You are on page 1of 6

Page 1 of 6

Gleim CIA Review


Updates to Part I
14th Edition, 1st Printing

NOTE: Text that should be deleted from the outline is displayed as struck through with a red
background. New text is shown in courier font with a green background.

Introduction

Middle of page 11: This corrects the suggested task times.

1. (25-30 minutes, plus 10 minutes for review) In the CIA Gleim Online course, complete
Multiple-Choice Quiz #1 in 20-25 minutes (excluding the review session). It is expected that your
scores will be low on the first quiz.
a. Immediately following the quiz, you will be prompted to review the questions you
marked and/or answered incorrectly. For each question, analyze and understand
why you marked it or answered it incorrectly. This step is an essential learning
activity.
2. (15-30 minutes) Use the audiovisual presentation for an overview of the study unit. The
Gleim CIA Review Audio CDs can be substituted for audiovisual presentations and can be
used while driving to work, exercising, etc.
3. (30-45 minutes) Complete the 30-question True/False quiz. It is interactive and most
effective if used prior to studying the Knowledge Transfer Outline.
4. (60 minutes) Study the Knowledge Transfer Outline, specifically the troublesome areas
identified from the multiple-choice questions in the Gleim Online course. The Knowledge
Transfer Outlines can be studied either online or from the books.
5. (25-30 minutes, plus 10 minutes for review) Complete Multiple-Choice Quiz #2 in the
Gleim Online course.
a. Immediately following the quiz, you will be prompted to review the questions you
marked and/or answered incorrectly. For each question, analyze and understand
why you marked it or answered it incorrectly. This step is an essential learning
activity.
6. (40-50 60 minutes) Complete two 20-question quizzes while in Test Mode from the CIA Test
Prep CD-Rom or Test Prep for Pocket PC.
When following these steps, you will complete all 10 units in about 30-50 45 hours. Then spend
about 5-10 hours using the CIA Test Prep CD-Rom or Test Prep for Pocket PC to create
customized tests for the problem areas that you identified. To review the entire part before the
exam, use the CIATest Prep CD-Rom or Test Prep for Pocket PC to create 20-question quizzes
that draw questions from all 10 study units. Continue taking 20-question quizzes until you
approach your desired proficiency level, e.g., 75%+.

Copyright © 2010 Gleim Publications, Inc. and/or Gleim Internet, Inc. All rights reserved. Duplication prohibited.
www.gleim.com
Page 2 of 6

Top of page 12: This corrects the suggested task times.

CIA Gleim Online


CIA Gleim Online is a versatile, interactive, self-study review program delivered via the Internet.
With CIA Gleim Online, Gleim guarantees that you will pass the CIA exam on your first sitting. It is
divided into four courses (one for each part of the CIA exam) and emulates the CIA CBT exam.
Each course is broken down into 10 individual, manageable study units. Completion time per study
unit will vary from 3-5 4 hours. Each study unit in the course contains an audiovisual presentation, 30
true/false study questions, 10-20 pages of Knowledge Transfer Outlines, and two 20-question
multiple-choice quizzes.
CIA Gleim Online provides you with a Personal Counselor, who will provide support to ensure your
competitive edge. Gleim Online is a great way to get confidence as you prepare with Gleim. This
confidence will continue during and after the exam.

Middle of page 14, left-hand column: This heading has been clarified.

Attribute and Performance Standards


• Larger and bolder border
• No background color

Middle of page 20: A second sentence has been added.

6. Your fingerprint will be captured, and a digital photograph of your face will be made. According
to The IIA, the fingerprint is optional but the photograph is mandatory.

Top of page 21: The second sentence has been deleted.

11. If you leave the testing room for any reason, you will be required to sign the test center log and
show your identification. You may also be required to provide a fingerprint when leaving or re-
entering the testing room.

Copyright © 2010 Gleim Publications, Inc. and/or Gleim Internet, Inc. All rights reserved. Duplication prohibited.
www.gleim.com
Page 3 of 6

Study Unit 1 -- Standards and Proficiency

Middle of page 60: This corrects a minor typo in Question 18.

18. Your organization has selected you to develop Answer (D) is correct. (CIA, adapted)
an internal audit activity (IAA). Your approach will REQUIRED: The personnel required by an IAA.
most likely be to hire DISCUSSION: The IIA IAA must collectively possess or obtain
the knowledge, skills, and other competencies needed to perform
A. Internal auditors each of whom possesses all its responsibilities (Standard 1210). The IAA may use internal
the skills required to handle all engagements. resources or external service providers that are qualified in such
disciplines as accounting, auditing, economics, finance, statistics,
B. Inexperienced personnel and train them the information technology, engineering, taxation, law, environmental
way the organization wants them trained. affairs, and other areas as needed to meet the IAA’s
responsibilities. Each member of the IAA, however, need not be
C. Degreed accountants because most internal qualified in all of these disciplines (PA 1210.A1-1).
audit work is accounting related. Answer (A) is incorrect. The scope of internal auditing is so
broad that one individual cannot have the requisite expertise in
D. Internal auditors who collectively have the all areas. Answer (B) is incorrect. The IAA should have
knowledge and skills needed to perform the personnel with various skill levels to permit appropriate matching
responsibilities of the internal audit activity. of internal auditors with varying engagement complexities.
Furthermore, experienced internal auditors should be available to
train and supervise less experienced staff members. Answer (C)
is incorrect. Many skills are needed in internal auditing. For
example, computer skills are needed in engagements involving
information technology.

Study Unit 3 -- Internal Audit Roles I

Bottom of page 92: This text was inadvertently cut off.

6. Control is any action taken by management, the board, and others to manage risk and increase
the likelihood that established objectives and goals will be achieved. Controls may be
preventive (to deter undesirable events from occurring), detective (to detect and correct
undesirable events which have occurred), or directive (to cause or encourage a
desirable event to occur).

Middle of page 95: This corrects a minor typo in the outline.

h. Clear, enforced lines or of responsibility and accountability.

Copyright © 2010 Gleim Publications, Inc. and/or Gleim Internet, Inc. All rights reserved. Duplication prohibited.
www.gleim.com
Page 4 of 6

Study Unit 5 -- Control Knowledge Elements

Middle of page 155: This corrects a typo in the outline.

● The CAE develops the proposed internal audit plan to provide sufficient evidence to evaluate
control. The plan should be flexible enough to permit adjustments during the year. It covers all
major operations and functions. It also gives special consideration to operations most affected
by recent or unexpected changes. Furthermore, the plan considers relevant work performed
by others, including (1) management’s assessments of risk management, control, and quality
processes and (2) the work completed by external auditors.

Bottom of page 165: This corrects a typo in the outline.

29. Before an assurance engagement can be Answer (B) is correct. (Publisher, adapted)
performed, the auditor must identify appropriate REQUIRED: The least likely source of criteria for an
criteria. The sources of such criteria are least likely assurance engagement.
to include DISCUSSION: Internal auditors must ascertain the extent to
which management has established adequate criteria to determine
A. Benchmarks for the leading firms in the whether objectives have been accomplished. If these
industry. criteria are inadequate, the auditor must work with management
to develop appropriate criteria (Standard 2120 2210.A3). Some
B. Best practices for another industry. sources of criteria for an assurance engagement are
(1) government rules and regulations, (2) guidance from trade
C. Historical cost information for the processes groups, (3) standards issued by professional nongovernmental
examined. bodies, (4) professional literature, (5) historical experience of the
organization, or (6) the results of benchmarking (e.g., best
D. Government regulations for the industry. practices of the strongest competitors). However, best practices
for an unrelated industry are unlikely to be helpful unless some
processes are similar.
Answer (A) is incorrect. Benchmarks for the leading firms in
the industry are more likely to provide adequate criteria than
those for firms in an unrelated industry. Answer (C) is incorrect.
Historical cost information for the processes examined is clearly
relevant if they have not changed materially. Answer (D) is
incorrect. Government regulations for the industry must be
followed.

Copyright © 2010 Gleim Publications, Inc. and/or Gleim Internet, Inc. All rights reserved. Duplication prohibited.
www.gleim.com
Page 5 of 6

Study Unit 7 -- Planning and Supervising the Engagement

Bottom of page 203: This clarifies the outline.

● Training needs of internal auditors as because each engagement assignment serves as a basis
for meeting developmental needs of the internal audit activity.

Bottom of page 211. This corrects the scope of Question 9.

9. An internal auditor has just completed a survey to Answer (C) is correct. (CIA,, adapted)
become familiar with the organization’s payroll REQUIRED: The step most likely following the survey.
operations as part of an unplanned DISCUSSION: Internal auditors (1) consider management’s
engagement. Which of the following most likely is assessment of risk, (2) obtain or update background information,
performed next? and (3) may conduct a survey (PA 2210-A1-1). The work
program lists the procedures to be followed during the
A. Assign internal audit personnel. engagement (Glossary). Thus, the work program is most likely to
be written after the risk assessment, the review of background
B. Establish initial engagement objectives. information, and survey. The work program is normally prepared
after the survey. The survey allows the internal auditor to
C. Write the engagement work program. become familiar with the engagement client and therefore
provides input to the work program.
D. Conduct field work. Answer (A) is incorrect. Internal audit personnel are usually
assigned before the survey. Answer (B) is incorrect. Initial
engagement objectives are established at the beginning of the
planning process prior to the start of an unplanned
engagement. They address the issues that prompted
the engagement (PA 2210-1). Accordingly,
objectives They are specified before the survey.
Answer (D) is incorrect. Field work can be performed only after
the work program has been written and approved. Thus, field
work does not normally follow the survey.

Copyright © 2010 Gleim Publications, Inc. and/or Gleim Internet, Inc. All rights reserved. Duplication prohibited.
www.gleim.com
Page 6 of 6

Study Unit 8 -- Managing the Internal Audit Activity I

Bottom of page 221: This corrects the concept of the risk map.

2. A risk map is a graph that plots the significance (impact) of an exposure on the horizontal
vertical axis and its probability (likelihood) on the vertical horizontal axis. An illustration of a
risk map is on the next page. (Source: Michael Ramos, “Section 404 Compliance in the Annual
Report,” Journal of Accountancy, October 2004, pp. 43-48).

Middle of page 223: This corrects the designator.

1. The chief audit executive (CAE) needs to submit activity reports to senior management and the
board periodically. Activity reports highlight significant engagement observations and
recommendations and inform senior management and the board of (a) significant deviations
from (a) approved engagement work schedules, staffing plans, and financial budgets; (b) the
reasons for the deviations; and (c) action taken or needed.

Copyright © 2010 Gleim Publications, Inc. and/or Gleim Internet, Inc. All rights reserved. Duplication prohibited.
www.gleim.com