IIA-CIA-Part1 exam

Applying ISO 31000, which of the following is part of the external context for risk management?A . Risk treatment method based on risk evaluation. B. Organizational culture, objectives, and processes. C. The regulatory and competitive environment D. The method of determining the risk level.View AnswerAnswer: C

While auditing an organization's credit approval process, an internal auditor learns that the organization has made a large loan to another auditor's relative. Which course of action should the auditor take?A . Proceed with the audit engagement, but do not include the relative's information. B. Have the chief audit executive...

In which of the following ways could stakeholders be engaged in corporate social responsibility efforts?A . Investigation of health and safety incidents. B. Auditing of controls and management systems. C. Communication of disclosures and external reporting, D. Involvement in focus groups and complaint managementView AnswerAnswer: C

In which of the following ways can a chief audit executive demonstrate to the board that the internal audit activity collectively possesses all of the skills needed to complete its annual goals?A . Involve board members in hiring activities and request advice. B. Require all internal audit staff to complete...

The board of a newly established organization was discussing the contents of the draft internal audit charter One board member suggested adding to the charter an obligation for the internal audit activity to develop controls in business procedures. The board member explained that the new organization needs professional-level developers, internal...

A chief audit executive (CAE) has no direct access to the board. According to IIA guidance, which of the following is the most appropriate way for the CAE to react?A . Ensure all subsequent audit reports include a disclaimer as to the lack of access to the board, B. Focus...

A multinational organization has asked the internal audit activity to assist in setting up the organization’s risk management system. The chief audit executive (CAE) agrees to take on the engagement as a consultant. Which of the following tasks is appropriate for the CAE to undertake?A . Coordinate and facilitate risk...

According to NA guidance, which of the following conditions would enhance the independence of the internal audit activity?A . The organizational culture rewards critical and objective thinking. B. The quality of work performed by the internal audit activity is periodically reviewed, C. The organization establishes effective governing body oversight, D....

Management would like to self-assess the overall effectiveness of the controls in place for its 200-person manufacturing department. Which of the following client-facilitated approaches is likely to be the most efficient way to accomplish this objective?A . Workshops. B. Surveys. C. Interviews. D. Observation.View AnswerAnswer: B

Identify and mitigate risks to help meet the CSR program objectives.A . 1,2, and 3, B. 1 2, and 4. C. 1, 3, and 4. D. 2, 3, and 4.View AnswerAnswer: A