Professional Documents
Culture Documents
Auditing Professional
(CGAP) EXAM Study
Questions
By Tom O’Connor
Copyright © 2010 by The Institute of Internal Auditors Research Foundation (IIARF), 247 Maitland
Avenue, Altamonte Springs, Florida 32701-4201. All rights reserved. Printed in the United States of
America. No part of this publication may be reproduced, stored in a retrieval system, or transmitted
in any form by any means — electronic, mechanical, photocopying, recording, or otherwise — without
prior written permission of the publisher.
The IIARF publishes this document for informational and educational purposes. This document is
intended to provide information, but is not a substitute for legal or accounting advice. The IIARF
does not provide such advice and makes no warranty as to any legal or accounting results through its
publication of this document. When legal or accounting issues arise, professional assistance should
be sought and retained.
The Institute of Internal Auditors’ (IIA’s) International Professional Practices Framework (IPPF)
comprises the full range of existing and developing practice guidance for the profession. The IPPF
provides guidance to internal auditors globally and paves the way to world-class internal auditing.
The mission of The IIARF is to expand knowledge and understanding of internal auditing by provid-
ing relevant research and educational products to advance the profession globally.
The IIA and The IIARF work in partnership with researchers from around the globe who conduct
valuable studies on critical issues affecting today’s business world. Much of the content presented in
their final reports is a result of IIARF-funded research and prepared as a service to The Foundation
and the internal audit profession. Expressed opinions, interpretations, or points of view represent a
consensus of the researchers and do not necessarily reflect or represent the official position or policies
of The IIA or The IIARF.
ISBN 978-0-89413-683-2
3/10 First Printing
11/10 Second Printing
Foreword............................................................................................................................................v
Abbreviations . .................................................................................................................................vii
Domain I
Standards, Governance, and Risk/Control Frameworks Exam Study Questions.............................. I-1
Solutions........................................................................................................................................ I-13
Domain II
Government Auditing Practice Exam Study Questions...................................................................II-1
Solutions.......................................................................................................................................II-17
Domain III
Government Auditing Skills and Techniques Exam Study Questions............................................ III-1
Solutions..................................................................................................................................... III-15
Domain IV
Government Auditing Environment Exam Study Questions..........................................................IV-1
Solutions......................................................................................................................................IV-15
iii
The one-part Certified Government Auditing Professional® (CGAP®) exam includes 125 multiple-
choice questions, covers four domains, and requires a completion time of three hours and 15 minutes.
The exam includes questions on INTOSAI government auditing standards. Candidates who regis-
tered to take the exam in the United States (U.S.) will receive a local version with questions on U.S.
Government Auditing Standards (Yellow Book).
This book includes questions for both U.S. and international candidates. U.S. candidates will find
U.S.-specific questions denoted with a .
CGAP Exam Study Questions is intended to familiarize interested parties with the content and format of
the CGAP exam. It is not meant to replace the material supplied by providers of CGAP exam review
materials. A current or future CGAP exam candidate’s success or failure in answering these questions
should not be taken as any form of guarantee of that candidate’s results on an actual CGAP exam.
If there are any significant changes in the format or content of the CGAP exam in the future, the
Certification Department will make those changes known through its Web site (www.theiia.org/certifica-
tion) and/or through mailings to current CGAP candidates.
For further information on the CGAP program, please visit the “Certification” heading on the Web
site listed above.
vii
GO: General obligation, a type of bond backed by the “full faith and credit” of the
government entity
GOCO: Government-owned, contractor-operated
GOGO: Government-owned, government-operated
GPRA: Government Performance and Results Act of 1993, a U.S. federal law related to
performance
IAASB: International Auditing and Assurance Standards Board, part of the IFAC
ICQs: Internal control questionnaires
IFAC: International Federation of Accountants
IIA: The Institute of Internal Auditors
INTOSAI: International Organization of Supreme Audit Institutions
IPPF: International Professional Practices Framework, from The IIA
IPSASB: International Public Sector Accounting Standards Board (related to IFAC)
ISA: International Standards on Auditing, set by the IAASB/IFAC
ISAE: International Standard on Assurance Engagements, set by the IAASB/IFAC
ISRS: International Standards on Related Services, set by the IAASB/IFAC
MD&A: Management Discussion and Analysis, narrative part of an annual financial report
MF: Measurement focus, a term used by GASB in establishing GAAP
OMB: Office of Management and Budget, a central U.S. federal agency
PSP: Public sector perspective, an IFAC term
RFP: Request for Proposal, a procurement term
RMG: Risk management and governance, an internal control term from the CICA
SAI: Supreme Audit Institution
SEA: Service Efforts and Accomplishments, a performance measurement term from the
GASB
UN: United Nations
USAID: U.S. Agency for International Development
viii
3. Role and impact of other auditing standards (standards of public accounting bodies,
quality assurance bodies, etc.) and their relationship with the above standards (A)
B. Governance
1. Governance in the public sector (e.g., audit committee, code of conduct, open government,
public scrutiny, equity, accountability) (P)
P=C
andidates must exhibit proficiency (thorough understanding; ability to apply concepts) in
these topic areas.
4. Planning (A)
5. Staffing (A)
2. Planning (The role of laws, regulations, rules, and ordinances in your planning process
should be considered in the planning process) (P)
H. Analytical Skills (e.g., distinguish between significant and insignificant information) (P)
P=C
andidates must exhibit proficiency (thorough understanding; ability to apply concepts) in
these topic areas.
B. Financial Management
5. Legal restrictions on sources and uses of funds (e.g., voted funds, conditional grants,
revenues) (A)
2. Grants (P)
3. Contracts (P)
5. Privatization (A)
3. Issues arising from the methods of funding/delivering services (condition that the client
receiving the services may not be the party paying for the services; ability-to-pay principle;
user pay; eligibility requirements; limitations on services available; entitlements; etc.) (A)
4. Reality of conflicting missions (e.g., satisfy both developers and environmentalists, keep
families together and kids safe) (A)
5. Issues associated with at-risk populations (e.g., multiple, interacting causes and conditions;
difficulty of measuring prevention) (A)
P=C
andidates must exhibit proficiency (thorough understanding; ability to apply concepts) in
these topic areas.
1. Which of the following statements about the government auditor’s use of audit standards is least
accurate?
2. Which of the following statements regarding Government Auditing Standards is the least
accurate?
a. Government Auditing Standards state that The IIA’s Standards may be used in conjunction
with Government Auditing Standards, but, if inconsistencies exist, Government Auditing
Standards prevail if cited in the report.
b. In the U.S., following Government Auditing Standards is statutorily required at the federal
level and for certain audits at lower levels of government.
c. Since the Government Auditing Standards focus is on the auditor, Government Auditing
Standards are silent on both the role of management and on nonaudit work by auditors.
d. Government Auditing Standards contain requirements for audit reporting on internal
control but do not require the auditor to render an opinion on internal control.
3. Audits at the federal, state, or local levels of government in the U.S. are:
a. Always subject to both IIA Standards and Generally Accepted Government Auditing
Standards (GAGAS).
b. Subject to only GAGAS.
c. Most commonly subject to Generally Accepted Auditing Standards (GAAS).
d. Influenced by a myriad of issues (e.g., federal, state, and local laws, audit requirements, and
policies of the audit organization).
I-1
4. The two sets of audit standards that generally apply to government audits in the U.S. are
issued by:
a. Performance audits.
b. Consulting services.
c. Assistance to oversight bodies.
d. Financial statement audits.
7. If IFAC’s ISAs are being followed, any ISA will fully apply unless:
a. The IFAC has issued an amendment stating explicitly that the ISA does not apply.
b. The supreme audit institution (SAI) makes a formal written determination that the ISA need
not be followed.
c. The auditor in charge provides a written rationale in the audit documentation.
d. A public sector perspective — issued in the past — at the end of the ISA makes clear that
the ISA does not need to be followed.
I-2
9. The IIA’s International Professional Practices Framework (IPPF) includes the following
definition: “The combination of processes and structures implemented by the board to inform,
direct, manage, and monitor the activities of the organization toward the achievement of its
objectives.” According to the IPPF, this a definition of:
a. Risk management.
b. Control environment.
c. Governance.
d. Compliance.
10. IFAC’s international framework does not cover all engagements. Of the following types of
engagements, that framework does cover:
a. Consulting engagements.
b. Preparation of tax returns without a conclusion or assurance.
c. Assurance engagements, whether the assurance is reasonable or limited.
d. Only reasonable assurance engagements.
11. Under INTOSAI Auditing Standards, which of the following represents a basic principle?
a. Prepare manuals and other written guidance and instructions concerning the conduct of
audits.
b. Review the efficiency and effectiveness of the SAI’s internal standards and procedures.
c. It is essential that auditors are independent and impartial, not only in fact but also in
appearance.
d. The SAI should apply its own judgment to the diverse situations that arise in the course of
government auditing.
12. The following statements refer to quality control (assessment) standards in the various
audit standards. Which statement is not true?
a. IFAC’s quality control standards apply to both the organization and the auditors.
b. INTOSAI standards, IIA Standards, and Government Auditing Standards all include the
same requirements for periodic external quality control reviews.
c. Both GAGAS and the IFAC standards specifically recognize that internal quality control
can vary based on the size and complexity of the audit organization.
d. When an audit organization seeks to enter into a contract to perform audit work in
accordance with GAGAS, the (potential) contractor should provide a copy of its external
quality control report to the contracting organization.
I-3
13. In comparing The IIA’s performance standards on “Communicating (Audit) Results” with
the GAGAS’s reporting standards for performance audits, which of the following statements
is not true?
a. Both The IIA and GAGAS encourage, but do not require, a statement that the report has
been done in accordance with applicable standards.
b. Both The IIA and GAGAS advocate that audit reports that are clear, concise, constructive,
and timely.
c. GAGAS requires the views of the responsible officials to be included in the report; The IIA
is not explicit in this regard.
d. GAGAS is explicit about report contents on (1) management (internal) controls and (2)
compliance with laws and regulations; The IIA is not explicit in this regard.
14. Which of the following statements about The IIA’s Implementation Standards is not true?
a. Implementation Standards apply to internal audit activity generally in the same way as
Attribute and Performance Standards do.
b. Implementation standards are issued separately for (1) assurance, and (2) consulting
engagements.
c. Implementation standards apply the Attribute and Performance Standards to specific types
of engagements.
d. Implementation Standards are mandatory.
15. Which of the following alternatives represent (1) an accurate IIA definition of the term “residual
risk,” and (2) an accurate statement of how The IIA views the auditor’s responsibility for residual
risk?
a. The risk remaining after management takes action to reduce the impact and likelihood of
an adverse event, including control activities in responding to a risk. The auditor has no
specific responsibility.
b. Same definition as in a. If the chief audit executive (CAE) believes management has accepted
too high a level of risk, the CAE should discuss the situation with senior management and
perhaps report the matter to the board.
c. The possibility of an event occurring that will have an impact on the achievement of
objectives — measured in terms of impact and likelihood. The auditor has no specific
responsibility.
d. Same definition as in c. The auditor should report all details to the board annually.
16. Which of the following elements of the IPPF provides the most detailed guidance for conducting
internal audit activities?
a. Position Papers.
b. Practice Guides.
c. The Code of Ethics.
d. Practice Advisories.
I-4
18. In an audit being conducted under GAGAS, one auditor under consideration for the
assignment — to review aspects of research — has many close personal friends at the
agency’s primary research laboratory and has even assisted in some lab tests. In considering
this possible assignment, what is the best of the following?
19. An auditor with extensive previous experience in financial statement audits of private
insurance companies is now a government employee and assigned to a financial statement
for an insurance program of the federal government. He advocates the use of materiality
levels the same as in his private sector audits. The best response is:
a. It is logical, especially since the auditor has very relevant past experience.
b. The auditor’s past experience should be of no relevance in this decision.
c. Under GAGAS, the auditor may set lower materiality levels.
d. GAGAS does not address this type of issue.
20. Which of the following best describes a preliminary survey used in the audit planning process?
21. Under GAAS, in a financial statement audit, the auditor’s report must include all of the
following except:
a. State whether the statements have been prepared in accordance with Generally Accepted
Accounting Principles (GAAP).
b. State whether accounting principles have been applied consistently with the prior year.
c. The auditors’ opinion or disclaimer on the statement presentation.
d. The auditors’ opinion on the accuracy of performance information.
I-5
22. If an auditor expresses an adverse opinion in a financial statement audit, it essentially means:
23. In a financial statement audit of an entity, which of the following laws would be most likely to be
reviewed for compliance?
25. Under GAGAS, which of the following is not likely to be a performance audit focusing on
economy and efficiency?
26. The International Organization of Supreme Audit Institutions (INTOSAI) has issued its own
standards. Which of the following statements about INTOSAI standards is not true?
a. INTOSAI has established “basic principles,” as well as three categories of standards — general,
field, and reporting.
b. INTOSAI’s general standards apply to both the auditor and the SAI.
c. INTOSAI’s reporting standards state that typically, in a performance audit, the auditor
should express an overall opinion on economy, efficiency, and effectiveness.
d. INTOSAI’s field standards address planning, supervision and review, study and evaluation
of internal control, and audit evidence.
I-6
28. The interrelated components specifically identified in the COSO framework that affect how well
objectives are achieved are:
29. Assume an auditor is collecting information on the following general information in the early stage
of an audit: (1) top level management’s statements pro or con on internal control, (2) the client’s
Code of Ethics, (3) policies on recruiting, retention and training, (4) reporting relationships, and
(5) the agency’s relationships with central government agencies. Which component of internal
control is being assessed?
a. Risk assessment.
b. Monitoring.
c. Control activities.
d. Control environment.
30. Under the COSO framework, the notion of reasonable assurance in establishing internal controls
refers to:
31. The Canadian Institute of Chartered Accountants (CICA) has developed its own control
framework, separate from the COSO conceptual framework. CICA’s control framework is
referred to as Risk Management and Governance (RMG). Which of the following statements
about the RMG framework is true?not true?
a. The three RMG categories of objectives differ completely from those in COSO.
b. Under the RMG framework, control is seen as limited to just a very few elements of an
organization.
c. The ultimate responsibility for control is with the governing board.
d. The RMG framework will be replaced by the CICA’s Criteria of Control (CoCo).
I-7
32. The best reason for establishing a code of conduct within an organization is that such codes:
33. In applying the standards of conduct set forth in The IIA’s Code of Ethics, internal auditors are
expected to:
34. The Standards of Conduct set forth in The IIA’s Code of Ethics:
35. The IIA’s Code of Ethics requires IIA members to apply and uphold the following principles in
the performance of their duties:
36. Which of the following statements about ethics pronouncements from standard-setting bodies is
true?
a. IFAC has a single Code of Ethics, no matter how the accountant is employed.
b. INTOSAI has issued separately a Code of Ethics and Auditing Standards, but further
designates certain auditing standards as having ethical significance.
c. In explanations of the independence/objectivity standard, The IIA, IFAC and INTOSAI all
explicitly cite the need for political neutrality.
d. The standard-setting bodies’ Codes of Ethics includes requirements for a specific number
of hours of continuing education, although in differing numbers of hours.
I-8
37. The CGAP is working in a non-internal auditing position as the director of purchasing. The
CGAP signed a contract to procure a large order from the supplier with the best price, quality,
and performance. Shortly after signing the contract, the supplier presented the CGAP with a
gift of significant monetary value. Which of the following statements regarding whether the
acceptance of the gift is correct?
38. During the course of an audit, an auditor discovers that a clerk is embezzling government funds.
Although this is the first embezzlement ever encountered and the organization has a security
department, the auditor decides to personally interrogate the suspect. If the auditor is violating
the Code of Ethics, the rule violated is most likely:
39. A new staff auditor was told to perform an audit in an area with which the auditor was not
familiar. Because of time constraints, there was no supervision of the audit. The auditor was
given the assignment because it represented a good learning experience, but the area was clearly
beyond the auditor’s competence. Nonetheless, the auditor prepared comprehensive working
papers and reported the results to management. In this situation:
a. The Standards were violated because an auditor without proficiency in the area was hired.
b. The audit department violated the Standards by not providing supervision.
c. The director of internal auditing has not violated the Code of Ethics since it does not
address supervision.
d. The Standards and the Code of Ethics were followed by the audit department.
40. In a review of travel and entertainment expenses, a CGAP questioned the business purposes of
an officer’s reimbursed travel expenses. The officer promised to compensate for the questioned
amounts by not claiming legitimate expenses in the future. If the officer makes good on the
promise, the internal auditor:
I-9
41. During an audit, an employee with whom you have developed a good working relationship
informs you that she has some information about top management that would be damaging
to the organization and may concern illegal activities. The employee does not want her name
associated with the release of the information. Which of the following actions would be considered
inconsistent with The IIA’s Code of Ethics and Standards?
a. Assure the employee that you can maintain her anonymity and listen to the information.
b. Suggest the employee consider talking to legal counsel.
c. Inform the employee that you will attempt to keep the source of information confidential
and will look into the matter.
d. Inform the employee of other methods of communicating this type of information.
42. An auditor has uncovered facts that could be interpreted as indicating unlawful activity on the
part of a client. The auditor decides not to inform senior management of these facts because of
lack of proof. The auditor, however, decides that if questions are raised regarding the omitted
facts, they will be answered fully and truthfully. In taking this action, the auditor:
a. Has not violated the Code of Ethics or the Standards because confidentiality takes
precedence over all other standards.
b. Has not violated the Code of Ethics or the Standards because the auditor is committed to
answering all questions fully and truthfully.
c. Has violated the Code of Ethics because unlawful acts should have been reported to avoid
the potential of aiding and abetting by the auditor.
d. Has violated the Standards because the auditor should inform the authorities if fraud may
be indicated.
43. CGAPs who fail to maintain their proficiency through continuing education could be found to
be in violation of:
44. A CGAP is found to have committed a very serious violation of The IIA’s Code of Ethics. Which
of the following describes the disciplinary action most likely to be imposed by The IIA? The
CGAP will most likely:
I-10
45. Which of the following observations by an auditor are most likely to indicate the existence of
control weaknesses over safeguarding of assets?
a. I and II only.
b. I and IV only.
c. II and III only.
d. II and IV only.
46. A standardized audit program would not be appropriate for which of the following situations?
48. Under INTOSAI standards, a regularity audit typically addresses all of the following except:
49. Under GAGAS, which of the following types of engagements has three levels of performance
(1) examination, (2) review, or (3) agreed-upon procedures?
a. Consulting.
b. Performance audit.
c. Attestation.
d. Financial audit.
I-11
I-12
1. Solution: c
a. Incorrect. Government auditors can be subject to more than one set of standards.
b. Incorrect. Auditors doing nonaudit work are often not subject to audit standards. (Reference:
“Scope of framework” in the International Federation of Accountants [IFAC] handbook.)
c. Correct. The hierarchy of authority does not place audit standards above laws and
regulations.
d. Incorrect. Various standards have similar requirements, for example regarding auditor
independence, audit planning, the need for evidence, and other matters.
2. Solution: c
a. Incorrect. Per Government Auditing Standards para. 1.14, in this case, Government
Auditing Standards would prevail.
b. Incorrect. Per Government Auditing Standards paras. 1.03-1.04, many audits at the federal
level must adhere to Government Auditing Standards, and some audits at lower levels
voluntarily follow Government Auditing Standards.
c. Correct. Government Auditing Standards para. 1.02 discusses management’s role, and
paras. 1.33 and 3.25-3.30 discuss nonaudit work.
d. Incorrect. Per Government Auditing Standards paras. 4.03 and 5.07, opinions are an option,
not required.
3. Solution: d
a. Incorrect. State and local requirements vary, so do not always use GAGAS.
b. Incorrect. State and local auditors (and some federal ones) follow The IIA’s Standards or
other standards.
c. Incorrect. GAAS is issued by the AICPA and is applicable to financial statement audits and
attestations. Generally, GAAS does not address performance audits.
d. Correct. See Section I, A. 2 of The IIA’s CGAP Examination Study Guide.
I-13
4. Solution: d
a. Incorrect. For more than one reason, including the fact that neither the U.S. nor Congress
directly issues audit standards, and the U.S. would not follow UN standards.
b. Incorrect. INTOSAI applies in non-U.S. countries.
c. Incorrect. The IIA’s Standards is followed extensively in the private sector and at some
local or state levels, but not widely at the federal level of government. Also, the AICPA’s
standards are applicable to financial statement audits, and, while such audits are performed
in the government, other types of audits prevail.
d. Correct. The U.S. comptroller general heads the U.S. Government Accountability Office
(GAO), which issues Government Auditing Standards/GAGAS, which incorporates the
field and reporting standards of the AICPA for financial statement audits. Government
Auditing Standards/GAGAS is generally followed at the (very large) federal level, and by
many state and local governments.
5. Solution: d
a. Incorrect. The Standards is widely used outside the U.S., but option d. is inclusive of these
standards. These audits are somewhat like “performance audits.”
b. Incorrect. The INTOSAI standards are widely used by non-U.S. governments, and
specifically refer to “performance audits.”
c. Incorrect. The IFAC standards, while used by non-U.S. governments, are primarily related
to financial — not performance audits.
d. Correct. See explanations for options a., b., and c.
e. Incorrect. See explanations for options a., b., and c.
6. Solution: d
a. Incorrect. The AICPA standards relate to financial statement audits, and attestation
engagements — not performance audits.
b. Incorrect. The AICPA standards do not specifically address “consulting.”
c. Incorrect. The AICPA standards do not focus on “assistance to oversight bodies,” which is
more likely associated with audits done under Government Auditing Standards, INTOSAI,
or IIA Standards.
d. Correct. Financial statement audits are the main focus of the AICPA’s standards, although
the AICPA also issues standards for attestations.
7. Solution: d
a. Incorrect. IFAC does not issue this type of guidance via “amendments.”
b. Incorrect. SAIs do not have this flexibility in following the IFAC standards.
c. Incorrect. Auditors in charge do not have this type of individual flexibility.
d. Correct. In the past, IFAC has used public sector perspectives to modify how IFAC
standards are to be followed in a government audit. (As of 2009, the IFAC was in the process
of deleting public sector perspectives, and transitioning to “sector-neutral” standards, so
public sector perspectives will eventually no longer be used.)
I-14
8. Solution: b
a. Incorrect. This is true, per Government Auditing Standards para. 3.07.e and f.
b. Correct. The use of “all” and “automatically” make this incorrect. There are restricting
parameters, per Government Auditing Standards para. 3.07.a.
c. Incorrect. This is true, per Government Auditing Standards para. 3.22.
d. Incorrect. This is true, per Government Auditing Standards paras. 3.25.b. and 3.30, which
discuss the possible need for the use of “supplemental safeguards.”
9. Solution: c
10. Solution: c
a. Incorrect. The IFAC framework specifically excludes consulting in discussing the scope of
assurance engagements.
b. Incorrect. The IFAC framework also specifically excludes preparation of tax returns of this
type in discussing scope of assurance engagements.
c. Correct. The IFAC framework includes these two types of assurance engagements —
reasonable being positive, and limited being negative.
d. Incorrect. The IFAC framework covers both reasonable and limited assurance options.
(Note: In this question, reference is being made specifically to the IFAC framework for
assurance engagements. See IFAC’s definition of assurance.)
11. Solution: d
I-15
12. Solution: b
a. Incorrect. IFAC specifically states: “Quality control policies and procedures should be
implemented at both the level of the audit firm and on individual audits.”
b. Correct. The IIA’s Standards requires external quality control reviews every five years,
where Government Auditing Standards (U.S.) requires these reviews every three years. On
the other hand, INTOSAI does not set time frames and is less specific, but does refer to the
possibility of quality being enhanced by “independent appraisal.”
c. Incorrect. IFAC does recognize this variable.
d. Incorrect. This is true, per GAGAS para. 3.63.a. and b.
13. Solution: a
a. Correct. Government Auditing Standards, para. 8.30, states the specific language that
“should” be used when there has been compliance with all applicable standards, while IIA
Standard 1322 states that an equivalent must be used only if there is an “impact.”
b. Incorrect. This is a true statement, per IIA Standard 2420, and in the GAGAS’s supplemental
guidance on report quality elements.
c. Incorrect. This is a true statement, per GAGAS paras. 5.32-5.38 and 8.32-8.37. The
Standards does not have this requirement.
d. Incorrect. This is a true statement, per GAGAS paras. 5.05-5.17 and 8.19-8.23. The IIA’s
Standards does not have this explicit requirement.
14. Solution: a
a. Correct. Per The IIA, “There is one set of Attribute and Performance Standards; however,
there are multiple sets of Implementation Standards, a set for each of the major types of
internal audit activity.”
b. Incorrect. As noted in the explanation for option a., this is a true statement.
c. Incorrect. Again, as noted in the explanation for a., this is a true statement.
d. Incorrect. Standards — whether Attribute, Performance, or Implementation — delineate
“requirements” (i.e., are mandatory).
15. Solution: b
a. Incorrect. IIA Standard 2600 states that the CAE needs to consider whether senior
management has accepted a level of residual risk that the CAE considers possibly
unacceptable to the organization.
b. Correct. Under IIA Standard 2600, if the matter is not resolved, the CAE must report the
matter to the board for resolution.
c. Incorrect. Residual risk is defined as “the risk remaining after management takes action
to reduce the impact and likelihood of an adverse event, including control activities in
responding to a risk.” As noted above, the auditor has responsibilities.
d. Incorrect. The IIA’s Standards does not include a specific requirement for such annual
reporting.
I-16
16. Solution: b
a. Incorrect. Position Papers assist a wide range of interested parties, including those not in
internal auditing, to understand issues and delineate roles.
b. Correct. Practice Guides provide detailed guidance, including tools and techniques.
c. Incorrect. The Code of Ethics states the principles and expectations of behavior of those in
internal auditing.
d. Incorrect. Advisories address approaches, methodologies, and considerations, but do not
detail processes and procedures.
17. Solution: d
18. Solution: c
19. Solution: c
20. Solution: d
I-17
21. Solution: d
a. Incorrect. Accordance with GAAP is a GAAS reporting standard, per GAGAS para. 5.03,
a.
b. Incorrect. Consistent application is a GAAS reporting standard, per GAGAS para. 5.03, b.
c. Incorrect. An opinion/disclaimer on the statements is a GAAS reporting standard, per
GAGAS para. 5.03, d.
d. Correct. An opinion on performance information is not a GAAS reporting standard, per
GAGAS para. 5.03.
22. Solution: b
a. Incorrect. This language somewhat overstates what an adverse opinion means. Option b. is
a more precise statement of the meaning.
b. Correct. Both INTOSAI and IFAC refer to possible adverse opinions, and this language
approximates the definitions the two organizations use.
c. Incorrect. This reference is to lack of conformance with accounting principles, and does not
clearly reflect the definition of the term adverse opinion.
d. Incorrect. An audit report can identify internal control weaknesses without necessarily
including an adverse opinion.
23. Solution: b
a. Incorrect. Noncompliance with this type of law would not have a “direct and material
effect” on the amounts on the financial statements.
b. Correct. Noncompliance with this type or law (which identifies the purpose, time, and
amount for which budget resources can be legally used) could have a direct and material
impact on the financial statements.
c. Incorrect. Same explanation as for option a.
d. Incorrect. Same explanation as for option a.
24. Solution: b
I-18
25. Solution: a
a. Correct. “Managing for results” refers to laws and initiatives to improve program effectiveness
and is, thus, not primarily about economy and efficiency.
b. Incorrect. Competition is intended to lower costs, at good quality, so this audit would be
about economy.
c. Incorrect. Value engineering/analysis is intended to lower costs, so this also would be an
audit focused on economy and efficiency.
d. Incorrect. The “just-in-time” concept is also about lowering the costs of inventories, and
this is also about economy.
26. Solution: c
27. Solution: c
28. Solution: b
29. Solution: d
I-19
30. Solution: d
31. Solution: cd
32. Solution: b
a. Incorrect. This is not a universal requirement by governments; even if it were, mere compli-
ance would not be the best reason.
b. Correct. A code of conduct, such as those of The IIA, INTOSAI, and IFAC, provide
principles and rules from which individuals make practical applications.
c. Incorrect. Codes of conduct are not quantifiable, and are not solely related to personnel
evaluations.
d. Incorrect. This is a very weak and superficial reason for having a code.
33. Solution: a
a. Correct. Since the standards of conduct are not set in concrete, internal auditors must exercise
individual judgment. The IIA notes that “because a particular conduct is not mentioned in
(its) Rules of Conduct does not prevent it from being unacceptable or discreditable….” The
IFAC states, “... the fundamental principles are of a general nature and are not intended to
be used to solve a professional accountant’s problems in a specific case.”
b. Incorrect. Internal auditors do not have this freedom.
c. Incorrect. Being guided by the client’s desires would be a superficial approach, and could
threaten the auditor’s adherence to independence.
d. Incorrect. Not using the Code of Ethics can lead to disciplinary action against the internal
auditor.
I-20
34. Solution: a
a. Correct. The IIA’s Code of Ethics includes Principles and Rules of Conduct.
b. Incorrect. This view could erode adherence to integrity and objectivity.
c. Incorrect. The IIA specifically recognizes that the rules are not inclusive of all situations
that can raise questions of acceptability or credibility.
d. Incorrect. This explanation is applicable to the Standards, not the Code of Ethics.
35. Solution: a
a. Correct. These four principles are cited in The IIA’s Code of Ethics.
b. Incorrect. These are not the principles cited in The IIA’s Code of Ethics.
c. Incorrect. These are not the principles cited in The IIA’s Code of Ethics.
d. Incorrect. These are not the principles cited in The IIA’s Code of Ethics.
36. Solution: b
a. Incorrect. IFAC’s Code of Ethics is in three parts — (A) all professional accountants, (B)
professional accountants in professional practice, (C) employed accountants.
b. Correct. INTOSAI does have these three segments.
c. Incorrect. Only INTOSAI explicitly cites the need for political neutrality.
d. Incorrect. While Codes of Ethics include general references to competency, requirements
for specific hours of continuing education are not included.
37. Solution: b
a. Incorrect. Acceptance of the gift could be (or appear to be) a violation of the principle of
objectivity. Whether it is non-customary is irrelevant.
b. Correct. Consistent with the principle of objectivity, the best assumption is that the
acceptance of a “significant” gift would be a violation.
c. Incorrect. CGAPs are subject to The IIA’s Code of Ethics.
d. Incorrect. This is an irrelevant consideration.
38. Solution: c
a. Incorrect. Possible lack of due diligence is not the primary concern here.
b. Incorrect. Nothing indicates the auditor lacked loyalty to the organization.
c. Correct. Under The IIA’s competency principle and related rule, internal auditors “shall
engage only in those services for which they have the necessary knowledge, skills, and
experience.” Auditors are not investigators and, therefore, are not presumed to be skilled in
interrogation.
d. Incorrect. Nothing indicates that the auditor did not comply with a law.
I-21
39. Solution: b
a. Incorrect. Audit organizations hire new employees who are later trained, formally and
informally, to gain needed proficiencies. Thus, hiring an auditor who would need further
training and development is not a violation.
b. Correct. IIA Standard 2340: Engagement Supervision, states engagements “must be properly
supervised to ensure objectives are achieved, quality is assured, and staff is developed.”
c. Incorrect. The IIA’s Code of Ethics requires (under the competency principle) that the
Standards be followed, and those standards include supervision.
d. Incorrect. See explanations for options a., b., and c. above.
40. Solution: c
41. Solution: a
a. Correct. The IIA’s confidentiality principle recognizes that internal auditors may have a
“legal or professional obligation” to disclose such information.
b. Incorrect. This would not be inconsistent with The IIA’s Code of Ethics.
c. Incorrect. This would not be inconsistent with The IIA’s Code of Ethics.
d. Incorrect. This would not be inconsistent with The IIA’s Code of Ethics.
42. Solution: d
a. Incorrect. Under The IIA’s Code of Ethics, confidentiality is not identified as taking
precedence over the other three principles of integrity, objectivity, and competency.
b. Incorrect. Under Practice Advisory 1220-1, the internal auditor’s exercise of due
professional care, the auditor must consider the probability of significant errors, fraud, and
noncompliance.
c. Incorrect. The rationale of “avoiding the potential of aiding and abetting by the auditor”
does not have merit and is not discussed in the Standards.
d. Correct. See Standard 1220: Due Professional Care, and Practice Advisory 1220-1 discussed
under b. above. Also, Practice Advisory 2060-1 discusses fraud and illegal acts as significant
engagement objectives that should be reported to senior management and the board by the
CAE.
I-22
43. Solution: d
44. Solution: c
45. Solution: d
a. Incorrect. Roman numeral I. may indicate poor service but not a weakness in safeguarding
assets. Roman numeral II. is a potential weakness.
b. Incorrect. Again, I. does not indicate a potential weakness; IV. does.
c. Incorrect. Roman numeral III. is not a potential weakness; II. is.
d. Correct. Both II. and IV. put assets at potential risk.
46. Solution: b
47. Solution: c
I-23
48. Solution: d
49. Solution: c
50. Solution: b
I-24
a. It should not be necessary for the auditor to seek guidance from legal counsel, investigative
staff, or a law enforcement official.
b. If the auditor is dealing with alleged “abuse,” the auditor may not need to identify a law or
regulation to use as criteria.
c. “Fraud” can be defined as an illegal act and involves obtaining something of value through
willful misrepresentation.
d. Under Generally Accepted Government Auditing Standards (GAGAS) and Generally
Accepted Auditing Standards (GAAS), in assessing the risk of fraud, the auditor should
(1) ask management about the risk of fraud, and (2) hold a brainstorming session on the
audit team to consider ways that fraud might occur.
2. Which of the following statements about nonaudit services provided by government auditors
is true?
a. GAGAS state that government auditors may provide nonaudit services, but only if the
nonaudit services are performed strictly in compliance with GAGAS.
b. The Institute of Internal Auditors’ (IIA’s) International Standards for the Professional
Practice of Internal Auditing (Standards) and International Organization of Supreme Audit
Institutions (INTOSAI) standards address the auditor’s role in nonaudit services in exactly
the same manner.
c. If auditors are asked to provide training to management and/or staff, the training should be
restricted to areas related to controls over financial management.
d. An auditor’s role in control self-assessment may range from very limited to very extensive.
3. Which of the following statements on report timeliness most accurately reflects what the
audit standards require?
II-1
4. GAGAS/GAAS, IIA Standards, IFAC, and INTOSAI each describe the characteristics of
required audit evidence to be gathered. In this regard, which of the following statements is
true?
5. Assume a performance audit is being performed in accordance with GAGAS. The auditor’s
draft report includes the following sentence: “One thing is certain: The (client) cannot be
allowed to fail with this systems development effort as it has so often failed in past efforts.”
Which reporting standard may be violated?
6. All of the following statements about an audit charter are true except one. Which statement is the
exception?
a. Audit charters can be characterized as the formal statement of purpose, authority, and
responsibility.
b. These charters should be in writing.
c. All government audit organizations are required to have a document called an audit charter.
d. The charter should include the process for hiring and dismissing auditors.
7. An audit at the U.S. State Department’s Passport Office includes the following audit program
steps:
a. An efficiency audit.
b. A financial statement audit.
c. A quality audit.
d. Integrity services.
II-2
8. An organization’s management perceives the need to make significant changes. Which of the
following factors is management least likely to be able to change?
10. Which of the following is the best reason for the chief audit executive (CAE) (or equivalent title)
in a government agency to consider management’s strategic plan in developing the annual audit
plan?
a. To ensure that the audit plan supports the overall agency objectives.
b. To ensure that the audit plan will be endorsed by senior management.
c. To make recommendations to improve the agency’s strategic plan.
d. To emphasize the importance of the audit function.
11. According to the GAGAS, __________ is a measure of the quality of evidence, and
encompasses the __________, ________, and ________ of support for audit findings and
conclusions.
12. Financial statement auditors view financial statements as including management assertions
(explicit or implicit) as a framework for assessing internal controls. If the auditor is considering
whether the balance sheet includes obsolete inventory at historical cost, the most relevant
assertion is:
II-3
13. Under the Standards, an appropriate consulting activity performed by a government internal
audit organization is:
14. Under GAGAS, provided the auditor does not violate two overarching principles and follows
appropriate safeguards, certain types of nonaudit (consulting) services may be provided by
the audit organization. Even so, the auditor would not be permitted to:
15. In a financial statement audit, the auditor considers the same concept to (1) narrow the amount
of transaction testing, (2) decide what constitutes a misstatement that would affect the audit
opinion, and (3) judge the seriousness of detected weaknesses in internal controls. That key
concept used by auditors in these various ways is:
a. Management assertions.
b. Materiality.
c. Sampling.
d. The Committee of Sponsoring Organizations of the Treadway Commission (COSO)
framework.
16. Which of the following represents the correct order of the general methodology for auditing
internal accounting controls? Use the designations as follows: (a) identify functions and control
cycles, (b) walk through the process, (c) perform tests, and (d) flowchart the process.
II-4
17. Assume you are assessing internal control in an adjudicatory board which rules on whether
government procurements are proper and justifiable. The parties that appear before the board
include representatives of government procuring agencies and non-successful competing
companies. The chairman of the board initiates a new program (maybe outside of the board’s
authority) for people with disabilities throughout the government; he then tries to solicit funds
from the same agencies and companies who appear before the board. Also, to assist the new
program, the chairman “plays favorites” with board personnel and violates leave, travel, and
office renovation regulations — all to enhance his role in the new program. Under the COSO
conceptual framework, which internal control component should the auditor identify as being
of major concern?
a. Control environment.
b. Risk assessment.
c. Monitoring.
d. Control activities.
18. Effective internal controls start with the identification of the control objectives to be achieved
and then establishing the control techniques to assure achievement of the objectives. Which of
the following techniques would provide the most assurance of achieving an objective of assuring
that procurements are made economically?
19. For auditors, what is the most appropriate view of internal control questionnaires (ICQs)?
20. Legislation applicable to the U.S. government requires that agency managers and officials (1)
assess their risks on an ongoing basis, (2) establish appropriate controls, and (3) annually provide
“statements of assurance” (to higher organizational levels) on the effectiveness of the controls.
To which of the COSO internal control component(s) does this legislative requirement most
directly relate?
II-5
21. The term process-based performance auditing, as described in some literature on government
audits:
a. Looks mainly for management arrangements and organizational structures that waste time
and resources, cause delays, and/or lead to errors.
b. Focuses on inputs, outputs, and outcomes (accomplishments).
c. Is primarily concerned with the impact of new programs or techniques.
d. Has solely a compliance orientation.
22. Assume you are an auditor assigned to audit of the U.S. Copyright Office, whose mission is to
examine and register copyrights. Your primary audit objective is to identify and document the
average time and unit cost to register a copyright. Into which of the following categories would
this engagement most appropriately fit?
a. Consulting services.
b. Internal control audit.
c. Process-based performance audit.
d. Measurement-based performance audit.
23. Under impact-based performance audit, as described in some literature on government audits,
the elements of a finding differ from the classical elements. The finding elements associated with
impact-based audits are:
24. Assume an audit of a school lunch program has dual audit objectives related to (1) the
reasonableness of prices paid for cafeteria requirements of all types, and (2) the adequacy
of meeting the nutritional needs of the children. In the GAGAS scheme of categorizing
audits, which of the following is most descriptive?
II-6
26. Regarding information technology input controls, which of the following statements is not
accurate?
27. Regarding information technology processing controls, which of the following statements is
accurate?
a. Header and trailer label information help ensure that the proper data was processed.
b. Echo checks compare input record counts to output to assure that all records were processed.
c. Record counts are the sending of automated verification messages between computer
systems to verify the receipt of data.
d. Check digit tests are typically considered a part of processing controls.
28. The CAE (or equivalent title) of a government audit office plans to make changes that may be
perceived negatively by the audit staff. The best way to reduce resistance would be to:
a. Develop the new approach fully before presenting it to the audit staff.
b. Ask the agency’s CEO to “buy in” to the changes, and then have him/her attend the meeting
where the changes are presented to the staff.
c. Approach the staff with the general idea and involve them in the development of the
changes.
d. Have the oversight body send a letter to all the staff announcing the change.
29. Areas that are likely to be included in the scope of an audit of systems development activities
include all the following except:
30. Which of the following controls would be most clearly related to a physical security program for
information technology activities?
II-7
31. The best reason as to why audit planning is important, particularly in performance audits, would
be:
a. Efficient use of audit resources and effective fulfillment of clear audit objectives.
b. It keeps upper-level audit management “busy.”
c. Auditors can better defend their work and justify budget requests.
d. It is a generally accepted practice in business.
32. Which of the following statements on risk management (consideration) most accurately
expresses the requirements of the various audit standards for government auditors?
a. Under INTOSAI, the audit organization’s entire audit program must be justified and
documented based on specific consideration of risks.
b. Under GAGAS, the auditor evaluates and documents risk considerations in exactly the
same manner in a financial statement audit as they do in a performance audit.
c. Under the Standards, auditors have a specific responsibility to monitor and evaluate the
organization’s risk management system, and to assist the organization in this regard.
d. INTOSAI, GAGAS, and the Standards have no differences in this regard.
33. In planning a performance program audit at the U.S. Environmental Protection Agency, an
auditor discovers that the authorizing legislation of a program calls for cleanup of toxic waste
throughout the United States. The program officials established an annual performance goal of
identifying 100 new toxic waste sites, and performing 50 new studies as how the sites could be
cleaned up. Which of the following observations should be of most interest to the auditor?
34. Assume that a junior auditor drafts an audit objective for a performance audit. It reads, “To
probe into the economy, efficiency, and effectiveness of all programs for several years to isolate
and describe management problems.” If you were to critique this audit objective, which points
should you make?
a. Language is ambiguous.
b. Audit approach is biased.
c. Aspects to be audited are too general.
d. a., b., and c.
II-8
35. In deciding the scope of a performance audit, many factors need to be considered. Which of the
following should not be a significant factor in considering the audit scope?
a. Reporting date.
b. The audit universe.
c. Personal conflicts between auditors and clients.
d. Use of sampling.
36. Assume that a government auditor encounters a very unfriendly reception from the newly
appointed top official at the very small organization to be audited. The top official expresses
frustration, repeatedly insisting that the oversight body that requested the audit is “out to get
me” and “you are in their hip pocket!” At repeated meetings called by the top official, the auditor
responds in various ways. Which of these responses is the most appropriate?
a. Look, I know you think you have a very important government role, but I’ve audited all
over the government and your entity doesn’t amount to a “hill of beans.”
b. No verbal response — just affirmative body language.
c. I’m not in anybody’s “hip pocket” and I do not intend to be pushed around!
d. I appreciate your concerns. However, I’m not sure these kinds of meetings are productive
since, in any event, I have a responsibility to complete the audit as I see fit.
37. In the legislative process, when differences exist between versions of bills approved in the
two houses of a legislature, the type of committee that resolves the differences is called a
(an):
a. Special committee.
b. Budget committee.
c. Conference committee.
d. Authorizing committee.
38. Government agencies sometimes issue rules and regulations, which an auditor may encounter
in considering compliance aspects of an audit. Which of the following statements about
rules and regulations is most accurate?
II-9
39. Assume the auditor finds that management of a very large organization has identified a risk that
low-cost supplies may be stolen by employees from a storage room to which a total maintenance
staff of 15 personnel has access. If management decides that the cost of added controls would
outweigh the benefits, what course of action is most appropriate for the auditor?
a. Drop the issue completely since management has accepted the risk.
b. Develop a deficiency finding to be reported.
c. Gather enough facts to determine whether management’s cost-benefit choice seems
reasonable.
d. Exclude the matter from the formal report, but informally suggest (1) a police background
check on nearby administrative staff, and (2) posting a list of those with access to the storage
room.
40. Using The IIA’s conceptual framework of categories relating to controls, supervisory review of a
subordinate’s workpapers to determine if applicable audit standards have been met would be:
a. Preventative.
b. Corrective.
c. Detective.
d. Directive.
41. Assume there is a performance audit at a government entity that makes loans to other countries
so they can procure U.S. products or items — the statutory goal being to expand U.S. exports.
The auditor has found that the entity is using a significant percentage of its loan authority to
finance large items (e.g., aircraft) that, at the time, are available only from U.S. manufacturers. The
auditor concludes that this is an unwise/ineffective use of the entity’s loan authority since the
foreign countries would need to come to U.S. makers, even if this entity did not offer the loans.
Which of the following recommendations to the entity would be most appropriate and effective?
a. Directly advise the pertinent U.S. makers that it will not approve any such loans in the
future.
b. Send a brief reminder and provide training to its loan officers on the statutory purposes of
the entity.
c. Require a formal determination and certification by entity officials at a mid-management
level, before approval of loans, that the particular export sale would not be possible without
this entity’s loan.
d. Seek a revision to the entity’s statutory authority that will clarify what types of exports
should be financed.
42. Valid reasons for having audit reports in retrievable form include all the following except:
II-10
43. A draft audit report includes a recommendation to implement an accounting standard related to
property, plant, and equipment. The client’s response includes concurrence in principle, but also
a plausible explanation that implementation of the accounting change would require US $50
million and three years implementation time. In deciding on the final recommendation, which of
the following is the most appropriate stance for the auditor to take?
a. Hold to the position that because the system is clearly needed, it should be implemented
sooner and at less cost.
b. While maintaining independence, realistically explore how much implementation of the
accounting change would cost, and how long it would take to implement.
c. Be willing to drop the recommendation if the system seems too costly or time-consuming.
d. Assume (safely) that the client is attempting to manipulate this audit to gain resources in
the next budget.
45. The top official at the audited entity is fulfilling all his statutory responsibilities, the entity is
operating reasonably effectively and economically, and the entity is complying with significant
applicable laws and regulations. However, despite running an overall productive entity, the top
official has engaged in various atypical management practices, such as (1) assigning the most
interesting cases to only a chosen few while others remain without work at times, (2) arbitrarily
denying leave to employees he dislikes while being very liberal with leave approval for those he
favors, and (3) lavishly renovating his own office space and that of the chosen few while leaving
other areas (e.g., the computer room) barely functional. What term might the auditor best use to
label these practices?
a. Material weaknesses.
b. Noncompliances.
c. Abuse.
d. Ethics violations.
46. Under GAGAS, the elements to be developed for a complete finding depend on the audit
objective. If the audit objective is “What level of full-time equivalents (FTEs) and what
activities will be financed next fiscal year if the Congress decides not to provide an
appropriation for (the agency) beyond that year?” What elements of a finding are needed
for a complete finding?
II-11
47. An auditor has an audit objective of determining how effective the controls are in preventing
unauthorized access to a government building where highly classified work is performed. The
building has security guards and visitors’ reception areas at each entrance. For this audit, a
primary audit technique would be:
a. Inquiry.
b. Observation.
c. Inspection of documents.
d. Analytical review.
48. Assume you have an audit objective that read, “To perform an in-depth study of the utilization
of all automatic data processing equipment (ADPE) throughout the U.S. government, including
all specialized ADPE on planes, ships, and spacecraft.”What concerns, if any, would you as an
auditor have?
49. Which of the following should the auditor examine to determine whether only authorized
purchases are being made?
a. Invoice.
b. Purchase order.
c. Receiving report.
d. Relevant procedures manuals.
50. Assume you are on an audit in a foreign country where local employees of the U.S. government
are, by local law and tradition (and agreement with the U.S. government), entitled to voluntary
separation pay when they voluntarily resign. The amounts are based on a formula that considers
such factors as period of employment. You, as the auditor, determine that the separating locals
are being paid about 40 percent more than the agreement with the U.S. government stipulates.
About 20 locals who separated received an average of US $5,000 more than their entitlement,
and 10 more that will be separating soon have been told they will receive an average of US $6,000
more than their entitlement. What is the most appropriate course of action for the auditor?
a. Immediately advise the local controller not to pay the US $60,000 to the 10 separating
employees, and to attempt to get back the US $100,000 from those who separated.
b. Identify any relevant internal control weakness and make an appropriate recommendation.
c. Consider whether fraud may have occurred.
d. Take all actions as described in a., b., and c.
II-12
51. According to The IIA, which of the following statements about marketing the audit function is
the appropriate perspective for government auditors?
52. All of the following audit objectives are for compliance audits except for one. Which one is the
exception?
a. What have federal agencies and contractors done regarding the subsection of the Privacy
Act related to statutory requirements for federal contractors?
b. Do the costs claimed by grantees (and paid to them) meet the criteria established in the
agency’s and the Office of Management and Budget’s (OMB’s) regulations?
c. What has been accomplished in the past year in Chicago under the Community Action
Program grant provided by the federal government?
d. Has agency X followed the requirements of the Federal Acquisition Regulation in its
procurement programs?
53. Assume the following audit objective for a performance audit: “What controls are prescribed to
assure accurate recording of employees’ annual leave?” What elements are needed for a complete
finding?
a. Condition only.
b. Criteria and condition.
c. Criteria, condition, and effect.
d. Criteria, condition, effect, and cause.
54. According to GAGAS, an audit objective for a performance audit includes the following:
a. An audit subject(s).
b. The performance aspect(s) to be developed.
c. The potential finding and elements to be developed.
d. a., b., and c.
II-13
55. Assume the auditor develops the following facts about a recreation center under audit:
a. None.
b. Cause.
c. Effect.
d. Criteria.
a. Physical evidence.
b. Testimonial evidence.
c. Documentary evidence.
d. Analytical evidence.
59. A number of measures can be used to assess the benefits of government auditing. The least
appropriate of these measures would be:
II-14
60. A number of factors need to be considered by the audit organization in deciding the appropriate
level of audit follow-up. These factors include:
61. Which of the following statements about nonaudit services provided by government auditors is
true?
a. The IIA’s Standards and INTOSAI standards address the auditor’s role in nonaudit services
in exactly the same manner.
b. If auditors are asked to provide training to management and/or staff, the training should be
restricted to areas related to controls over financial management.
c. An auditor’s role in control self-assessment may range from very limited to very extensive.
d. When performing nonaudit work under IIA Standards, the internal auditor has essentially
no need to be concerned about independence.
62. Which of the following statements on report timeliness most accurately reflects what the audit
standards require?
a. INTOSAI, IFAC, and The IIA’s Standards all set specific time frames, although the time
frames differ.
b. Timeliness is not specifically addressed in any of the various sets of standards.
c. Timeliness of reports is emphasized in all sets of standards without specific time frames.
d. All sets of standards imply that, if a planned report date is missed, the audit report should
not be issued.
63. The IIA’s Standards, IFAC, and INTOSAI each describe the characteristics of required audit
evidence to be gathered. In this regard, which of the following statements is not true?
a. All these sets of standards describe audit evidence needed with the same adjectives.
b. The IIA’s Standards calls for relevant information to support the conclusion and engagement
results.
c. IFAC focuses on evidence that is sufficient and appropriate.
d. INTOSAI calls for evidence to be competent, relevant, and reasonable.
a. Is reasonably free from error and bias and faithfully represents what it purports to represent.
b. Is obtained by observing people, property, and events.
c. Is supplementary to other evidence already gathered and tends to strengthen or confirm it.
d. Proves an intermediate fact, or group of facts, from which still other facts can be inferred.
II-15
65. Which of the following statements on risk management (consideration) most accurately expresses
the requirements of the various audit standards for government auditors?
a. Under INTOSAI, the audit organization’s entire audit program must be justified and
documented based on specific consideration of risks.
b. Under The IIA’s Standards, auditors have a specific responsibility to monitor and evaluate
the organization’s risk management system, and to assist the organization in this regard.
c. INTOSAI, IFAC, and The IIA’s Standards have no differences in this regard.
d. IFAC does not have a specific standard on risk assessment.
II-16
1. Solution: a
a. Correct. Audit standards recognize that auditors are not presumed to be skilled lawyers,
investigators, or law enforcement officials, and, therefore, may need to seek guidance in
performing integrity services.
b. Incorrect. Abuse involves behavior that is deficient or improper, but does not necessarily
involve fraud, violation of law, or a formal agreement. (See U.S. Government Accountability
Office’s [GAO’s] Government Auditing Standards.) The IIA’s CGAP review material
discusses abuse as one possible aspect of integrity services.
c. Incorrect. This approximates various definitions. See The IIA’s Standard 1210.A2 and
related Practice Advisory.
d. Incorrect. GAGAS incorporates GAAS fieldwork standards for financial statement audits,
which include these two requirements.
2. Solution: d
a. Incorrect. GAGAS considers consulting as nonaudit services, and auditors can perform
such work only if two overarching principles (do not do management’s role, do not audit
your own work) are not violated.
b. Incorrect. The Standards defines internal auditing as including (1) assurance and (2)
consulting engagements. INTOSAI recognizes that supreme audit institutions (SAIs) may
sometimes perform nonaudit work, and states the INTOSAI standards may not apply to
the nonaudit work. (Also, the U.S. GAO, in its audit standards, sees consulting engagements
as “nonaudit” work.)
c. Incorrect. As described in The IIA’s CGAP preparation material, training can legitimately
relate to areas such as performance measurement and other management principles.
d. Correct. Auditor’s can provide a variety of roles in a control self-assessment program, as
suggested in The IIA’s CGAP exam preparation material. The IIA’s Practice Advisory 2120.
A1-2 supports this view.
3. Solution: c
a. Incorrect. None of these standards set specific time frames for reporting.
b. Incorrect. Audit standards address the need for timeliness. For example, The IIA’s Standard
2420 requires “timely” communications. INTOSAI states that reports should be available
“promptly.”
c. Correct. See explanation for option b.
d. Incorrect. This is an overstatement of the requirement for timeliness.
II-17
4. Solution: b
a. Incorrect. GAGAS and IFAC call for sufficient, appropriate evidence. Sufficient is related
to the quantity and appropriateness is related to the quality of evidence (relevance can be
viewed as one aspect of appropriateness, but is subordinate to the main two adjectives).
b. Correct. Although using differing terms (IIA-reliable, INTOSAI-competent, IFAC-
reliability is a key aspect of appropriateness), reliability is emphasized in all three.
c. Incorrect. When evidence is integral to the audit findings, procedures for evaluating
information systems controls needs to more rigorous than if the evidence is presented as
background material in the report. In the latter case, the auditor perhaps would be making
an attribution to the sources of the data. See GAGAS para. 7.27 and 7.65.
d. Incorrect. The Standards refers to useful but INTOSAI does not.
5. Solution: d
a. Incorrect. GAGAS includes “report quality elements” in its supplemental guidance, which
suggest that tone of reports should not be overly aggressive and free-wheeling.
b. Incorrect. One of the GAGAS report quality elements is to be “clear”; however, the problem
here relates more to being “objective.”
c. Incorrect. Completeness is one of the report quality elements, but that concern is not
applicable to the problem here.
d. Correct. The report quality element of “objectivity” — being “balanced in content and
tone” — is most clearly violated in this case.
6. Solution: c
7. Solution: a
II-18
8. Solution: c
9. Solution: b
a. Incorrect. A group has a better chance of concealing a fraud than does an individual.
b. Correct. Segregation of duties and other control processes are more likely to detect fraud by
a single employee. Single employees may not have the opportunity and/or may be subject to
detection by other employees.
c. Incorrect. A group of managers has a better chance of overriding controls.
d. Incorrect. Even a single manager may be able to override controls.
10. Solution: a
a. Correct. Reference The IIA’s CGAP review manual: “The audit department should ensure
that its audit plan is aligned with the needs and expectations of its primary customers
(sponsors of audit work),” and “…work with (secondary) customers (those who use the
audit reports) to solve problems.”
b. Incorrect. If the CAE or equivalent seek “endorsement” of senior management, the CAE’s
independence may be subject to question.
c. Incorrect. Improving the agency’s strategic plan is not a primary reason for the CAE to
consider the agency’s strategic plan.
d. Incorrect. If perceived as being for this reason, the CAE may be seen as too self-serving or
seeking attention.
11. Solution: d
a. Incorrect. The last adjective should be reliability, per GAGAS para. 7.59.
b. Incorrect. Sufficiency relates to quantity, not quality.
c. Incorrect. Competency is not one of the two primary adjectives used by GAGAS to describe
the type of evidence used to support findings.
d. Correct. These are the words used in GAGAS para. 7.59.
II-19
12. Solution: b
a. Incorrect. The rights and obligations assertion relates to whether the entity holds or controls
the rights to assets, and liabilities are the obligations of the entity.
b. Correct. The valuation assertion relates to whether financial information is at appropriate
amounts per relevant accounting principles (e.g., Generally Accepted Accounting Principles
[GAAP]).
c. Incorrect. The presentation and disclosure assertion relates to appropriate disclosure and
presentation in the statements, in notes or as supplementary information.
d. Incorrect. The completion assertion relates to whether all amounts that should be shown on
the statements are, and that those that should not be are not.
(Reminder: These assertions relate to financial statement audits.)
13. Solution: c
14. Solution: b
15. Solution: b
II-20
16. Solution: c
17. Solution: a
18. Solution: b
a. Incorrect. Training would perhaps make the procurement process more efficient.
b. Correct. Competition should reduce prices paid, leading to more economies.
c. Incorrect. Quality assurance procedures would perhaps lead to better quality.
d. Incorrect. Written authorizations would assure that all procurements are authorized.
19. Solution: c
20. Solution: a
a. Correct. This law addresses two of the five interrelated components of COSO’s internal
control framework.
b. Incorrect. This law does not specifically address management’s attitudes and actions (i.e.,
control environment).
c. Incorrect. This law does not specifically address the detailed policies, practices, and
techniques (i.e., activities) used to carry out internal control.
d. Incorrect. This law does not specifically address the information and communication
approach used regarding internal control.
II-21
21. Solution: a
a. Correct. This description for process-based performance audits is consistent with certain
auditing literature (including from The IIA).
b. Incorrect. This is a description of a results-based approach to performance audits. (It also
includes the development of input data.)
c. Incorrect. This is a description of a results-based approach to performance auditing.
d. Incorrect. This is a compliance approach to a performance audit.
22. Solution: d
a. Incorrect. The nature and scope of this audit is not based on an agreement between the
auditor and management.
b. Incorrect. The primary focus of this audit is not internal control.
c. Incorrect. The primary focus of this audit is not the processes used.
d. Correct. The primary focus is on performance; in this case, quantitatively.
23. Solution: c
24. Solution: b
a. Incorrect. A financial audit involves expressing an opinion on statements, and that is not
involved in this audit.
b. Correct. Economy and efficiency and program effectiveness are subtypes of performance
audits, as defined by GAGAS. See paras. 1.28 and 1.29.
c. Incorrect. GAGAS uses the term “performance audit,” not “value-for-money” which is an
alternative term in some audit environments.
d. Incorrect. “Compliance” is cited in GAGAS (para. 1.31), but this audit is primarily about
economy, efficiency, and program effectiveness.
II-22
25. Solution: b
a. Incorrect. Applications controls are designed to prevent, detect, and correct errors and
irregularities as transactions flow through the application.
b. Correct. General controls apply to the entire computer operation and include the categories
mentioned. See The IIA’s CGAP material and other sources.
c. Incorrect. Input, processing, and output are types of application controls.
d. Incorrect. Telecommunications controls are a component of general controls. See The IIA’s
CGAP material and other sources.
26. Solution: a
27. Solution: a
a. Correct. Header and trailer label information helps ensure that proper data was processed.
b. Incorrect. The definition given is for record counts.
c. Incorrect. The definition given is for echo checks.
d. Incorrect. Check digit tests are part of input controls.
28. Solution: c
a. Incorrect. Lack of participation can lead to resistance from the audit staff.
b. Incorrect. Lack of participation would likely be exacerbated by bringing in the CEO. This
may be seen by audit staff as inappropriate “pressure.”
c. Correct. This significant level of participation by the audit staff will reduce resistance.
d. Incorrect. An announcement from the oversight body — without participation and advance
communication — will lead to resistance.
29. Solution: d
a. Incorrect. Based on The IIA’s CGAP exam preparation material and other guidance.
b. Incorrect. Based on The IIA’s CGAP exam preparation material and other guidance.
c. Incorrect. Based on The IIA’s CGAP exam preparation material, systems development
material may include a review of post-implementation activities. (The authoritative source
is The IIA.)
d. Correct. Staff surveys of the acceptability of physical space are not likely in the scope.
II-23
30. Solution: b
a. Incorrect. Based on various sources, including from The IIA, system change procedures are
included in systems development.
b. Correct. Disaster contingency plans relate to assuring physical security.
c. Incorrect. While important, procurement and maintenance of software licenses are not
directly related to physical security.
d. Incorrect. Completeness tests are an element of input controls, not physical security.
31. Solution: a
a. Correct. Auditors can lose clear focus without clear audit objectives, sufficient advance
research, and audit procedures that are both effective and efficient. Sufficient planning
facilitates all of these.
b. Incorrect. Keeping upper-level audit management busy is a frivolous and unproductive
rationale for audit planning.
c. Incorrect. Explanations of the need for planned audits, as well as justifications for budgetary
needs, are not as important as the rationale in option a.
d. Incorrect. Audit planning activities are not performed simply because they are common
practice.
32. Solution: c
a. Incorrect. INTOSAI states that “the scope of the audit mandate will determine the scope
of the standards to be applied by the SAI.” INTOSAI recognizes that “constitution and
legislation” are important elements of deciding on audits. Consideration of risk is not
emphasized.
b. Incorrect. The approach and procedures for evaluating risk are more “structured” in a
financial statement audit than in a performance audit.
c. Correct. The IIA’s Standards place great emphasis in having the internal auditor consider
risk, control, and governance on an ongoing basis.
d. Incorrect. Refer to the explanations for options a. and b. While GAGAS address risk, they
also stress significance and other factors.
33. Solution: d
a. Incorrect. Goal alignment with the law, while important, would not be as important as
other observations.
b. Incorrect. Generally, the government auditor’s role is not to challenge those who enact the
relevant law.
c. Incorrect. Lack of a baseline, while important, would not be as important as other
observations.
d. Correct. Legislators and the general public have great interest in what is being achieved
(results), so the auditor would have the highest level of interest in why the focus is on output
(activity), not outcome.
II-24
34. Solution: d
a. Incorrect. “Economy, efficiency, and effectiveness” are ambiguous words. However, option
d. is inclusive of this criticism.
b. Incorrect. The objective is biased in assuming that “problems” exist. However, again, option
d. is inclusive of this criticism.
c. Incorrect. The objective includes general words (e.g., “management problems”), but option
d. is inclusive of this criticism.
d. Correct. See explanations for options a., b., and c.
35. Solution: c
a. Incorrect. Auditors need to consider the calendar days available to perform audit work.
b. Incorrect. Auditors need to consider the number of sites and time frames in deciding on the
audit scope.
c. Correct. Personal conflicts between auditors and clients are not appropriate considerations
in determining audit scope. (For example, the auditor should not include sites due to personal
dislike of program managers or to “punish” the manager for past lack of cooperation.)
d. Incorrect. The auditor’s possible use of sampling can legitimately be a consideration in
setting the audit scope.
36. Solution: d
a. Incorrect. A rude response to the top official of the client during the audit will likely impede
open and professional communication.
b. Incorrect. The top official of the client may well consider this a rude response as well,
especially if the “body language” was inappropriate.
c. Incorrect. A very confrontational response to the top official of the client will very likely
run a risk of shutting down communication.
d. Correct. This is a fairly balanced response and the best of the alternatives presented. Some
auditors may believe that this could be further improved by omitting the phrase “…as I see
fit.”
37. Solution: c
a. Incorrect. “Special” committee is not the name of the committee that reconciles differences
in bills passed in two legislative houses.
b. Incorrect. Budget committees in each house consider proposed budgets and do not have the
role of reconciling differences.
c. Correct. This is the term used in the U.S. Congress.
d. Incorrect. Authorizing committees in the U.S. Congress consider legislation to “authorize”
establishment and continuation of government programs.
II-25
38. Solution: d
39. Solution: c
a. Incorrect. Even if management states it is willing to accept the risk, the auditor still must
consider whether that acceptance is prudent. In a government, auditors may be unlikely to
agree that management’s acceptance of risk is prudent, since government largely operates
on taxes.
b. Incorrect. The auditor should not ignore management’s position and simply proceed to
development of a deficiency finding.
c. Correct. The auditor’s objective review of the costs and benefits of potential recommendations
is constructive and consistent with audit standards and guidance in auditing literature.
d. Incorrect. A police background check on certain personnel and posting of a list of names
would be unwarranted, and may raise legal issues on privacy.
40. Solution: c
41. Solution: c
42. Solution: d
II-26
43. Solution: b
a. Incorrect. The auditor has a responsibility to realistically and fairly consider the comments
of the client.
b. Correct. Realistic consideration by the auditor of the time and cost required to implement
a proposed recommendation is appropriate.
c. Incorrect. The auditor needs to go beyond appearances, or what seems to be the case. The
auditor needs to perform a realistic assessment.
d. Incorrect. The auditor should exhibit professional skepticism, but not become cynical or
personally judgmental.
44. Solution: c
a. Incorrect. For various reasons, the suspect’s supervisor should not be in attendance. For
example, the supervisor may be involved in the fraud; even if not, the supervisor’s presence
could lessen the degree of open communication.
b. Incorrect. Locking the door may intimidate the suspect or lead to resistance.
c. Correct. Paying attention to wording choices is recommended in authoritative sources.
d. Incorrect. Per The IIA’s CGAP exam review manual, “Admissions of guilt should not be
coerced.” Other authoritative investigative guidance supports this view.
45. Solution: c
a. Incorrect. The term “material weakness” is specifically related to internal control deficiencies
identified in financial statement audits.
b. Incorrect. Certain of the activities described are inappropriate or questionable, but do not
violate specific laws or regulations.
c. Correct. Abuse is behavior that is deficient or improper when compared with the behavior of
a prudent person, and includes misuse of authority or position. Abuse does not necessarily
involve fraud or violation of a law.
d. Incorrect. Ethics involves values and principles, and such matters as conflicts of interest,
professional competence, and confidentiality. The activities and behaviors, in this case, are
more correctly seen as abuse.
46. Solution: b
a. Incorrect. GAGAS states that the number of elements required depends “entirely on the
objectives of the audit” (see para. 7.72). Only the condition element is needed to answer this
objective.
b. Correct. Refer to the explanation for a.
c. Incorrect. Refer to the explanation for a.
d. Incorrect. Refer to the explanation for a.
II-27
47. Solution: b
a. Incorrect. Inquiry would not be as effective as observation in assessing how effectively the
controls prevent unauthorized access.
b. Correct. Observation should be the most effective audit technique to determine how
effectively unauthorized entries are precluded. It would be most effective if the auditor can
observe without being observed.
c. Incorrect. Inspection of documents is likely ineffective due to the lack of documents.
d. Incorrect. Analytical review would not be a useful audit technique.
48. Solution: d
49. Solution: b
a. Incorrect. Invoices show whether the charges were proper, but not authorization.
b. Correct. The purchase order is the classic control to determine authorization.
c. Incorrect. The receiving report shows what was received, not authorized.
d. Incorrect. Having adequate written manuals does not assure they are followed, so the
auditor reviews specific records, documents, and reports.
50. Solution: d
51. Solution: d
a. Incorrect. The IIA identifies the general public as beneficiaries, not the primary customers.
b. Incorrect. The IIA identifies the secondary customers as those who directly use the reports
(the client’s high-level executives and managers).
c. Incorrect. Cooperation with clients can coexist with independence.
d. Correct. Obtaining and considering the views of top management recognizes that the
auditors are focused on achieving the client’s objectives.
II-28
52. Solution: c
53. Solution: a
a. Correct. Answering this objective completely will require only descriptive information.
b. Incorrect. Answering the specific objective will not require the identification of criteria.
c. Incorrect. The answer to the objective will not require criteria or effect.
d. Incorrect. The answer to the objective will not require cause, criteria, or effect.
(While the traditional or classical audit finding includes condition, criteria, effect, and cause —
and identifying these four is common practice — GAGAS states that the number of elements
for a complete finding depends on the audit objective.)
54. Solution: d
a. Incorrect. Audit “subject matter” is only one requirement. See GAGAS para. 7.08. Option
d. is a more complete statement.
b. Incorrect. “Performance aspects” is only one requirement. See a.
c. Incorrect. “Potential findings” and “elements” are incomplete. See a.
d. Correct. See GAGAS para. 7.08.
55. Solution: d
a. Incorrect. A traditional audit finding includes four elements — condition, criteria, cause,
and effect. The facts developed do not include criteria.
b. Incorrect. The “cause” is III. (lack of scheduled events…).
c. Incorrect. The effect is IV. (75 percent had not visited…).
d. Correct. I. and II. are “condition.” III. and IV. are “cause” and “effect,” respectively.
“Criteria” is absent.
56. Solution: b
II-29
57. Solution: a
a. Correct. The supervisor can review the summary and test the cross-indexing to the support,
without a need to review all the support.
b. Incorrect. The summary does not negate the need to retain detailed audit documentation.
c. Incorrect. An audit report is still usually required, and the report is typically in a different
format, intended to be useable by external users.
d. Incorrect. There can be “full” documentation without summaries.
58. Solution: c
59. Solution: d
a. Incorrect. Government audit organizations often “track” the monetary impact of their
audits and/or investigations.
b. Incorrect. Government audit organizations often report regularly on the implementation of
the audit recommendations.
c. Incorrect. Comments on draft reports can give an indication as to whether the auditor-
client working relationships are mutually beneficial.
d. Correct. This information may be available and interesting, but is not as useful as the above
three in assessing the benefits of government audits.
60. Solution: d
II-30
61. Solution: c
a. Incorrect. The IIA’s Standards defines internal auditing as including (1) assurance and (2)
consulting engagements. INTOSAI recognizes that SAIs may sometimes perform nonaudit
work, and states the INTOSAI standards may not apply to the nonaudit work. (Also, the
U.S. GAO, in its audit standards, sees consulting engagements as “nonaudit” work.)
b. Incorrect. As described in The IIA’s CGAP preparation material, training can legitimately
relate to areas such as performance measurement and other management principles.
c. Correct. Auditors can provide a variety of roles in a control self-assessment program, as
suggested in The IIA’s CGAP exam preparation material. The IIA’s Practice Advisory
2120-1 supports this view.
d. Incorrect. The internal auditor cannot ignore the need for independence. For example, see
Practice Advisory 1130.A2-1, paragraph 2.
62. Solution: c
a. Incorrect. None of these standards set specific time frames for reporting.
b. Incorrect. Audit standards address the need for timeliness. For example, The IIA’s Standard
2420 requires “timely” communications. INTOSAI states that reports should be available
“promptly.”
c. Correct. See explanation for option b.
d. Incorrect. This is an overstatement of the requirement for timeliness.
63. Solution: a
a. Correct. Although there is basic similarity, these three sets of standards use differing
adjectives to characterize the audit evidence needed.
b. Incorrect. This is true, per IIA Standard 2330.
c. Incorrect. This is true, per IFAC’s International Standard on Auditing (ISA).
d. Incorrect. This is true per INTOSAI’s field standard 3.5.
64. Solution: a
a. Correct. Based on definitions in The IIA’s CGAP review manual and in INTOSAI standards,
as well as the dictionary.
b. Incorrect. This characteristic relates to physical evidence.
c. Incorrect. This characteristic relates to corroborative evidence.
d. Incorrect. This vague characteristic is not a clear aspect of competent evidence.
II-31
65. Solution: b
a. Incorrect. INTOSAI states that “the scope of the audit mandate will determine the scope
of the standards to be applied by the SAI.” INTOSAI recognizes that “constitution and
legislation” are an important element of deciding on audit programs. Specific consideration
of risk is not required.
b. Correct. The IIA’s Standards places great emphasis on having the internal auditor consider
and advise management on risk, control, and governance.
c. Incorrect. Refer to the explanations for options a., b., and d.
d. Incorrect. See IFAC’s ISA 330, The Auditor’s Procedures in Response to Assessed Risks.
II-32
1. Some behavioral models stress employee participation as a key to motivation. A limitation to the
participative approach is:
2. Which of the following is not an advantage of teamwork compared with work performed by
individuals?
3. The following statements represent characteristics about bureaucracy in the government. All
are generally positive characteristics except one, which can become a negative. Which is that
exception?
a. Division of labor allows each employee to have specific duties and functions.
b. Levels of authority are followed to make decisions.
c. Controls are properly and fairly emphasized.
d. A framework of rules gives employees direction.
III-1
5. Regarding centralized personnel systems in the government, all of the following statements are
true except one. Which one is the exception?
6. At the federal level of the U.S. government, which of the following statements about legisla-
tive mandates for performance measurement is true?
a. The Government Performance and Results Act (GPRA) of 1993 requires strategic plans
(for fiscal year 1999 and the future), annual performance plans, and annual performance
reports.
b. Since 1990, federal auditors have been statutorily required to annually audit the accuracy of
reported performance data.
c. Even though federal mandates have focused on performance measurement and reporting,
those mandates are silent on using performance information to formulate budgets.
d. The “landmark” Chief Financial Officers (CFO) Act of 1990, as amended, focuses on
financial accountability, but is silent on performance accountability.
7. For the U.S. National Park Service, documents prepared pursuant to federal statutory require-
ments include the following terms/phrases:
Use the following designations: LTG = Long-term goal, APG = annual performance goal, PM =
performance measure, and S = strategy. Now, which order below matches the terms/phrases
above?
8. U.S. federal agencies’ strategic performance plans must include all of the following except:
III-2
9. The most authoritative source for guidance on how to measure and report performance at
the state and local levels in the United States is:
a. The Federal Accounting Standards Advisory Board (FASAB) and the Office of Management
and Budget (OMB).
b. The Government Performance and Results Act and related legislation.
c. The Governmental Accounting Standards Board (GASB), and state and local laws.
d. The Urban Institute.
10. Under the GASB model for performance measurement of a school, the “percentage of
students gainfully employed or in continuing education two years after graduation” is an:
a. Output measure.
b. Efficiency measure.
c. Outcome measure.
d. Effort (input) measure.
11. Under the GASB model for performance measurement of a fire department, “operating
expenditures per US $100,000 of property protected” is an:
a. Outcome measure.
b. Efficiency measure.
c. Output measure.
d. Effort (input) measure.
12. The first consideration in measuring performance is deciding what to measure. Four general
steps to do this are: 1) assess performance through benchmarking, 2) identify the processes in
the program, 3) determine whether recommendations are warranted, and 4) identify stakeholder
needs. Which of the following is the correct order for these four steps?
a. 4, 3, 2, 1.
b. 3, 2, 1, 4.
c. 4, 2, 1, 3.
d. 4, 1, 2, 3.
13. Which data collection technique would be most effective for use in evaluating the cleanliness of
city parks?
a. Household surveys.
b. Agency records of cleanliness complaints.
c. Ratings by trained observers.
d. Focus groups.
III-3
14. Which data collection technique would be most useful for assessing whether efficient flow is
being maintained efficiently in areas of high traffic density?
a. Technical tests.
b. Automated data collection from driver surveys.
c. Ratings by trained observers on the ground.
d. Photographic rating scales from the air.
15. Broad performance aspects, such as timeliness, should be further divided to be relevant to the
program being measured. For example, the more specific aspect of timeliness in a Department of
Motor Vehicles (DMV) would most likely be:
a. Cycle time.
b. Response time.
c. Queuing time.
d. On-time delivery.
16. Which of the following performance aspects is inherent in every output, and thus unique?
a. Timeliness.
b. Efficiency.
c. Cost.
d. Quality.
17. Methodologies available to government units to identify and manage costs can and do vary —
three primary examples being (1) process, (2) job order, and (3) activity-based (ABC) approaches.
In this regard, which of the following statements is most accurate?
a. No matter which approach is used, “linking” costs to objects (e.g., products, services, or
outputs) is of minor importance in holding government accountable.
b. Process cost is associated with large, unique products, such as aircraft carriers.
c. In theory, job order is the most effective of the three in assigning indirect costs to objects.
d. ABC can be costly and complex to implement.
18. Government auditors have not been routinely required to perform program evaluations. Never-
theless, government auditors have several valid reasons to gain a better appreciation of program
evaluation techniques and approaches. All of the following are valid reasons for auditor interest
in program evaluation except:
a. The use and value of program evaluation is mandated/endorsed by certain legislation in the
U.S.
b. The purpose of program evaluations bears a significant relationship to the objective of
performance auditing, particularly program audits.
c. Selected techniques from program evaluation may strengthen a government auditor’s
toolkit.
d. Audit organizations need to protect their “turf.”
III-4
19. Which sampling plan requires no additional sampling once the first error is found?
a. Stratified sampling.
b. Attributes sampling.
c. Stop-or-go sampling.
d. Discovery sampling.
20. A 95 percent confidence interval for the mean of a population based on a sample always implies
that there is a 95 percent chance that:
21. The size of a given audit sample is jointly a result of characteristics of the population of interest
and decisions made by the auditor. Everything else being equal, sample size will:
a. Increase if the auditor decides to accept more risk of incorrectly concluding that controls
are effective when they are in fact ineffective.
b. Double if the auditor finds that the variance of the population is twice as large as was
indicated in the pilot sample.
c. Decrease if the auditor increases the tolerable rate of deviation.
d. Increase as sampling risk increases.
22. An important difference between a statistical and a judgmental sample is that with a statistical
sample:
23. In a financial statement audit, a government auditor may use both attributes and variables
sampling. Which statement below best describes how the two types of sampling may be used?
a. Either of the two would have an equally likely chance of audit use in any audit area.
b. Variables sampling would be of little benefit in estimating the true value of accounts
receivable based on confirmation results.
c. Variables sampling would be useful in estimating the true value of inventory based on
physical inventory observation and related audit procedures.
d. Variables sampling would be a likely choice in assessing whether supervisors effectively
verified and signed off on their subordinates’ work.
III-5
25. In an audit of a new personnel system, assume an auditor is developing a questionnaire. Which
of the following question formats is phrased in the most appropriate manner?
a. Has the new personnel system flattened the hierarchical pyramid, causing intra-
organizational structural stress?
b. How useful has the new personnel system been to improving work productivity? (answers:
very useful, somewhat useful, no impact, somewhat problematic, very problematic)
c. How strongly do you believe that the developers of the new personnel system are more
interested in “flexing their muscle” rather than helping achieve the organizational goals?
d. Same question as option b., but with possible answers of (extremely useful, very useful,
useful, moderately useful).
III-6
28. In contrasting program evaluation with performance measurement, which of the following
statements best describes the comparison?
29. Which of the following statements does not describe a characteristic of summative program
evaluations?
30. Which of the following statements is not true regarding formative program evaluation?
31. In formative program evaluation, one technique that involves the use of observations and
interviews to study how people learn, interact with others, or make decisions is called:
a. Focus groups.
b. Program modeling.
c. Expert judgment.
d. Ethnographic analysis.
a. Did you ever transfer government-owned property from your office to your residence?
b. Were you advised by your lawyer not to answer my questions?
c. Were you provided training on the internal control techniques used in handling cash
receipts?
d. What internal control policies and techniques exist regarding cash receipts?
III-7
33. In an interrogatory interview, which of the following steps below enhances the chances of
admissibility of the recorded interview in court?
a. Loading new batteries into the tape recorder before recording the interview.
b. Purchasing new tapes for the interview and retaining the receipt.
c. Delivering the original tapes to the audited organization’s lawyers immediately after the
interview, and getting a signed receipt.
d. All of the above (a., b., and c.) will enhance the chances of admissibility.
34. Which of the following statements best describes the overall relationship between internal controls
and detecting/preventing integrity violations?
a. Written policies should describe how integrity violations would be handled if detected.
b. Management needs to communicate the importance of its systems of internal controls with
an appropriate recognition and reward system.
c. Auditors need to communicate to management their recommendations to enhance or add
controls regarding integrity violations.
d. An effective system of control is the most important deterrent an organization can have
against integrity violations.
35. Final investigative reports usually contain all of the following except:
36. Which of the following statements about detecting integrity violations is the least accurate?
37. Assume that a government auditor — by request — is planning an audit of the effectiveness of
a popular government program. The auditor discovers that more than 100 other audits/studies
have all concluded that the program is ineffective. All of the following approaches by the auditor
are sound except:
a. Because the audit is based on a request, basically ignore the prior conclusions.
b. Evaluate the soundness of any factual basis for the other conclusions reached.
c. Assess the possible bias of the other studies — who wrote them? The scope and
methodologies? The tone of the reports?
d. In your report, selectively use (and properly characterize) information from the other
reports after considering its reliability and currency.
III-8
38. Assume the following scenario: Mr. Auditor worked for Mr. Client for five years, but, after much
adversity between the two, Mr. Client fired Mr. Auditor. Five years after the firing, Mr. Auditor
is in charge of an audit of Mr. Client’s office. While the audit discloses certain deficiencies, they
would be viewed by a prudent auditor as minor. Nevertheless, Mr. Auditor spends six months on
the audit and issues a 100-page scathing report. This is an example of the logical fallacy of:
a. Non sequitur.
b. Slippery slope.
c. Ad hominem.
d. Deductive fallacy.
39. Assume an audit involves attempting to determine the merits of producing ammunition in
government-owned, government-operated (GOGO) versus government-owned, contractor-
operated (GOCO) plants. One military branch has a study concluding GOGO is preferable,
while another military branch has a study concluding that GOCO is preferable. If the auditor
cites only one of these studies to support an audit conclusion (and ignores the other), he has
likely engaged in a logical fallacy called:
a. Hasty generalization.
b. Post hoc, ergo proper hoc.
c. False use of authority.
d. Inductive fallacy.
40. A government auditor needs to consider the concept of materiality and significance. Which is
the best statement, from below, of how the auditor may view these differently in the public sector
than in the private sector?
41. The strategic planning process can be viewed as having the following steps:
Which of the following represents the logical flow of these four steps?
III-9
42. In the government arena, four major generic categories of performance measures are:
43. Under the GASB model of performance measurement for mass transit, “average age of
vehicles and remaining life” and “replacement cost of vehicles” are examples of:
a. Efforts measures.
b. Efficiency measures.
c. Explanatory data.
d. Outcome measures.
44. Regarding performance measures, a government auditor may take several differing approaches.
In this regard, which of the following audit approaches is the least preferable?
a. An auditor should supplement data obtained from direct observation with data from agency
records and secondary sources.
b. An auditor may sometimes be called upon to independently assess performance using
auditor-developed measures.
c. An auditor may sometimes assess the adequacy (or relevance) of management’s measures,
i.e., go beyond accuracy (reliability).
d. Auditors should generally steer clear of performance measures, because of the standard of
independence.
45. To an alert auditor, an employee who refuses to take vacation or sick leave should be viewed as:
46. A combination circle and line graph that is used to identify potential causes and their components
and portray their extent is known as a:
III-10
47. Regarding the types of evidence an auditor collects, which of the following statements is most
accurate?
48. In a performance audit conducted under GAGAS, the auditor has certain responsibilities
when using data generated from computer-based systems. Regarding the auditor’s
responsibilities in this area, three of the following statements are true, and one is not true.
Which statement is not true?
a. The sufficiency and appropriateness of data are of particular interest when the data are
significant to the auditor’s audit objectives, findings, and conclusions.
b. These important responsibilities apply in the same manner, no matter how the auditor will
use the data.
c. If the auditor has evidence that the general and applications controls are effective, the
auditor may be able to reduce the amount of work to test the validity of data used.
d. These responsibilities apply regardless of whether the auditor or the client extracts the data
to be used.
49. In performance audits, auditors are required to develop complete findings. Under GAGAS,
a complete finding:
50. An audit organization performs an audit of a new drug awareness and reduction program in a
major city. The primary audit approach is to compare certain key societal indicators (e.g., school
dropout rates, juvenile delinquency, teen pregnancy, etc.) from before and after the initiation of
this new program. Which elements of a finding should the finding(s) include?
III-11
51. Which elements of a finding would be necessary to respond to the following audit objective:
“What are the types of research activities, technologies assisted, and amounts by categories
expended in the past five years under the Department of Defense’s Manufacturing Technology
Program?”
52. In evaluating program impact, one quantitative approach is called the “before and after” design.
Which of the following statements about this design approach is/are true?
a. Compared to other designs intended to isolate “impact,” the before and after is viewed as
the simplest, but can be the least reliable.
b. This design is most appropriate for auditors when (1) conditions remain stable, (2) no
conditions other than the program/intervention can have an impact, and (3) the auditor can
rather easily identify other factors that could have had an influence.
c. Data must be available to measure conditions prior to the program/intervention.
d. All of the above statements are true regarding the “before and after” design approach.
53. Two other designs for evaluating program impact are called “true experiment” and “randomized
experimentation.” Regarding these two, which of the following statements is not true?
a. These two types of design are considered both more reliable and useable for the auditor
than other designs, such as “before and after,” “time series,” etc.
b. The prerequisite of these two approaches that control groups be identified before the
program is established generally precludes their direct use by auditors.
c. Since auditors generally cannot use these designs directly, the auditor should “steer clear”
of whether the client uses these designs.
d. Both of these designs are used to determine the change created by the program.
54. Another approach that auditors may consider is known as “control group” design. With which
of the following statements about this design approach would you disagree?
a. Under this approach, two groups are evaluated after program implementation — one group
served by the program and one not served.
b. It is important that the two groups be (1) similar and (2) subject to the same variables.
c. This would be a very weak design for auditors.
d. To be an effective design, it is important to try to identify outside factors that may have an
impact.
III-12
a. A run chart can be used to identify a potential problem and its extent by tracking and
displaying changes in an aspect of performance.
b. An alternative term for Pareto Analysis is “fishbone” analysis.
c. A histogram is best presented visually in pie chart form.
d. Despite its title, an aging schedule is unrelated to the time dimension.
56. The analysis technique that separates the “vital few” from the “trivial many” and draws attention
to problems in a systematic way is:
a. A scatter diagram.
b. Force field analysis.
c. A control chart.
d. Pareto Analysis.
57. If the requirement is to measure the effectiveness of drinking water delivery, which of the following
would be of interest?
58. A major city’s Office of Planning and Development Review reported since 10 years ago, a 12
percent increase in commercial permits issued, a 51 percent increase in residential permits issued,
a 43 percent increase in commercial inspections, and a 6 percent increase in residential inspections.
These are four measures of:
a. Inputs (efforts).
b. Outcomes.
c. Outputs.
d. Efficiency.
59. An auditor is performing an audit with an objective of determining whether the radio for a
military helicopter (1) met military needs, and (2) was being procured economically. The auditor
has documented many weaknesses in the procurement of the radios. The auditor decides, based
on little or no specific information, that the procurement of the helicopter itself is likely deficient,
and therefore expands the audit significantly. The auditor is making the logical error called:
a. Non sequitur.
b. Slippery slope.
c. Post hoc, ergo proper hoc.
d. False use of authority.
III-13
60. Which of the following statements about analytical review that auditors use is least accurate?
a. Data envelope analysis is appropriate for use in evaluating performance at multiple military
installations or schools.
b. Interrupted time series is a quasi-experimental design that allows auditors to compare
observations from before and after an intervention.
c. Cost effectiveness and cost/benefits are essentially the same.
d. Regression analysis is a method of measuring the statistical relationship between two or
more variables.
III-14
1. Solution: c
a. Incorrect. This option relates to a concept that views workers as either generally lazy (theory
X) or generally willing to work if given the chance (theory Y). The originator of this theory
is Douglas McGregor.
b. Incorrect. This option uses language from Frederick Herzberg’s two-factor theory of
motivation. One factor is viewed as dissatisfiers (maintenance or hygiene) such as pay,
surroundings, etc., and the second factor of satisfiers (motivational) such as achievement,
challenging work, etc.
c. Correct. Individuals differ in how actively participative they will be, even when given the
chance.
d. Incorrect. Appropriate conflict management can work even in various environments, even
when tensions may be greater than normal.
2. Solution: c
3. Solution: c
4. Solution: c
III-15
5. Solution: d
a. Incorrect. Basing personnel decisions on fairness and merit is a primary reason to have
centralized personnel systems in government offices.
b. Incorrect. The expansion of centralized personnel systems, with emphasis on fairness and
merit, has decreased the number of patronage positions.
c. Incorrect. Centralized personnel systems address the full range of personnel decisions and
management.
d. Correct. Correct discipline systems, processes, and rules must, and do, address both
performance problems (quantity, quality, pace) and conduct/behavior (e.g., late arrivals,
physical fighting, breaking office furniture, etc.).
6. Solution: a
7. Solution: b
Option b. shows the correct sequence. I. is a long-term goal, looking five years to the future, and
would be in a strategic plan. II. gives the performance measure to be used. III. presents a strategy
of how the intended performance will be achieved. IV. is the near-term — annual goal.
(Note: While this example is specific to a U.S. law and U.S. government agency, the concepts have
general applicability in other countries that use performance measurement and reporting.)
8. Solution: d
a. Incorrect. The U.S. law, titled the GPRA of 1993 requires a mission statement in the strategic
plan.
b. Incorrect. The GPRA also requires a discussion of the strategies intended to achieve
planned performance goals in the strategic plan.
c. Incorrect. The GPRA also requires a discussion of external factors that could impede a
government agency’s goals in the strategic plan.
d. Correct. Under the GPRA and related guidance, the alignment of the budget with
annual performance goals in is the annual performance plan (sometimes referred to as the
performance budget). The strategic plan is for a five-year period.
(Note: While the GPRA is specific to the U.S., the concepts may have value or applicability to
other countries that are developing/using performance measurement and reporting.)
III-16
9. Solution: c
10. Solution: c
11. Solution: b
12. Solution: c
The correct sequence is presented in option c., based on The IIA’s CGAP Examination Study
Guide, Section III, B.3.c. It also is the most logical option. Therefore, options a., b., and d. are
incorrect answers.
13. Solution: c
a. Incorrect. Household surveys would not be as direct as the use of trained observers.
b. Incorrect. Relying on complaints would be a less objective and comprehensive approach
than the use of trained observers.
c. Correct. Ratings by trained observers is the most effective approach for areas such as park
or street cleanliness, or compliance with health regulations in food establishments.
d. Incorrect. Use of focus groups (small groups of stakeholders) would not be as comprehensive
and objective as the use of trained observers.
III-17
14. Solution: d
a. Incorrect. Technical tests are relevant to areas such as checking air or water quality, and not
very relevant in assessing traffic density.
b. Incorrect. Driver surveys would be more prone to drivers’ biases, lack of recall, etc., and
surveys would likely be difficult to administer.
c. Incorrect. Having observers on the ground is likely more useful in identifying the quantity
of traffic on specific highways or roads, but not necessarily the density of traffic, which
involves more than identifying quantities. Option d. is a better approach.
d. Correct. The use of video cameras is a very effective approach (and has been used) to
document traffic density.
15. Solution: c
a. Incorrect. Cycle time would be applicable to such areas as applications for passports,
permits, copyright registrations, etc.
b. Incorrect. Response time would be applicable to emergency vehicles.
c. Correct. Queuing time involves standing in lines waiting for renewals of driver’s licenses or
vehicle tags, a typical situation at a DMV.
d. Incorrect. On-time delivery would be applicable to areas such as biweekly payroll checks,
etc.
16. Solution: d
a. Incorrect. Timeliness is not always relevant, for example, in the quality and durability of
roadways or highways.
b. Incorrect. Efficiency is not always relevant, for example, in research and development or
perhaps in police operations.
c. Incorrect. While cost is associated with all outputs, cost is not inherent in the outputs.
d. Correct. Quality is considered inherent in every output, based on a wide range of authorita-
tive performance measurement literature.
17. Solution: d
III-18
18. Solution: d
a. Incorrect. This is a valid reason for auditors to show interest. Government auditors generally
see legislative bodies as important customers.
b. Incorrect. This is a valid reason for auditor interest, since performance audits can focus on
effectiveness, as well as economy and efficiency. In fact, some auditors view evaluation as a
specialized type of performance audit.
c. Incorrect. This is also a valid interest for government auditors, and, in fact, some government
audit organizations have added selected techniques to their “toolkit.”
d. Correct. Protection of “turf ” is a very superficial reason to be interested in evaluation, and
would not enhance the professionalism of government auditors.
19. Solution: d
a. Incorrect. This option is not relevant to the statement presented. In a stratified sample, the
population is divided into relatively homogenous groups, and the sample is selected from
the groups.
b. Incorrect. Attributes sampling concerns binary, yes/no, or error/non-error propositions. It
can be used to test the effectiveness of controls, and requires the existence of evidence
indicating performance of the control.
c. Incorrect. This is not relevant to the statement presented. The objective of stop-and-go
sampling is to reduce the sample size. Sample size is not fixed, so the internal auditor can
achieve the desired result, even if deviations are found, by enlarging the sample sufficiently.
In contrast, discovery and acceptance sampling have fixed sample sizes.
d. Correct. Discovery sampling is appropriate only when a single deviation would be critical.
The occurrence rate is assumed to be at or near zero percent, and the method cannot be
used to evaluate results statistically if deviations are found in the sample.
20. Solution: d
a. Incorrect. Computation of a confidence level permits a statement of the probability that the
interval contains the population value.
b. Incorrect. Two-sided confidence intervals are more common.
c. Incorrect. Confidence level has no bearing on the size of the standard deviation.
d. Correct. Confidence level equals the sample statistic + or – a risk allowance.
21. Solution: c
III-19
22. Solution: d
23. Solution: c
a. Incorrect. The two approaches do not have an equal chance of being used in any area of a
financial statement audit. (See the other explanations.)
b. Incorrect. In fact, using variables sampling for this purpose (estimating the true value of
accounts receivable) would be a beneficial application.
c. Correct. Sampling for variables applies to monetary amounts but can be used for other
measures. It attempts to provide information about whether a stated amount is materially
misstated. The auditor uses this approach to either support or reject the conclusion about a
reported number.
d. Incorrect. Attribute sampling would be more applicable to assess whether supervisory
signoffs of subordinates’ work were effective.
24. Solution: d
Option d. is correct based on The IIA’s CGAP Study Guide, Section III, 4b. Thus, options a., b.,
and c. are incorrect.
25. Solution: b
a. Incorrect. This language is very ambiguous and unclear, and, thus, inappropriate.
b. Correct. This question is focused, clear, balanced, and unbiased, and does not “lead” the
respondent.
c. Incorrect. This is a biased, leading question, and addresses more than one idea.
d. Incorrect. This question does not have option symmetry (all are positive options, none are
negative), and is, thus, biased.
26. Solution: c
a. Incorrect. Trading verbal jabs is confrontational and does not represent a professional,
low-key style that is more effective in interviews.
b. Incorrect. Auditors are required to verify and validate old information. Not doing so can
hurt the auditor’s credibility.
c. Correct. If information from an interview is important to the audit, having the interviewee
sign off or confirm in some other manner is a good corroborative procedure.
d. Incorrect. If possible, use of two auditors at the interview will better assure that all answers
are heard and properly recorded in the audit documentation.
III-20
27. Solution: a
28. Solution: a
a. Correct. This statement properly describes the comparison between program evaluations
and performance measurement systems.
b. Incorrect. Many governments have mandated performance measurement systems — for
example, the Government Performance and Results Act of 1993 and other state and local
laws in the U.S.
c. Incorrect. The first clause is correct, but the second is incorrect. Performance measurement
is intended to collect data on effectiveness (e.g., accomplishments, outputs, outcomes), not
just “descriptive data.”
d. Incorrect. The second clause is correct, but the first clause is incorrect. Again, performance
measure systems should focus extensively on effectiveness, not just economy, efficiency, and/
or administrative actions.
29. Solution: a
30. Solution: b
III-21
31. Solution: d
32. Solution: d
33. Solution: d
34. Solution: d
a. Incorrect. Written policies on handling integrity violations, while a good procedure, does
not address the overall relationship of controls and violations.
b. Incorrect. Management communication, while important, does not describe the overall
relationship of internal controls and integrity violations.
c. Incorrect. Auditors’ recommendations, if implemented, can reduce the risk of integrity
violations, but this statement does not describe an overall relationship between internal
controls and integrity violations.
d. Correct. This is the classical relationship of effective controls as the most important
deterrent against integrity violations.
35. Solution: d
III-22
36. Solution: d
a. Incorrect. Hotlines are an appropriate and widely used form of detecting potential integrity
violations. Appropriate follow-up is needed to validate the information reported and judge
its significance.
b. Incorrect. Unannounced audit procedures can be effective in detecting integrity violations.
c. Incorrect. Changing passwords is an effective procedure to prevent, and possibly detect,
unauthorized access (or attempts) into systems.
d. Correct. While of value, signing of annual statements of awareness of relevant laws would
be less effective in detecting integrity violations than the procedures discussed in options a.,
b., and c.
37. Solution: a
38. Solution: c
a. Incorrect. Non sequitur (“It does not follow.”) is the logical fallacy of suggesting something
did nor did not happen without a logical basis. That form of illogical thinking is not relevant
in this case.
b. Incorrect. Slippery slope (or “nose of the camel in the tent”) refers to an illogical conclusion
that, since action “A” happened, all actions through “Z” will definitely occur. (Examples —
gun control, abortion rights, etc.) That form of illogical thinking is not relevant in this case.
c. Correct. Ad hominem is pursuing an audit based on adverse feelings about a person(s), not
the evidence. This is relevant in this case.
d. Incorrect. Deductive fallacy is illogical use of a series of statements, which is not the form
of illogical thinking in this case.
III-23
39. Solution: c
a. Incorrect. Hasty generalization is “leaping” to a broad conclusion based on too few facts or
too little evidence. This is not the problem in this case.
b. Incorrect. Post hoc, ergo hoc is assuming, illogically, that because something happened after
an event, it is because of that even. Not relevant in this case.
c. Correct. False use of authority is, illogically, citing only the authority that fits your position.
This is the relevant illogical thinking in this case.
d. Incorrect. Inductive fallacy is illogical use of a series of statements, and is not relevant to the
auditor’s thinking in this case.
40. Solution: d
a. Incorrect. See the explanation for option d., the correct option.
b. Incorrect. In the private sector, where revenues are based on exchanges, the customer is
assumed to have more freedom and influence. Laws and internal controls in the government
do not substitute for audits and other forms of accountability.
c. Incorrect. In fact, government auditors are encouraged to set lower dollar thresholds of
materiality (meaning auditors do more, not less, transaction testing, etc.).
d. Correct. Because the source of most revenue to governments is involuntary (e.g., taxes),
governments have a strong need to demonstrate integrity and openness. Thus, auditors have
a greater need to go beyond just consideration of quantitative factors to consider other
factors.
41. Solution: b
The logical flow of these four steps is option b. See The IIA’s CGAP Examination Study Guide,
Section III, Section A. Thus, options a., c., and d. are incorrect.
42. Solution: a
a. Correct. See The IIA’s CGAP Examination Study Guide, Section III, B.
b. Incorrect. These are not the four generic categories of performance measures.
c. Incorrect. These are references to customers and interested parties.
d. Incorrect. These terms relate to the activity-based costing methodology.
43. Solution: c
III-24
44. Solution: d
45. Solution: d
a. Incorrect. Refusals to take leave are not a measure of employee productivity. Being present
may not mean the person is productive!
b. Incorrect. Theory X has to do with a management view that employees are, by nature, lazy
and need to be coerced. This view by the auditor would not be relevant, since it is the
employee refusing to take leave.
c. Incorrect. The auditor would need to make a more comprehensive assessment to determine
whether the area is understaffed.
d. Correct. Refusal to be absent is a classical “red flag” or a potential integrity issue (e.g.,
fraud). See The IIA’s CGAP Examination Study Guide, Section III, Section F3.
46. Solution: c
47. Solution: d
III-25
48. Solution: b
a. Incorrect. This statement is true. See GAGAS paras. 7.24, 7.27, 7.65, and 7.69. If the data
is for background purposes only in the report, perhaps attribution may be used and less
extensive audit procedures may be needed.
b. Correct. This statement is not true. The auditor will have a different perspective if the data is
related to the audit objectives, findings, and conclusions (rather than only for background).
Also, see the explanation for option a.
c. Incorrect. This statement is true. See GAGAS para. 7.27c.
d. Incorrect. This statement is true. See GAGAS para. 7.65.
49. Solution: a
50. Solution: d
51. Solution: b
a. Incorrect. Answering this audit objective does not require criteria, cause, or effect.
b. Correct. The only element needed to answer this audit objective is condition, just
information — sometimes called a descriptive finding.
c. Incorrect. Answering this objective does not require criteria.
d. Incorrect. The audit objective can be answered as is.
52. Solution: d
III-26
53. Solution: c
54. Solution: c
55. Solution: a
56. Solution: d
a. Incorrect. A scatter diagram interprets data to determine the strength of the relationship
between two variables.
b. Incorrect. Force field analysis is a problem-solving model that identifies the opposing forces
that help or hinder the “closing of a gap.”
c. Incorrect. A control chart is a special type of line chart that can be used to identify and
define a problem, and the extent.
d. Correct. This is a correct description of Pareto Analysis.
57. Solution: d
III-27
58. Solution: c
59. Solution: b
a. Incorrect. This Latin phrase means “It does not follow.” Logical fallacy does not apply to
the auditor’s thinking in this case.
b. Correct. Slippery slope is an illogical approach that means “if A happens, then surely B, C,
etc. will follow.” In this case, the auditor has made this logical error, thinking that if there is
a problem with the radio, then surely there is a problem with the entire helicopter.
c. Incorrect. This Latin phrase means “It happened after, so it must be because of…” That
fallacy is not indicated.
d. Incorrect. False use of authority means someone only accepts the sources of authority that
enforce their viewpoint. No applicable in this case.
60. Solution: c
III-28
domAin iv — Government
AuditinG environment
1. Performance-based budgeting:
a. The Federal Accounting Standards Advisory Board (FASAB) sets accounting standards
for all levels of government.
b. The Governmental Accounting Standards Board (GASB) sets auditing standards for
government auditors at the state and local level.
c. The U.S. Government Accountability Office (GAO) does not unilaterally set accounting
standards, but does provide support for the FASAB.
d. The standard-setting processes are too detailed and specialized to lend themselves to public
comment periods.
3. Under the GASB model of performance measurement at the state and local levels of
government in the U.S., the term accomplishment refers to:
a. Nonfinancial inputs.
b. Outputs.
c. Outcomes.
d. Outputs and outcomes.
IV-1
6. A number of years ago, a county treasurer in the U.S. invested in derivatives, which resulted
in a major loss of public funds. Which of the following basic principles of public financial
management did the county treasurer violate?
a. Transparency.
b. Equity.
c. Prudence.
d. Probity.
7. Which of the following statements about types of government budgets is not true?
8. The public sector relies heavily on the fund accounting concept for financial reporting.
Which of the following characteristics about the term fund is least accurate?
9. Regarding particular types of funds used by state and local governmental units in the U.S.,
which of the following statements is not true?
a. Enterprise and internal service funds both involve identifying costs to be considered in setting
fees or prices.
b. Unless there is a compelling reason (e.g., legal requirement), state and local governments
use the general funds.
c. “Pass-through” funds are accounted for in debt service funds.
d. Special revenue funds are often used for federal grants.
IV-2
10. Requirements for state and local government accounting and reporting in the U.S. have
been significantly changed by GASB Statement #34. Under GASB#34:
a. Full accrual accounting is used for all activities in the entity-wide statements.
b. A new management discussion and analysis (MD&A) means that narrative material
previously required (in the CAFR) is no longer necessary.
c. Depreciation accounting is uniformly required for all capital assets, including infrastructure,
with no options.
d. Only one statement — statement of activities which reports expenses and revenues, and
focuses on net costs of functions is required at the entity level.
11. GASB has issued guidance on the preparation and publication of CAFRs. Which of the
following statements about the GASB requirement for CAFRs is not true?
12. In investing public funds, agency management faces a variety of restrictions. Which one of the
following statements most accurately describes such a restriction?
a. Laws may dictate that investments are to be made in “socially acceptable” (minority or
environmentally conscious) businesses, but would not include geographic restrictions.
b. Political factors are too arbitrary and, therefore, never cause restrictions.
c. Liquidity risk refers to the possibility of bankruptcy of a company in which there is an
investment of public funds.
d. The primary concern for safety in public investments tends to result in lower rates of return.
13. In the U.S., the federal government’s requirements for financial accounting and reporting
have been expanded and changed in the 1990s. All of the following requirements are
accurate except:
a. The federal government is required to use two types of accounting — budgetary and
proprietary.
b. Federal agencies are mandated by law to use a common general ledger.
c. Among the principal annual statements prepared is a Statement of Net Cost, reporting
costs by organizational unit and program (and ideally by output also).
d. To increase credibility, federal financial statements must be audited by private CPA firms.
14. Legal restrictions apply to the sources and uses of fund. In this regard, which of the following
statements is least accurate?
IV-3
a. Addresses whether obligations of budgetary resources are legal as to the (1) purpose, (2)
time, and (3) amount.
b. Is entirely independent of the U.S. Constitution.
c. Gives equal weight to authorizing legislation for federal programs as it does to the
appropriation legislation.
d. Gives a high-level official in the executive branch the final authority in determinations as to
the legality of obligations.
16. A primary disadvantage of delivering services by in-house government personnel (in lieu of
contracting out) is:
a. Government employees usually follow form over substance because of lack of understanding
program goals.
b. New programs require greater lead time due to existing assignments and resource allocations.
c. In-house delivery of programs has been proven to be more costly than contractor delivery.
d. Monitoring to assure uniform service delivery has been proven to be less effective when
services are delivered by government employees.
17. In considering grants to U.S. state and local governments from the federal level, advocates
of block grants would state that:
a. Block grants can more effectively address the nation’s specific policy goals.
b. Block grants are very similar to contracts in delivering services or completing projects.
c. Block grant use automatically assures effective competition.
d. Block grants allow a great deal of flexibility to states and localities.
18. Under which type of U.S. federal grant mechanism are there legally mandated levels and
restrictions on eligibility, with little or no discretion on the part of the grantor agency?
a. Formula.
b. Categorical.
c. Discretionary.
d. Project.
19. The delivery of government services is sometimes made through cooperative efforts. This
approach:
IV-4
20. Government auditors work in an environment that differs from the private sector, and may
therefore have different considerations. For example, in delivering services, the private sector’s
relationship with customers differs from the public sector’s relationship with citizens, because:
22. Government auditors sometimes audit social service programs under which parties receiving
services may not be required to pay (at least not in full) for those services. This imbalance
has received more oversight, public attention, and possible audit interest mostly because:
23. Assume a U.S. government auditor at the Commerce Department is assigned to audit a program
to increase U.S. exports, including tobacco products, to foreign countries, including less developed
countries. The same auditor is aware from prior audits at the U.S. Agency for International
Development (USAID) that USAID has programs in developing countries aimed at improved
health, including reduction in the use of tobacco. The auditor’s best approach would be:
IV-5
24. Government auditors may be asked to review the effectiveness of programs for “at risk”
populations, e.g., the homeless, individuals addicted to drugs, people with mental illness, etc. In
these types of audits, the auditor should:
a. Apply the same standards of effectiveness as for other programs because the taxpayer’s
money is being used and there must be accountability.
b. Recommend that the agency abandon efforts to track outcomes, and restrict measurement
to only outputs, because the outcomes are often long term.
c. Attempt to identify and report the variables that are beyond the control of management.
d. Not support the use of program evaluation by management since any conclusions from
evaluations would be too arbitrary.
a. A lottery ticket.
b. A driver’s license.
c. A building permit.
d. Greens fees at the city golf course.
a. Income tax.
b. Property tax.
c. User fees.
d. Sales tax.
27. Which of the following is (are) potential advantages of privatization of services performed
(owned) by the government?
IV-6
29. Generally, government agencies try to create a competitive environment in procuring goods or
services under contract. One component of a system for assuring adequate competition allows
unsuccessful bidders recourse to challenge the contract award process. That specific component
is called:
a. Sealed bids.
b. Award protest.
c. Evaluation of bids.
d. Publicizing the Request for Proposals (RFPs).
30. If the agency is uncertain about the times and amounts of goods or services it will need, the most
likely mechanism to use would be:
31. Government contract requirements typically include clauses related to all the following except:
a. Payments/billings.
b. Anti-kickback or non-bribery prohibitions.
c. Guaranteed program success.
d. Public policies.
32. Government auditors have added considerations because information they obtain and retain in
their workpapers (audit documentation) may be subject to laws that do not affect private sector
auditors. With which of the following statements regarding government auditors do you most
agree?
a. Because of the need for independence, auditors usually can disregard most exemptions
from public disclosure.
b. Auditors must be prepared to make their own final determination of what information might
affect national security (after hearing and considering client advice).
c. While confidential information may need to be destroyed or returned to a client, auditors
can safely assume no added requirements regarding the information are destroyed or
returned.
d. Auditors should be particularly alert to protecting information they obtain or use that may
have the potential of making telecommunications networks vulnerable to outsiders.
33. Under government contracts, which of the following are intended to assure “access” for small
businesses, minorities, women, or other specific groups?
a. Set-asides.
b. A multi-award contract.
c. A subcontracting opportunity.
d. All of the above are ways to assure access to the groups identified.
IV-7
34. Government entities must adhere to constraints on sanctions and firing of employees (sometimes
called “corrective discipline”). Which of the following statements about government corrective
discipline processes is true?
35. Read the following: “To promote, develop, and implement policy and programs that, with
communities and families, provide assistance during times of unemployment, and ensure the
safe and fair treatment of all people on the job.” This is most likely:
36. The performance data reported by governments should have certain qualitative characteristics. In
this regard, the quality of the characteristic of relevancy:
37. A higher level government office provides grant funds to 25 lower units of government for a
program to advocate “disability-friendly” policies and programs. The grant funds, on average,
add public funding of three to five percent to existing similar programs at the lower levels of
government. The biggest challenge in measuring performance would most likely be:
IV-8
38. A particularly difficult challenge in performance measurement and management in the govern-
ment is encountered when:
41. For a state library, assume the following descriptions of performance measures are used:
Which of the following sequences properly matches the terms to the five descriptions above?
42. Alignment is an important notion in planning performance measurement systems. Which of the
following represents the best depiction of items that need to be properly aligned?
IV-9
43. Consider the following: “Children will not live in poverty.” This statement is:
a. A mission statement.
b. A strategic objective.
c. A vision statement.
d. Unrealistic.
44. At the federal level of the U.S. government, the Statement of Budgetary Resources:
45. The type of government obligations in the U.S. that are backed by the full faith and credit
of the government are called:
46. Under modified accrual accounting, revenues are recognized when they are:
a. Earned.
b. Converted to cash or equivalent.
c. Measurable and available.
d. No longer restricted.
47. The primary difference between the terms benchmark and best practice is:
a. There is no difference.
b. Benchmarking represents a standard against which past or future performance can be
measured, and can include the organization’s previous objectives or performance, whereas
best practices come from other similar organizations.
c. Best practices derive from theoretical studies and assumptions about an ideal organization,
whereas benchmarking is based on comparison with real organizations.
d. Identifying best practices is the first step toward benchmarking.
IV-10
48. In a federal system, some political science literature refers to the idea that federalism is like
a marble cake. This reference is pointing out that:
a. In government programs, there is always some “stirring around,” and program managers
can feel like they are in a hot kitchen.
b. Contrasted with many private sector jobs, the public views government personnel as having
sweet jobs.
c. The lines between federal, state, and local levels of government are often blurred.
d. The founders of the federalism concept in the U.S. loved marble cake.
49. In the public sector, one major (but often legislatively imposed or related) entrenched impediment
to achieving program effectiveness is:
a. Internal controls.
b. Requirement for equal treatment to beneficiaries.
c. Internal regulations.
d. Fragmentation and overlap of programs.
50. At the state and local level of government in the U.S., funds use differing bases of accounting
(BA) and measurement focuses (MF). In this regard, the fund classification known as
proprietary uses:
IV-11
53. Which statement most accurately reflects the general notion of government accountability?
a. Government employees should be accountable for exhibiting a higher level of ethical and
moral behavior than others exhibit.
b. Government employees should be accountable for carrying out their duties to the best of
their abilities and in accordance with existing laws.
c. The public should be able to control the policies and behaviors of public organizations and
hold them answerable for what they do.
d. The public should be able to depend on government employees to carry out the laws and
formulate new laws consistent with the public’s will.
54. What should a written report disclosing the results of a performance audit that has assessed a
government program official’s accountability always contain?
56. You are a government contract auditor and believe fraud may be occurring in a program that is
“only somewhat” related to the major program being audited. How will you meet the requirement
of due care?
57. You have been asked to send a letter of recommendation to a prospective private sector employer
based upon your knowledge of the ability and character of an individual. To maintain your
professional integrity, under what circumstance should you use your official government title?
IV-12
58. For what primary reason should a chief financial officer (CFO) maintain budgetary control?
a. To prevent overspending.
b. To demonstrate accountability.
c. To facilitate year-end reporting.
d. To provide data for the general ledger.
59. Which is the most effective way to foster understanding and establish two-way communication?
60. What is important for modern government managers to understand about motivation?
62. If a government agency has been able to show an increase in the number of individuals of low
income levels who have housing, and those individuals also have better health, that would be
considered:
a. An increase in outputs.
b. An increase in outcomes.
c. An increase in efforts.
d. An increase in both outputs and outcomes.
IV-13
1. Solution: c
2. Solution: c
a. Incorrect. FASAB sets accounting standards for only the federal level.
b. Incorrect. GASB sets accounting — not auditing — standards for the state and local levels
of government.
c. Correct. GAO does not set accounting standards unilaterally, but is one of three sponsors
of FASAB, along with the Office of Management and Budget (OMB) and Treasury. Prior
to FASAB’s existence, GAO did set accounting principles.
d. Incorrect. FASAB’s “due process” (like GASB and the Financial Accounting Standards
Board [FASB]) allows a public comment period.
3. Solution: d
4. Solution: d
IV-15
5. Solution: a
a. Correct. Efforts refer to inputs, financial or nonfinancial; in this case, nonfinancial. (per the
GASB Service Efforts and Accomplishments [SEA] conceptual framework).
b. Incorrect. Morale is not an effort/input.
c. Incorrect. While an unqualified opinion is a good achievement, it is not an effort/input.
d. Incorrect. While a letter of recognition is a good achievement, it is not an effort/input. The
letter may be referred to in the unit’s Comprehensive Annual Financial Report (CAFR).
6. Solution: c
7. Solution: b
8. Solution: d
9. Solution: c
a. Incorrect. Enterprise (provides goods or services to the public) and internal service fund
(provides goods and services internally) do charge fees, so they identify costs.
b. Incorrect. The general fund is viewed as the default fund, unless there is a requirement to
use a different fund type.
c. Correct. “Pass-through” funds should be accounted for in an agency fund; debt service
funds accumulate funds to pay long-term debt (a logical name!).
IV-16
10. Solution: a
a. Correct. The entity-wide statements are prepared based on the accrual basis of accounting,
and the total economic resources measurement focus.
b. Incorrect. The introduction of the MD&A did not negate the other requirements for
narrative.
c. Incorrect. Under certain circumstances, an alternative (focused on condition) to depreciation
is permitted for infrastructure.
d. Incorrect. Two statements are required — the statement of activities and the statement of
net assets.
11. Solution: d
a. Incorrect. GASB suggests — does not mandate — CAFRs, but they are widely used.
b. Incorrect. The three sections of a CAFR are correctly identified.
c. Incorrect. For certain categories, 10 years’ information is reported.
d. Correct. GASB’s format permits/encourages inclusion of certificates of excellence.
12. Solution: d
13. Solution: d
a. Incorrect. The federal government uses both budgetary and proprietary accounting in its
external financial reports.
b. Incorrect. The Federal Financial Management Improvement Act of 1996 imposed three
statutory requirements, including the U.S. Standard General Ledger (issued by the Treasury
Department).
c. Incorrect. OMB’s “form and content” guidance includes a requirement of a Statement of
Net Costs, and FASAB SFFAS #4 requires cost accounting processes to identify costs by
program and output.
d. Correct. The CFO Act, as amended, assigns responsibility for financial statement audits to
the Offices of Inspector General, who contract out some audit work to CPA firms. GAO
audits the government-wide statements, and has the option of “stepping in” to audit the
statements of certain departments and agencies.
IV-17
14. Solution: d
15. Solution: a
a. Correct. The three primary considerations of legality of obligations are correctly identified
as purpose, time, and amount.
b. Incorrect. The U.S. Constitution is one foundation of federal appropriations law; it gives
Congress the “power of the purse” and requires reporting from “time to time.”
c. Incorrect. If there are differences between the authorization and appropriation acts, the
appropriations act prevails as to purpose, time, and amount. For other differences, there is
an attempt to harmonize.
d. Incorrect. Decisions on legality of obligations can be made by the U.S. GAO (in the
legislative branch) or even in the courts (the judicial branch).
16. Solution: b
17. Solution: d
IV-18
18. Solution: a
19. Solution: a
20. Solution: c
a. Incorrect. The private sector has a strong incentive to attempt to assure customer satisfaction,
in the interest of expanding sales.
b. Incorrect. The government — not the private sector — often must deal with rules of eligibility.
c. Correct. These two requirements are common for government organizations.
d. Incorrect. The private sector’s appeals process is generally more fluid than that process in
government organizations.
21. Solution: a
a. Correct. Issuance of audited financial statements is a way of “answering to the public” and
oversight bodies as to how monies are used.
b. Incorrect. This is an internal control technique and does not provide an answer to the public
and others.
c. Incorrect. This is an internal control technique and does not provide an answer to the public
and others.
d. Incorrect. This is an example of an inappropriate procedure.
IV-19
22. Solution: b
a. Incorrect. This would be a very judgmental reason for auditors to pursue. Programs
gain legislative and executive approval based on a judgment that there is a real need and
appropriate government role.
b. Correct. A very large percentage of the U.S. federal budget for entitlements (e.g., Social
Security, retirement, etc.) has received increased attention in the late 1900s and early 2000s.
c. Incorrect. While there are pressures from some groups to have citizens “pay their own way,”
the interest in entitlement growth has been even greater.
d. Incorrect. There is no real evidence that charitable organizations are concerned about
government competition with them.
23. Solution: d
a. Incorrect. The Commerce Department should not be criticized for running a program that
is part of its statutory mission.
b. Incorrect. The Commerce Department auditor may be exceeding his or her authority by
advising USAID, via its auditors, to deemphasize a program that may be within USAID’s
mission.
c. Incorrect. A “hands-off ” approach may be “safe” but not the most useful to legislative or
oversight bodies and stakeholders.
d. Correct. Recognition of the conflict is the most balanced and open approach. This approach
appropriately raises the issue, but does not become too judgmental.
24. Solution: c
25. Solution: d
IV-20
26. Solution: d
a. Incorrect. Income taxes are generally progressive, higher percentages for higher income
brackets. The wealthier pay more!
b. Incorrect. Methods of administration of property taxes vary considerably, but the general
idea is a higher amount for higher valued property — thus, not regressive.
c. Incorrect. User fees — generally you pay for the service you get.
d. Correct. Sales tax is usually a fixed percentage, regardless of income or wealth, and thus
viewed as regressive.
27. Solution: b
a. Incorrect. Relevant sources suggest fraud and corruption are equal or greater in the private
sector. So, this is not a clear advantage.
b. Correct. The private sector tends to have available and flexible resources, whereas government
personnel and resources are “assigned” and hard to shift in the short term.
c. Incorrect. Use of privatization puts the services at risk of being less consistently applied,
and thus there is not a greater assurance of actual delivery. (Government resources for
monitoring to assure consistency may not be available.)
d. Incorrect. In the view of many, due process is likely more at risk when programs are
privatized. Again, not a clear advantage.
28. Solution: d
a. Incorrect. Not the correct definition. Also, lack of the legislative branch is not very likely in
most governmental budget processes.
b. Incorrect. Not the correct definition and not very meaningful.
c. Incorrect. Not the correct definition and an unlikely situation.
d. Correct. This is the correct definition and the question almost answers itself!
29. Solution: b
a. Incorrect. Sealed bids are one way of assuring competition. They are not directly related to
the recourse mechanism for unsuccessful bidders.
b. Correct. Governments often have a mechanism and office to protest a bid award. One name
is a Board of Contract Appeals.
c. Incorrect. Evaluation of bids is one element in a sealed bid contract.
d. Incorrect. Governments often publicize Invitations for Bids (IFBs) and RFPs to reach
prospective bidders.
IV-21
30. Solution: a
a. Correct. This is the correct answer and the question almost answers itself!
b. Incorrect. Under the FFP contract, the purchasing office pays a fixed amount. The
contractor/seller is more at risk than the government. The FFP option is associated with
firm requirements and full competition.
c. Incorrect. This is not the mechanism to be used when there is uncertainty. In a cost-sharing
contract, the contractor does not receive a fee, but has other motivations to participate.
d. Incorrect. Fixed-price contracts can have an added feature where the amount to be paid
may be adjusted based on factors such as inflation.
31. Solution: c
Options a., b., and d. are discussed as typical clauses in government contracts in The IIA’s CGAP
Examination Study Guide, Section IV, F. Option c. is the exception and the correct answer.
32. Solution: d
a. Incorrect. Government auditors are not free to disregard exemptions from public disclosure.
Auditors must follow laws and regulations.
b. Incorrect. Government auditors must follow the laws and regulations regarding disclosures
that might affect national security. Auditors can and do have discussions and maybe even
negotiations in this regard.
c. Incorrect. Government auditors must follow the appropriate laws and regulations regarding
the handling or destruction of confidential information.
d. Correct. This is an appropriate statement of auditors’ responsibilities.
33. Solution: d
34. Solution: c
a. Incorrect. Supervisors must follow an established system and relevant rules, and assure that
subordinates are given “due process.”
b. Incorrect. The government’s corrective discipline processes address both performance and
behavior problems.
c. Correct. While generally progressive in nature, corrective discipline processes may lead to
immediate severe action (suspension) if a very serious infraction occurs (e.g., physical injury
to the boss).
d. Incorrect. While supervisors may sometimes wish to avoid dealing with the necessary
documentation, supervisors and managers have a responsibility to appropriately address
unproductive employees.
IV-22
35. Solution: c
36. Solution: b
37. Solution: d
a. Incorrect. Measuring outcomes could be a challenge, but the smallness of the program would
be a greater challenge.
b. Incorrect. There is no indication in the question that baseline data is lacking. While it could
be true, that is not stated to be the case.
c. Incorrect. Developing understandable measures could be a challenge, but the smallness of
the program would be a greater challenge.
d. Correct. Measuring the impact of an added three to five percent funding would be the
biggest challenge.
38. Solution: c
IV-23
39. Solution: c
40. Solution: a
41. Solution: b
The correct answer is b., per the Performance Measurement Concepts and Techniques by the Center
for Accountability and Performance. Options a., c., and d. are not proper matches. Definitions
are as follows: cost effectiveness = measure of cost per unit of outcome; benchmark = standard
against which past or future performance can be compared; output = units produced, etc.;
efficiency = resources per unit of output; outcome = results.
42. Solution: b
a. Incorrect. This presentation does not include the law (beginning) and measures (end).
b. Correct. This alignment goes from highest to lowest level. See Performance Measurement
Concepts and Techniques by the Center for Accountability and Performance.
c. Incorrect. These terms are not arranged in hierarchical alignment.
d. Incorrect. These terms are from the U.S. law titled the Government Performance and
Results Act, in logical order, but the presentation is not as complete as option b.
43. Solution: c
a. Incorrect. A mission is a concise statement of the unique, fundamental current and future
of an agency and its programs.
b. Incorrect. Strategic objectives are long-term (e.g., five years), and tend to have an outcome
(results) orientation. (Objectives should be measurable.)
c. Correct. Visions generally describe an organization’s preferred future, logically connected to
an organization’s mission but more idealistic and directive.
d. Incorrect. This is a meaningless response.
IV-24
44. Solution: c
45. Solution: b
a. Incorrect. There is no formal bond type with the name moral obligation.
b. Correct. A GO bond is backed by the full faith and credit of the government.
c. Incorrect. A double-barreled bond has more than one revenue stream.
d. Incorrect. A revenue bond relies on one revenue stream.
46. Solution: c
a. Incorrect. Revenue is recognized when earned under the accrual method, used in the private
sector and in the U.S. federal government.
b. Incorrect. Recognition of revenue upon receipt of cash is known as “cash accounting,”
which is not GAAP.
c. Correct. This statement is correct for modified accrual accounting, used by states and local
governments in the U.S.
d. Incorrect. The term “restricted” is unrelated to types of revenue recognition.
47. Solution: b
48. Solution: c
Options a., b. and d. are whimsical. Option c. is correct and refers to the political science view
of “blurred” lines between the three levels of government (like a marble cake swirled with white
and black colors). For example, city employees may be using resources from the state to adhere
to a federal law.
IV-25
49. Solution: d
a. Incorrect. If internal controls are properly designed, implemented, and monitored, they
should enhance effectiveness.
b. Incorrect. Equal treatment of beneficiaries is not an impediment.
c. Incorrect. Appropriate and streamlined regulations are not an impediment.
d. Correct. Fragmentation, overlap, and conflicting missions can be an impediment to
program effectiveness. (Example: Subsidies to tobacco farmers and health programs to stop
smoking.)
50. Solution: b
51. Solution: c
a. Incorrect. These operating costs are generally not a valid reason to incur debt.
b. Incorrect. These operating costs are generally not a valid reason to incur debt.
c. Correct. Building a needed building is generally a valid reason to incur debt.
d. Incorrect. These operating costs are generally not a valid reason to incur debt.
52. Solution: b
53. Solution: c
54. Solution: b
IV-26
55. Solution: c
a. Incorrect. Compliance with laws and regulations is not the same as objectivity.
b. Incorrect. Decisions based on available data are not objective.
c. Correct. This is an appropriate definition of objectivity.
d. Incorrect. Following prescribed responsibilities is not objectivity.
56. Solution: d
57. Solution: d
a. Incorrect. Relying solely on the working relationship would not show integrity.
b. Incorrect. Relying only on a friendship connection could clearly be seen as biased and
would lack integrity.
c. Incorrect. For the reasons discussed in options a. and b.
d. Correct. This is the most appropriate way to maintain professional integrity.
58. Solution: a
59. Solution: a
60. Solution: d
IV-27
61. Solution: c
62. Solution: d
IV-28