1.The IIA definition of internal auditing
Value, cost, and benefit propositions
emphasized the effectiveness of which of the
following?
2. The primary objective of internal auditing is
to:
3. From a modern internal auditing
perspective, which one of the following
statements represents the most important
benefit of an internal audit department to
management of the company?
4. According to IIA standards, auditor should
possess proficiency in:
5. The standards consists of three types.
Which standards apply to the characteristics
of organization and parties providing auditing
services?
6.Which of the following items contribute to
the new CAE's independence ?
a.
b. Inherent risk, residual risk, and total
risk
c. Risk management, control,
governance process
d. Purpose, nature, and scope of work
a. Helps the employees of the company
effectively perform their jobs
b. Find errors and fraud within the
company
c. Provide opinion about the accuracy
and completeness of the quarterly
financial statements
d. Perform the preliminary work of
external financial statement audit
a. Assurance that the organization is
complying with legal requirements
b. Assurance that fraudulent activities
will be detected
c. Assurance that there is reasonable
control over day to day operations
d. Assurance that published financial
statements are correct
a. Management principles
b. The fundamentals of such subject as
accounting, economics, and finance
c. Applying internal auditing standards,
procedures, and techniques
d. Computerized information systems
a. Implementation standards
b. Attribute standards
c. Performance standards
d. Independence standards
a. The establishment of the internal
auditing department is documented in
corporate by-laws.
b. Legislated internal auditing
requirements in country X.
c. The fact that the CAE will report to the
audit committee of the board of
directors.
d. The fact that the CAE ….be Certified
Internal Auditor (CIA).
7. According to IIA Standards, the
independence of internal auditor is achieved
through:
8. A primary purpose of establishing a code
of conduct within the professional
organization is to:
9. A new staff auditor has been assigned to
an audit of the cash management operations
of the organization. The staff auditor has no
background in cash management and this is
the auditor’s first audit. Under which of the
following conditions would the internal
auditing department be in compliance with
the Standards regarding knowledge and
skills?
10. The internal auditor should exercise due
professional care in conducting a formal
consulting engagement by understanding all
of the following except:
11. The CAE is responsible for establishing a
program to develop the human resources of
the internal activity. This program should
include
a. Staffing and supervision.
b. Continuing education and due
professional care
c. Human relations and communications.
d. Organizational Status and Objectivity.
a. Reduce the likelihood that members
of the profession will be sued for
substandard work
b. Ensure that all members of the
profession perform at approximately
the same level of competence
c. Promote an ethical culture among
professionals who serve others
d. Require members of the profession to
exhibit loyalty in all matters pertaining
to the affairs of their organization
I. The senior auditor is skilled in the
area and closely supervises the staff
auditor.
II. The staff auditor performs the work
and prepares a report that is reviewed
in detail by the director of audit.
III. Not enough information is given.
IV. None of the above,
a. I.
b. II.
c. III.
d. IV.
a. Possible motivations and reactions of
those requesting the service.
b. Potential impact on future audit
assignments and department
engagement.
c. Potential benefits in the form of
compensation to be derived from the
engagement.
d. Skills and resources needed to the
conduct of the engagement.
a. Continuing educational opportunities
and performance appraisals.
b. CAn established training plan and a
charter.
c. Job descriptions and competitive
salary increase.
d. Counseling and an established career

12. The internal auditing department for a
chain of retail stores recently concluded an
audit sales adjustments in all stores in the
southeast region. The audit revealed that
several stores are costing the company an
estimated $85,000 per quarter in duplicate
credits to customers charge accounts. The
audit report, published eight weeks after the
audit was concluded, included the Inter
auditors recommendation to store
management thatbshould prevent duplicate
credits to customer's account.
Which of the following standrds for reporting
has been disregarded in the above case.
13.According to the IIA standards , internal
auditing has a responsibility for helping to
determine fraud.Which of the following best
describes how this responsibility is generally
met?
14, The IIA standards require that the internal
auditing department provide assurance that
internal audits are properly supervised in
order to:
15. The person responsible for audit report
distribution should be:
16. Which action should the CAE take when
(s)he believes that senior management has
accepted the level of residual risk that is
unacceptable to the organization?
path.
a. The follow-up actions were not
adequate
b. The auditors should have
implemented appropriate corrective
action as soon as the duplicate credits
were discovered
c. Auditor recommendation should not
be included in the report
d. The report was not timely
a. By coordinating with security
personnel and law enforcement
agencies in the investigation of
possible frauds.
b. By testing for fraud in every audit and
following up as appropriate .
c. By assisting in the design of control
systems to prevent fraud.
d. By evaluating the adequacy and
effectiveness of controls in light of the
potential exposure or risk.
a. Produce professional audits of
consistently highly quality.
b. Assure high productivity of audit
reporting.
c. Provide for the efficient training of the
audit staff.
d. Determine that the audit program is
followed without deviation.
a. The chief audit executive or designee.
b. The audit committee of the board of
directors.
c. The vice president responsible for the
area being audited.
d. The audit supervisor of the audit being
performed.
a. Report the matter to the board for
resolution
b. Report the matter to an external
authority

17. Which of the following statements is an
engagement objective?
18. Internal auditors may report that their
activities are conducted in accordance with
the standards.
They may use this statement only if
19. Internal auditing is responsible for
reporting fraud to senior management or the
board when:
20. A quality of information is support
engagement observations and
recommendations and its consistent for the
objectives of the engagement.
21. Which performance standard number
emphasizes the qualities of communication?
22. Which of the following best define an
audit opinions?
c. Discuss the matter with the external
auditors
d. Discuss the matter with the senior
management
a. Evaluate whether the cash receipts
are adequately safeguarded
b. Observe the deposit of the day’s
receipt
c. Recompute each month’s bank
reconciliation
d. Analyze the pattern of each cash
shortage
a. External assessments of the internal
are made by the external auditors
b. Senior management or the board is
accountable for implementing a
quality program
c. An independent external assessment
of the internal audit activity is
conducted annually
d. The demonstrate compliance with the
standards
a. The incidence of fraud of a material
amount has been established to a
reasonable certainty
b. Suspicious activities have been
reported to internal auditing
c. Irregular transactions has been
identified and are under investigation
d. The review of all suspected
fraud-related transactions is complete
a. Sufficient
b. Reliable
c. Relevant
d. Useful
a. 2420
b. 2020
c. 2200
d. 2310
a. A summary of the significant audit
findings
b. The auditor’s professional judgment of
the situation that was reviewed
c. Conclusions that must be included in
 the audit report
d. Recommendations for corrective
action

23. The director of internal auditing a. Actions 2,3, and 4

organizations was concerned that b. Action 4 only
management might outsource the internal c. Action 2 and 3 only
auditing function. Therefore, the manager d. None of the actions
adopted a very aggressive program to
promote internal auditing department within
the organization. The manager plan to
present the results to management and the
audit committee and recommend modification
of internal audit charter after using a new
program. Six actions the audit manager took
to promote a positive image within the
organization are listed next.

1. Audit assignments concentrated on

economy and efficiency audits. The
audits focused solely on cost savings,
and each audit report highlighted
potential cost to be save. Negative
findings were omitted. The focus on
economy and efficiency audits was
new, but the auditees seemed very
happy.
2. Draft of all audit reports were carefully
reviewed with auditees to get their
input. Their comments was carefully
considered when developing the final
audit report.
3. The information technology auditor
participated as part of a development
team to review the control procedures
to be incorporated into a major
computer application under
development.
4. Given limited resources, the audit
manager performed a risk analysis to
determine which locations to audit.
This was a mark departure from the
previous approach of ensuring that all
operations are viewed in at least a
three-year interval.
5. In order to save time, the manager no
longer required that a standards
internal control questionnaire be
complete for each audit.
6. When the auditors found that
 management and the auditee had not
developed specific criteria or data to
evaluate the operations of the auditee,
the audit team was instructed to
perform research, developed specific
criteria, review the criteria with the
auditee, and if acceptable, use it to
evaluate the auditee’s operations. If
the auditee disagreed with the criteria,
a negotiations took place until
acceptable criteria could be agreed
upon. The audit report commented on
the auditee’s operations in
conjunctions with the agreed-on
criteria.
Considering Actions 2, 3, and 4 that were
taken, which would be considered a violation
of the IIA Standards?

24. The IIA of Ethics requires IIA members to a. Honesty, diligence and responsibility
exercise three particular qualities int the b. timeliness , sobriety and clarity
performance of their duties. These three c. Knowledge, skills and discipline
qualities are: d. Punctuality, loyalty and dignity

25. Regarding communications of results of a. Audit standards

the external assessments of an internal b. Audit Charter
audit’s activity, the difference between c. Code of ethics
“conformance” and “partial conformance” is d. Definition of internal auditing
specifically related to which of the following?

26. According to the IIA Standards, activity
reports submitted per board should:
a. Summarized planned audit activities
b. Compare performance with the audit
work shed
c. Provide detail on financial budgets
d. Detail projected staffing needs

27. The corporation believed warrants the
establishment of an internal auditing
department. Country X has legislated internal
auditing requirements for government-owned
companies. The company changed the
corporate by-laws to reflect the establishment
of the internal auditing department. The
directors decided that the chief audit
executive (CAE) must be a Certified Internal
Auditor (CIA) and will report directly to the
newly established audit committee of the
board of directors. Which of the items
discussed above will contribute the most to
the new CAE’s independence?
a. The establishment of the internal
auditing department is documented in
corporate by-laws
b. Legislated internal auditing
requirements in Country x.
c. The fact that the CAE will report to the
audit committee of the board of
directors.
d. The fact that the CAE is to be a
Certified Internal Auditor (CIA)
28. According to the IIA Standards, an
internal auditing should possess efficiency in
29. You are the chief audit executive of a
parent company that has foreign subsidiaries.
Independent external audits perform for thre
parent company are not conducted by the
same firm that conducts the foreign
subsidiary audits. Since the department
occasionally provides direct assistance to
both external firms, you have copies of audit
progras and selected working papers
produced by each firm. The foreign
subsidiary’s audit firm wants to rely on audit
of a function at the parent company. The audit
was conducted by the internal auditing
department. To place reliance on the worked
performed, the foreign subsidiary’s auditor
have requested copies of the working papers.
Select the most appropriate response to the
foreign subsidiary’s auditors:
30. An accounting association established a
code of ethics for all members. Identify the
association’s primary purpose for establishing
the code of ethics.
31. A new staff auditor has been assigned to
an audit of the cash management operations
of the organization. The staff auditor has no
background in cash management, and this is
the auditor’s first audit. Under which of the
following conditions with the internal auditing
department be in compliance with the
Standards regarding knowledge and skills?
32. When evaluating the independence of an
internal audit department, quality review team
a. Management principles
b. The fundamentals of such objects as
accounting, economics, and finance.
c. Computerized information systems
d. Applying internal auditing standards,
procedures, and techniques
a. Provide copies of the working papers
b. Ask the parent company’s audit firm it
it is appropriate to release the working
papers
c. Ask the audit committee for
permission to release the working
paper
d. Refuse to provide the working papers
under any circumstances
a. To outline criteria for professional
behavior to maintain standards of
competence, morality, honesty, and
dignity within the association.
b. To establish standards to follow for
effective accounting practice
c. To provide a framework within which
accounting policies could be
effectively developed and executed.
d. To outline criteria that can be utilized
in conducting interviews of potential
new accountants
a. I
b. II
c. III
d. IV
a. Criteria used in making auditors
assignments
considers several factors. Which of the
following factors has the least amount if
influence when judging an internal audit
department’s independence?
33. Which of the following could be an
organizational factor that might adversely
affect the ethical behavior of the chief audit
executive(CAE)?
34. According to the IIA standards, internal
auditing has a responsibility for helping to
prevent fraud. Which of the following best
describes how the responsibility is generally
met?
35.According to IIA Organizational
Independence Standard, which of the
following is not a part of functional reporting
to the board?
36. An internal auditor reported a suspected
fraud to the chief audit executive (CAE). The
CAE turned the entire case over the security
department. Security failed to investigate or
report the case to management. The
prepetrator continued to defraud the
organization until being accidentally
recovered by a line manager two years later.
Select the most appropriate action for the
CAE.
37. As an internal auditor to a multinational
chemical company , you have been assigned
to perform an operational audit at local plant.
This plant is similar in age ,sizing and
b. The extent of auditor training in
communication skills
c. Relationship between audit working
papers and audit report
d. Impartial and unbiased audit judgment
a. The CAE reports directly to an
independent audit committee of the
board of directors.
b. The CAE is not assigned any
operational responsibilities.
c. The CAE may not be appointed or
approved without concurrence of the
board of directors.
d. CAE’s annuaThe l bonuses are based
on dollar recoveries or recommended
future savings as a result of audits.
a. By coordinating with security
personnel and law enforcement
agencies in the investigation of
possible frauds
b. By testing for fraud in every audit and
following up as appropriate
c. By assisting in the design of control
systems to prevent fraud
d. By evaluating adequacy and
effectiveness of controls in light of the
potential exposure of risk
a. Audit Charter
b. Audit risk assessment
c. Audit budgets
d. Audit Plan
a. The CAE’s actions were correct
b. The CAE should have checked the
status of the case with security
c. The CAE should have the
investigation
d. The CAE should discharged the
penetrator
a. You have no responsibility; it is the
concern of the appropriate
governmental agency
b. You are responsible for ensuring
construction to two other company plants that
have been recently cited for discharges of
hazardous wastes. In addition, you are aware
that chemicals manufactured at the plant
release toxic by-products .Identify your
responsibility by detection of hazardous
waste discharged problem..
compliance with company policies and
procedures.
c. Operational audits do not require a
determination of compliance with laws
and regulations.
d. You are required by the standards to
determine compliance with laws and
regulations

38. While performing an operational audit of
the firm’s production cycle, an internal auditor
discovers that, in the absence of specific
guidelines, some engineers and buyers
routinely accept vacation trips paid by certain
of the firm’s vendor. Other engineers and
buyers will not accept even a lunch paid by
the vendor. Which of the following actions
should the internal auditor take?
a. None. The engineers and buyers are
professionals. It is inappropriate for an
internal auditor to interfere in what is
essentially a personal decision.
b. Informally counsel the engineers and
buyers who accept the vacation trips.
This helps present the possibility of
kickbacks while preserving good
auditor/auditee relations.
c. Formally recommend that the
organization establish corporate

39. Which of the following adds value to the a. Governance processes

others? b. Risk management processes
c. Internal audit activities
d. Control processes

40. Which of the following comments are a. I only

correct regarding the assessment of risk b. II only
associated with two projects that are c. III only
competing for limited audit resources? d. I and III only

I. Activities that are requested by the

audit committee should always be
considered higher risk that those
requested by the management
II. Activities with higher dollar budgets
should always be considered higher
risk than those with lower dollar
budgets
III. Risk should always be measured by
the potential dollar or adverse
exposure to the organization