NEW QUESTION 1
An IT contractor applied for an internal audit position at a bank. The contractor worked for the bank's IT security manager two years ago. If the audit manager interviewed the contractor and wants to extend a job offer, which of the following actions should the chief audit executive pursue?

• A. Allow the audit manager to hire the contractor and state that the individual is free to perform IT audits, including security.
• B. Not allow the audit manager to hire the contractor, as it would be a conflict of interest.
• C. Allow the audit manager to hire the contractor, but state that the individual is not allowed to work on IT security audits for one year.
• D. Not allow the audit manager to hire the contractor and ask the individual to apply again in one year.

Answer: A

NEW QUESTION 2
According to IIA guidance, which of the following is not a responsibility of the chief audit executive pertaining to documenting information to support internal audit engagement results and conclusions?

• A. Rating each engagement record to assess its relevance and accessibility for the organization's board.
• B. Controlling access to engagement records, including access by senior management.
• C. Developing retention requirements for engagement records that are consistent with organizationalguidelines.
• D. Forming policies governing the custody and retention of consulting engagement records before their release to other parties.

Answer: A

NEW QUESTION 3
What is the purpose of a secondary control?

• A. It replaces primary controls that are either ineffective or cannot fully mitigate a risk.
• B. It partially reduces the residual risk level when a key control does not operate effectively.
• C. lt combines with other controls to help reduce significant risk exposures to an acceptable level.
• D. It helps to ensure the completeness and accuracy of automated controls in a system environment.

Answer: C

NEW QUESTION 4
Evidence discovered during the course of an engagement suggests that multiple incidents of fraud have occurred. There do not appear to be sufficient controls in place to prevent reoccurrence. Which of the following is the internal auditor's most appropriate next step?

• A. Immediately notify management of the area under review and the other internal auditors involved in the engagement.
• B. Discuss the situation with the engagement supervisor to determine whether fraud investigation experts are required to investigate the matter properly.
• C. Fully document in the workpapers the evidence that has been discovered and recommend appropriate controls to address the fraud.
• D. Provide the evidence that was discovered to local law enforcement for possible prosecution of the suspected fraud.

Answer: A

NEW QUESTION 5
Which of the following best demonstrates the authority of the internal audit activity?

• A. Suggesting alternatives to decision makers.
• B. Improving the integrity of information.
• C. Determining the scope of internal audit services.
• D. Achieving engagement objectives.

Answer: C

NEW QUESTION 6
Which of the following is a requirement for an assurance engagement that may not be for a consulting engagement?

• A. The internal audit activity has to ensure team members' objectivity is not impaired.
• B. Auditors cannot participate in an assurance engagement of a function for which they previously performed a consulting engagement.
• C. The scope and objective of the engagement is agreed upon based on the engagement client's needs.
• D. The internal audit activity must ensure management actions have been implemented effectively or risk accepted.

Answer: B

NEW QUESTION 7
Which of the following is an example of a management control technique?

• A. A budget.
• B. A risk assessment.
• C. The board of directors.
• D. The control environment.

Answer: A

NEW QUESTION 8
Which of the following is most likely to enhance an internal auditor's objectivity?

• A. An auditor is appropriately able to communicate results.
• B. An auditor performs his work free from interference.
• C. An auditor is unrestricted in determination of scope.
• D. An auditor avoids conflicts of interest.

Answer: D

NEW QUESTION 9
According to the COSO internal control framework, which of the following best describes the use of continuous auditing programs by the internal audit activity?

• A. Control environment.
• B. Control activities.
• C. Risk assessment.
• D. Monitoring.

Answer: D

NEW QUESTION 10
With regard To IT governance, which of the following is the most effective and appropriate role for the internal audit activity?

• A. Independently evaluate the skills and experience of potential chief information officer candidates to assess the best fit based on the organization's risk appetite.
• B. Evaluate the organization's governance standards and assess IT-related activities to identify gaps and develop policies, ensuring alignment with the organization's risk appetite.
• C. Assist management in interpreting complex IT-related privacy and security risk exposures and evaluating potential mitigation strategies.
• D. Assess whether governance activities are aligned with the organization's risk appetite and take into consideration emerging risks.

Answer: D

NEW QUESTION 11
According to the COSO enterprise risk management framework, which of the following best describes the activity that helps ensure risk responses are carried out effectively?

• A. Objective setting.
• B. Control activities.
• C. Information and communication.
• D. Event identification.

Answer: B

NEW QUESTION 12
To fill a critical vacancy, an internal auditor is assigned temporarily to a nonaudit role in the purchasing department, where she worked previously before joining the internal audit activity. According to IIA guidance, which of the following statements is true regarding these circumstances?

• A. The chief audit executive (CAE) should review all work performed by the auditor during her temporary assignment to ensure no impairments.
• B. The CAE may conduct audits in the purchasing department during the auditor's temporary assignment.
• C. The auditor should obtain the CAE's approval as to the nature and scope of the duties she is permitted to perform during her temporary assignment.
• D. Any work performed by the auditor during her temporary assignment must conform to the internal audit charter.

Answer: C

NEW QUESTION 13
A manufacturing line supervisor joins the internal audit activity for a two-year rotational job assignment and is assigned to an accounts receivable audit. With regard to this assignment, which of the following should be the primary concern of the audit manager?

• A. Due professional care.
• B. Individual independence.
• C. Individual objectivity.
• D. Organizational independence.

Answer: A

NEW QUESTION 14
Which of the following behaviors could represent a significant ethical risk if exhibited by an organization's board?

• A. Requesting a private meeting with senior management, without the presence of the chief audit executive.
• B. Intervening during an audit involving ethical wrongdoing.
• C. Discussing periodic reports of ethical breaches.
• D. Authorizing an investigation of an unsafe product.

Answer: B

NEW QUESTION 15
Click the Exhibit.

Internal auditors are asked to keep track of how many hours per day they spend planning the audit, conducting the engagement, and writing the audit report. The data for two days has been collected as follows:
Day 1
Day 2
Planning the audit 2 hours
3 hours
Conducting the engagement 1 hour
1 hour
Writing the audit report 2 hours
4 hours
Which of the following graphs depicts the data accurately?

• A. Graph A only
• B. Graph B only
• C. Both A and B.
• D. Neither A nor B.

Answer: C

NEW QUESTION 16
Which of the following is a weakness of observation as audit evidence?

• A. It cannot be used to test the completeness assertion.
• B. It cannot be used to test the existence assertion.
• C. It cannot be used to test the occurrence assertion.
• D. It cannot be relied upon because the evidence is not persuasive.

Answer: A

NEW QUESTION 17
Which of the following is most likely to function as a directive control?

• A. Security dogs.
• B. Alert employees.
• C. Insurance claims.
• D. Cycle counts.

Answer: B

NEW QUESTION 18
......