IIA-CIA-Part2 Exam Practice Test Instant Access

Question 1

An internal auditor developed a list of internal and external risk considerations across the organization's processes, developed a scale to assess each risk and allocated the relative importance of each risk. When of the following approaches did the auditor take?

ATop-down approach

BProcess-Metrix approach

CRisk-factor approach

DBottom up approach

Answer : C

The risk-factor approach involves developing a list of internal and external risk considerations, creating a scale to assess each risk, and allocating the relative importance of each risk. This approach allows the auditor to systematically evaluate risks based on predefined criteria and weightings, ensuring a comprehensive risk assessment across the organization's processes.

The Institute of Internal Auditors (IIA) Standards

Risk Assessment Methodologies in Internal Auditing

Question 2

Which of the following is true regarding the monitoring of internal audit activities?

AThe form and content of monitoring policies could vary by industry

BThe board of directors is responsible for the establishment of monitoring polities

CBoth large and small audit departments must have written policies on monitoring.

DThe chief audit executive must develop all monitoring policies related to the activity

Answer : A

The form and content of monitoring policies can indeed vary depending on the industry and the specific requirements of the organization. While all internal audit activities require some level of monitoring to ensure effectiveness and compliance with standards, the specific approach and documentation may differ based on industry norms, regulatory requirements, and organizational size and complexity.

The Institute of Internal Auditors (IIA) Practice Guide: Quality Assurance and Improvement Program

IIA Standard 1300 - Quality Assurance and Improvement Program

Question 3

An internal auditor performed a test of controls and found that a statistically selected representative sample of recorded transactions within the account receivables ledger had an error rate that was within management expectations. The associated revenue account was outside the scope of the audit engagement. How should the conclusion to this engagement be reported?

AThe auditor should state that the error rate was within the selected confidence level.

BNegative assurance should be provided, as the associated revenue account was not examined.

CThe auditor should state that controls over the recording of transactions in the revenue account are operating effectively.

DPositive assurance could be provided for the effectiveness of the accounts receivable controls.

Answer : D

In this scenario, the internal auditor performed a test of controls on the accounts receivable ledger and found that the error rate was within management's expectations. Since the audit focused on the accounts receivable controls, the conclusion should be specific to the scope of the engagement. The auditor can provide positive assurance about the effectiveness of the controls over the recording of transactions in the accounts receivable ledger, as the evidence gathered supports this conclusion.

IIA Reference:

IIA Standard 2410: Criteria for Communicating states that communications must include the engagement's objectives and scope as well as applicable conclusions, recommendations, and action plans. Since the engagement was focused on accounts receivable, the assurance provided should relate specifically to the controls in that area.

The Practice Guide on Communicating Results emphasizes that conclusions and assurance should be directly related to the scope of the engagement and the evidence obtained.

Question 4

An internal auditor is examining the organization's internal control processes. Which of the following would the auditor do to test the reliability of a customer database1?

APerform a site visit to see whether the organization's servers are operational

BInterview end users to determine whether they understand how to use the database information

CDetermine whether policies are in place on how to use the database information

DReview for indications of potential issues with the database information

Answer : D

An internal auditor's primary role is to evaluate and improve the effectiveness of risk management, control, and governance processes. To test the reliability of a customer database, the auditor would focus on identifying potential issues that could affect the accuracy and completeness of the data. This involves reviewing records, reports, and conducting data analysis to identify anomalies, inconsistencies, or patterns that suggest problems with the data. This step directly assesses the reliability of the database, which is crucial for ensuring that the information is accurate and reliable.

Institute of Internal Auditors (IIA) Standards: Performance Standards 2320: Analysis and Evaluation

Internal Audit Manual: Data Integrity and Database Auditing Techniques

Question 5

The internal audit activity is currently working on several engagements, including a consulting engagement on the management process in the human resources department. Which of the following actions should the chief audit executive take to most efficiently and effectively ensure the quality of the engagement?

AAssign an experienced manager to monitor the whole engagement process.

BEmploy fieldwork peer review to enhance the work quality.

CRequire internal auditors to follow a standardized work program.

DPersonally supervise the engagement.
Explanation:
Ensuring the quality of an audit engagement, especially a consulting engagement in a complex area like human resources, requires effective supervision and quality assurance measures. Peer review during fieldwork is a recognized method for maintaining high-quality audit work.
Detailed Explanation:
IIA Standard 2340 -- Engagement Supervision:
This standard requires that engagements be properly supervised to ensure that objectives are achieved, quality is maintained, and audit work is consistent with IIA standards. Peer reviews during fieldwork can help identify issues early and improve the overall quality of the audit.
Fieldwork Peer Review:
Quality Assurance: Peer reviews involve having another auditor review the work performed during fieldwork. This process helps identify any potential issues or improvements in real-time, ensuring that the final work product meets the required standards.
Continuous Improvement: By incorporating peer reviews, the internal audit activity can ensure that best practices are followed, and any deviations from the standard audit process are corrected promptly.
IIA Practice Advisory 2340-1:
This advisory recommends peer reviews as a method to ensure quality and to provide feedback to auditors on their work, enhancing the effectiveness of the engagement.
Why Not Other Options?
Option A (Assign an experienced manager): While supervision is essential, peer reviews provide additional quality checks beyond just monitoring by a manager.
Option C (Standardized work program): This ensures consistency but may not be sufficient to ensure quality without additional review mechanisms.
Option D (CAE personally supervising): This is not the most efficient use of the CAE's time. Peer review distributes the supervisory load and adds value through diverse perspectives.
Conclusion: Option B is correct as it aligns with best practices for quality assurance in internal auditing, particularly in ensuring the effectiveness and efficiency of the engagement through peer reviews during fieldwork.

Answer : B

Question 6

The chief audit executive can illustrate the value of the internal audit activity by reporting which of the following to the board?

AThe overall performance resulting from the internal audit balanced scorecard

BThe number of outstanding and overdue management actions

CThe experience of the organization's internal auditors

DThe number of audits in the annual audit plan relative to similar organizations

Answer : A

The chief audit executive (CAE) can best illustrate the value of the internal audit activity by reporting the overall performance resulting from the internal audit balanced scorecard. The balanced scorecard includes metrics that measure the effectiveness, efficiency, and impact of the internal audit function, providing a comprehensive view of its contributions to the organization. This approach demonstrates how internal audit activities align with and support the organization's strategic objectives. Reference:

The IIA's Practice Guide on Measuring Internal Audit Performance.

The IIA's Practice Guide on Internal Audit Effectiveness.

Question 7

A chief audit executive's report to the board showed a significant trend of recent aud4s going over planned budgeted hours. Which of the following factors could cause this trend?

APoor engagement supervision

Bineffective board reporting

CUntimely observation follows up and closure

DLimited staff resources

Answer : A

One of the primary factors that could cause audit engagements to go over the planned budgeted hours is poor engagement supervision. Effective supervision ensures that the audit is progressing as planned, that issues are identified and addressed promptly, and that resources are used efficiently. Without proper supervision, audits may experience delays, scope creep, and inefficient use of time, leading to overruns in budgeted hours. Other factors, such as untimely follow-up and limited staff resources, can contribute to inefficiencies, but poor supervision is often a key driver. Reference:

The Institute of Internal Auditors (IIA) - Standards for the Professional Practice of Internal Auditing, Standard 2340 - Engagement Supervision

IIA-CIA-Part2 Practice of Internal Auditing Exam Practice Test