A.  

Intimidation threats may compromise the auditor's objectivity due to multiple negative audit reports completed by the auditor.

B.  

The auditor has reviewed the department annually for the last three years, leading to familiarity, which can impact the internal audit activity's independence.

C.  

A negative cognitive bias may be in place that affects the employee's objectivity due to the recent audits with uncorrected control deficiencies.

D.  

The auditor may have formed a cultural bias, as the department under review is in the auditor's geographic area.

A.  

The chief audit executive (CAE) reports functionally to the CEO.

B.  

The CAE's compensation is approved by the chief financial officer.

C.  

The CAE's appointment Is determined by the CEO

D.  

The CAE reports administratively to the chief operating officer.

A.  

As internal control is part of risk management, the internal audit role in risk management implies reduced emphasis on internal control.

B.  

Internal audit can blur the distinction between the second and the third lines as long as value is added.

C.  

Internal audit cannot rely on other assurance providers when opining on the effectiveness of risk management.

D.  

Internal audit should be aligned with first- and second-line functions through effective communication, cooperation, and collaboration.

A.  

Confidentiality.

B.  

Objectivity.

C.  

Integrity.

D.  

Competency.

A.  

The internal audit activity uses key performance indicators for all staff members after all audit engagements.

B.  

The internal auditors provide assurance to third parties indicating that their work was properly supervised.

C.  

The internal auditors demonstrate they have an understanding of engagement objectives and scope.

D.  

The internal auditors are heavily involved in training and development to enhance their skills.

A.  

Obtaining assurance on external financial, regulatory, and internal audits.

B.  

Complying with laws, regulations, and codes.

C.  

Assigning authority and responsibilities organization wide.

D.  

Monitoring and measuring performance.

A.  

Avoiding the risk altogether.

B.  

Transferring the risk.

C.  

Introducing a control feature.

D.  

Accepting the risk.

A.  

The chief audit executive.

B.  

A member of the compliance function.

C.  

A party outside of the internal audit activity.

D.  

A member of the risk management function.

A.  

Risk mitigation

B.  

Risk avoidance

C.  

Risk reduction

D.  

Risk transfer

A.  

Sourcing of third parties does not follow public procurement law.

B.  

Violations of service conditions trigger either fines or termination.

C.  

Due diligence of third parties is conducted only after contract signing.

D.  

The right-to-audit clause is limited by personal data protection regulations.

A.  

The auditor misunderstood the audit objectives.

B.  

The auditor lacked professional skepticism.

C.  

The auditor's fieldwork was not properly supervised.

D.  

The auditor lacked an understanding of the organization.

A.  

Report the impairment to senior management

B.  

Discuss the impairment with the audit manager

C.  

Ascertain the best approach to disclose the impairment.

D.  

Decide on the extent of impact of the impairment

A.  

Internal auditors meet with operational management at each phase of the audit process.

B.  

Internal auditors adhere to The IIA’s Code of Ethics.

C.  

Internal auditors work collaboratively with their engagement team.

D.  

Internal auditors complete a program of continuing professional development.

A.  

The inherent risk will be mitigated to a level lower than the residual risk.

B.  

The inherent risk will be reduced to an acceptable level.

C.  

The residual risk will be reduced to an acceptable level.

D.  

The residual risk will be eliminated

A.  

Recommend parties involved to be sanctioned in accordance with the organization's policy.

B.  

Determine whether any additional audit work needs to be performed.

C.  

Launch an investigation to obtain details of the fraud and parties involved.

D.  

Request that the responsible process owner remediate the issue immediately.

A.  

Statistical sampling techniques should always be used to pull unbiased sampling for testing.

B.  

Fieldwork completed by internal auditors should be appropriately reviewed.

C.  

Internal auditors should avoid using the lunch room simultaneously with audit clients.

D.  

During the audit review period, there should be no nonaudit dialogues with the audit client.

A.  

Making sure employees are exempt from participating in control creation

B.  

Implementing controls without lengthy explanations of their purpose

C.  

Developing general constricting controls rather than detailed ones

D.  

Not using controls to achieve goals

A.  

Outsource the engagement to an external audit firm that has appropriate skills.

B.  

Recruit a lawyer with knowledge of the legislation to the audit team and ask the new auditor to perform the engagement.

C.  

Decline to perform the engagement, as the internal audit activity does not have the appropriate skill set.

D.  

Carry out the engagement using existing internal audit staff to help them gain the appropriate experience.

A.  

A mining company practices backfilling and planting trees after mining within an area.

B.  

A construction company ensures that its workers are paid at the regulated minimum wage.

C.  

A foods manufacturer sources cheap raw materials to generate higher profits for distribution to its employees.

D.  

A bank listed on the national stock exchange consistently pays dividends to its shareholders.

A.  

The CAE's actions are likely to impair the Independence of the internal audit activity.

B.  

The CAE acted appropriately, and the independence of the internal audit activity was not impaired.

C.  

The CAE should have developed the audit plan without outside influence to maintain objectivity.

D.  

The CAE acted appropriately, as he has authority to determine who reviews and approves the audit plan.

A.  

Decline, if it is consulting engagement because she recently worked in the organization s accounting department

B.  

Accept, 11 is an assurance engagement, as she has been out of the department long enough to not impair objectivity.

C.  

Inform the accounting department mat me engagement can take place m the future once she has been removed from accounting for a longer period of time.

D.  

Accept, it is a consulting engagement with agreed-upon scope and services to be provided by me internal audit activity.

A.  

Communicate specific activities appropriate to the performance of internal auditing

B.  

Promote ethical culture within corporations and other business organizations

C.  

Establish mandatory standards of competence for the practice of internal auditing

D.  

Establish principles and expectations governing behavior of individuals and organizations in the conduct of internal auditing

A.  

The chief audit executive reports functionally to the board and administratively to the CEO.

B.  

The annual budget for the internal audit activity is approved by the chief financial officer.

C.  

The internal audit activity is completely outsourced to an external service provider.

D.  

The internal audit manager provides consulting services to the procurement department, where she worked during the prior year.

A.  

The ability to inspire trust

B.  

The ability to communicate effectively

C.  

The ability to display courage

D.  

The ability to understand the needs of stakeholders

A.  

Stakeholders

B.  

The board

C.  

The chief executive officer

D.  

Internal auditors

A.  

Internal auditors have shown they have the freedom to carry out their responsibilities.

B.  

Internal auditors have demonstrated the skills needed to carry out the audit engagement.

C.  

Internal auditors have strictly followed a formal audit process in conducting their work.

D.  

Internal auditors have demonstrated an unbiased mental attitude.

A.  

Business acumen.

B.  

Critical thinking.

C.  

Communication.

D.  

Audit report writing.

A.  

Internal auditors ensure that the work program is appropriately designed in order to identify all of the risks surrounding the payroll process.

B.  

Internal auditors determine whether the policies, procedures, and practices of the payroll department are operating in accordance with relevant laws.

C.  

Internal auditors verify whether the board of directors has implemented effective internal controls over the processes used by the payroll department.

D.  

Internal auditors ask the organization's risk manager to determine whether the degree of work planned is sufficient to determine whether payroll payments were complete and accurate.

A.  

The audit committee.

B.  

The head of legal and compliance.

C.  

The chief audit executive.

D.  

Senior management.

A.  

The nature of services provided are defined in the internal audit charter.

B.  

Internal auditors must maintain objectivity while performing their work.

C.  

The objectives and scope of the engagement typically are directed by management.

D.  

Internal auditors may assume management responsibilities.

A.  

Coordinate and facilitate risk workshops for management to attend.

B.  

Establish the degree of risk appetite for management to accept.

C.  

Set risk indicators and mitigation plans for management to implement

D.  

Determine the number of significant risks for management to report to the board.

A.  

The decision to involve auditors in the IPO was made by former audit committee members; therefore, the CAE is not responsible and can proceed with the new assignment.

B.  

The CAE should reject the assignment, as such engagements are beyond the scope of auditors who are usually not familiar with root cause analysis methodology.

C.  

The engagement should be undertaken by audit assistants and other junior staff members who were not involved in the IPO process.

D.  

The CAE should disclose objectivity limitations to the audit committee and suggest alternatives, such as outsourcing the engagement.

A.  

The CAE reports administratively to the CEO.

B.  

The CAE is asked to submit the liquidation of her travel allowances to human resources for approval.

C.  

The CAE's supervisor is responsible for the risk management function.

D.  

The CAE is asked to review new procedures before implementation.

A.  

Segregating duties in the payroll processes.

B.  

Confirming receipt of goods or services.

C.  

Performing background checks on newly hired employees.

D.  

Requiring management approval for expenses.