IIA-CIA-PART1 Online Practice Questions and Answers

Which of the following would be the most useful in developing an annual audit plan?

A. General purpose audit software.

B. Voting software and hardware.

C. Flowcharting and data capture software.

D. Risk assessment software.

A chief audit executive (CAE) is obtaining information required by a regulatory oversight body and discovers a situation that requires management to take immediate corrective action. What is the best course of action for the CAE to take?

A. Wait until all of the information has been gathered and reported to the oversight body before reporting the situation to management.

B. Check with legal counsel to determine whether the situation can be reported to management before all information has been submitted to the oversight body.

C. Report the situation to management immediately.

D. Schedule an engagement to explore the situation in depth, before reporting to either management or the oversight body.

Which of the following would be a violation of the objectivity of a certified internal auditor?

1.

Accepting a motivational book from a major vendor.

2.

Attending a professional sporting event as the guest of a corporate supplier.

3.

Performing an internal audit engagement for a division 18 months after having controllership responsibility for that division.

4.

Designing and implementing a corporate-wide utilities cost containment program.

A. 1 and 3 only

B. 2 and 3 only

C. 2 and 4 only

D. 1, 3, and 4 only

A receiving department receives copies of purchase orders for use in identifying and recording inventory

receipts.

The purchase orders list the name of the vendor and the quantities of the materials ordered.

A possible error that this system could allow is:

A. Payment to unauthorized vendors.

B. Payment for unauthorized purchases.

C. Overpayment for partial deliveries.

D. Delay in recording purchases.

A chief audit executive (CAE) is planning to issue an annual report concluding on the overall effectiveness of the organization's internal control system. According to the Standards, which of the following is likely the most significant challenge facing the CAE when creating the report?

A. The opinion must include difficult to measure risks such as the risks of management override of controls, and collusion among dishonest personnel.

B. The opinion is dependent on complex analyses of numerous internal audit engagements carried out over the prior year.

C. The opinion is only issued once a year, limiting its usefulness.

D. Assessing control effectiveness is complicated by inherent risks.

Which of the following is an example of a preventive control activity for risk related to pollution caused by waste disposal?

A. Offering an education program delivered by environmental experts.

B. Maintaining strict security around environmental department files.

C. Seeking legal consultation from a firm with experience in environmental law.

D. Taking periodic samples of the area at risk and logging the results.

During an account receivables audit, an internal auditor found a significant number of input errors resulting in a $500, 000 balance understatement.

Which of the following is the most important question the internal auditor should ask to develop an appropriate recommendation for this finding?

A. Who?

B. How?

C. Why?

D. When?

An internal auditor notes that employees are able to download files from the internet. According to IIA guidance, which of the following strategies would best protect the organization from the risk of copyright infringement and licensing violations resulting from this practice?

A. Apply antivirus and patch management software.

B. Utilize dedicated and encrypted network connections.

C. Install a software inventory management application.

D. Utilize secure socket layer encryption.

Which of the following is a second line of defense in effective risk management and control?

A. Purchasing department.

B. Compliance department.

C. Credit department.

D. Internal audit department.

An internal auditor is using a spreadsheet application to review a cash flow forecast prepared by management.

Which of the following correctly identifies the type of evidence this information represents?

A. Competent, corroborative evidence of future working capital requirements.

B. Sufficient, analytical evidence of the cash flow position at a given point of time in the future.

C. Competent, documentary evidence of future cash flow changes within the organization.

D. Sufficient, circumstantial evidence of the future solvency of the organization.