IIA-CRMA Exam Questions Instant Access - No Installation Required

Question 1

Which two of the following are preventive controls in a check disbursement process?

1. Daily reconciliation of the bank account used for check disbursements and prompt follow-up of un-reconciled items.

2. Segregation of the following duties: establishing new vendors, approving checks, and reconciling the bank account.

3. An activity report detailing who accesses the check disbursement system and the nature of any action taken in the system.

4. Evidence of strong access controls ensuring that authorized individuals have access only to the functions related to their responsibilities.

A1 and 3.

B1 and 4.

C2 and 3.

D2 and 4.

Answer : D

Question 2

Which of the following factors should be considered when determining the appropriate combination of manual techniques and computer-assisted audit techniques (CAATs) to be used during an audit?

1. Acceptance of CAATs findings by entity management.

2. Computer knowledge and expertise of the auditor.

3. Time constraints.

4. Level of audit risk.

A1 and 4

B2 and 3 only

C1, 2, and 3

D2, 3, and 4

Answer : D

Question 3

According to IIA guidance, which of the following are macro-level audit activities performed for an assurance engagement of the purchasing department?

1. Obtain and review all purchasing-related audit reports issued within the past year.

2. Meet with the quality assurance group to discuss its previous reports of any purchasing-related findings.

3. Review a memo written by the purchasing manager that outlines ongoing problems with the purchasing software.

4. Request a copy of the report from a purchasing audit conducted last year by an external service provider.

A1 and 2.

B1 and 3.

C2 and 4.

D3 and 4.

Answer : A

Question 4

Non-statistical sampling does not require which of the following?

AThe sample to be representative of the population.

BThe sample to be selected haphazardly.

CA smaller sample size than if selected using statistical sampling.

DProjecting the results to the population.

Answer : C

Question 5

If appropriate safeguards exist, which of the following is considered a legitimate internal audit role within risk management at an organization?

AImposing risk management processes.

BProviding consolidated reporting on risks.

CTaking accountability for risk management.

DMaking decisions on risk responses.

Answer : B

Question 6

According to IIA guidance, which of the following statements is true regarding the reporting of results from an external quality assessment of the internal audit activity?

AThe external assessment results are reported upon completion in confidence directly to the board, and senior management is advised only of the recommendations and improvement action plans.

BThe results of self-assessments with independent external validation are shared with the board upon completion, and monitoring of recommended improvements must be reported monthly.

CThe external assessment results are communicated upon completion to senior management and the board, but action plans for recommended improvements do not have to be reported.

DThe requirements for reporting quality assessment results are the same for external assessments and self-assessments with independent external validation.

Answer : B

Question 7

A computer system automatically locks a user's account after three unsuccessful attempts to log on.

Which type of control does this scenario represent?

ACorrective control.

BPreventive control.

CDetective control.

DCompensating control.

Answer : B

IIA Certification in Risk Management Assurance (CRMA) IIA-CRMA Exam Questions