IIA-CIA-Part1 V4

Which of the following needs to be established prior to undertaking an assessment of the quality assurance and improvement program?A . Department performance standards.B . Remediation timeframes.C . Nonconformance disclosures.D . External assessment resourcesView AnswerAnswer: D Explanation: Before undertaking an assessment of the quality assurance and improvement program, it is...

According to IIA guidance, which of the following statements regarding the internal audit charter is true?A . The nature of consulting services typically is not included in the charter.B . The chief audit executive must formally review the charter at least once a yearC . The nature of assurances provided...

Which of the following best describes the type of risk that an adequately designed and effectively operating system of internal controls should mitigate?A . Net.B . Controllable.C . inherent,D . Residual.View AnswerAnswer: C Explanation: The type of risk that an adequately designed and effectively operating system of internal controls should...

Which of the following activities is most likely to require a fraud specialist to supplement the knowledge and skills of the internal audit activity?A . Planning an engagement of the area in which fraud is suspected.B . Employing audit tests to detect fraud.C . Interrogating a suspected fraudsterD . Completing...

A snow removal company is conducting a scenario planning exercise where participating employees consider the potential impacts of a significant reduction in annual snowfall for the coming winter. Which of the following best describes this type of risk?A . Residual.B . Net.C . Inherent.D . Accepted.View AnswerAnswer: C Explanation: Inherent...

Which of the following is an example of a directive control?A . Segregation of duties.B . Exception reports.C . Training programs.D . Supervisory review.View AnswerAnswer: C Explanation: Training programs are an example of directive controls as they are designed to direct staff behaviors towards compliance with organizational policies and procedures....

Which of the following processes does the board manage to ensure adequate governance?A . Establish and measure performance objectives for the internal audit activity.B . Select board members with necessary knowledge and skills.C . Develop, approve, and execute the strategic plan of the organization.D . Develop strategies to mitigate the...

Which of the following is an example of a detective control?A . Automatic shut-off valve.B . Auto-correct software functionality.C . Confirmation with suppliers and vendors.D . Safety instructions.View AnswerAnswer: C Explanation: An example of a detective control is confirmation with suppliers and vendors. This control involves verifying transactions after they...

During a payroll audit, the internal auditor discovered that several individuals who have the same position classification as he are earning a significantly higher salary. The auditor noted the names and amounts of each, and he planned to prepare a request to the chief audit executive for a salary increase...

Senior management has decided to adopt the key principles approach of the ISO 31000 risk management framework. According to IIA guidance, which of the following principles is most appropriate when implementing the risk management process in a dynamic agency?A . Everyone in the agency has a primary responsibility for identifying...