IIA-CIA-Part1 V1

A chief audit executive (CAE) has no direct access to the board. According to IIA guidance, which of the following is the most appropriate way for the CAE to react?A . Ensure all subsequent audit reports include a disclaimer as to the lack of access to the board, B. Focus...

A multinational organization has asked the internal audit activity to assist in setting up the organization’s risk management system. The chief audit executive (CAE) agrees to take on the engagement as a consultant. Which of the following tasks is appropriate for the CAE to undertake?A . Coordinate and facilitate risk...

According to NA guidance, which of the following conditions would enhance the independence of the internal audit activity?A . The organizational culture rewards critical and objective thinking. B. The quality of work performed by the internal audit activity is periodically reviewed, C. The organization establishes effective governing body oversight, D....

Management would like to self-assess the overall effectiveness of the controls in place for its 200-person manufacturing department. Which of the following client-facilitated approaches is likely to be the most efficient way to accomplish this objective?A . Workshops. B. Surveys. C. Interviews. D. Observation.View AnswerAnswer: B

Identify and mitigate risks to help meet the CSR program objectives.A . 1,2, and 3, B. 1 2, and 4. C. 1, 3, and 4. D. 2, 3, and 4.View AnswerAnswer: A

Which of the following actions should the internal audit activity take during an audit engagement when examining the effectiveness of risk management processes?A . Evaluate how the organization manages fraud risk. B. Establish procedures for improving risk management processes. C. Ensure risk responses are aligned with industry standards. D. Verify...

Which of the following best demonstrates that the internal audit activity is using due professional care?A . The internal audit activity reports directly to the board on the engagements it performs. B. Internal auditors undertake the necessary training to complete their audit work. C. The completion of engagements is based...

Senior management has decided to adopt the key principles approach of the ISO 31000 risk management framework. According to IIA guidance, which of the following principles is most appropriate when implementing the risk management process in a dynamic agency?A . Everyone in the agency has a primary responsibility for identifying...

Which of the following would be considered a monitoring activity in organization wide risk management?A . Validate the results of management's self-assessment. B. Perform reviews of personnel. C. Maintain rigorous and comprehensive documentation. D. Obtain authorizations and signatures.View AnswerAnswer: A

In which scenario might it be considered problematic for the chief audit executive (CAE) to provide assurance services over the payroll function?A . The CAE previously undertook a consulting assignment in that area to improve processes, B. A couple of years ago, the CAE performed accounting functions for the payroll...