A.  

Evaluate how the organization manages fraud risk.

B.  

Establish procedures for improving risk management processes.

C.  

Ensure risk responses are aligned with industry standards

D.  

Verify that organizational objectives are aligned with each departments objectives.

A.  

The frequency of executing the internal audit engagements

B.  

The frequency of changes in the organization environment

C.  

The expectations set by the board and senior management

D.  

The expectations set by operating management and senior management

A.  

The organization and the format of workpapers is the same for all engagements

B.  

The extent of what is included in workpapers is a matter of professional judgment

C.  

Workpapers should be complete so that every conceivable question that can be raised should be answered

D.  

Copies of operational managements records should not be included, but referenced so that they can be located

A.  

Residual risk.

B.  

Net risk.

C.  

Inherent risk.

D.  

Underlying risk

A.  

Objectives scope and timing at a high level to support coordination while adhering to confidentiality requirements

B.  

The area and timing of the audit engagement to ensure confidentially and avoid conflict of interest.

C.  

All plan information, including risk assessments, planned tests and past results to maximize the opportunity for coordination with internal and external providers.

D.  

No information should be shared with internal and external provider as it could introduce bias into the engagement results.

A.  

Compliance audit.

B.  

Operational audit.

C.  

Financial audit.

D.  

Provider audit.

A.  

An implementer for the action plan

B.  

An owner of the action plan

C.  

The internal auditor's next review date of the action plan

D.  

Detailed procedures for the action plan

A.  

Defer the engagement until a system of internal control has been established

B.  

Change the scheduled engagement from assurance to consulting to help correct the shortcomings

C.  

Add a consulting component to the already scheduled assurance engagement

D.  

Seek the involvement of the external auditor to assist with improving the internal controls

A.  

A condition

B.  

An audit objectives

C.  

An audit scope

D.  

An observation rating

A.  

Batch controls.

B.  

Application controls

C.  

General IT controls.

D.  

Logical access controls

A.  

Mitigating risks affecting achievement of organizational objectives.

B.  

Enabling opportunities affecting achievement of organizational objectives.

C.  

Analyzing and advising regarding costs versus benefits of control activities.

D.  

Attesting to fairness of financial statements

A.  

Appoint an independent fraud investigation specialist to work with the selected internal auditors.

B.  

Organize in-house fraud investigation training sessions for selected internal auditors.

C.  

Assign an experienced auditor to the engagement for a development opportunity.

D.  

Hire a new internal auditor who possesses fraud investigation experience.

A.  

Evaluate the application of project management guidance in the development of wind parks.

B.  

Identify key risks and mitigation plans pertaining to the management of wind parks.

C.  

Assess whether development of wind parks is compliant with relevant legal acts and international best practices.

D.  

Review the wind park development strategy and compare its goals with operational targets and metrics.

A.  

Develop a comparison of the costs incurred with similar costs incurred by other organizations.

B.  

Obtain the government index of healthcare costs for the comparable period of time and compare the rate of increase with that of the cost per employee incurred by the organization.

C.  

Obtain a bid from another healthcare administrator to provide the same administrative services as the current healthcare administrator.

D.  

Review all claims and compare with appropriate procedures to ensure that overpayments have not occurred.

A.  

Process narrative.

B.  

Process mapping.

C.  

Bottom-up.

D.  

Top-down.

A.  

Whistleblowing is one of several possible ethical structures an organization can undertake to encourage ethical behavior.

B.  

Whistleblowing programs help employees deal with ethical questions and instill ethical values into everyday behavior

C.  

Whistleblowers are current or former employees who are disgruntled and looking to retaliate.

D.  

Whistleblowers should inform the organization about actual criminal circumstances, not assumed allegations.

A.  

To evaluate controls regarding the computer security of an oil refinery.

B.  

To examine the processes involved in exploring, developing, and operating a gold mine.

C.  

To assess the likelihood and impact of events associated with operating a finished goods warehouse.

D.  

To link a financial institution's business objectives to a work unit responsible for the associated risk.

A.  

Disclose the information in a separate report.

B.  

Distribute the information in a confidential report to the board only

C.  

Distribute the reports through the use of blind copies.

D.  

Exclude the results from the report and verbally report the conditions to senior management and the board.

A.  

Draft report, to be reviewed by management just prior to final report issuance.

B.  

Preliminary observation document, discussed during the engagement.

C.  

Final report, after review by audit management.

D.  

Verbal communication during the engagement, followed by the final report issuance.

A.  

Improve relations with the engagement clients.

B.  

Present the final engagement communication.

C.  

Identify concerns for future audit engagements.

D.  

Ensure the accuracy of engagement conclusions.

A.  

Communicate the corrected information to the manager of the audited department.

B.  

There should be a follow-up audit to address the error or omission.

C.  

The auditor should update the scope of the audit to include the omission.

D.  

The corrected communication should be redistributed to the original recipients.

A.  

The internal audit risk assessment and audit plan for the next fiscal year.

B.  

The internal audit budget and resource plan for the coming fiscal year.

C.  

A request for an increase of the CAE's salary for the next fiscal year.

D.  

The evaluation and compensation of the internal audit team.

A.  

Meet with the board to discuss emerging issues and concerns

B.  

Conduct a risk assessment of the area under review

C.  

Establish the boundaries of the engagement

D.  

Outline what will be included in the review

A.  

A scheduled audit observed that several agreed improvements from the previous audit were still being implemented.

B.  

A planned inventory count at the production plant revealed a material variance.

C.  

An employee shared concerns of suspected fraud but did not provide evidence.

D.  

An auditor responsible for the fieldwork has carried out only half of the planned audit procedures and has no observations so far.

A.  

Politely decline the engagement due to a lack of qualified staff available at the time.

B.  

Complete the engagement as requested, with the best of the current staff’s abilities.

C.  

Consider using employees from other departments in the organization on the audit team.

D.  

Change the scope of the testing to ensure that only available staff proficiencies are used

A.  

Workpapers should be understandable to the auditor in charge and the chief audit executive

B.  

Workpapers should be understandable to the audit client and the board.

C.  

Workpapers should be understandable to another internal auditor who was not involved in the engagement.

D.  

Workpapers should be understandable to external auditors and regulatory agencies

A.  

Include using in a subsequent audit to determine if the risks are still present

B.  

Discuss the matter with senior management and it not reserved with the board

C.  

Require that management implement controls to mitigate lie risks

D.  

Report the risks to the process owners so that they can modify their process

A.  

Retained earnings indicate the amount of potential dividends to be paid out to new investors.

B.  

Retained earnings represent the amount of excess cash available in the organization.

C.  

Retained earnings demonstrate that the organization was able to generate working capital from its own activities.

D.  

Retained earnings constitute the main criterion used by ratings agencies to assess an organization.

A.  

Establish and measure performance objectives for the internal audit activity

B.  

Select board members with necessary knowledge and skills.

C.  

Develop, approve, and execute the strategic plan of the organization

D.  

Develop strategies to mitigate the risks to achieving the organization's objectives

A.  

Issue an internal control questionnaire to select branch customers.

B.  

Issue an internal control questionnaire to the president of the organization.

C.  

Issue an internal control questionnaire to the director of bank operations.

D.  

Issue an internal control questionnaire to select branch managers.

A.  

A description of their job responsibilities.

B.  

A non-disclosure agreement

C.  

An annual declaration of commitment to The HAs Code of Ethics.

D.  

The internal audit charter

A.  

Persuade senior management to take appropriate action.

B.  

Cancel issuing the engagement report due to the assumed risks.

C.  

Accept senior management’s assumption of the risks.

D.  

Discuss the issue with the board for them to take appropriate action.

A.  

Incorrect rejection risk.

B.  

Incorrect acceptance risk.

C.  

Tolerable misstatement risk

D.  

Anticipated misstatement risk

A.  

The number, experience, and availability of audit staff as well as the nature, complexity, and time constraints of the engagement.

B.  

The appropriateness and sufficiency of resources and the ability to coordinate with external auditors.

C.  

The number, proficiency, experience, and availability of audit staff as well as the ability to coordinate with external auditors.

D.  

The appropriateness and sufficiency of resources as well as the nature, complexity, and time constraints of the engagement.

A.  

Residual

B.  

Net

C.  

inherent.

D.  

Accepted.

A.  

ICQs provide testimonial evidence.

B.  

ICQs are efficient.

C.  

ICQs provide tangible evidence to be quantified.

D.  

ICQs put observations into perspective.

A.  

Report the impairment to senior management

B.  

Discuss the impairment with the audit manager.

C.  

Ascertain the best approach to disclose the impairment.

D.  

Decide on the extent of impact of the impairment

A.  

1 and 2

B.  

1 and 4

C.  

2 and 3

D.  

3 and 4

A.  

The use of judgment enhances managements ability to make better decisions about internal control, but cannot guarantee perfect outcomes.

B.  

introducing judgment generally diminishes managements ability to make good decisions about internal control

C.  

It is inappropriate for management to exercise judgement in areas such as specifying and using suitable accounting principles.

D.  

It is inappropriate for management to exercise judgement in assessing whether components are present, functioning, and operating together

A.  

Internal control questionnaires are useful m evaluating the effectiveness of standard operating procedures

B.  

internal control questionnaires provide reliable documents allowing internal auditors to cover many control procedures in little time

C.  

Internal control questionnaires can be used by internal auditors as an interview guide

D.  

Internal control questionnaires provide direct audit evidence which may need corroboration

A.  

The scope of the engagement should be planned according to the internal audit activity's budget and then aligned to the risk universe.

B.  

The audit engagement objectives should be based on operational managements view of risk objectives

C.  

The planning phase of the engagement should be completed and approved before the fieldwork of the engagement begins.

D.  

The main purpose of the engagement work program is to determine the nature and timing of procedures required to gather audit evidence

A.  

Kanban board

B.  

Control self-assessment

C.  

Heat map

D.  

Risk register

A.  

Tracing, because it would enable the auditor to verify quickly that the record counts were properly included in the compilation.

B.  

Inspection, because it would enable the auditor to verify how management enters the data into the application for processing.

C.  

Testing data, because it would enable the auditor to ensure that the application processes the transaction as described by management.

D.  

Reperformance, because it enables the auditor to verify that the application performed the calculation correctly.

A.  

Written observations allow for more interpretation.

B.  

Written observations help the internal auditors express the significance.

C.  

Written and verbal observations are equally effective.

D.  

Written observations limit premature agreement.

A.  

Nonstatistical sampling provides more objective recommendations for management.

B.  

Nonstatistical sampling provides an opportunity to select the minimum sample size required to satisfy the objectives of the audit tests.

C.  

Nonstatistical sampling provides for the use of subjective judgment in determining the sample size.

D.  

Nonstatistical sampling permits the auditor to specify a level of reliability and the desired degree of precision.

A.  

When the chief audit executive (CAE) concludes that management has accepted a level of risk that may be unacceptable to the organization, the CAE must discuss the matter with senior management. If the CAE determines that the matter has not been resolved, the CAE should seek the opinion from regulatory bodies.

B.  

The CAE should avoid issuing any interim reports, even for high-risk observations, prior to the issuance of the final written report to avoid leakage of sensitive information.

C.  

It is mandatory for the CAE to assess the potential risk to the organization, consult with senior management and legal counsel as appropriate, and control dissemination by restricting the use of the results prior to releasing them to parties outside of the organization if not otherwise mandated by legal, statutory, or regulatory requirements.

D.  

The board should always be given the final written internal audit reports at the conclusion of all internal audit engagements. Executive summaries should be avoided in all cases.

A.  

Conclude whether the ESG program's activities are meeting the established goals

B.  

Communicate the results of the assessment to senior management

C.  

Develop recommendations based on the results of the assessment

D.  

Perform testing on the activities selected based on the assessment

A.  

Assurance providers who report to management and/or are part of management cannot provide control serf-assessments services

B.  

Internal auditors should always reperform and validate audit work completed by external assurance providers

C.  

Internal auditors may rely on the work of internal compliance teams to expand their coverage of the organization without increasing direct audit

D.  

hours Internal auditors can rely on the work of other assurance providers only rf the other assurance providers report directly to the board

A.  

Operations

B.  

Compliance

C.  

Financial reporting

D.  

Strategic

A.  

During engagement planning, the audit work program should be discussed between auditors and the engagement supervisor with the supervisor approving the work program.

B.  

During fieldwork, scope changes made to the work program are at the auditor's discretion and should be supported adequately in the workpapers.

C.  

Engagement supervision is most critical to the fieldwork and reporting phases of the audit, as this is where the majority of the work takes place.

D.  

A degree of high supervision to no supervision may be provided to an auditor depending on his level of competence and the complexity of the engagement.

A.  

Recent workpapers can help during the planning of a new engagement to understand any corrective actions taken by management to address previous engagement observations.

B.  

Tests described in recent workpapers can be copied into the new workpapers to save time from reperforming a risk assessment.

C.  

Recent workpapers serve as the best source for identification of the risks to be examined in the new engagement.

D.  

The new engagement scope can be derived from recent workpapers to ensure the reperformance of engagement procedures.

A.  

For both assurance and consulting engagements, planning typically occurs after the engagement objectives and scope have already been determined.

B.  

The expectations and objectives of an assurance engagement are usually determined by. or in conjunction with, the engagement client

C.  

Internal auditors may not need to complete a preliminary risk assessment for a consulting engagement as they would when planning an assurance engagement.

D.  

For both consulting and assurance engagements, internal auditors usually form the engagement objectives prior to completing the preliminary risk assessment

A.  

Bank confirmations

B.  

Internal bonk statements

C.  

Bank reconciliations as of the end of the year

D.  

Bank account general ledger balancer as of the end of the year

A.  

1, 2, and 3

B.  

1, 2, and 4

C.  

1, 3, and 4

D.  

2, 3, and 4

A.  

Using compliance verification data analytics

B.  

Using regression analysis

C.  

Using software with a gap testing function

D.  

Drafting a flowchart of the meal expense reporting process

A.  

Full cost

B.  

Full cost plus a markup.

C.  

Market price of the product.

D.  

Variable cost plus a markup.

A.  

The best source tor detailed process information is senior management

B.  

Audit objectives should be general and do not change.

C.  

Computer-assisted audit techniques are typically not useful during engagement planning

D.  

Internal auditors should prepare a dented audit program for testing controls

A.  

The organization incurred excessive cost overruns that resulted in significant financial and legal risk to the project.

B.  

The organization experienced a potential conflict of interest

C.  

The organization had weaknesses in its review process which allowed questionable transactions with some vendors

D.  

The organization allowed the project to launch without assurance that all transactions were regularly approved

A.  

When a manufacturing organization has stable demand for its products.

B.  

When an organization is subjected to strong political and social pressures

C.  

When a manufacturer has reliable resources and suppliers.

D.  

When an organization is infrequently affected by technological advances

A.  

Assess controls for potential compliance issues that may affect me consolidation

B.  

Brief vendors on the potential risks that will occur without continued business

C.  

Advise division managers on how to streamline operations for better efficiency

D.  

Determine whether the organization’s controls are effective in meeting business objectives

A.  

The auditor confirms the organization's ownership of physical equipment by verifying its presence on site visually.

B.  

The auditor vouches for a sample of check copies to support voucher packages to test the checks' validity.

C.  

The auditor vouches a sales invoice to a shipping document to conclude that the invoice has been issued.

D.  

The auditor recalculates the allowance for doubtful accounts based on management assertions.

A.  

1 and 2

B.  

1 and 4

C.  

2 and 3

D.  

3 and 4

A.  

Relevant risk indicators and mitigation plans are in place

B.  

All risks are identified and assessed

C.  

Business profitability is likely to be achieved

D.  

Risk information is communicated to customers and suppliers

A.  

Independently evaluating conflicts of interests.

B.  

Assessing contracts for relevant terms and conditions.

C.  

Performing statistical analysis for data anomalies.

D.  

Preparing evidentiary documentation.

A.  

Ensuring the process owner with the engagement objectives

B.  

Reviewing engagement draft reports

C.  

Ensuring workpapers support audit findings

D.  

Approving audit work programs

A.  

Email alert sent to management for checks issued over S100.000.

B.  

installation of a video surveillance system in a warehouse prone to inventory loss

C.  

New hire training to explain fraud and employee misconduct.

D.  

Daily report that Identifies unsuccessful system log-in attempts

A.  

Company goods that were sold during the year, free on board shipping point, that have been shipped but not yet received by the customer

B.  

Goods purchased by the company, free on board destination, that have not yet been received.

C.  

Goods on consignment, which the company is trying to sell for its customers.

D.  

Company goods for sale on consignment at a consignment shop

A.  

Workpapers should be understandable to the auditor in charge and the chief audit executive.

B.  

Workpapers should be understandable to the audit client and the board.

C.  

Workpapers should be understandable to another internal auditor who was not involved in the engagement.

D.  

Workpapers should be understandable to external auditors and regulatory agencies.

A.  

The CAE must discuss the matter with senior management

B.  

The CAE must discuss the matter with key shareholders.

C.  

The CAE must discuss the matter with legal counsel.

D.  

The CAE must discuss the matter with the board

A.  

The engagement supervisor must notify the chief audit executive (CAE) that the deficiencies have not been rectified

B.  

The engagement supervisor should rely on professional judgment as to whether the CAE should be informed, or the management action plan should be adjusted

C.  

The engagement supervisor should rely on his negotiation skills and issue an ultimatum to management to remedy the control deficiencies

D.  

Ensure that these deficiencies are captured in the documentation as high-priority areas to be reviewed during the next audit.

A.  

It is best to determine planning activities on a case-by-case basis because they can vary widely from engagement to engagement.

B.  

If the engagement subject matter is not unique, it is not necessary to outline specific testing procedures during the planning phase.

C.  

The engagement plan includes the expected distribution of the audit results, which should be kept confidential until the audit report is final.

D.  

Engagement planning activities include setting engagement objectives that align with audit client's business objectives.

A.  

Conclude that the test failed because at least 17 percent of the sample items were not supported.

B.  

Select five new accounts to replace the ones that were missing supporting documentation.

C.  

Expand the sample size to 60 to determine whether the error rate remains the same.

D.  

Contact management to determine whether the supporting documentation can be located elsewhere.

A.  

Visiting the grantee to assess whether the execution of the project was in line with the defined grant scope.

B.  

Verifying that the grantee's final report is in line with what was depicted in the initial budget request.

C.  

Reconciling general ledger accounts used by management of the area under review for reflecting expenses on charitable contributions.

D.  

Interviewing employees of the corporate affairs department, which is responsible for charitable activities.

A.  

Awareness of prior incidents of fraud.

B.  

Contractor non-disclosure agreements.

C.  

Verification of currency exchange rates.

D.  

Receipts for employee expenses.

A.  

Review year-over-year trending of total dollars spent in each period.

B.  

Review changes to the vendor master file for suspicious activity.

C.  

Review the percentage of on-time payments against prior periods.

D.  

Review total expenses for accounting against other department expenses in the organization.

A.  

Compare purchase orders generated from test data Input into the LAN with purchase orders generated from production data for the most recent period.

B.  

Develop a report of excess inventory and compare the inventory with current production volume.

C.  

Compare the parts needed based on current production estimates and the MRP for the revised production techniques with the purchase orders generated from the system for the same period

D.  

Select a sample of production estimates and MRPs for several periods and trace them into the system to determine that input is accurate

A.  

1 and 2 only.

B.  

1 and 3 only.

C.  

2 and 3 only.

D.  

1, 2, and 3.

A.  

During the inspection of a wind turbine. an internal auditor notices that some replaced parts took used According to purchase documents, the parts still have a long lifespan.

B.  

The auditor believes that the audit client's actions contradict the organization's code of conduct The audit client disagrees and says his actions are for the organization's benefit

C.  

An audit team member is allocated to conduct an assurance engagement m the sales unit. However, the same auditor performed an assurance engagement in that area just one year prior

D.  

During an inventory count, the auditor ascertained that some goods were missing. The audit client argues that the auditor does not understand how inventory should be counted

A.  

Information obtained from historic audits and memos.

B.  

Risk and control registers or matrices.

C.  

Resource deployment plans and sampling methodologies.

D.  

Prior findings and management responses.

A.  

Run reports listing all payments made in countries other than vendor locations

B.  

Run reports listing all credit limit overrides

C.  

Run reports listing all instances of delayed revenue recognition

D.  

Run three-way match reports, matching invoices, purchase orders, and receiving reports

A.  

The complexity of deficiency findings.

B.  

The adequacy of preliminary survey information.

C.  

The organization and content of workpapers.

D.  

The method and amount of supporting detail used for the audit report.

A.  

Criteria.

B.  

Effect

C.  

Condition

D.  

Cause

A.  

Refer the suggested changes to the engagement supervisor for approval.

B.  

Note the suggested changes to be included in next year’s engagement program.

C.  

Update the engagement work program with the suggested changes.

D.  

No action is required as the work program has been approved and is underway.

A.  

Manufacturing.

B.  

Profitability.

C.  

Overheads.

D.  

Quality.

A.  

The process objectives.

B.  

The process risks

C.  

The process controls

D.  

The process scope

A.  

Ask the external auditor to review the same transaction again as an independent third party

B.  

Consult account accounting principles, standards, and relevant guidelines in regard to timing of the entry

C.  

Interview the chief financial officer and obtain her opinion on how the transactions should be recorded

D.  

Compare the recording of this transaction to now similar ones were executed last year

A.  

The sample rate of occurrence plus the precision exceeds the acceptable error rate.

B.  

The sample rate of occurrence is less than the acceptable error rate.

C.  

The acceptable rate of occurrence less the precision exceeds the sample rate of occurrence.

D.  

The sample rate of occurrence plus the precision equals the acceptable error rate.

A.  

Review or establish a documented skills assessment of the internal audit staff and gather information from post-audit surveys

B.  

Obtain from the human resources department the job descriptions and position requirements for all internal audit staff

C.  

Conduct an objective written test of the internal audit staff to assess their knowledge and skills related to core internal audit competencies

D.  

Request the internal audit staff to submit a document that summarizes their most recent performance appraisals and post audit reviews

A.  

The data from various sources should remain segregated for easier analysis and discovery of anomalies.

B.  

Fraud detection techniques should be performed against full data populations.

C.  

A reactive approach is best suited for fraud detection due to the effectiveness of tips and whistleblowing programs.

D.  

Random sampling is an effective method of detecting fraudulent transactions.

A.  

A three-way match between the invoice, purchase requisition, and documentation of receipt of services

B.  

A member of management approves the purchase requisition before the temporary employee begins work

C.  

A scope of work for the temporary employee is included in the purchase requisition and signed by the organization

D.  

Payments to the vendor are analyzed monthly to ensure they do not exceed the amount approved on the purchase order

A.  

Ensure the testimonials are well documented

B.  

Substantiate the testimonials with physical or documentary evidence

C.  

Corroborate testimonials with the results from other soft control techniques

D.  

Review the testimonials with the interviewed employees

A.  

As soon as possible, no later than two months after the audit

B.  

When convenient for both parties

C.  

When management has indicated that the issue has been resolved

D.  

Before financial year end

A.  

The CAE would automatically sand a copy of the report to the service provider as many of the findings relate to Via area managed by the service provider

B.  

The CAE may distribute the report to tie service provider at no cost, after consulting with legal counsel and tie chief compliance officer

C.  

The CAE may provide a copy of the audit report to the service provider If an agreement & signed and the service provider agrees to reimburse the cost of the auditD, The CAE should benchmark with other organization in the industry by consorting with colleagues and distribute the report only I it is an acceptable practice m the industry

A.  

Compare purchase orders generated from test data input into the LAN with purchase orders generated from production data for the most recent period

B.  

Develop a report of excess inventory and compare the inventory with current production volume

C.  

Compare the pans needed based on current production estimates and the MRP for the revised production techniques with the purchase orders generated from the system for the same period

D.  

Select a sample of production estimates and MRPs for several periods and trace them into the system to determine that input is accurate

A.  

1 and 2 only.

B.  

2 and 3 only.

C.  

2 and 4 only.

D.  

3 and 4 only.

A.  

The CAE has no role to play, because the chief health and safety officer reports to a senior executive.

B.  

The CAE should coordinate with, and review the work of, the chief health and safety officer to gain an understanding of whether risks related to health and safety are managed properly.

C.  

The CAE should give periodic reports directly to the regulator regarding health and safety issues, as it is the appropriate regulatory oversight body.

D.  

The CAE should hire an independent external specialist to conduct an annual assessment and provide assurance over the effectiveness of the health and safety program and the reliability of its reports.

A.  

Determine whether there are any compensating controls in place to reduce the nsk to an acceptable level, and discuss this matter with management of the business area to determine which corrective action is needed

B.  

Test the control anyway to determine the likelihood that the control was not performed property, and discuss this matter with management of the business area to determine which corrective action is needed

C.  

Conclude that the process control environment is weak, issue a finding on this conclusion and report this finding to management of the business area

D.  

Confer with a second internal auditor to determine whether the control failure is legitimate issue a finding on this conclusion and report this finding to management of the business area

A.  

All assurance engagement observations should be communicated to the audit committee.

B.  

All assurance engagement observations should be included in the main section of the engagement communication.

C.  

During the "communicate" phase of an assurance engagement, it is best to define the methods and timing of engagement communications.

D.  

A detailed escalation process should be developed during the planning stage of an assurance engagement.

A.  

To ensure that the engagement is completed on time and within budget

B.  

To ensure that all work performed meets acceptable quality standards

C.  

To ensure that management has provided suitable responses to all observations

D.  

To ensure that management is satisfied with the progress of the engagement

A.  

The policy for granting, modifying, and deleting user access to ensure processing requirements are clearly articulated.

B.  

A sample of change request forms to verify whether the forms bear the required approval for the user access change.

C.  

User access reports that were reviewed by management to ensure that access rights are appropriate for employee roles.

D.  

A current listing of system users and an employee listing to determine whether system users are active employees of the organization.

A.  

1, 2, and 3.

B.  

1.2. and 4

C.  

1,3, and 4.

D.  

2, 3, and 4.

A.  

To ensure the objectives of the area under review are met.

B.  

To ensure senior management supports the report's conclusions.

C.  

To ensure report style and grammar are appropriate.

D.  

To ensure report findings are substantiated.

A.  

Criteria

B.  

Cause

C.  

Effect

D.  

Condition

A.  

Decline the audit engagement, because the Standards prohibit internal auditors from performing engagements where they lack the necessary competencies.

B.  

Accept the audit engagement and use the engagement as an opportunity to develop the audit team's IT expertise while performing the audit work.

C.  

Temporarily hire an experienced and knowledgeable IT analyst from the organization's IT department to lead the audit.

D.  

Outsource the audit engagement to a reputable IT audit consulting firm.

A.  

Reliability or appropriateness

B.  

Reasonableness

C.  

Existence or occurrence

D.  

Relevance

A.  

The production team may be incentivized to increase production losses.

B.  

The production team may work overtime and be overworked.

C.  

Increased misappropriation of finished products.

D.  

Risk that the finished product quality may be impaired.

A.  

Process objectives.

B.  

Process risks

C.  

Process controls.

D.  

Process scope

A.  

The engagement team should include internal auditors who have expertise in investigating vendor fraud

B.  

The engagement team should be composed of certified accountants who are proficient In financial statement analysis and local accounting principles

C.  

To preserve independence and objectivity, an auditor who worked for the vendor two years prior may not participate on the engagement team

D.  

The engagement team may include an auditor who lacks knowledge of the industry in which the vendor operates

A.  

Outsource the engagement 10 tie organization's external auditor who has expertise in the area of financial markets

B.  

Hire additional internal auditors who have expertise in the area of financial markets.

C.  

Invite a guest auditor from one of the organization's affiliates who has expertise m the area of financial markets.

D.  

Limit the scope of the engagement to the knowledge and skills possessed by the internal audit team.

A.  

Tracing

B.  

Reperformance

C.  

Vouching

D.  

Walkthrough

A.  

Solicit the services of a specialist information systems auditor

B.  

Obtain the most current approved copies of the organization's privacy policy

C.  

Consult with legal counsel about new privacy laws to establish appropriate criteria

D.  

Consider the detection risk of noncompliance with the laws

A.  

Any risk involving organizational expansion into a new geographical area with an unstable political environment.

B.  

Any risk involving investments into bitcoin and suspicious derivatives

C.  

Any risk that can cause material or financial loss

D.  

Any risk that could cause injuries or pollute the environment

A.  

1 only

B.  

3 only

C.  

1 and 3 only

D.  

1, 2, and3

A.  

1.2 and 3

B.  

1.2. and 4.

C.  

1.3. and 4.

D.  

2. 3. and 4.

A.  

Individual internal auditors

B.  

Chief audit executive.

C.  

The board

D.  

Engagement supervisors

A.  

Cost-benefit analysis of management not implementing a recommendation to address an observation.

B.  

Inquiry of corrective action to be completed within a certain period.

C.  

Reporting the status of every observation for every engagement in a detailed manner.

D.  

Soliciting management’s feedback after completion of the audit engagement.

A.  

A separate engagement work program should be created for secondary controls

B.  

Secondary controls do not necessarily need to be tested for effectiveness

C.  

Any documented secondary controls are deemed essential to the adequacy of control design

D.  

Secondary controls should be held to the same requirements as key controls

A.  

Sampling risk.

B.  

Audit risk.

C.  

Residual risk.

D.  

Inherent risk

A.  

The auditor examines the system documentation of the new system to verify that the risk has been addressed in the new system, then reports to senior management the closure of the issue.

B.  

The auditor accepts managements explanation that the previously identified issue is adequately addressed by the new IT system, as management understands the concern and is most knowledgeable about the new system, and closes the outstanding issue.

C.  

The auditor advises management that replacing the IT system does not dismiss the prior obligation to implement the agreed action plan, and escalates the issue to senior management and the board.

D.  

The auditor requires management to provide details regarding the process for selecting the new IT system and whether other systems were evaluated, and closure of the issue would depend on the new information provided.

A.  

Variables sampling

B.  

Dollar-unit sampling

C.  

Judgmental sampling

D.  

Discovery sampling

A.  

Recent organizationwide recognition awards given to employees within the area.

B.  

The timing of the most recent audit of the area.

C.  

Management's presentation to the board regarding recent area achievements.

D.  

Recent area performance indicators against productivity metrics.

A.  

To select a candidate who can be trusted to gather sensitive information on the acquisition

B.  

To select a candidate capable of conveying internal audit strategy even without voting status

C.  

To self-assign as only the CAE has authority to express opinions and offer advice to committee members

D.  

To select a candidate who has prior experience in mergers or the completion of due diligence of entities

A.  

Surveys

B.  

Management produced analysis 0

C.  

Facilitated team workshops

D.  

Weighted risk factors

A.  

Intern accounting management via an interim memorandum update

B.  

Note the item in the workpapers for inclusion in the final audit report

C.  

Call a meeting and discuss me issue with the audit committee

D.  

Alert the CEO as soon as the issue is discovered

A.  

Vendor contracts.

B.  

Employee master list.

C.  

Payment records.

D.  

Purchasing policy.

A.  

A risk assessment

B.  

An operational audit

C.  

A third-party audit

D.  

A fraud investigation

A.  

A complete, accurate, and comprehensive account of engagement observations and recommendations.

B.  

Oversight of the coordination between the internal audit activity and independent outside auditors

C.  

The internal audit activity's purpose, authority, responsibility, and performance relative to plan.

D.  

Management's assertions regarding the system of internal controls.

A.  

Disclosure risk.

B.  

Residual risk

C.  

Compliance risk

D.  

Inherent risk

A.  

1 and 3

B.  

1 and 4

C.  

2 and 3

D.  

2 and 4

A.  

1 and 3.

B.  

1 and 4

C.  

2 and 3.

D.  

2 and 4.

A.  

The bank destroys all records containing a customer's personal information without informing the customer.

B.  

Based on an assessment of likely products of interest to the customer, the bank shares the customer’s personal information with other companies within the group and informs the customer.

C.  

The bank retains customer information to facilitate easier verification of personal information in the event that the customer returns to reopen his account. The customer is not informed.

D.  

The customer's personal information is used for market research by an external company and the customer is informed prior to publishing the results of the market research.

A.  

1 and 2

B.  

2 and 4

C.  

1, 2, and 3

D.  

2, 3, and 4

A.  

It enables the auditor to identify the inherent risks to the effective operation of accounts payable process controls.

B.  

It enables the auditor to understand the framework of the activities and associated accounts payable subprocesses

C.  

it enables the auditor to understand the accounts payable process and its flow, including key steps and systems.

D.  

It enables the auditor to categorize the population of transactions within the accounts payable process

A.  

The evidence may not be reliable.

B.  

The evidence is not relevant.

C.  

The evidence may not be sufficient.

D.  

The information missing is not relevant to the audit.

A.  

Review documents registered with the appropriate governmental authority.

B.  

Examine the board of directors' minutes and look for approvals to acquire property.

C.  

Confirm with senior management and legal counsel concerning property acquisition.

D.  

Confirm ownership with the title company that handles the escrow account.

A.  

Description of the procurement policy

B.  

Summary of the tendering process

C.  

Substantiated and comparative evidence

D.  

Impact analysis of unfavorable prices

A.  

Traditional

B.  

Decentralized

C.  

Centralized

D.  

Customer-centric

A.  

Report the monitoring status to senior management when requested.

B.  

Assist management with implementing corrective actions.

C.  

Determine the frequency and approach to monitoring.

D.  

Include all types of observations in the monitoring process.

A.  

The treasury supervisor establishes a threshold for amounts on bank statements to be reconciled against data in the system

B.  

The treasury analyst performs a daily reconciliation of al bank statements obtained via email against data in the system

C.  

The treasury analyst reviews a daily report automatically generated by the treasury system, which shows bank statements that have not been uploaded into the accounting system.

D.  

The treasury supervisor seeks an annual confirmation from the bank regarding the bank statements processed within a year

A.  

Board of directors

B.  

External auditors

C.  

Chief audit executive

D.  

Senior management

A.  

Prepare a bank reconciliation statement for all the bank accounts of the organization

B.  

Track a sample of project payments from accounts payable to concluded agreements and authorization rights

C.  

Validate the accuracy of assumptions and inputs used for calculations in the project’s feasibility model

D.  

Investigate whether the budget of the project was approved timely as required by internal policies

A.  

To gain an understanding of the control environment

B.  

To collect as much financial data as possible before engagement fieldwork begins.

C.  

To test the effectiveness of financial controls in an efficient and relatively inexpensive way

D.  

To facilitate the quantification of financial data obtained

A.  

1 and 2

B.  

1 and 3

C.  

2 and 4

D.  

3 and 4

A.  

Entity-level controls

B.  

Application controls

C.  

General controls.

D.  

Transaction controls

A.  

Inquiry

B.  

Analytical review

C.  

Observation

D.  

Inspection of documents

A.  

Request additional information needed from management of the area under review.

B.  

Obtain approval from the engagement supervisor

C.  

Obtain the required resources, including IT. to complete the work

D.  

Discuss the change in scope with management of the area under review.

A.  

Vendor invoice payment requests are accompanied by a purchase order and receiving report.

B.  

Purchase orders are typed by the purchasing department using prenumbered forms

C.  

Buyers promptly update the official vendor listing as new supplier sources become known.

D.  

Department managers initiate purchase requests that must be approved by the plant superintendent

A.  

The organization's view on risk tolerance

B.  

The organization's principal risk events.

C.  

The organization's risk response strategies

D.  

The organization's major control activities

A.  

The valuation will be incorrect if the inventory includes goods in transit shipped free on board (FOB) destination to another organization.

B.  

The valuation will be correct if the inventory includes goods received on consignment from another organization.

C.  

The valuation will be incorrect if the inventory includes goods in transit shipped FOB shipping point from another organization.

D.  

The valuation will be correct if the inventory includes goods sent on consignment to another organization

A.  

Auditors are asked to keep a daily record of their activity for review by the auditor in charge following the engagement.

B.  

The senior internal auditor requires each auditor to review and initial colleagues’ workpapers for completeness and format

C.  

A new internal auditor is accompanied by an experienced auditor during a highly sensitive fraud investigation.

D.  

The auditor in charge provides reasonable assurance that engagement objectives were met

A.  

Explain the situation to senior management and remove the audit from the audit plan until next year

B.  

Conduct the audit of the quality department but adjust the audit program to remove the quality control testing

C.  

Engage one of the other trained employees to participate in the audit review of the quality department

D.  

Request that external auditors include this area as part of their review and provide independent assurance

A.  

Review notes on audit workpapers must be retained to provide a record of questions raised by the reviewer.

B.  

Audit workpaper documentation policies are reviewed and approved by the audit committee.

C.  

Management of the department being audited should review the prepared workpapers for accuracy.

D.  

Audit workpaper preparation contributes to the professional development of the internal audit staff.

A.  

Diagnostic analytics

B.  

Descriptive analytics

C.  

Prescriptive analytics

D.  

Predictive analytics

A.  

Auditors are asked to keep a daily record of their activity for review by the auditor in charge following the engagement.

B.  

The senior internal auditor requires each auditor to review and initial colleagues' workpapers for completeness and format.

C.  

A new internal auditor is accompanied by an experienced auditor during a highly sensitive fraud investigation.

D.  

The auditor in charge provides reasonable assurance that engagement objectives were met.

A.  

It leads to an increase in risk and often results in rework.

B.  

It is an optimization technique where activities are performed in parallel rather than sequentially

C.  

It involves a revaluation of project requirements and/or scope.

D.  

It is a compression technique in which resources are added to the project

A.  

Identify and map existing controls to their relevant inherent fraud risks

B.  

Detect fraudulent activities in the activity under review for the audited period

C.  

Select the appetite level for each inherent fraud risk

D.  

Evaluate and respond to residual fraud risks that need to be mitigated

A.  

To create a detailed risk assessment.

B.  

To identify individuals who perform key roles.

C.  

To explain a simple process.

D.  

To document which outputs support other activities.

A.  

They ore kitted as they do not allow the auditor to test many controls.

B.  

They do not highlight control gaps

C.  

They are not useful for identifying areas on which the auditor should locus.

D.  

They are limited as there is a risk that management may not answer fairly.

A.  

Slight variations in answers can result in very different risk assessments

B.  

Generative artificial intelligence cannot make inferences out of free text responses

C.  

Replacing auditor judgment with machine judgment is contrary to the Global Internal Audit Standards

D.  

Poor acceptance of the new system by the activity under review will impact engagement outcomes

A.  

Debt-to-equity ratio.

B.  

Profit margin.

C.  

Current ratio.

D.  

Times interest earned.

A.  

Proceed with the audit engagement, but do not include the relative's information.

B.  

Have the chief audit executive and management determine whether the auditor should continue with the audit engagement.

C.  

Disclose in the engagement final communication that the relative Is a customer

D.  

Immediately withdraw from the audit engagement

A.  

There is a higher reliance on organizational culture

B.  

There are clear expectations set for employees.

C.  

There are electronic monitoring techniques employed

D.  

There is a defined code for employee behavior

A.  

The organization’s attitude to hierarchy.

B.  

The organization's whistleblowing strategy.

C.  

The organization’s ongoing risk monitoring process.

D.  

The organization’s risk management policy.

A.  

On a rainy day. total sales are greater than expected when compared to the cost of ingredients used

B.  

On a sunny day. total sales are less than expected when compared to the cost of ingredients used.

C.  

Both total sales and cost of ingredients used are greater than expected.

D.  

Both total sales and cost of ingredients used are less than expected.

A.  

1 and 2 only

B.  

3 and 4 only

C.  

1, 2, and 4

D.  

1, 3, and 4

A.  

ISO 26000

B.  

Global Reporting Initiative.

C.  

Open Compliance and Ethics Group.

D.  

COSO’s enterprise risk management framework.

A.  

Sufficiency.

B.  

Appropriateness.

C.  

Effective deployment.

D.  

Cost effectiveness.

A.  

Flowcharts are typically not well suited to support information provided by a risk and control matrix.

B.  

Flowcharts are preferred to narratives, as they can provide much greater detail on the design and operation of a process.

C.  

Flowcharts are best applied to linear process flows but cannot address all risks related to the process.

D.  

Flowcharts describe process steps but cannot provide the level of detail needed to adequately assess the design of the process.

A.  

The amount of experience the auditors have conducting audits in the specific area of the organization.

B.  

The availability of the auditors in relation to the availability of key client staff.

C.  

Whether the budgeted hours are sufficient to complete the audit within the current scope.

D.  

Whether outside resources will be needed, and their availability.

A.  

Assert whether the described and reported control processes and systems exist.

B.  

Assess whether senior management adequately supports and promotes the internal control culture described in the report.

C.  

Evaluate the completeness of the report and management's responses to identified deficiencies.

D.  

Determine whether management's operating style and the philosophy described in the report reflect the effective functioning of internal controls.

A.  

Collect the policies and procedures relevant to the audited area

B.  

Understand the financial results published for the period under review

C.  

Assess the design of the internal controls in place

D.  

Define the objectives of the assurance engagement

A.  

Define the duties and responsibilities needed from management to perform the engagement.

B.  

Disclose the fact that auditors who perform the work may not be subject matter experts in the topic of the review.

C.  

Clarify that matters discovered during the engagement may also be reported to senior management and the audit committee.

D.  

Disclose the fact that follow-up reviews may be conducted to ensure that recommendations are implemented adequately.

A.  

Sum of the years’ digits.

B.  

Declining balance.

C.  

Double-declining balance.

D.  

Straight line.

A.  

To identify whether fuel was purchased for work-related purposes

B.  

To estimate future fuel costs for the organization's fleet of vehicles

C.  

To determine trends in average fuel consumption by vehicle

D.  

To determine whether the organization is paying more than the industry average for fuel

A.  

The chief audit executive disagreed with the business unit manager's initial decision to accept a particular risk Management ultimately agreed to address the risk only after discussing the issue with senior management.

B.  

The internal audit activity was restructured, which resulted in a significant change in responsibilities among audit managers and supervisors for some audits

C.  

A staff internal auditor had difficulties completing a portion of the audit because management of the area under review was unwilling to cooperate and provide information timely.

D.  

The resignation of an internal audit manager during the year caused the chief audit executive to defer a number of audit engagements to the following year.

A.  

Each year send a different member of the internal audit staff to an IT audit conference to learn about emerging technologies

B.  

Contract an external IT special to offer advice and consult on IT audits

C.  

Employ an independent external IT specialist to perform IT audits for the first year

D.  

Invite qualified staff from the IT department to serve as guest auditors and lead IT audits

A.  

Significant changes in the organization's accounting policies or procedures would warrant timely analysis and feedback.

B.  

More frequent external assessments can serve as an equivalent substitute for internal assessments.

C.  

The parent organization's internal audit activity agreed to perform biennial reciprocal external assessments to provide greater assurance at a reduced cost.

D.  

A change in senior management or internal audit leadership may change expectations and commitment to conformance

A.  

Analytical procedures compare information against expectations

B.  

Analytical procedures begin after the engagements planning phase.

C.  

Analytical procedures provide internal auditors with explainable results.

D.  

Analytical procedures are computer-assisted audit techniques

A.  

Customers, innovation, growth, and internal processes.

B.  

Business objectives, critical success factors, innovation, and growth.

C.  

Customers, support, critical success factors, and learning.

D.  

Financial measures, learning and growth, customers, and internal processes.

A.  

The CAE must establish a follow-up process tor both assurance and consulting engagements to monitor that management actions have been effectively implemented to address observations

B.  

The CAE must communicate the results of assurance and consulting engagements lo whoever can ensure that the results are given due consideration.

C.  

The CAE must acknowledge satisfactory performance when communicating the results of assurance and consulting engagements

D.  

The CAE may delegate the responsibility for communicating the results of consulting engagements although this responsibility cannot be delegated for assurance engagements

A.  

People cannot quickly understand the processes via flowcharts

B.  

Flowcharts are not applicable for evaluating the design of controls

C.  

Some serious risks that are not part of the linear process can be missed

D.  

Flowcharts do not enable auditors to identify missing controls

A.  

Reporting results of audits with recommendations to management.

B.  

Providing formal follow-up procedures to ensure that management complies with an action plan or accepted risk of not taking action.

C.  

Reporting quarterly to management that the audit plan is focused on higher exposures of risk.

D.  

Discussing audit findings with independent auditors.

A.  

Compare turnover m the organization to published turnover rates of peer organizations.

B.  

Compare turnover in one period with turnover in the previous period in the organization

C.  

Compare turnover in the period to total employees in the organization

D.  

Compare turnover with the auditor's general knowledge of the organization

A.  

The document management policy requires business client data to be stored in a specific management database

B.  

Sales contracts were stored improperly because the office manager was not trained to use the electronic database and prefers to avoid it

C.  

if the organization becomes subject to litigation the agreed pricing terms and conditions of the contracts may be difficult to prove

D.  

All staff should be appropriately trained and required to follow the organization's established policies and procedures pertaining to document management

A.  

To ensure all customer shipments are billed appropriately.

B.  

To ensure invoices are only paid for goods received.

C.  

To ensure all liabilities have been satisfied.

D.  

To ensure invoices are only paid for goods ordered.

A.  

Some inspection results were missing from the computer system.

B.  

The results of lengthy inspections were more likely to be omitted from the computer system.

C.  

Flaws in the computer system prevented employees from saving their inspection results.

D.  

Employees did not ensure that inspection results were completed in the computer system.

A.  

Enabling continuous auditing.

B.  

Employing generalized audit software.

C.  

Facilitating electronic workpapers.

D.  

Using machine learning.

A.  

All requests for consulting engagements must be included in the annual internal audit plan

B.  

Assurance engagements must be included in the annual internal audit plan but there is no requirement to include consulting engagements

C.  

Consulting engagements do not need to be included m the annual internal audit plan unless requested by the board

D.  

The acceptance of proposed consulting engagements into the annual internal audit plan may depend on their ability to add value

A.  

Evidence of all data used in an engagement

B.  

Internal audit policies and workpaper templates

C.  

Workpapers, cross-referenced to audit observations

D.  

Satisfaction ratings from management of the area under review

A.  

A survey with open-ended questions is weaker than a structured interview

B.  

A survey with closed-ended questions can produce quantifiable evidence

C.  

A survey's participants are likely to volunteer information that was not specifically requested

D.  

A survey, like inspections and confirmations are best used to test the operating effectiveness of controls

A.  

Inventory comprised of the same items stored in different warehouses

B.  

Batches of materials that must be confirmed as meeting quality standards

C.  

Revenue that is earned by an organization through cash receipts or as receivable.

D.  

Tax reports submitted to meet the requirements of the local taxation authority

A.  

Retention requirements for internal audit records should be compliant with ones set for external audit records

B.  

Retention requirements should take into account the medium in which internal audit records are stored

C.  

Retention requirements should be set by the chief audit executive and aligned will the organization s process and procedures

D.  

Retention requirements should set a minimum period of the for records storage and the process of archiving documents

A.  

Whether an audit is explicitly required by the internal audit charter

B.  

The extent to which the work to be performed is an assurance or consulting engagement

C.  

The organization's annual risk management strategy

D.  

Risks that are identified by operations staff or senior management

A.  

Compare the firm's financial performance with organizations in the same industry

B.  

Interview all managers involved in preparing the financial statements

C.  

Perform a bank reconciliation to confirm the cash balance in the financial statements.

D.  

Trace each financial transaction to the original supporting document

A.  

The organization experiences a merger, and the management team is reorganized and redistributed globally

B.  

The organization launches a product into new global markets

C.  

After minimal testing, the organization implements a new system to replace a legacy system

D.  

Regulators announce broad legislative reforms applicable to the industry within which the organization operates

A.  

RACI (responsible, accountable, consult and inform) chart

B.  

Flowchart

C.  

SWOT{strengths. weaknesses opportunities, and threats) analysis

D.  

Workflow analysis

A.  

interview IT management in both regions

B.  

Inspect regional user software training records

C.  

Interview propel management and the vendor responsible for implementation

D.  

Distribute surveys to software users in both regions

A.  

Require the approval of additions and changes to the vendor master listing, where the inherent risk of false vendors is high.

B.  

Monitor amounts paid each period and compare them to the budget to identify potential issues.

C.  

Compare employee addresses to vendor addresses to identify potential employee fraud.

D.  

Monitor customer quality complaints compared to the prior period to identify vendor issues.

A.  

ICQs are efficient because they minimize the need for follow-up with survey respondents

B.  

Controls with positive survey responses can be eliminated from further testing

C.  

Answers to survey questions can be easily misinterpreted

D.  

ICQs offer limited value for organizations with uniform procedures

A.  

Discuss the issue with senior management.

B.  

Discuss the issue only with the CEO.

C.  

Inform the board.

D.  

Discuss the issue with the members of management responsible for the risk area.

A.  

To prepare for testing the effectiveness of controls

B.  

To plan for evaluating potential losses

C.  

To prepare a sampling plan for the engagement

D.  

To evaluate the design of controls

A.  

Reassign the competent auditors immediately.

B.  

Notify the board that the cybersecurity engagement cannot be performed due to a lack of competent resources.

C.  

Suspend the cybersecurity engagement due to the lack of internal auditors with relevant competencies.

D.  

Seek advice from the chief audit executive on appropriate actions related to the cybersecurity engagement.

A.  

Job enlargement

B.  

Job enrichment

C.  

Horizontal loading of the job.

D.  

Job rotation.

A.  

Sufficiency

B.  

Reliability

C.  

Relevance

D.  

Usefulness

A.  

Determine which controls if any are in place to mitigate the fraud risks

B.  

Follow protocol for internal reporting and investigating fraud allegations

C.  

Research frauds that nave occurred t\ similar organizations

D.  

Incorporate the fraud risk assessment into the engagement plan

A.  

If it is an assurance engagement, accept the assignment because direct knowledge of the existing accounts payable processes will provide depth and add more value

B.  

If it is a consulting engagement, decline the assignment and ask to be reassigned, because in a consulting engagement the auditor must not assess operations for areas in which they were previously responsible.

C.  

if it is a consulting engagement, accept the assignment because direct knowledge of the existing accounts payable processes will provide depth and add more value

D.  

If it is an assurance engagement, accept the assignment because the chief audit executive had knowledge of the internal auditor's previous role when this engagement was assigned.

A.  

1 and 3.

B.  

1 and 4.

C.  

2 and 3.

D.  

2 and 4.

A.  

A primary purpose of the exit conference is to provide for the timely communication of observations that call for immediate management action.

B.  

Both the chief audit executive and the chief executive over the activity or function reviewed must attend the exit conference to validate the findings.

C.  

The exit conference provides only anticipated results for inclusion in the final audit communication.

D.  

During the exit conference, the performance of the internal auditors who executed the engagement is reviewed.

A.  

The internal audit activity constitutes the first line of defense in effective risk management.

B.  

The internal audit activity provides direction regarding internal controls implementation.

C.  

The internal audit activity verifies that management has met its responsibility for implementing effective controls.

D.  

The internal audit activity implements the internal control framework and advises management regarding best practices

A.  

$0.50

B.  

$1.50

C.  

$2 50

D.  

$3.50

A.  

A slight increase in carrying costs.

B.  

A greater need for inspection of goods as the goods arrive

C.  

A greater need for linkage with a vendors computerized order entry system.

D.  

An Increase in the number of suitable suppliers

A.  

Assume responsibility for quantifying and minimizing the residual risks to the organization.

B.  

Assess the level of financial risks that may affect the organization's stability.

C.  

Inform the regulatory agency about senior management's action and seek guidance.

D.  

Proceed with a consulting engagement to benchmark similar organizations' business practices in the region.

A.  

Cause and effect.

B.  

Effect and criteria

C.  

Condition and cause

D.  

Criteria and condition.

A.  

Interval sampling

B.  

Cluster sampling

C.  

Stop-and-go sampling

D.  

Stratified sampling

A.  

Stratification of numeric values

B.  

Gap testing

C.  

Joining different data sources

D.  

Duplicate testing

A.  

Present audit evidence and information to support the internal auditor’s line of questioning.

B.  

Establish credibility, trust, and rapport.

C.  

Develop flowcharts and review them with the interviewee.

D.  

Observe the process and discuss it with the interviewee.

A.  

Customer satisfaction index has to be 90% each quarter.

B.  

Ten rapid charging stations will be installed next year.

C.  

The organization aims to decrease the budget by 10%.

D.  

The organization will be carbon neutral within 5 years.

A.  

The corporate risk register.

B.  

The strategic plan.

C.  

Internal and external audit reports.

D.  

The board's meeting records.

A.  

The overall performance resulting from the internal audit balanced scorecard

B.  

The number of outstanding and overdue management actions

C.  

The experience of the organization's internal auditors

D.  

The number of audits in the annual audit plan relative to similar organizations

A.  

The senior auditors are unavailable, as they are currently working on other portions of the engagement

B.  

The auditor in charge believes that the junior auditor should obtain a specific type of experience.

C.  

The audit engagement has a tight deadline and the work must be completed timely.

D.  

The auditor in charge is unable to identify audit staff with all of the required skills needed to complete the engagement

A.  

An assurance map is used by the chief audit executive to coordinate assurance activities with other internal and external assurance providers

B.  

An assurance map is a picture of all assurance engagements performed by the internal audit activity across the organization

C.  

An assurance map is used by the engagement supervisor to coordinate the roles of various internal audit team members assigned to assurance engagements

D.  

An assurance map lists the procedures and testing activities performed by an internal audit team during an assurance engagement

A.  

Controls that ensure that grid connection design is finalized before construction is approved to begin

B.  

Controls that ensure construction orders are initiated after the second invoice is paid

C.  

Controls that ensure all three invoices are calculated correctly according to the total project cost

D.  

Controls that ensure that applications are verified for approval prior to initiating design and construction

A.  

Positive aspects of the process or area under review

B.  

A brief synopsis of the process of area under review

C.  

Outcomes and ratings of the process or area under review

D.  

Report issuance and the communication process of the engagement.

A.  

Questionnaires.

B.  

Surveys.

C.  

Structured interviews

D.  

Facilitated team workshops