IIA-CIA-Part1 exam

Which of the following activities is most likely to require a fraud specialist to supplement the knowledge and skills of the internal audit activity?A . Planning an engagement of the area in which fraud is suspected.B . Employing audit tests to detect fraud.C . Interrogating a suspected fraudsterD . Completing...

A snow removal company is conducting a scenario planning exercise where participating employees consider the potential impacts of a significant reduction in annual snowfall for the coming winter. Which of the following best describes this type of risk?A . Residual.B . Net.C . Inherent.D . Accepted.View AnswerAnswer: C Explanation: Inherent...

Which of the following is an example of a directive control?A . Segregation of duties.B . Exception reports.C . Training programs.D . Supervisory review.View AnswerAnswer: C Explanation: Training programs are an example of directive controls as they are designed to direct staff behaviors towards compliance with organizational policies and procedures....

Which of the following processes does the board manage to ensure adequate governance?A . Establish and measure performance objectives for the internal audit activity.B . Select board members with necessary knowledge and skills.C . Develop, approve, and execute the strategic plan of the organization.D . Develop strategies to mitigate the...

Which of the following is an example of a detective control?A . Automatic shut-off valve.B . Auto-correct software functionality.C . Confirmation with suppliers and vendors.D . Safety instructions.View AnswerAnswer: C Explanation: An example of a detective control is confirmation with suppliers and vendors. This control involves verifying transactions after they...

During a payroll audit, the internal auditor discovered that several individuals who have the same position classification as he are earning a significantly higher salary. The auditor noted the names and amounts of each, and he planned to prepare a request to the chief audit executive for a salary increase...

Senior management has decided to adopt the key principles approach of the ISO 31000 risk management framework. According to IIA guidance, which of the following principles is most appropriate when implementing the risk management process in a dynamic agency?A . Everyone in the agency has a primary responsibility for identifying...

The board of a newly established organization was discussing the contents of the draft internal audit charter One board member suggested adding to the charter an obligation for the internal audit activity to develop controls in business procedures. The board member explained that the new organization needs professional-level developers, internal...

Which of the following resources would be most effective for an organization that would like to improve how it informs stakeholders of its social responsibility performance?A . ISO 26000.B . Global Reporting Initiative.C . Open Compliance and Ethics Group.D . COSO’s enterprise risk management frameworkView AnswerAnswer: B Explanation: The Global...

Management assessed the organization’s risk of expanding operations into a new, but volatile, region and began looking for a compatible local partner to manage sales and distribution. Which of the following best describes this risk management technique?A . Avoidance.B . Acceptance.C . Reduction.D . SharingView AnswerAnswer: D Explanation: The risk...