Professional Documents
Culture Documents
Question: 2
Question: 3
A. Control.
B. Governance.
the organization
Ensuring effective organizational performance
management and accountability
Communicating risk and control information to
appropriate areas of the organization
Coordinating the activities of and communicating
information among the board, external and
internal auditors and management
(Perf. Std. 2110)
C. Risk management.
D. A quality assurance program.
Question: 4
Question: 5
the organization;
Ensuring effective organizational performance
management and accountability;
Communicating risk and control information to
appropriate areas of the organization; and
Coordinating the activities of and communicating
information among the board, external and
internal auditors and management.
Thus, in an assurance engagement, The internal audit
activity must evaluate the design, implementation, and
effectiveness of the organizations ethics-related
objectives, programs, and activities
(Impl. Std. 2110.A1).
Question: 6
Question: 7
Question: 8
A. I and II only.
Answer (A) is correct.
Strategic direction determines (1) the business model,
(2) overall objectives, (3) the risk appetite, and (4) the
limits of organizational conduct. The elements of
oversight are (1) the boards responsibilities to
stakeholders, (2) the risk management activities of senior
management and the board, and (3) internal and external
assurance activities.
B. I, II, and IV only.
C. III and IV only.
D. II and IV only.
Question: 9
Internal
External
Question: 10
A.
B.
C.
D.
Question: 11
A.
B.
C.
D.
I only.
I and II only.
I and III only.
I, II, and III.
Question: 12
Organizations take corporate governance seriously due to its influence on
I.
II.
III.
IV.
Internal stakeholders
External stakeholders
The public
Regulatory agencies
A. I only.
B. II only.
C. I, II, and III only.
Answer (C) is correct.
Governance is the combination of people, policies, procedures, and
processes (including internal control) that help ensure that an entity
effectively and efficiently directs its activities toward meeting the
objectives of its stakeholders. Stakeholders are persons or entities who are
affected by the activities of the entity. Among others, these include
shareholders, employees, suppliers, customers, neighbors of the entitys
facilities, and government regulators.
D. I, II, and IV only.
Question: 14
Question: 15
Question: 16
Question: 17
Question: 18
A.
B.
C.
D.
I and II only.
I only.
II, III, and IV only.
I, II, III, and IV.
Answer (D) is correct.
A risk committee may be created that
Identifies keys risks,
Connects them to risk management processes,
Delegates them to risk owners, and
Considers whether tolerance levels delegated to
Question: 19
Question: 19
Question: 21
A.
B.
C.
D.
Shareholders.
Employees.
Suppliers.
All of the answers are correct.
Answer (D) is correct.
Stakeholders are persons or entities who are affected by
the activities of the entity. Among others, these include
shareholders, employees, suppliers, customers, neighbors
of the entitys facilities, and government regulators.
Question: 22
Question: 23
List A
List B
List C
Question: 24
Question: 25
A.
B.
C.
D.
I and II only.
II and III only.
I and III only.
I, II, and III.
Answer (D) is correct.
The internal audit activity periodically assesses the
elements of the ethical climate of the organization and its
effectiveness in achieving legal and ethical compliance.
Internal auditors therefore evaluate the effectiveness of
regular reviews of the processes that undermine the
ethical culture, confidential reporting of alleged
misconduct, and personnel practices that encourage
contributions by employees.
Question: 26
Which of the following should be defined in the internal audit plan for
an assessment of governance?
I. The nature of the work
II. The governance process
III. The nature of the assessments
A.
B.
C.
D.
I and II only.
II and III only.
I and III only.
I, II, and III.
Question: 27
A.
B.
C.
D.
I only.
IV only.
II and III only.
I, II, III, and IV.
Answer (D) is correct.
The internal audit activity must assess and make
appropriate recommendations for improving the
governance process in its accomplishment of the
following objectives:
Promoting appropriate ethics and values within
the organization.
Ensuring effective organizational performance
management and accountability.
Communicating risk and control information to
appropriate areas of the organization.
Coordinating the activities of and communicating
information among the board, external and
internal auditors, and management.
(Perf. Std. 2110).
Question: 28
Question: 29
A. Trusteeship.
B. Empowerment and control.
Answer (B) is correct.
Empowerment and control mean that decision making
should occur at appropriate levels of the organization,
and freedom of management should be exercised within
a framework of checks and balances.
C. Good corporate citizenship.
D. Transparency of public disclosures.
Question: 30
A.
B.
C.
D.
I and II only.
II and III only.
I and III only.
I, II, and III.
Answer (D) is correct.
The design and practice of effective governance vary
with
The size, complexity, and life-cycle maturity of
the organization;
The organizations stakeholder structure; and
Legal and cultural requirements.
Question: 31
Craig is the chief audit executive (CAE) of Marlin, Inc., and is in the
process of planning an assessment of governance at Marlin. Which
of the following should Craig consider in planning the assessment of
governance?
Question: 32
A.
B.
C.
D.
focused on governance,
The results of other assurance providers work,
and
Other information such as adverse incidents
indicating an opportunity to improve governance.
Question: 33
Which of the following are roles of the internal audit activity in best
practice governance activities?
I. Report significant audit issues
II. Support the board in enterprise-wide risk assessment
III. Conduct follow-up and report on managements response to
external audit
IV. Act as custodian of corporate assets in the pursuit of positive
outcomes for stakeholders
Question: 34
A.
B.
C.
D.
Trusteeship.
Empowerment and control.
Good corporate citizenship.
Transparency of disclosures.
Answer (D) is correct.
Transparency of disclosures may involve accepting a
higher cost of capita
Question: 35
Question: 36
Question: 37
directors, employees.
Question: 38
Question: 39
Question: 40
Question: 41
Question: 42
A.
B.
C.
D.
I only.
I and III only.
I, II, and III only.
I, II, III, and IV.
Answer (D) is correct.
All of these are potential risks surrounding the
unintentional disclosure of information due to failures in
Question: 43
Question: 44
Question: 45
1970.
Answer (B) is correct.
OSHA is authorized to develop detailed health and safety
standards and to enforce them under the Occupational
Safety and Health Act of 1970. OSHA investigates
complaints, conducts inspections, and has developed
numerous procedures to encourage compliance.
C. Address changing attitudes about the treatment of
employees in the workplace.
D. Provide employees with a workplace free from
unrecognized hazards that are likely to cause death or
serious physical harm.
Question: 46
Of the following, which is the most likely to fall under the direct duties
of the Occupational Safety and Health Administration (OSHA)?
Question: 47
Question: 48
Question: 49
A. I and II only.
Answer (A) is correct.
Question: 50
Question: 51
Question: 52
Question: 53
A.
B.
C.
D.
I only.
IV only.
I and III only.
I, II, and IV only.
Answer (D) is correct.
There are many stakeholders of an organization whose
needs must be balanced when developing a CSR
program. Shareholders, employees, and the society must
be considered, among others. Competitors needs are not
a factor in a CSR decision.
Question: 54
A. ISO 14000.
B. ISO 26000.
Answer (B) is correct.
Question: 55
Question: 56
Question: 57
Question: 58
A.
B.
C.
D.
Question: 59
Which of the following is not a relevant risk that should be identified in a corporate
social responsibility (CSR) audit?
A. The effectiveness of implementation of large CSR projects.
B. Deductibility of charitable donations.
Answer (B) is correct.
The deductibility of charitable donations is a benefit of CSR, not a
relevant risk.
C. The reliability of performance measurements.
D. Risks associated with regulatory bodies.
Question: 60
A. I and II only.
B. I and III only.
Answer (B) is correct.
According to PA 2130.A1-1, information reliability and
integrity includes accuracy, completeness, and security.
The internal audit activity determines whether senior
management and the board clearly understand that
management is responsible for all critical information
regardless of its form. Internal auditors also determine
whether the board has been appropriately informed of
threats, incidents, vulnerabilities exploited, and
corrective measures.
C. II and III only.
D. I, II, and III.