IIA-CIA-Part2 exam

Which of the following statements about assurance maps is correct?
A . An assurance map is used by the chief audit executive to coordinate assurance activities with other internal and external assurance providers
B. An assurance map is a picture of all assurance engagements performed by the internal audit activity across the organization
C. An assurance map is used by the engagement supervisor to coordinate the roles of various internal audit team members assigned to assurance engagements
D. An assurance map lists the procedures and testing activities performed by an internal audit team during an assurance engagement

View Answer

Answer: A

According to HA guidance, the chief audit executive is directly responsible for which of the following?
A . Maintaining a quality assurance program even in the absence of management support
B. Periodically reviewing and approving the internal audit charier
C. Providing opportunities for all staff auditors to satisfy their professional development requirements
D. Establishing the objectives scope and plan for each engagement

View Answer

Answer: B

An internal auditor completed a review of expenses related to the launch of a new project. The auditor sampled 45 transactions approved by a senior project manager and identified 30 with questionable vendor documentation.

Which of the following is the most appropriate conclusion for the auditor to include in the audit report?
A . The organization incurred excessive cost overruns that resulted in significant financial and legal risk to the project.
B. The organization experienced a potential conflict of interest
C. The organization had weaknesses in its review process which allowed questionable transactions with some vendors
D. The organization allowed the project to launch without assurance that all transactions were regularly approved

View Answer

Answer: C

The board of directors expressed concerns about potential external risks that could impact the organization s ability to meet its annual objectives and goals The board requested consulting services from the internal audit activity to gain insight regarding the external risks.

Which of the following engagement objectives would be appropriate to fulfill this request?
A . Assess the organization’s ability to minimize potential external risks
B. Assess the organization’s process of vetting vendors that provide necessary services to the organization
C. Assess the organization’s risk impacts from the markets in which it operates
D. Assess the organization’s controls implemented that would help minimize risks

View Answer

Answer: B

An organization’s board would like to establish a formal risk management function and has asked the chief audit executive (CAE) to be involved in the process.

According to IIA guidance, which of the following roles should the CAE not undertake?
A . Manage and coordinate risk management processes.
B. Audit risk management processes.
C. Become involved in risk oversight committees, monitoring activities, and status reporting.
D. Accept management’s responsibility for risk management without board approval.

View Answer

Answer: D

An internal auditor collected several employee testimonials.

Which of the following is the best action for the internal auditor to take before drawing a conclusion?
A . Ensure the testimonials are well documented
B. Substantiate the testimonials with physical or documentary evidence
C. Corroborate testimonials with the results from other soft control techniques
D. Review the testimonials with the interviewed employees

View Answer

Answer: C

An organization s inventory is stored m multiple warehouses. During an inventory audit which of the following activities would most benefit from the use of computerized audit tools?
A . Verifying the existence of inventory items in each warehouse
B. Assigning the tolerable deviation rate to determine the sample size
C. Valuating the obsolete Inventory from all the warehouse locations
D. Confirming that the purchased items are recorded In the correct period

View Answer

Answer: D

As a result of server managements assumption of risk there is residual risk that exceeds me organisation’s risk appetite.

Which of the following actions would be most appropriate for the chief audit executive to take?
A . ignore the responsibility of addressing the residual risk
B. Assume the responsibility of addressing the residual risk
C. Ensure senior management acknowledges residual risk
D. Communicate with the board the issue of residual risk

View Answer

Answer: D

The board of directors expressed concerns about potential external risks that could impact the organization s ability to meet its annual objectives and goals The board requested consulting services from the internal audit activity to gain insight regarding the external risks.

Which of the following engagement objectives would be appropriate to fulfill this request?
A . Assess the organization’s ability to minimize potential external risks
B. Assess the organization’s process of vetting vendors that provide necessary services to the organization
C. Assess the organization’s risk impacts from the markets in which it operates
D. Assess the organization’s controls implemented that would help minimize risks

View Answer

Answer: B

Acceding to IIA guidance, when of the Mowing is an assurance service commonly performed by the internal audit activity?
A . Proposing fine item recommendation lot the annual financial budget of the accounting department
B. Making recommendations regarding financial approval authority limits for the operations department
C. Validating whether employees are following established policies and procedures in the procurement department
D. Generating expense report metrics for employees in the finance department

View Answer

Answer: C