct relationship to the cost of ingredients used and an inverse relationship to rainy days What conditions would an auditor look for as an Indicator of employee theft of food from a specific store?

Options:
A.

On a rainy day. total sales are greater than expected when compared to the cost of ingredients used

B.

On a sunny day. total sales are less than expected when compared to the cost of ingredients used.

C.

Both total sales and cost of ingredients used are greater than expected.

D.

Both total sales and cost of ingredients used are less than expected.

Questions 52

Which of the following is the next step in understanding a business process once an internal auditor has identified the process?

Options:
A.

Determine process outputs

B.

Determine process inputs.

C.

Determine process activities.

D.

Determine process goals

Questions 53

What is the primary reason that audit supervision includes approval of the engagement report?

Options:
A.

To ensure the objectives of the area under review are met.

B.

To ensure senior management supports the report ' s conclusions.

C.

To ensure report style and grammar are appropriate.

D.

To ensure report findings are substantiated.

Questions 54

As a result of server managements assumption of risk there is residual risk that exceeds me organisation ' s risk appetite. Which of the following actions would be most appropriate for the chief audit executive to take?

Options:
A.

ignore the responsibility of addressing the residual risk

B.

Assume the responsibility of addressing the residual risk

C.

Ensure senior management acknowledges residual risk

D.

Communicate with the board the issue of residual risk

Questions 55

An internal auditor reviewed the tender documents for the procurement of manufacturing equipment and observed the following:

    Tender technical specifications were compliant with internal policies.

    The sole assessment criterion of the tender was economic feasibility.

    All bids were submitted to a designated software and could not be opened before the submission deadline.

    The winner was approved by senior management.

    The winner was selected based on which bidder offered the newest technology.

Which of the following is the most appropriate conclusion?

Options:
A.

Key controls of the procurement process operate as intended based on the analysis of the specific tender documents.

B.

IT controls implemented to ensure confidentiality of submitted bids seem to have several deficiencies.

C.

Management ' s selection of the winner should be positively acknowledged for focusing on innovative technological solution.

D.

The principles of transparency and equal treatment of bidders seem to be impaired.

Questions 56

An engagement work program o of greatest value to audit management when which of the following is true?

Options:
A.

The work program provides more detailed support for the audit report

B.

The work program helps determined the required amount of audit resources

C.

The work program helps ensure tie achievement of the engagement objectives

D.

The work program assists the auditor n developing and managing audit tests

Questions 57

A technology organization is developing an artificial intelligence (AI) program for use on its social media platform. The AI program is meant to help content creators with images and posts that will acquire followers more efficiently. The internal audit function is planning an engagement of the AI program development. Which of the following should be considered a significant, immediate, and inherent risk?

Options:
A.

The AI program becomes self-reliant and no longer requires human assistance to perform tasks for the organization.

B.

The AI program advancements allow for it to generate original images for use by content creators and other individuals.

C.

The AI program captures images found online that are created and owned by individuals and other organizations.

D.

The AI program will have to comply with the national regulation expected to come in force in two years ' time.

Questions 58

During an internal audit engagement, which of the following is true regarding the decision to use statistical sampling or nonstatistical sampling?

Options:
A.

The decision affects the test procedures performed.

B.

The auditor ' s response to errors detected will be influenced.

C.

The competence of the evidence obtained is greater with statistical sampling.

D.

Nonstatistical sampling may be more cost effective.

Questions 59

A chief audit executive (CAE) a developing a work program for an upcoming engagement that will review an organization’s small contracting services. When of the following would the CAT need to consider most when developing the work program?

Options:
A.

The contracting department ' s staffing changes within the last year

B.

The certifications held by the internal auditors assigned to the engagement

C.

The internal audit activity ' s increase n budget and staffing for the year

D.

The organization ' s recent changes to how it processes payments

Questions 60

Which of the following situations best applies to an organization that uses a project, rather than a process, to accomplish its business activities?

Options:
A.

A clothing company designs, makes, and sells a new item.

B.

A commercial construction company is hired to build a warehouse.

C.

A city department sets up a new firefighter training program.

D.

A manufacturing organization acquires component parts from a contracted vendor