IIA-CIA-Part2 Practice Questions

A.  

Wait for the next external assessment and address all of the missing information in the charter based on the recommendations from the external assessment team

B.  

Perform a review of HA guidance to become acquainted with the latest mandatory elements prior to updating the charter

C.  

Use an internal audit charter template from another organization that operates within the same industry.

D.  

Identify an individual within the internal audit activity who has in-depth knowledge of mandatory IIA guidance elements to address any gaps or areas of the current version of the charter that could be improved

A.  

Documentary evidence

B.  

Testimonial evidence

C.  

Analytical evidence

D.  

Physical evidence

A.  

Perform a site visit to see whether the organization's servers are operational

B.  

Interview end users to determine whether they understand how to use the database information

C.  

Determine whether policies are in place on how to use the database information

D.  

Review for indications of potential issues with the database information

A.  

Manage and coordinate risk management processes.

B.  

Audit risk management processes.

C.  

Become involved in risk oversight committees, monitoring activities, and status reporting.

D.  

Accept management's responsibility for risk management without board approval.

A.  

Metadata

B.  

Data security

C.  

A business application

D.  

Data owner

A.  

Assign the engagement to a staff auditor and closely review his work and report.

B.  

Assign the engagement to a senior auditor, who carefully researches and studies the company’s IT infrastructure.

C.  

Contract an external service provider auditor with the experience necessary to perform the audit.

D.  

Perform the audit herself and work closely with the information security function to obtain expertise in the area.

A.  

An internal auditor made purchases from several of the organization's retail outlets to evaluate customer service

B.  

An internal auditor interviewed various employees regarding health and safety issues and recorded their answers

C.  

An internal auditor obtained the current quarterly financial report and computed changes in deb-to-equity ratio

D.  

An internal auditor received a signed confirmation regarding the terms of a transaction from an independent attorney

A.  

Advising new internal auditors working for the organization on how to develop strategies on planning audits for the upcoming fiscal year

B.  

Assessing whether the organization's corporate social responsibility program is meeting its yearly goals to reduce carbon emissions.

C.  

Briefing the organization's department managers on how to implement risk management processes into their daily operations.

D.  

Communicating with senior management to better understand how new purchasing controls will minimize payment processing time

A.  

All assurance engagement observations should be communicated to the audit committee.

B.  

All assurance engagement observations should be included in the main section of the engagement communication.

C.  

During the "communicate" phase of an assurance engagement, it is best to define the methods and timing of engagement communications.

D.  

A detailed escalation process should be developed during the planning stage of an assurance engagement.

A.  

An implementer for the action plan

B.  

An owner of the action plan

C.  

The internal auditor's next review date of the action plan

D.  

Detailed procedures for the action plan

A.  

The CAE would automatically sand a copy of the report to the service provider as many of the findings relate to Via area managed by the service provider

B.  

The CAE may distribute the report to tie service provider at no cost, after consulting with legal counsel and tie chief compliance officer

C.  

The CAE may provide a copy of the audit report to the service provider If an agreement & signed and the service provider agrees to reimburse the cost of the auditD, The CAE should benchmark with other organization in the industry by consorting with colleagues and distribute the report only I it is an acceptable practice m the industry

A.  

Document the results and report the overall percentage of variances.

B.  

Determine the significance of the variances and investigate causes as needed.

C.  

Review the results and investigate the cause of all variances.

D.  

Report all variances to management and request an action plan to remediate them.

A.  

Stratified sampling

B.  

Attribute sampling

C.  

Discovery sampling

D.  

Haphazard sampling

A.  

Assets, liabilities, and owners' equity would be understated.

B.  

Assets, net income, and owners’ equity would be unaffected

C.  

Assets and liabilities would be understated.

D.  

Assets, net income, and owners’ equity would be understated, but liabilities would be overstated

A.  

Request the internal audit activity to perform an ethics-related assurance engagement.

B.  

Offer in-house ethics-related training seminars for employees to attend

C.  

Reaffirm the importance of the organization's code of ethics to all employees

D.  

Conduct an organization wide employee survey on ethical practices.