IIA-CIA-Part2 Exam Practice Test Instant Access

Question 1

As part of internal audit's assistance with an annual external audit, the internal auditors are required to do a preliminary analytical review of an bank account balances. This involves verifying the current year end balances as web as comparing the current year end balances with previous year end balances to highlight significant changes. Which of the following is the most reliable source for verification of the current year end bank balances?

ABank confirmations

BInternal bonk statements

CBank reconciliations as of the end of the year

DBank account general ledger balancer as of the end of the year

Answer : A

Bank confirmations are the most reliable source for verifying the current year-end bank balances. These confirmations are direct responses from the bank to the auditor, providing independent verification of the account balances as of the end of the year. This external confirmation is considered more reliable than internal documents like bank statements, reconciliations, or general ledger balances because it comes directly from a third-party source, ensuring its accuracy and completeness. Reference:

The Institute of Internal Auditors (IIA) - Practice Guide: External Confirmations

Auditing Standards (e.g., ISA 505 - External Confirmations)

Question 2

According to IIA guidance, which of the following would be considered necessary for a one-person audit function?

AA formalized technical audit manual

BA written administrative audit manual

CA memorandum stating policies and procedures

DA comprehensive policy and procedure manual

Answer : C

For a one-person audit function, the primary focus is on ensuring that there is a clear understanding of the audit policies and procedures without the need for extensive documentation. According to the IIA's guidance, a memorandum stating the policies and procedures would suffice for a one-person audit function, providing a concise yet comprehensive outline of the necessary protocols to follow. This approach ensures that the sole auditor has clear directives while avoiding the administrative burden of maintaining a more extensive manual that might be necessary for larger audit teams. Reference:

The Institute of Internal Auditors (IIA) - Practice Advisory 2040-1: Policies and Procedures

Question 3

Which of the following best describes the guideline for preparing audit engagement workpapers?

AWorkpapers should be understandable to the auditor in charge and the chief audit executive.

BWorkpapers should be understandable to the audit client and the board.

CWorkpapers should be understandable to another internal auditor who was not involved in the engagement.

DWorkpapers should be understandable to external auditors and regulatory agencies.

Answer : C

The primary guideline for preparing audit engagement workpapers is that they should be understandable to another internal auditor who was not involved in the engagement. This ensures that workpapers are clear, complete, and sufficiently detailed so that another auditor can understand the work performed, the evidence gathered, and the conclusions reached without needing additional explanations.

IIA Reference:

IIA Standard 2330: Documenting Information requires internal auditors to document relevant information to support the conclusions and engagement results. The Practice Advisory 2330-1 emphasizes that workpapers should be understandable and provide a clear trail of the audit process and conclusions, facilitating peer review and quality assurance processes.

The IIA's Practice Guide on Audit Documentation suggests that workpapers should be prepared with the understanding that another internal auditor, unfamiliar with the work, may need to review them for quality assurance or other purposes.

Question 4

Which of The following best justifies an internal auditor's decision to issue a preliminary audit report?

AThe internal audit team and audit client have a serious dispute over the scope and objective of the engagement

BThe internal audit team expects management to address certain issues immediately due to their severe impact

CThe internal audit team anticipates that the formal final audit report would be undesirable for management due to the significance of outlined risks

DThe internal audit team would like to issue a clean final audit report without any material observations or risks

Answer : B

An internal auditor's decision to issue a preliminary audit report is best justified when the internal audit team expects management to address certain issues immediately due to their severe impact. Preliminary reports are issued to promptly communicate critical findings that require urgent attention, ensuring that management is aware of and can take corrective action on significant issues without waiting for the final report.

IIA Standards: 2410 - Criteria for Communicating

IIA Practice Guide: Reporting Results

Question 5

Below is a flowchart detailing an organization's bank reconciliation process. Which of the following conclusions can be drawn from the flowchart?

AThere is a conflict in the segregation of duties between preparing bank reconciliations and posting payments to the accounting books.

BThere is an appropriate segregation of duties in the treasury department during the bank reconciliation process.

CThere is a large workload for the treasury accountant during the bank reconciliation process.

DBank statements should be obtained at a higher level, such as through the treasury supervisor.

Answer : B

The flowchart indicates that different individuals are responsible for various stages of the bank reconciliation process. The Treasury Accountant posts payments and performs reconciliations, while the Senior Treasury Accountant obtains and uploads bank statements, and the Treasury Supervisor approves/reviews the reconciliations. This segregation of duties ensures that no single individual has control over all aspects of the financial transaction process, which helps in preventing errors and fraud. Reference:

The Institute of Internal Auditors (IIA), International Standards for the Professional Practice of Internal Auditing (Standards)

'Auditing and Assurance Services' by Alvin

A . Arens, Randal J. Elder, and Mark S. Beasley

Question 6

An internal auditor discovered that a new employee was granted inappropriate access to the payroll system Apparently the IT specialist had made a mistake and granted access to the wrong new employee. Which of the following management actions would be most effective to prevent a similar issue from occurring again?

ARemove the new employee's excessive access rights and request that he report any future access error.

BPerform a complete review of all users who have access to the payroll system lo determine whether there are additional employees who were granted inappropriate access

CReview the system activity log of the employee to determine whether he used the inappropriate access to conduct any unauthorized activities in the payroll system

DProvide coaching to the IT specialist and introduce a secondary control to ensure system access is granted in accordance with the approved access request.

Answer : D

The most effective management action to prevent similar issues in the future involves both corrective and preventive measures. Coaching the IT specialist addresses the immediate knowledge gap and mistake that occurred. Introducing a secondary control, such as a review or verification step, ensures that future access requests are granted correctly, thereby preventing similar errors. This combination addresses the root cause and adds a layer of assurance. Reference:

'Internal Auditing: Assurance & Advisory Services' (The Institute of Internal Auditors)

'IT Control Objectives for Sarbanes-Oxley' (IT Governance Institute)

Question 7

Which of the following information is most appropriate for the chief audit executive to share when coordinating audit plans with other internal and external assurance providers?

AObjectives scope and timing at a high level to support coordination while adhering to confidentiality requirements

BThe area and timing of the audit engagement to ensure confidentially and avoid conflict of interest.

CAll plan information, including risk assessments, planned tests and past results to maximize the opportunity for coordination with internal and external providers.

DNo information should be shared with internal and external provider as it could introduce bias into the engagement results.

Answer : A

Coordinating audit plans with other internal and external assurance providers is critical to ensure coverage and avoid duplication of efforts. According to IIA Practice Advisory 2050-1, sharing high-level information such as objectives, scope, and timing supports effective coordination and minimizes the risk of conflicts of interest, while still maintaining confidentiality. Detailed sharing of risk assessments, planned tests, and past results might breach confidentiality and independence standards. Reference:

The Institute of Internal Auditors (IIA) - Practice Advisory 2050-1: Coordination of Internal and External Audit Activities

IIA-CIA-Part2 Practice of Internal Auditing Exam Practice Test