IIA-CIA-Part1 exam

Which of the following processes does the board manage to ensure adequate governance?A . Establish and measure performance objectives for the internal audit activity.B . Select board members with necessary knowledge and skills.C . Develop, approve, and execute the strategic plan of the organization.D . Develop strategies to mitigate the...

Which of the following is an example of a detective control?A . Automatic shut-off valve.B . Auto-correct software functionality.C . Confirmation with suppliers and vendors.D . Safety instructions.View AnswerAnswer: C Explanation: An example of a detective control is confirmation with suppliers and vendors. This control involves verifying transactions after they...

During a payroll audit, the internal auditor discovered that several individuals who have the same position classification as he are earning a significantly higher salary. The auditor noted the names and amounts of each, and he planned to prepare a request to the chief audit executive for a salary increase...

Senior management has decided to adopt the key principles approach of the ISO 31000 risk management framework. According to IIA guidance, which of the following principles is most appropriate when implementing the risk management process in a dynamic agency?A . Everyone in the agency has a primary responsibility for identifying...

The board of a newly established organization was discussing the contents of the draft internal audit charter One board member suggested adding to the charter an obligation for the internal audit activity to develop controls in business procedures. The board member explained that the new organization needs professional-level developers, internal...

Which of the following resources would be most effective for an organization that would like to improve how it informs stakeholders of its social responsibility performance?A . ISO 26000.B . Global Reporting Initiative.C . Open Compliance and Ethics Group.D . COSO’s enterprise risk management frameworkView AnswerAnswer: B Explanation: The Global...

Management assessed the organization’s risk of expanding operations into a new, but volatile, region and began looking for a compatible local partner to manage sales and distribution. Which of the following best describes this risk management technique?A . Avoidance.B . Acceptance.C . Reduction.D . SharingView AnswerAnswer: D Explanation: The risk...

Which of the following statements best illustrates why internal auditors assess soft controls?A . Assessing soft controls are an effective method of assessing risk related to personnel.B . Assessing soft controls, as opposed to hard controls, makes it easier to evaluate operating effectiveness.C . Assessing soft controls can help internal...

If an internal auditor suspects fraud during an engagement which of the following is expected of the auditor?A . Evaluate the suspected activities to determine whether a forma! investigation is warranted,B . Immediately inform senior management and the board of the suspected fraud.C . Ascertain the level of resources needed...

Which of the following should a general internal auditor be able to characterize as an IT-related risk?A . Computer servers are in a room that is accessible to all employees,B . An IT architect avoids taking vacations and sharing his workload with coworkers,C . Hours billed by IT developers exceed...