NEW QUESTION 1
Which of the following control activities is the most effective to ensure users' levels of access are appropriate for their current roles?

• A. The human resources department generates a monthly list of terminated and transferred employees and requests IT to update the user access as required.
• B. Standardized user access profiles are developed and the appropriate access profiles are automatically assigned to new or transferred employees.
• C. System administrator rights are assigned to one user in each department who can update user access of terminated or transferred employees immediately.
• D. Department managers are required to perform periodic user access reviews of relevant systems and applications.

Answer: D

NEW QUESTION 2
An internal audit activity is using the auditing-by-element approach to audit the organization's controls around corporate social responsibility. Which of the following would be an element for the internal audit activity to consider?

• A. Working conditions.
• B. Employees' families.
• C. Marketplace competition.
• D. Shareholders and investors.

Answer: B

NEW QUESTION 3
An internal auditor is conducting an assessment of the organization's fraud prevention program using the COSO enterprise risk management framework. According to this framework, which of the following activities would fall under the control environment component for preventing fraud?
* 1. The organization uses an automated authority approval matrix to control payments.
* 2. The organization has a whistleblower hotline that is available to employees.
* 3. Annually, every manager completes a comprehensive fraud assessment of his or her department.
* 4. Annually, the organization reviews and communicates the code of expected behavior.

• A. 1 and 2.
• B. 1 and 3.
• C. 2 and 3.
• D. 2 and 4.

Answer: D

NEW QUESTION 4
An assurance mapping exercise helps an organization do which of the following?
* 1. Provide assurance to stakeholders that risks are managed and reported, and regulatory and legal obligations are met.
* 2. Fulfill best practices in the industry.
* 3. Identify and address any gaps in the risk management process.
* 4. Identify fraud.

• A. 1 and 4.
• B. 1 and 3.
• C. 2 and 3.
• D. 3 and 4.

Answer: B

NEW QUESTION 5
According to IIA guidance, which of the following best describes internal auditors' responsibility regarding fraud?

• A. Internal auditors should take a leading role in investigating all fraud-related cases.
• B. Internal auditors must have sufficient knowledge to evaluate the risk of fraud.
• C. Internal auditors should report all fraud cases to law enforcement agents, in accordance with the Code of Ethics.
• D. Internal auditors are responsible for ensuring that fraud does not occur.

Answer: B

NEW QUESTION 6
Which of the following is an activity that an internal auditor must not perform?

• A. Establish and provide continuing assurance on an anti-money laundering program for new hires.
• B. Survey employees for their understanding of anti-money laundering practices.
• C. Provide assurance for the effectiveness of anti-money laundering training.
• D. Assess the risk of being fined for ineffective anti-money laundering practices.

Answer: A

NEW QUESTION 7
An internal auditor is performing analytical reviews as part of an audit of a supermarket's merchandising department. Because the economy has declined since midyear, the auditor can expect to encounter which of the following?

• A. Higher inventory turnover.
• B. Higher operating margin.
• C. Lower obsolete stock disposal.
• D. Lower sales volume.

Answer: D

NEW QUESTION 8
Faced with a complex, highly technical construction audit engagement, the chief audit executive (CAE) considered complementing the current internal audit resources by engaging the services of a civil engineer.
Which of the following should the CAE consider in determining whether the engineer possesses the necessary skills to perform the engagement?
* 1. Professional certification, license, or other recognition of the engineer's competence in the relevant discipline.
* 2. Experience of the engineer in the type of work being considered.
* 3. Compensation or other incentives that the engineer may receive.
* 4. The extent of other ongoing services that the engineer may be performing for the organization.

• A. 1 and 4 only
• B. 2 and 3 only
• C. 3 and 4 only
• D. 1, 2, and 4 only

Answer: D

NEW QUESTION 9
Which of the following is an example of a directive control?

• A. Segregation of duties.
• B. Exception reports.
• C. Incentive compensation plans.
• D. Automated reconciliations.

Answer: C

NEW QUESTION 10
The management at a national consumer goods organization implements a fair work and pay practice as well as a policy to treat employees equitably and consistently. Which common characteristics of fraud will the practice and policy most likely reduce?

• A. Pressure or incentive.
• B. Opportunity.
• C. Rationalization.
• D. Commitment.

Answer: A

NEW QUESTION 11
Which of the following are core responsibilities to be included in the internal audit charter?
* 1. Review reliability and integrity of financial and operating information and the means used to identify, measure, classify, and report such information.
* 2. Determine the adequacy and effectiveness of the organization’s systems of internal accounting and operating controls.
* 3. Participate in the planning and performance of audits of potential acquisitions with the organization's outside accountants and other members of the corporate staff.
* 4. Report to those members of management who should be informed of results of audit examinations, the audit opinions formed, and the recommendations made.

• A. 1 and 2.
• B. 1 and 4.
• C. 2 and 3.
• D. 2 and 4.

Answer: A

NEW QUESTION 12
Which of the following is considered a violation of The IIA's Code of Ethics?

• A. An auditor conveys public information about an organization's financial condition.
• B. An auditor reports a manager's illegal activity to senior management, rather than reporting the incident to the appropriate external authority.
• C. An auditor receives allegations of fraud from a whistleblower and immediately reports the allegations to senior management.
• D. An auditor reports material deficiencies, despite the fact that management is already aware of the defects.

Answer: C

NEW QUESTION 13
According to IIA guidance, which of the following is least compliant with the requirements regarding an internal auditor's need for objectivity?

• A. An internal auditor assessed the effectiveness of controls over payroll software, which he had helped implement with a previous employer.
• B. An internal auditor participated in an audit of controls around absenteeism, despite providing some consultation on controls in this area earlier in the year.
• C. An internal auditor performed an assurance engagement for the effectiveness of accounts payable access controls, one of which he previously helped to design.
• D. An internal auditor, previously employed in the quality assurance operations area, performed a consulting engagement for the operations manager.

Answer: C

NEW QUESTION 14
Which of the following would be the most important consideration by the internal audit activity when selecting employees to perform an internal quality assessment?

• A. Their understanding of auditing standards.
• B. Previous experience working with the internal audit activity.
• C. Their reporting line within the organization.
• D. The nature of their regular duties and responsibilities.

Answer: A

NEW QUESTION 15
Which of the following actions should the audit committee take to promote organizational independence for the internal audit activity?

• A. Delegate final approval of the risk-based internal audit plan to the chief audit executive (CAE).
• B. Approve the annual budget and resource plan for the internal audit activity.
• C. Assist the CAE with hiring objective and competent internal audit staff.
• D. Encourage the CAE to communicate and coordinate with the external auditor.

Answer: A

NEW QUESTION 16
According to IIA guidance, which of the following is an area in which the internal auditor should be proficient?

• A. Management principles.
• B. Computerized information systems.
• C. Internal audit standards, procedures, and techniques.
• D. Fundamentals of accounting, economics, and finance.

Answer: C

NEW QUESTION 17
According to IIA guidance, which of the following practices by the chief audit executive (CAE) best enhances the organizational independence of the internal audit activity?

• A. CAE reviews and approves the annual audit plan.
• B. CAE meets privately with The CEO at least annually.
• C. CAE meets privately with The board at least annually.
• D. CAE reports to the board regarding audit staff performance evaluation and compensation.

Answer: D

NEW QUESTION 18
......