IIA-CIA-Part1 Practice Exam Questions and Answers

A.  

The organization s risk appetite mission, and objectives are dearly outlined.

B.  

The organization s risk management practices are assessed as mature.

C.  

The organization has adopted risk management frameworks and global models.

D.  

The organization s significant risks are identified and adequately assessed

A.  

Auditors shall observe the law and make disclosures expected by the law and the profession

B.  

Auditors shall disclose all material facts known to them that if not disclosed may distort the reporting of activities under review

C.  

Auditors shall engage only in those services for which they have the necessary knowledge skills and experience

D.  

Auditors shall be prudent in the use and protection of information acquired in the course of their duties

A.  

Responsible for implementing CSR principles and overseeing of CSR performance.

B.  

Responsible for performing periodic internal self-verifications of reported CSR results.

C.  

Responsible for performing analysis and comparison of CSR reports and performance.

D.  

Responsible for ongoing CSR reporting and accomplishing of performance targets.

A.  

The length and consistency of the auditor's work experience

B.  

The auditor's demonstrated problem-solving skills

C.  

The auditor's skills compared to those already possessed by other audit staff

D.  

The auditor's ability to be self motivated and a good team player

A.  

ative control? 3

B.  

Third parties who operate the hotline ensure anonymity for whistle blowers. D Whistleblower tips help discover wrongdoings and violations of the code of conduct.

Potential perpetrators of fraud know that their actions can be reported easily.

C.  

Better investigation protocols are triggered by the whistleblower hotline.

A.  

Coaching management in responding to risks.

B.  

Implementing risk responses on management's behalf.

C.  

Imposing risk management processes.

D.  

Setting the risk appetite.

A.  

A mining company practices backfilling and planting trees after mining within an area.

B.  

A construction company ensures that its workers are paid at the regulated minimum wage.

C.  

A foods manufacturer sources cheap raw materials to generate higher profits for distribution to its employees.

D.  

A bank listed on the national stock exchange consistently pays dividends to its shareholders.

A.  

The ability to inspire trust

B.  

The ability to communicate effectively

C.  

The ability to display courage

D.  

The ability to understand the needs of stakeholders

A.  

A requirement that internal auditors undergo objectivity training periodically

B.  

Periodic communications reminding internal auditors of Standards requirements

C.  

A review of the final audit report by the audit committee

D.  

Ongoing monitoring and periodic internal quality assessments

A.  

The nature of services provided are defined in the internal audit charter.

B.  

Internal auditors must maintain objectivity while performing their work.

C.  

The objectives and scope of the engagement typically are directed by management.

D.  

Internal auditors may assume management responsibilities.

A.  

A consulting engagement independent of the financial risk committee's review.

B.  

A risk assessment.

C.  

An assurance engagement.

D.  

A joint consulting engagement with input from the financial risk committee.

A.  

Statistical sampling techniques should always be used to pull unbiased sampling for testing.

B.  

Fieldwork completed by internal auditors should be appropriately reviewed.

C.  

Internal auditors should avoid using the lunch room simultaneously with audit clients.

D.  

During the audit review period, there should be no nonaudit dialogues with the audit client.

A.  

Internal audit charter.

B.  

Workpaper.

C.  

Audit report.

D.  

Code of ethics.

A.  

To recognize red flags that indicate fraud.

B.  

To recommend controls to prevent fraud.

C.  

To apply forensic auditing techniques to detect fraud.

D.  

To evaluate the potential for fraud.

A.  

A quality assessment review.

B.  

An internal audit client survey.

C.  

A control self-assessment.

D.  

A peer review of the internal audit activity.

A.  

Outsource the engagement to an external audit firm that has appropriate skills.

B.  

Recruit a lawyer with knowledge of the legislation to the audit team and ask the new auditor to perform the engagement.

C.  

Decline to perform the engagement, as the internal audit activity does not have the appropriate skill set.

D.  

Carry out the engagement using existing internal audit staff to help them gain the appropriate experience.

A.  

Separate the duties of processing and authorizing refunds on merchandise

B.  

Post signs in the register area prompting customers to ask for and examine their sales receipts

C.  

Periodically count the cash in the register and compare it to the expected amount

D.  

Use cash registers with internal tapes that are tamper proof and that require a manager to process voids or refunds

A.  

Number of mitigating controls.

B.  

Effectiveness of the control environment

C.  

Use of computer-assisted auditing techniques.

D.  

IT security controls

A.  

A statement of independence of the organization's internal auditors.

B.  

Meeting minutes with the assessment team, if key risks were identified and discussed.

C.  

Frequency of the quality assessments being performed.

D.  

Summary of previous internal assessments undertaken.

A.  

The internal audit activity is responsible for the company's risk management function, and its head manager reports to the chief audit executive.

B.  

A senior member of the internal audit activity once worked in the corporate finance department.

C.  

The organization’s CEO reviews the internal audit activity’s annual budget per the organization’s policies and procedures.

D.  

The internal audit activity often uses management's risk profile to build its own risk profile for annual planning.

A.  

Skills in evaluating the risk of fraud.

B.  

Knowledge of key IT risks and controls

C.  

Soft skills such as communication and negotiation.

D.  

Knowledge and understanding of the company's expenses policy

A.  

Senior management

B.  

Internal audit activity.

C.  

All employees.

D.  

Board of directors.

A.  

Confidentiality.

B.  

Independence.

C.  

Integrity.

D.  

Objectivity.

A.  

Avoiding the risk altogether.

B.  

Transferring the risk.

C.  

Introducing a control feature.

D.  

Accepting the risk.

A.  

The CAE tasks internal auditors with coordinating assurance activities with other providers across the organization.

B.  

The CAE encourages auditors to volunteer to support research work of the local professional institute.

C.  

The CAE requires auditors to periodically attest to the profession's Code of Ethics.

D.  

The CAE reminds auditors to ensure workpapers are completed for audit engagements.

A.  

Ensuring the organization's key risks are managed through appropriate controls.

B.  

Assisting the organization in maintaining effective controls.

C.  

implementing new controls to promote continuous improvement

D.  

Validating control assessments performed by the external auditor.

A.  

Coordinate and facilitate risk workshops for management to attend.

B.  

Establish the degree of risk appetite for management to accept.

C.  

Set risk indicators and mitigation plans for management to implement

D.  

Determine the number of significant risks for management to report to the board.

A.  

1 and 2 only.

B.  

1 and 4 only

C.  

1, 2, and 3

D.  

3 and 4

A.  

The identified risks have not undergone a detailed review to ensure completeness in the past two years.

B.  

The controls in place to mitigate the risks are not tested on an annual basis to confirm operating effectiveness.

C.  

The process in place to identify and evaluate new risks to the organization is informal and poorly documented.

D.  

The identified risks have not been ranked to establish their importance and risk management priority.

A.  

Integrity

B.  

Proficiency

C.  

Due Professional Care

D.  

Competency

A.  

Compare the design of the organization's ethical programs with best practices.

B.  

Verify that a code of conduct and related policies exist and are communicated.

C.  

Use employee surveys to assess whether ethical programs are achieving desired outcomes.

D.  

Compare the cost of the ethical programs with the achieved outcomes.

A.  

The audit committee requested the self assessment for quality assurance purposes

B.  

The staff auditors have the necessary knowledge and experience to conduct the review

C.  

The internal audit activity is relatively small in size and is due for an external assessment

D.  

The internal audit activity is due for a self-assessment which is specifically required at least once every five years

A.  

Recommend mat the chief audit executive outsource the upcoming audit engagement

B.  

Proceed with the audit engagement in accordance with the internal audit manual

C.  

Increase the amount of fieldwork in order to build greater credibility for audit conclusions

D.  

Declare a conflict of interest and hand over the engagement to another auditor

A.  

Report the non-compliance cases to the board of directors.

B.  

Recommend that management update its policies and procedures based on the circumstances.

C.  

Investigate the rationale for management's actions.

D.  

Recommend those employees to report the cases through the designed whistleblowing channel for the appropriate treatment.