
Certified Internal IIA-CIA-Part2 Dumps | Updated Sep 25, 2021 - ActualPDF
Master 2021 Latest The Questions Certified Internal and Pass IIA-CIA-Part2 Real Exam!
NEW QUESTION 92
An organization's board would like to establish a formal risk management function and has asked the chief audit executive (CAE) to be involved in the process. According to IIA guidance, which of the following roles should the CAE not undertake?
- A. Become involved in risk oversight committees, monitoring activities, and status reporting.
- B. Accept management's responsibility for risk management without board approval.
- C. Audit risk management processes.
- D. Manage and coordinate risk management processes.
Answer: B
Explanation:
Section: Volume E
NEW QUESTION 93
The chief audit executive of a medium-sized financial institution is evaluating the staffing model of the internal audit activity (IAA). According to IIA guidance, which of the following are the most appropriate strategies to maximize the value of the current IAA resources?
* The annual audit plan should include audits that are consistent with the skills of the IAA.
* Audits of high-risk areas of the organization should be conducted by internal audit staff.
* External resources may be hired to provide subject-matter expertise but should be supervised.
* Auditors should develop their skills by being assigned to complex audits for learning opportunities.
- A. 2 and 3 only
- B. 3 and 4 only
- C. 1 and 4 only
- D. 1 and 2 only
Answer: B
NEW QUESTION 94
The chief audit executive (CAE) determined that based on management's oral response, the action taken regarding an audit observation was sufficient when weighted against the relative importance of the audit recommendation. Which of the following is the most appropriate step for the internal auditor to take next?
- A. Follow-up with management until a written response is obtained.
- B. Escalate the issue to the board and get their position on the issue.
- C. Initiate a follow-up audit to ensure that action has really been taken.
- D. Note in the permanent file that follow-up needs to be performed as part of the next engagement.
Answer: D
Explanation:
Section: Volume A
NEW QUESTION 95
Controls are implemented to:
- A. Mitigate risk and reduce the potential for loss.
- B. Eliminate risk and reduce the potential for loss.
- C. Mitigate risk and eliminate the potential for loss.
- D. Eliminate risk and eliminate potential for loss.
Answer: A
NEW QUESTION 96
When setting the scope for the identification and assessment of key risks and controls in a process, which of the following would be the least appropriate approach?
- A. Ensure the audit includes an assessment of manual and automated controls to determine whether business risks are effectively managed.
- B. Develop the scope of the audit to include controls that are necessary to manage risk associated with a critical business objective.
- C. Develop the scope of the audit based on a bottom-up perspective to ensure that all business objectives are considered.
- D. Specify that the auditors need to assess only key controls, but may include an assessment of non-key controls if there is value to the business in providing such assurance.
Answer: C
NEW QUESTION 97
Which of the following would be included in an internal audit department's quality assurance and improvement program?
1. Ongoing internal assessments of the performance of the internal audit department.
2. Periodic internal reviews through self-assessments.
3. Assessments conducted by a qualified external reviewer at least once every five years.
- A. 1 only
- B. 2 and 3 only
- C. 1 and 2 only
- D. 1, 2, and 3
Answer: D
Explanation:
Section: Volume D
Explanation/Reference:
NEW QUESTION 98
A chief audit executive (CAE) of a major retailer has engaged an independent firm of information security specialists to perform specialized internal audit activities. The CAE can rely on the specialists' work only if it is:
- A. Carried out in accordance with the Standards.
- B. Performed under the supervision of the information technology department.
- C. Performed in accordance with the terms of the contract.
- D. Carried out using standard review procedures for retailers.
Answer: A
Explanation:
Section: Volume B
NEW QUESTION 99
An internal auditor is conducting tests to determine if an organization is in compliance with its payment approval policies. After reviewing a sample of vouchers selected, the internal auditor concluded that there were indicators of fraud. Which of the following would be the most appropriate method to expand the audit test to achieve the audit objective?
I. Validate the completeness of the accounts payable files.
II. Examine the sample of vouchers in greater detail.
III. Increase the number of vouchers in the sample.
IV. Broaden the scope of the examination to include credits received by accounts payable.
- A. I and II only
- B. I, III, and IV only
- C. II and III only
- D. I, II, and IV only
Answer: C
Explanation:
Section: Volume B
NEW QUESTION 100
A newly promoted chief audit executive (CAE) is faced with a backlog of assurance engagement reports to review for approval. In an attempt to attach a priority for this review, the CAE scans the opinion statement on each report. According to IIA guidance, which of the following opinions would receive the lowest review priority?
1. Graded positive opinion.
2. Negative assurance opinion.
3. Limited assurance opinion.
4. Third-party opinion.
- A. 1 and 4
- B. 2 and 3
- C. 1 and 3
- D. 2 and 4
Answer: B
Explanation:
Section: Volume E
NEW QUESTION 101
In which of the following situations would it be most appropriate to employ the services of a forensic specialist?
- A. Verification of fixed assets in a manufacturing company.
- B. Review for misapplication of general computer controls over accounts receivable.
- C. Detection of unauthorized changes to source documents.
- D. Investigation of ghost employees in a large business.
Answer: C
NEW QUESTION 102
An internal auditor noticed that employees with responsibilities for cash collection had recently issued an unusually large number of credit memos, indicating that the original charges had been made to the wrong customer accounts. From a control standpoint, the auditor would be concerned with the possibility that:
- A. Employees in this function are concealing a theft of cash collected from customers.
- B. The credit department has not been properly screening customers and, as a result, a large portion of the accounts receivable may not be collectible.
- C. The organization is selling a large number of defective items.
- D. Credit memos are not being submitted on a timely basis.
Answer: A
NEW QUESTION 103
During the development of a purchasing system, an auditor reviewed the payment authorization program.
Which of the following actions should the auditor recommend for a situation in which the quantity invoiced is greater than the quantity received?
- A. Authorize payment of the full invoice, but maintain an open purchase order record for the missing goods.
- B. Issue an exception report.
- C. Pay the amount billed and adjust the inventory account for the difference.
- D. Return the invoice to the vendor for correction.
Answer: B
NEW QUESTION 104
The chief audit executive (CAE) of a large retail operation believes that senior management has accepted a level of risk that exceeds the organization's current risk tolerance with respect to a major expansion. The CAE plans to meet with senior management to discuss these concerns. According to IIA guidance, which of the following would be an appropriate course of action in preparation for this meeting?
----
Understand management's basis for the decision.
Advise the board of the concern and upcoming meeting.
Ascertain which members of management have accepted the risk.
Determine if management has the authority to accept the risk.
- A. 1 and 4 only.
- B. 2 and 3 only.
- C. 1 and 2 only.
- D. 3 and 4 only.
Answer: A
NEW QUESTION 105
Which of the following processes real-transaction data through auditor-developed test programs?
- A. Mapping.
- B. Generalized audit software.
- C. Parallel simulation.
- D. Tracing.
Answer: C
NEW QUESTION 106
An audit identified a number of weaknesses in the configuration of a critical client/server system. Although some of the weaknesses were corrected prior to the issuance of the audit report, correction of the rest will require between six and 18 months for completion. Consequently, management has developed a detailed action plan, with anticipated completion dates, for addressing the weaknesses. Which of the following is the most appropriate course of action for the chief audit executive to take?
- A. Schedule a follow-up audit engagement to assess the status of corrective action.
- B. Assess the adequacy of the action plan and monitor key dates and deliverables.
- C. Reassign information systems auditors to assist the information technology department in correcting the weaknesses.
- D. Evaluate statistics related to unplanned system outages, unauthorized access attempts, and denials of service to assess the effectiveness of corrections.
Answer: B
NEW QUESTION 107
Inadequate risk assessment would have the strongest negative impact in which of the following phases of an audit engagement?
- A. Testing.
- B. Reviewing internal controls.
- C. Evaluating findings.
- D. Determining the scope.
Answer: D
NEW QUESTION 108
According to IIA guidance, which of the following is true regarding audit supervision?
1. Supervision should be performed throughout the planning, examination, evaluation, communication, and follow-up stages of the audit engagement.
2. Supervision should extend to training, time reporting, and expense control, as well as administrative matters.
3. Supervision should include review of engagement workpapers, with documented evidence of the review.
- A. 1 and 3 only
- B. 2 and 3 only
- C. 1 and 2 only
- D. 1, 2, and 3
Answer: D
NEW QUESTION 109
In performance auditing, which of the following must first be determined by the internal auditor?
- A. Which key performance indicators are in use.
- B. Determination that appropriate benchmarks are in place.
- C. Whether management controls are appropriate.
- D. Management's objectives for the process.
Answer: D
Explanation:
Section: Volume D
NEW QUESTION 110
According to the International Professional Practices Framework, which of the following statements is true regarding the use of the statement, "Conducted in Conformance with the International Standards for the Professional Practice of Internal Auditing," when communicating results of a seven-year-old internal audit activity?
- A. The statement may be used only if the results of the quality assurance and improvement program support the statement.
- B. The statement may be used only when conducting international engagements.
- C. The statement may be used whether or not the internal audit department has an external quality assessment review or an independent validation of a self-assessment.
- D. The statement should not be used for a consulting engagement.
Answer: A
Explanation:
Section: Volume C
Explanation/Reference:
NEW QUESTION 111
The internal audit activity performs the following sequence of risk management activities: identification, analysis, and evaluation. According to IIA guidance, which of the following assurance approaches does this describe?
- A. Maturity model approach.
- B. Process elements approach.
- C. Key principles approach.
- D. Enterprise-wide risk management approach.
Answer: B
NEW QUESTION 112
What decision-making approach should a facilitator initiate if a group addresses an unfamiliar situation during a control self-assessment session?
- A. Spontaneous agreement.
- B. Compromise.
- C. Majority voting.
- D. Consensus building.
Answer: D
NEW QUESTION 113
When interrogating an individual who is suspected of fraud, it is appropriate to:
- A. Prepare a list of questions prior to the interrogation and strictly adhere to the list.
- B. Tell the individual that any information disclosed in the interrogation will not be disclosed outside of the company.
- C. Start the interview with questions to which the interviewer already knows the answer.
- D. Discontinue questioning once the individual has confessed to the fraud.
Answer: C
NEW QUESTION 114
Which of the following is the best approach for obtaining feedback from engagement clients regarding the quality of internal audit work?
- A. Distribute questionnaires to selected engagement clients shortly before preparing the internal audit annual activity report.
- B. Ask questions during the exit interviews and send copies of the documented responses to the clients.
- C. Call engagement clients after the exit interviews and send copies of the documented responses to the clients.
- D. Provide questionnaires to engagement clients at the beginning of each engagement and request that the clients complete and return them after the engagements.
Answer: D
NEW QUESTION 115
......
A fully updated 2021 IIA-CIA-Part2 Exam Dumps exam guide from training expert ActualPDF: https://www.actualpdf.com/IIA-CIA-Part2_exam-dumps.html
Practice To IIA-CIA-Part2 - ActualPDF Remarkable Practice On your Practice of Internal Auditing Exam: https://drive.google.com/open?id=1Ti_osBAmWf3m9YdXxSf994pxfYvAyVkA
