Professional Documents
Culture Documents
A
4. Characteristics defining persuasive evidence are
A. Professional, valid, reliable confidential
B. Reasonable, valid, absolute, statistical
C. Logical, factual, adequate, testimonial.
D. Relevant, reliable, sufficient, useful.
10. Which sampling plan requires no additional sampling once the first
error is found?
A. Stop-or-go sampling
B. Stratified sampling
C. Discovery sampling
D. Attributes sampling
16. Checklists used to assess audit risk have been criticized for all of
the following reasons except which one?
A. They decrease the uniformity of data acquisition.
B. The provide a false sense of security that all relevant factors are
addressed.
C. They are incapable of translating the experience or sound reasoning
intended to be captured by each item on the checklist.
D. They inappropriately imply equal weight to each item in the
checklist.
B
23. According to Implementation Guide 1210, “Proficiency,” when
assessing competency, the best way of checking on the reputation of
an outside service provider is to do which of the following?
A. Find out whether the service provider has a professional affiliation
with the board or management.
B. Call past clients to find out how satisfied they were with the service
provider’s work.
C. Determine whether the provider has a professional certification or
license.
D. Inquire as to the extent of other ongoing services the provider may
be performing for the organization.
24. In analyzing a control chart, the upper control limit (UCL) and a
lower control limit (LCL) shown
A. Are calculated from actual process measurements.
B. Indicate the desired state for process stability.
C. Provide theories of what should be happening.
D. Show patterns that are difficult to see in a simple table of
numbers.
26. The purpose of the internal audit activity can be best described as
A. Adding value to the organization.
B. Providing additional assurance regarding fair presentation of
financial statements.
C. Expressing an opinion on the adequate design and functioning of
the system of internal control.
D. Assuring the absence of any fraud that would materially affect the
financial statements
29. The IIA’s Code of Ethics requires internal auditors to perform their
work with
A. Honesty, diligence, and responsibility
B. Timeliness, sobriety, and clarity.
C. Knowledge, skills, and competencies.
D. Punctuality, objectivity, and responsibility.
32. Why does The IIA’s Code of Ethics in Rule of Conduct 4.2 requires
that due professional care be used in obtaining information to support
an engagement opinion?
A. Sufficient, reliable, relevant, and useful information lends credibility
to the opinion.
B. To preclude any conflict of interest.
C. To require honesty in performing work
D. If internal auditors were permitted to communicate engagement
results without obtaining sufficient information, they would be in a
position to accept fees or gifts from engagement clients.
A
33. Which one of the following must be included in the internal audit
charter?
A. Internal audit objectivity.
B. Internal audit responsibility.
C. Chief audit executive’s compensation plan.
D. Number of full-time internal audit employees deemed to be the
necessary minimum.
E. Number of full-time internal audit employees deemed to be the
necessary minimum.
36. The internal audit activity should be free to audit and report on
any activity that also reports to its administrative head if it considers
such coverage to be appropriate for its audit plan. Any limitation in
scope or reporting of results of these activities should be brought to
the attention of the
A. Chief executive officer.
B. Chief financial officer.
C. External auditor.
D. Board and senior management.
D
38. Which of the following is responsible for determining the
appropriate levels of education and experience needed for the internal
audit staff?
A. Human resource manager.
B. Chief audit executive.
C. Chief executive officer.
D. Chief financial officer.
48. Which of the following statements best describes the relationship
between planning and controlling?
A. Planning looks to the future; controlling is concerned with the past.
B. Planning and controlling are completely independent of each other.
C. Planning prevents problems; controlling is initiated by problems
that have occurred.
D. Controlling cannot operate effectively without the tools provided by
planning.
50. Of the following, which is the most efficient source for an auditor
to use to evaluate a company’s overall control system?
A. Control flowcharts.
B. Copies of standards operating procedures.
C. A narrative describing departmental history, activities, and forms
usage.
D. Copies of industry operating standards
53. There are three (3) types of Standards. Which standards apply to
the characteristics of providers of internal auditing services?
A. Performance Standards
B. Attribute Standards
C. Implementation Standards
D. All of the above Standards
59. Which of the following is not true about the relationship between
internal auditors and external auditors?
A. CAE has oversight responsibility over the work of external auditors
B. They may periodically meet to discuss matters of mutual interest
C. They may exchange management letters & internal audit reports
D. CAE may provide audit programs & work papers to external
auditors
C
68. An internal auditor discovers that a cashier is embezzling funds
from the company. This is the first case of embezzlement he has
encountered, and decides to interrogate the suspect. If the internal
auditor is violating The IIA’s Code of Ethics, what rule is he most likely
violating?
A. Failing to comply with the law
B. Lack of loyalty to the company
C. Failure to exercise due diligence
D. Lack of competency in this area
69. To avoid causing conflict between top management and the audit
committee, the CAE should:
A. Submit copies of all audit reports to both top management & the
audit committee
B. Strengthen the independence of the department through
organization status
C. Discuss all reports to top management with the audit committee
first
D. Request Board approval of policies that include internal auditing
relationships with the audit committee
74. According to the ISPPIA, the independence of the internal auditing
department is achieved through:
A. Staffing and supervision
B. Continuing professional development and due professional care
C. Human relations and communications
D. Organizational status and objectivity
75. When faced with an imposed scope limitation, the CAE should
A. Refuse to perform the audit until the scope limitation is removed
B. Communicate the potential effects of the scope limitation to the
Audit Committee and Board of Directors
C. Increase the frequency of auditing the activity in question
D. Assign more experienced auditors to the engagement
82. As part exercising due professional care, the auditor would follow
up to assure which of the following actions by the client?
A. The internal auditor follows up to ascertain that the client has
considered the audit findings and has taken reasonable actions likely
to result in more appropriate diversity percentages.
B. The internal auditor follows up to ascertain that the client’s post-
audit actions have brought into alignment with the desired diversity
specifications of the organization.
C. The internal audit follows up to ascertain that the objectives of the
audit were fulfilled by the client’s actions in response to the final
report.
D. The internal auditor follows up to ascertain in that client has
implemented all recommendations.
92. Which of the following factors has the least amount of influence
when judging an internal audit department’s independence?
A. Impartial and unbiased audit judgments
B. Relationship between audit working papers and audit report
C. The extent of auditor training in communications skills
D. Criteria used in making auditor assignments
93. Which of the following best represents one of the main purposes
of an IA activity’s overall quality assurance and improvement program?
A. To determine the adequacy and effectiveness of the organization’s
internal controls.
B. To assess the IA activity’s conformity to best practices.
C. To provide assurance that the IA activity conforms to the Standards
and Code of Ethics.
D. To determine the extent of the organization’s and IA activity’s use
of advanced information technology.
94. The IIA Standards require the internal audit director establish and
maintain a quality assurance program to evaluate operations of the
internal audit department. All of the following are considered
elements of a QA program except:
A. Annual appraisals of individual auditors’ performance.
B. Internal reviews of audits completed.
C. Supervision of audit work
D. External reviews to assess compliance with standards.
B
97. Quality program assessments may be performed internally or
externally. A distinguishing feature of an external assessment is its
objective to:
A. Identify tasks that can be performed better.
B. Determine whether internal auditing services meet professional
standards.
C. Set forth recommendations for improvement.
D. Provide independent assurance.
99. Assessment of a quality assurance and improvement program
should include evaluation of all of the following except
A. Adequacy of the oversight of the work of external auditors.
B. Conformance with the Standards and Code of Ethics.
C. Adequacy of the internal audit activity’s charter.
D. Contribution to the organization’s governance processes
102. Internal auditors may report that their internal audit activities are
conducted in accordance with the Standards. They may use this
statement only if
A. They demonstrate compliance with the Standards.
B. An independent external assessment of the internal audit activity is
conducted annually.
C. Senior management or the board is accountable for implementing a
quality program.
D. External assessments of the internal audit activity are made by
external auditors.
109. The actions taken to manage risk and increase the likelihood that
established objectives and goals will be achieved are best described as
A. Supervision.
B. Quality assurance.
C. Control.
D. Compliance
110. Two organizations have recently merged. The audit committee
has asked the internal auditors from both organizations to assess risks
that should be address after the merger. One manager has suggested
that the engagement teams jointly examine the organization
culture and the “tone at the top” to identify control risks
associated with the proposed merger. Which of the following
statements is true?
A. The organizational culture is not a part of the control environment
and therefore should not be considered for a proposed engagement.
B. Although the organizational culture could be considered part of the
control environment, the assessment of such an environment would
be highly subjective and therefore not useful.
C. Differences in the organizational culture should be systematically
identified because the differences may present major risks to the
success of the merger. However, identifying differences is not an
appropriate activity because it is political and subjective.
D. None of the answers are correct.
A
121. An adequate and effective system of internal control provides
reasonable assurance that objectives and goals will be achieved.
Controls may be preventive, detective, or directive. Which of the
following is a detective control for the procurement function?
A. Goods received are counted and compared with quantities on
purchase order and receiving reports.
B. The procurement function is organizationally separate from
receiving, disbursing, and accounting.
C. Review and approval of each procurement action is required prior
to the final issuance of a purchase order.
D. Pre-numbered standard purchase order forms include all relevant
terms required to be used in all applicable instances.