FAR EASTERN UNIVERSITY

INSTITUTE OF ACCOUNTS, BUSINESS AND FINANCE

Department of Accountancy & Internal Auditing

NAME: GONZAGA, STEPHENIE VAN M. SUBJECT : AUD 1201

SECTION : ___1___ PROF. : SOLITA R. VITUG
EXERCISE ON ATTRIBUTE STANDARDS AND INTERNAL CONTROL FRAMEWORK

I. MULTIPLE CHOICE. Write the letter that represents the best answer.

1. Which action is not consistent with functional reporting?

A. Organizational independence is effectively achieved when the CAE reports functionally to the
board.
B. The board should have the final authority to approve the internal audit risk assessment.
C. The CAE should meet with the board, with management present, to reinforce the
independence of the internal audit activity.
D. The board should approve the CAE’s performance evaluation.

2. Freedom from conditions that threaten internal auditors’ ability to do unbiased work is
A. Control.
B. Independence.
C. Compliance.
D. Avoidance of conflicts of interest.

3. The best reason for establishing a code of conduct within an organization is that such codes
A. Are typically required by governments
B. Provide a quantifiable basis for personnel evaluations.
C. Have tremendous public relations potential.
D. Express standards of individual behavior for members of the organization.

4. An internal auditor’s objectivity could be compromised in all of the following situations except
A. Reliance on an outside service provider when appropriate.
B. A conflict of interest.
C. An engagement client’s familiarity with the internal auditor due to lack of rotation in assignments.
D. The internal auditor’s assumption of operational duties on a temporary basis.

5. The policies and procedures helping to ensure that management directives are executed and actions are
taken to address risks to achievement of objectives describes
A. Risk assessments.
B. Control activities.
C. Control environment.
D. Monitoring.

6. Within the COSO Internal Control – Integrated Framework, which of the following components is
designed to ensure that internal controls continue to operate effectively?
A. Control environment.
B. Risk assessment
C. Information and communication
D. Monitoring.

1
7. Which of the following is permissible under The IIA’s Code of Ethics?
A. Disclosing confidential, engagement-related information that is potentially damaging to the
organization in response to a court order.
B. Using engagement-related information in a decision to buy an ownership interest in the employer
organization.
C. Accepting an unexpected gift from an employee whom the internal auditor has praised in a recent
engagement communication.
D. Not reporting significant observations and recommendations about illegal activity to the board
because management has indicated it will address the issue.

8. Due professional care calls for

A. Detailed review of all transactions related to a particular function.
B. Infallibility and extra ordinary performance when the system of internal controls known to be
weak.
C. Consideration of the possibility of material irregularities during every engagement.
D. Testing in sufficient detail to give absolute assurance and that noncompliance does not exist.

9. The Standards consist of three types of Standards. Which Standards describe the nature of internal
auditing and provide quality criteria against which the performance of these services can be measured.
A. Attribute Standards
B. Performance Standards
C. Implementation Standards
D. Consulting Standards

10. A primary purpose of establishing a code of conduct within a professional organization is to

A. Promote an ethical culture among professionals who serve others.
B. Reduce the likelihood that members of the profession will be sued for substandard work.
C. Ensure that all members of the profession perform at approximately the same level of competence.
D. Require members of the profession to exhibit loyalty in all matters pertaining to the affairs of their
organization.

11. A CIA is working in a noninternal-auditing position as the director of purchasing. The CIA signed a
contract to procure a large order from the supplier with the best price, quality, and performance.
Shortly after signing the contract, the supplier presented the CIA with a gift of significant monetary
value. Which of the following statements regarding the acceptance of the gift is true?
A. Acceptance of the gift is prohibited only if it is not customary.
B. Because the CIA is no longer acting as an internal auditor, acceptance of the gift is governed only
by the organization’s code of conduct.
C. Because the contract was signed before the gift was offered, acceptance of the gift does not violate
either The IIA’s Code of Ethics or the organization’s code of conduct.
D. Acceptance of the gift violates The IIA’s Code of Ethics and is prohibited for a CIA.

12. At a minimum, how often should the skills of the internal audit staff be assessed?
A. Every 5 years.
B. Quarterly.
C. Annually.
D. Semi-annually.

13. A typical code of ethical conduct for financial managers or management accountants in an organization
requires all of the following except

2
 A. Subjectivity in presenting information, preparing reports, and making analyses.
B. Integrity and a refusal to compromise professional values for the sake of personal goals.
C. Independence from conflicts of economic interest.
D. Independence from conflicts of professional interest.

14. The IIA Rules of Conduct set forth in The IIA’s Code of Ethics
A. Are guidelines to assist internal auditors in dealing with engagement clients.
B. Describe behavior norms expected of internal auditors.
C. Are interpreted by the Principles.
D. Apply only to particular conduct specifically mentioned.

15. Which of the following statements is an appropriate reason for the internal audit activity not to
participate in the systems development process?
A. None of the answers are correct
B. Recommendations prior to implementation will affect independence, and the internal auditors will
not be able to perform an objective evaluation after the system is implemented.
C. Participation will delay implementation of the project.
D. Participation will cause the internal auditors to be labeled as partial owners of the application, and
they will then have to share the blame for any problems that remain in the system.

16. The internal audit activity collectively must possess or obtain certain competency in
A. Information technology controls.
B. Contract law.
C. Management principles.
D. Marketing.

17. During an engagement to evaluate the organization’s accounts payable function, an internal auditor
plans to confirm balances with suppliers. What is the source of authority for such contacts with units
outside the organization?
A. Internal audit policies and procedures.
B. The Standards.
C. The Code of Ethics.
D. The Internal audit activity’s charter.

18. An element of authority that must be included in the charter of the internal audit activity is
A. Identification of the organizational units where engagements are to be performed.
B. Identification of the types of disclosures that should be made to the board.
C. Access to records, personnel and physical properties relevant to the performance of engagements.
D. Access t the external auditor’s engagement records.

19. The IIA’s Code of Ethics requires internal auditors to perform their work with
A. Honesty, diligence, and responsibility.
B. Timeliness, sobriety, and clarity.
C. Knowledge, skills, and competencies.
D. Punctuality, objectivity, and responsibility.

20. The optimal administrative reporting line of the CAE is to

A. The audit committee
B. Line management

3
 C. Board of directors
D. CEO or equivalent

II. IDENTIFICATION.

CONTROL 1. The attitude and actions of the board and management regarding the
importance of control within the organization. The control environment
ENVIRONMENT
provides the discipline and structure for the achievement of the primary
objectives of the system of internal control.
CONFLICT OF 2. Any relationship that is, or appears to be, not in the best interest of the
INTEREST organization; this would prejudice an individual’s ability to perform his or her
duties and responsibilities objectively.
REPORTING 3. Objectives that pertain to internal and external financial and non-financial
reporting and may encompass reliability, timeliness, transparency, or other
OBJECTIVES
terms as set forth by regulators, recognized standard setters, or the entity’s
policies.
COMPLIANCE 4. Objectives that pertain to adherence to laws and regulations to which the entity
is subject.
OBJECTIVES
INTERNAL 5. A department, division, team of consultants, or other practitioner(s) that
AUDIT provides independent, objective assurance and consulting services designed to
DEPARTMENT add value and improve an organization’s operations.
RISK 6. The possibility of an event occurring that will have an impact on the
achievement of objectives. Risk is measured in terms of impact and likelihood.
CONTROL 7. The policies, procedures (both manual and automated), and activities that are
part of a control framework, designed and operated to ensure that risks are
PROCESSES
contained within the level that an organization is willing to accept.
OPERATION 8. Objectives that pertain to effectiveness and efficiency of the entity’s
operations, including operational and financial performance goals, and
OBJECTIVES
safeguarding assets against loss.
AUDIT 9. A specific internal audit assignment, task, or review activity, such as an
ENGAGEMENT internal audit, control self-assessment review, fraud examination, or
consultancy.
GOVERNANCE 10. The combination of processes and structures implemented by the board to
inform, direct, manage, and monitor the activities of the organization toward
the achievement of its objectives.

Note: You can write your answers here or in a half-sheet paper (lengthwise).