Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70track

Free IIA IIA-CIA-Part2 Practice Exam with Questions & Answers | Set: 5

Questions 61

An internal auditor discovered that sales contracts with business clients were not stored in the electronic document management database instead they were scanned and saved in a nonsystematic manner to server folders Which of the following would be an appropriate consequence for the internal auditor to include in the documented observation?

Options:
A.

The document management policy requires business client data to be stored in a specific management database

B.

Sales contracts were stored improperly because the office manager was not trained to use the electronic database and prefers to avoid it

C.

if the organization becomes subject to litigation the agreed pricing terms and conditions of the contracts may be difficult to prove

D.

All staff should be appropriately trained and required to follow the organization ' s established policies and procedures pertaining to document management

IIA IIA-CIA-Part2 Premium Access
Questions 62

During a fraud interview, it was discovered that unquestioned authority enabled a vice president to steal funds from the organization. Which of the following best describes this condition?

Options:
A.

Scheme.

B.

Opportunity.

C.

Rationalization.

D.

Pressure.

Questions 63

An internal auditor completes a series of engagement steps and is ready to turn in the workpapers for the engagement supervisor’s review. The auditor has additional, separate notes about the engagement and is unsure what to do with them. The workpapers are complete and contain sufficient information to support the engagement work. What should the auditor do with the additional notes, according to IIA guidance?

Options:
A.

Include them in the workpapers for the engagement supervisor’s review.

B.

Omit them from the workpapers.

C.

There is no guidance on the inclusion of additional notes with workpapers.

D.

Retain them after the engagement is completed.

Questions 64

While auditing an organization ' s credit approval process, an internal auditor learns that the organization has made a large loan to another auditors relative. Which course of action should the auditor take?

Options:
A.

Proceed with the audit engagement, but do not include the relative ' s information.

B.

Have the chief audit executive and management determine whether the auditor should continue with the audit engagement.

C.

Disclose in the engagement final communication that the relative Is a customer

D.

Immediately withdraw from the audit engagement

Questions 65

An internal auditor recommended that an organization implement computerized controls in its sales system in order to prevent sales representatives from executing contracts in excess of their delegated authority levels A follow-up review found that the sales system had not been modified, but a process had been implemented to obtain written approval by the vice president of sales for all contracts in excess of S1 million The chief audit executive (CAE) would be justified in reporting this situation to the organization ' s board under which of the tollowing circumstances ' ?

1. In the opinion of the CAE the level of residual risk assumed by senior management is too high

2. Testing of compliance with the new process finds that all new contracts in excess of $1 million have been approved by the vice president of sales

3. The cost of modifying the sales system to include a preventive control is less than S100.000

Options:
A.

1 only

B.

3 only

C.

1 and 3 only

D.

1, 2, and3

Questions 66

A chief audit executive (CAE) following up on action plans from previously completed audits identifies that management has determined that certain action plans are no longer necessary If the CAE disagrees with management ' s decision, which of the following is the most appropriate next step for the CAE to take?

Options:
A.

The CAE must discuss the matter with senior management

B.

The CAE must discuss the matter with key shareholders

C.

The CAE must discuss the matter with legal counsel

D.

The CAE must discuss the matter with the board

Questions 67

The internal audit activity plans to assess the effectiveness of management ' s self-assessment activities regarding the risk management process. Which of the following procedures would be most appropriate to accomplish this objective?

Options:
A.

Review corporate policies and board minutes for examples of risk discussions.

B.

Conduct interviews with line and senior management on current practices.

C.

Research and review relevant industry information concerning key risks.

D.

Observe and test control and monitoring procedures and related reporting.

Questions 68

An internal auditor wanted to determine whether the organization ' s 200 employees are charging their work hours accurately to the correct project. The internal auditor selected a sample of 30 employee time reports for testing. Based on the testing, the internal auditor determined the following:

- 5 Time reports were incorrect.

- 21 Time reports were correct.

- 4 Time reports were not supported.

Options:
A.

The organization has significant flaws in its reporting of employee time, which could lead to the overstatement of project labor costs. The organization ' s failure to report accurate and complete employee time could lead to potential fraud and abuse.

B.

The organization needs to ensure that all reporting of employee time is accurate and complete for each of its projects By dang so the organization can minimize potential issues related to overstating employee tames and labor project costs.

C.

The organization overstated project costs due to inaccurate and incomplete reporting of employee time charged to the affected accounts As a result the organization cannot ensure at protects costs are accurately reported to stakeholders

D.

The organization generally ensured that employee hours charged to each project were accurate and complete. However, there were instances of employee time reports that were incorrect or not supported to justify the multiple project labor coats

Questions 69

Which of the following statements is true regarding managements use of judgement to design, implement, and conduct internal control?

Options:
A.

The use of judgment enhances managements ability to make better decisions about internal control, but cannot guarantee perfect outcomes.

B.

introducing judgment generally diminishes managements ability to make good decisions about internal control

C.

It is inappropriate for management to exercise judgement in areas such as specifying and using suitable accounting principles.

D.

It is inappropriate for management to exercise judgement in assessing whether components are present, functioning, and operating together

Questions 70

When reviewing workpapers, engagement supervisors may ask for additional evidence or clarification via review notes. According to IIA guidance, which of the following statements is true regarding the engagement supervisors review notes?

Options:
A.

The review notes may be cleared from the final documentation once the engagement supervisors concerns have been addressed

B.

Management of the area under review must address the engagement supervisors review notes before the audit report can be finalized.

C.

The chief audit executive must initial or sign the engagement supervisors review notes to provide evidence of appropriate engagement supervision.

D.

Review notes provide documented proof that the engagement is supervised properly and must be retained for the quality assurance and improvement program

Questions 71

An internal auditor e assessing the design of a control and has identified a potential significant weakness. The auditor shared his concern with management however management does not agree that the weakness is significant. What should the internet auditor do next?

Options:
A.

Perform additional audit work to better articulate the risk

B.

Report the finding that management has accepted a level of risk that is unacceptable.

C.

Proceed to testing how effectively the control is opening.

D.

Because the design weakness has been identified no additional audit work is needed

Questions 72

While planning for an accounts payable audit an internal auditor performs an entity level controls analysis. Which of the following statements is true regarding me approach used by the auditor?

Options:
A.

It enables the auditor to identify the inherent risks to the effective operation of accounts payable process controls.

B.

It enables the auditor to understand the framework of the activities and associated accounts payable subprocesses

C.

it enables the auditor to understand the accounts payable process and its flow, including key steps and systems.

D.

It enables the auditor to categorize the population of transactions within the accounts payable process

Questions 73

Which of The following best describes a risk that is deemed " unacceptable " to the organization?

Options:
A.

A risk where likelihood and impact are high

B.

A risk where inherent risk exceeds its residual risk

C.

A risk where inherent risk exceeds the tolerance level

D.

A risk where residual risk exceeds the tolerance level

Questions 74

An internal auditor wants to identity potential ghost employees in the organization ' s payroll system The auditor extracts the following data

- Human resources data with employees ' names addresses employment conditions and identification codes

- Payroll data

- Logs from entrance systems

With this data, which of the following types of ghost employees will the auditor be able to identify?

Options:
A.

Employees who are being paid more than then approved wages

B.

Employees who get paid although their employment has expired

C.

Employees who are related to one of the subcontractors

D.

Employees who are physically present at the workplace but who do not perform the specified job duties

Questions 75

Internal auditors map a process by documenting the steps in the process, which provides a framework for understanding. Which of the following is a reason to use narrative memoranda?

Options:
A.

To create a detailed risk assessment.

B.

To identify individuals who perform key roles.

C.

To explain a simple process.

D.

To document which outputs support other activities.