Pass IIA-CIA-Part2 Exam - Real Test Engine PDF with 465 Questions
Get New IIA-CIA-Part2 Certification Practice Test Questions Exam Dumps
NEW QUESTION # 240
Which of the following is an example of the verification of internal documentary evidence?
- A. Recalculating a customer's purchase order.
- B. Reconciling a vendor's month-end statement.
- C. Vouching a copy of a sales invoice to receivables.
- D. Reviewing a carrier's bill of lading.
Answer: C
NEW QUESTION # 241
During an engagement, an internal auditor discovered that an organization's policy on delegation of authority listed six individuals who were no longer employed with the organization. In addition, four individuals acting with disbursement authority were not identified in the policy as having such authority.
Which of the following is the most effective course of action to address the control weakness?
- A. Immediately initiate a complete audit of the disbursement function to determine if significant frauds have occurred.
- B. Advise management to add the four additional names and remove the incorrect names from the policy to make it current.
- C. Recommend that management review the process supporting the policy and make improvements.
- D. Review further to ensure that the four individuals do not have the appropriate authority through delegation.
Answer: C
NEW QUESTION # 242
Which of the following would be a red flag that indicates the possibility of inventory fraud?
I. The controller has assumed responsibility for approving all payments to certain vendors.
II. The controller has continuously delayed installation of a new accounts payable system, despite a corporate directive to implement it.
III. Sales commissions are not consistent with the organization's increased levels of sales.
IV. Payments to certain vendors are supported by copies of receiving memos, rather than originals.
- A. I and II only
- B. I, III, and IV only
- C. II and III only
- D. I, II, and IV only
Answer: D
NEW QUESTION # 243
According to IIA guidance, which of the following statements about analytical procedures is true?
- A. Analytical procedures compare information against expectations.
- B. Analytical procedures are computer-assisted audit techniques.
- C. Analytical procedures provide internal auditors with explainable results.
- D. Analytical procedures begin after the engagement's planning phase.
Answer: A
Explanation:
Analytical procedures involve evaluating financial and operational information by comparing it with expected values. These expectations can be based on historical data, industry benchmarks, budgets, or other relevant criteria. The primary purpose of analytical procedures is to identify any unusual or unexpected variations that could indicate potential issues or areas requiring further investigation.
IIA Reference:
IIA Standard 2320: Analysis and Evaluation requires internal auditors to analyze and evaluate the information gathered during an engagement. Analytical procedures are a critical part of this process, as they help auditors identify trends, anomalies, and areas of risk by comparing actual results with expectations.
The Practice Guide on Analytical Procedures defines these procedures as the analysis of relationships between different sets of data, with the goal of identifying inconsistencies or unexpected patterns.
NEW QUESTION # 244
A chief audit executive (CAE) received a detailed internal report of senior management's internal control assessment. Which of the following subsequent actions by the CAE would provide the greatest assurance over management's assertions?
- A. Assert whether the described and reported control processes and systems exist.
- B. Assess whether senior management adequately supports and promotes the internal control culture described in the report.
- C. Evaluate the completeness of the report and management's responses to identified deficiencies.
- D. Determine whether management's operating style and the philosophy described in the report reflect the effective functioning of internal controls.
Answer: C
Explanation:
The greatest assurance over management's assertions would be provided by evaluating the completeness of the report and management's responses to identified deficiencies. This involves ensuring that all relevant control processes and deficiencies have been identified, and that management has provided appropriate and comprehensive responses to each issue. This step ensures that the internal control assessment is thorough and that management is actively addressing any weaknesses. References:
* The IIA's International Standards for the Professional Practice of Internal Auditing (Standards), specifically Standard 2130 - Control.
* The IIA's Practice Guide on Assessing the Adequacy of Internal Controls.
NEW QUESTION # 245
An internal auditor used a risk and control matrix to prepare a work program for testing a software release.
During the engagement planning stage, he tested the design of
the release procedure as a key control and concluded that the control was not designed well. During the performance stage, he tested the operation of this control and concluded that it was implemented as designed. Which of the following statements is true regarding this scenario?
- A. The test of the control design should have occurred at the performance stage.
- B. The test of the operating effectiveness of the control was not necessary.
- C. A risk and control matrix is not appropriate for this type of engagement.
- D. The test of the operating effectiveness of the control should have occurred at the planning stage.
Answer: B
Explanation:
If a control is found to be poorly designed during the planning stage, testing its operating effectiveness becomes redundant because even a well-implemented but poorly designed control will not achieve its intended objectives. The primary focus should be on redesigning the control to ensure it is effective in mitigating risks.
Therefore, the auditor should not have proceeded to test the operational effectiveness of a control that was already deemed poorly designed.References:
* The Institute of Internal Auditors (IIA), International Standards for the Professional Practice of Internal Auditing (Standards)
* "Auditing: A Risk-Based Approach to Conducting a Quality Audit" by Karla M. Johnstone et al.
NEW QUESTION # 246
What is the best course of action for a chief audit executive if an internal auditor identifies in the early stage of an audit that some employees have inappropriate access to a key system?
- A. Contact the audit committee chair to discuss the finding
- B. Ask the auditor to create a ticket with the IT help desk requesting to revoke the inappropriate access
- C. Issue an interim audit report so that management can implement action plans
- D. Obtain verbal assurance from management that the inappropriate access will be removed
Answer: A
NEW QUESTION # 247
Which of the following would not include recommendations for process improvements?
- A. Due diligence engagement.
- B. Forensic investigation.
- C. Consulting engagement.
- D. Internal audit engagement.
Answer: A
NEW QUESTION # 248
Which two of the following considerations must an internal auditor take into account while planning an audit of an accounting system/application that has been in use for the last five years?
The level and manner of linkages between the business' mission, objectives, and structure and the accounting system/application.
Presence or absence of computerized and manual controls that address risks.
Identification of risks at the application level, e.g. availability and security of the system.
Testing of the system/application for bugs and errors.
- A. 3 and 4 only
- B. 2 and 3 only
- C. 2 and 4 only
- D. 1 and 3 only
Answer: B
NEW QUESTION # 249
Which of the following data collection strategies systematically tests the effects of various factors on an outcome?
- A. Sampling.
- B. Content analysis.
- C. Modeling.
- D. Evaluation synthesis.
Answer: C
NEW QUESTION # 250
An auditor receives anonymous information that fraud is occurring in the operation being audited, but no details are given as to the type of fraud or the individuals involved. There are several areas in which fraud could occur.
The auditor should:
- A. Plan detailed tests of the areas that have the highest dollar amount of transactions.
- B. Apply analytical procedures to areas that might be impacted by possible fraudulent activities.
- C. Identify the area that has the greatest volume of transactions and design a sampling plan for substantive testing.
- D. Interview employees to identify areas where the fraud could be occurring.
Answer: B
Explanation:
Section: Volume A
NEW QUESTION # 251
An organization has a large number of vendors supplying goods to its various branches across the region. The code of conduct statements signed by the employees specify that the employees or their families will not sell goods to the organization. However, during the internal audit of a branch, the internal auditor suspected that some of the employees may be supplying goods to the organization contrary to the code of conduct. The chief audit executive has requested that a thorough review be completed to identify the potential employee vendors. Of the following tests, it would be least useful to compare [List A] with [List B].
[List A]
[List B]
- A. Vendor bank account numbers
Employee bank account numbers - B. Dates of payments to vendors
Dates of salary payments to employees - C. Addresses of vendors from the vendor database
Addresses of employees from the employee database
D .Vendor names
Employee names
Answer: B
NEW QUESTION # 252
During the development of a purchasing system, an auditor reviewed the payment authorization program.
Which of the following actions should the auditor recommend for a situation in which the quantity invoiced is greater than the quantity received?
- A. Authorize payment of the full invoice, but maintain an open purchase order record for the missing goods.
- B. Return the invoice to the vendor for correction.
- C. Issue an exception report.
- D. Pay the amount billed and adjust the inventory account for the difference.
Answer: C
NEW QUESTION # 253
An internal auditor provided the following statement about division A's performance during the month:
"Because supplies of raw material X were scarce, division A's profits declined by 15 percent." Which of the following can be validly concluded from the auditor's statement?
I. Division A's production level declined by 15 percent.
II. Division A could have sold more products than it produced.
III. Division A usually sells all of the products that it produces.
- A. I and II only
- B. II only
- C. III only
- D. I only
Answer: B
Explanation:
Section: Volume A
NEW QUESTION # 254
In advance of a preliminary survey, a chief audit executive sends a memorandum and questionnaire to the supervisors of the department to be audited. What is the most likely result of that procedure?
- A. It is an uneconomical approach to obtaining information.
- B. It involves the engagement client's supervisory personnel in the audit.
- C. It creates apprehension about the audit engagement.
- D. It is only useful for audits of distant locations.
Answer: B
NEW QUESTION # 255
An organization does not have a formal risk management function. According to the Standards, which of the following are conditions where the internal audit activity (IAA) may provide risk management consulting?
1. There is a clear strategy and timeline to migrate risk management responsibility back to management.
2. The IAA has the final approval on any risk management decisions.
3. The IAA does not give objective assurance on any part of the risk management framework for which it is responsible.
4. The nature of services provided to the organization is documented in the internal audit charter.
- A. 1, 2, and 4 only
- B. 1, 2, and 3 only
- C. 1, 3, and 4 only
- D. 2, 3, and 4 only
Answer: C
NEW QUESTION # 256
Which of the following has the greatest effect on the efficiency of an audit?
- A. The complexity of deficiency findings.
- B. The method and amount of supporting detail used for the audit report.
- C. The adequacy of preliminary survey information.
- D. The organization and content of workpapers.
Answer: C
NEW QUESTION # 257
The chief audit executive was asked to define me internal audit activity s key performance indicators (KPIs) tor the upcoming year. The KPIs must measure efficiency and effectiveness. Which of the following is an example of a KPI that measures effectiveness?
- A. Post engagement surveys completed by management indicate a "meets or exceeds expectations" idling
- B. Internal audit reports are consistently submitted prior to the audit report deadline
- C. There is a significant reduction of travel costs per project over the next fiscal year
- D. Internal auditors identify a minimum number of issues and provide recommendations to address them for each audit
Answer: A
Explanation:
A key performance indicator (KPI) that measures effectiveness reflects how well the internal audit activity achieves its objectives and meets stakeholder expectations. Post-engagement surveys completed by management, indicating a "meets or exceeds expectations" rating, directly measure the perceived value and impact of the audit work. This KPI shows whether the internal audit function is providing useful insights, recommendations, and assurance that align with management's needs and expectations, thus demonstrating the effectiveness of the audit activity.References:
* Institute of Internal Auditors (IIA), Practice Guide - Measuring Internal Audit Effectiveness and Efficiency.
NEW QUESTION # 258
In which of following scenarios is the internal auditor performing benchmarking?
- A. The auditor compares new information to his general knowledge of the organization
- B. The auditor compares information from one period with the same information from the poor period
- C. The auditor compares expected outcomes with actual results
- D. The auditor compares information he collected with simmer information from another source
Answer: D
Explanation:
Benchmarking in internal auditing involves comparing the performance or practices of the audited entity against a standard or best practice, which often involves using information from other organizations or sources as a reference. This process helps identify areas for improvement and set performance targets. Thus, comparing the collected information with similar information from another source is the correct definition of benchmarking.
References:
* The Institute of Internal Auditors (IIA) Practice Guide: Internal Audit and Organizational Performance
* IIA Standard 1220 - Due Professional Care
NEW QUESTION # 259
Which of the following types of contracts would provide the least incentive for a contractor to achieve economy and efficiency?
- A. Lump-sum contract.
- B. Indefinite delivery contract.
- C. Cost-plus contract.
- D. Unit-price contract.
Answer: C
NEW QUESTION # 260
Which of the blowing is an example of a compliance assurance engagement?
- A. Providing testing on the operating effectiveness of controls ever the reliability of financial reporting
- B. Providing an assessment of customer satisfaction with customer service provided by the organization
- C. Proving in-house training to senior management regarding applicable laws and regulations
- D. Proving an assessment of the design adequacy of controls related to consumer privacy and confidentially.
Answer: D
Explanation:
A compliance assurance engagement focuses on evaluating whether an organization is adhering to applicable laws, regulations, policies, and procedures. Assessing the design adequacy of controls related to consumer privacy and confidentiality is a prime example of such an engagement, as it ensures that the organization's controls are designed to comply with relevant privacy laws and regulations, thereby protecting consumer data and maintaining compliance.
Reference:
The Institute of Internal Auditors (IIA) - Standards for the Professional Practice of Internal Auditing, Standard 2410 - Criteria for Communicating
NEW QUESTION # 261
According to IIA guidance, which of the following accurately describes the responsibilities of the chief audit executive with respect to the final audit report?
1. Coordinate post-engagement conferences to discuss the final audit report with management.
2. Include management's responses in the final audit report.
3. Review and approve the final audit report.
4. Determine who will receive the final audit report.
- A. 3 and 4
- B. 1 and 4
- C. 1 and 2
- D. 2 and 3
Answer: A
Explanation:
According to IIA guidance, the chief audit executive (CAE) is responsible for reviewing and approving the final audit report and determining who will receive it. The CAE ensures that the report is complete, accurate, and disseminated to appropriate parties. Including management's responses in the final report and coordinating post-engagement conferences with management, while important, are not the CAE's primary responsibilities.
References:
* IIA Standards: 2440 - Disseminating Results
* IIA Practice Guide: Communicating Results to Management and the Board
NEW QUESTION # 262
According to MA guidance, which of the following factors should an internal auditor consider when assessing the likelihood of fraud risk1?
- A. Past fraud allegations and actual occurrences
- B. Any potential damage to the organization's relationship with customers.
- C. The effect on the organization's reputation
- D. The potential and realized financial impacts
Answer: A
Explanation:
According to MA (Management Accounting) guidance and internal auditing standards, when assessing the likelihood of fraud risk, internal auditors should consider historical data and patterns within the organization. Past fraud allegations and actual occurrences provide valuable insights into potential vulnerabilities and areas where controls might have previously failed. This historical perspective helps in evaluating the current fraud risk environment and in identifying areas that require stronger controls or more vigilant monitoring.
Reference:
IIA Practice Guide: "Assessing the Risk of Fraud"
COSO (Committee of Sponsoring Organizations of the Treadway Commission) Fraud Risk Management Guide
NEW QUESTION # 263
......
IIA-CIA-Part2 Exam Dumps - PDF Questions and Testing Engine: https://examtests.passcollection.com/IIA-CIA-Part2-valid-vce-dumps.html
