Independent Study

Revision One
1. During an engagement to evaluate the entitys accounts payable function, an

internal auditor plans to confirm balances with suppliers. What is the source of
authority for such contacts with the outside organisation?
A. Internal audit activity policies and procedures.
B. The standards.
C. The code of ethics
D. The internal audit activitys charter
2. An element of authority that should be included in the charter of the internal audit

activity is
A. Identification of organisational units where engagement are to be
performed.
B. Identification of the types of disclosures that should be made to the audit
committee.
C. Access to records, personnel, and physical properties relevant to the
performance of engagements.
D. Access to the external auditors engagement records
3. To avoid being the apparent cause of conflict between an organisations senior

management and the audit committee, the chief audit executive should
A. Communicate all engagement results to both senior management and the
audit committee.
B. Strengthen the independence of the internal audit activity through
organisational status
C. Discuss all reports to senior management with the audit committee first.
D. Request board approval of policies that include internal audit activity
relationships with the audit committee.
4. The audit committee of an organisation has charged the chief audit executive

(CAE) with upgrading the internal activity. The CAEs first task is to develop a
charter. What item should be included in the statement of objectives?
A. Report all engagement results to the audit committee every quarter.
B. Notify governmental regulatory agencies of unethical business practices
by organisation management.
C. Evaluate the adequacy and effectiveness of the organisations controls.
D. Submit budget variance reports to management every month.

5. The authority of the internal audit activity is limited to that granted by

A. The board and the controller.

B. Senior management and the standards
C. Management and the board
D. The audit committee and the CFO.
6. Is it appropriate for an internal auditor to conduct an engagement that incorporates

elements of both consulting and assurance activities into one consolidated report?
A. Yes, it is always appropriate.
B. Yes, in some circumstances.
C. No, unless the audit committee gives permission
D. No, this is never appropriate.
7. A charter is one of the more important factors positively affecting the internal audit

activitys independence. Which of the following is least likely to be a part of the

charter?
A. Access to the records within the organisation.
B. The scope of the internal audit activities
C. The length of tenure of the chief audit executive.
D. Access to personnel within the organisation.
8. Internal auditing has planned an engagement to evaluate the effectiveness of the

quality assurance function as it affects the receipt of goods, the transfer of the
goods into production, and scrap costs related to defective items. The engagement
client argues that such an engagement is not within the scope of the internal audit
activity and should come under the purview of the quality assurance department
only. What is the appropriate response?
A. Refer to the internal audit activity charter and the approved engagement
plan that includes the area designated for evaluation in the current time
period.
B. Because quality assurance is a new function, seek the approval from
management as a mediator to set the scope of the engagement.
C. Indicate that the engagement will evaluate the function only in
accordance with standards set by, and approved by, the quality assurance
function before beginning the engagement.
D. Terminate the engagement because it will not be productive without the
clients cooperation.
9. The chief audit executive has assigned an internal auditor to perform a year-end

engagement to evaluate payroll records. The internal auditor has contacted the
director of compensations and has been refused access to the necessary documents.
To avoid this problem,
A. Access to records relevant to performance of engagements should be

specified in the IA activitys charter.

B. Internal auditing should be required to report to the CEO of the
organisation.
C. By following the long-range planning process, access to all relevant
records should be guaranteed..
D. Audit committee approval should be required for all scope limitations.
10. A charter id s being drafted for a newly formed internal audit activity. Which of the

following best describes the appropriate organisational status that should be

incorporated into the charter?
A. The CAE should report to the CEO but have access to the board of
directors.
B. The CAE should be a staff officer reporting to the CFO.
C. The CAE should be e member of the audit committee of the board of
directors.
D. The CAE should report to an administrative vice president.
11. A written charter approved by the board that formally defines the internal audit

activitys purpose, authority, and responsibility enhance its

A. Exercise of due professional care.
B. Proficiency.
C. Relationship with management.
D. Independence.
12. The status of the internal audit activity should be free from the effects of

irresponsible policy changes by management. The effective way to assure freedom

is to
A. Have the internal audit charter approved by the board.
B. Adopt policies for the functioning of the internal audit activities.
C. Establish an audit committee within the board.
D. Develop written policies and procedures to serve as standards of
performance for the internal audit activity.
13. Internal auditors may provide consulting services that add value and improve an

organisations operations. The performance of these services

A. Impairs internal auditors objectivity with respect to an assurance
service involving the same engagement client.
B. Precludes generation of assurance from a consulting engagement.
C. Should be consistent with the internal audit activitys empowerment
reflected in the charter.
D. Imposes no responsibility to communicate information other than to the
engagement client.

14. Independence is most likely impaired by an internal auditors

a). Continuation on an engagement at a division for which he will soon be

responsible as the result of a promotion.
b). Reduction of the scope of an engagement due to budget restrictions.
c). Participating on a task force that recommends standards for control of a
new distribution system.
d). Review of a purchasing agents contract drafts prior to their execution
15. In which of the following situations does an internal auditor potentially lack

integrity?
a). An internal auditor reviews the procedures for a new electronic data
exchange (EDI) connection to a major customer before it is implemented.
b).A former purchasing assistant performs a review of internal controls over
purchasing 4 months after being transferred to the internal auditing
department.
c). An internal auditor recommends standards of control and performance
measures for a contract with a service organisation for the processing of
payroll and employees benefits.
d).A payroll accounting employee assists an internal auditor in verifying
the physical inventory of small motors.
16. Which of the following activities is not presumed to impair the objectivity of an

internal auditor?
i. Recommending standards of control for a new information system
application.
ii. Drafting procedures for running a new computer application to ensure
that proper controls are installed.
iii. Performing reviews of procedures for a new computer application
before it is installed.
A. i only.
B. ii only.
C. iii only
D. i and iii only.
17. Internal auditors must be objective in performing their work. Assume the CAE

received annual bonus as part of that individual package. The bonus may impair
the CAEs objectivity if
A. The bonus is administered by the board of directors or its salary
administered committee.
B. The bonus is based on monetary amounts recovered or recommended
future savings as a result of engagements.
C. The scope of the internal audit work is evaluating control rather than
account balances.
D. All the answers are correct.

18. An internal auditor has recently received an offer from the manager of the

marketing department of a weekends free use of his beachfront condo. No

engagement is currently being conducted in the marketing department, and none is
scheduled. The internal auditor
a). Should reject the offer and report it to the appropriate supervisor.
b). May accept the offer because its value is immaterial.
c). May accept the offer because no engagement is being planned or
conducted.
d. May accept the offer if it is being approved by the appropriate
supervisor.
19. Management has requested the internal audit activity to perform an engagement to

recommend procedures and policies for improving management control over the
telephone operations of a major division. The CAE should
A. Not accept the engagement because recommending controls would
impair future objectivity regarding operations.
B. Not accept the engagement because internal audit activities are
presumed to have expertise regarding accounting controls, not marketing
controls.
C. Accept the engagement, but indicate to management that, because
recommending controls impair independence, future engagements in the
area will be impaired.
D. Accept the engagement because objectivity will not be impaired.
20. When faced with an imposed scope limitation, the CAE should

A. Refuse to perform the engagement until the scope limitation is removed.

B. Communicate the potential effects of the scope limitation to the audit
committee and the board of directors.
C. Increase the frequency of engagements concerning the activity in
question.
D. Assign more experience personnel to the engagement.
21. Prior to performing consulting services, the CAE should get approval from

whom?
A. The audit committee.
B. The board of directors.
C. The CEO.
D. The external auditor.
22. An organisation is in the process of establishing a new internal audit activity. The

controller has no previous experience with internal auditors. Due to lack of

experience, the controller advised the applicants that the CAE will be reporting to
the external auditors. However, the new CAE will have free access to the

controller to report anything important. The controller will then convey the CAEs
concern to the board. The IAA will
A. Be independent because the CAE has direct access to the board.
B. Not be independent because the CAE reports to the external auditors.
C. Not be independent because the controller has no experience with the
internal auditors.
D. Not be independent because the entity did not specify that the applicants
must be certified internal auditors.
23. The reporting relationship within the organisations management structure that

facilitates the day-to-day operations of the IA function is referred to as

A. Administrative.
B. Financial reporting.
C. Management reporting.
D. Functional reporting.
24. An external quality assessment team was evaluating the independence of an IA

activity. The IA activity performs engagement concerning all of the elements

included in the scope. Which of the following reporting responsibilities is most
likely to impair the independence of the IA activity? Reporting to
A. President.
B. Treasurer.
C. Executive VP.
D. Audit Committee.
25. During the performance of an engagement to evaluate a divisions control over

purchasing, the chief purchasing agent asked asked why the internal auditor
requested documents pertaining to transactions with a particular supplier. The
auditors response is to
A. Treat the inquiry as a scope limitation.
B. Explain the reason for the information request to promote cooperation
with the engagement client.
C. Refuse to explain the information request to preserve the integrity of the
engagement process.
D. Consider the specific circumstances before deciding whether to disclose
the reasons for the information request.
26. Independence permits an IA to render impartial and unbiased judgements. The best

way to achieve independence is through

A. Individual knowledge and skills.
B. Organisational status and objectivity.
C. Supervision.

D. Organisational knowledge and skills.

27. The IA function should be free to audit and report on any activity that also reports

to its administrative head if it deems that coverage appropriate for the plan. Any
limitation in scope or reporting of results of these activities should be brought to
the attention of whom?
A. CEO.
B. CFO.
C. External auditor.
D. Audit committee.
28. The administrative line of the CAE should be to whom?

A. The audit committee.

B. Line management.
C. Board of directors.
D. CEO or equivalent.
29. An internal auditor who had been supervisor of accounts payable section should

not perform an assurance review of that section

a). Because there is no way to measure a reasonable period of time in
which to establish independence.
b). Until a reasonable time has elapsed.
c). Until after the next annual review by the external auditors.
d). Until it is clear that the new supervisor has assumed responsibility
30. Assuming that the internal auditing staff possesses the necessary experience and
training, which of the following services is most appropriate for the IA to
undertake?
a). Substitute for the accounts payable supervisor while she is on sick
leave.
b). Determine the profitability of the alternative investment acquisitions
and select the best alternative.
c).As part of the evaluation team, review vendor accounting software,
internal controls and rank according to exposure.
d). Participate in an internal audit of the accounting department shortly
after transferring from the accounting department.
31.

a.
b.
c.
d.

List and briefly explain the three main types of audits

Distinguish between an internal and an external auditor
List some basic attributes or skills that an internal auditor should possess
List and briefly the main components of the Internal audit charter

32.

a. List and briefly explain four principles or rules of conduct of the internal
audit code of ethics
b. List and explain five situations that may give rise to a breach of the internal
auditors code of ethics
c. Recommend ways to alleviate the breaches above
d. Briefly explain an assurance service and list the parties involved
e. Briefly explain a consultancy service and list the parties involved
f. Distinguish between the performance and the attribute standard
33. Internal audit activities may involve which of the following?
A. Assurance services
B. Consulting services
C. Both assurance and consulting services
D. Non on the above
34. The most accurate term for the procedures used by the representatives of the

organizations stakeholders to provide oversight of processes administered by

management is
A.
B.
C.
D.

Governance
Control
Risk management
Monitoring

35. Internal audit is an assurance and consulting activitiy. An example of an assurance

service is a(n)
A. Advisory service
B. Facilitation service
C. Training engagement
D. Compliance service
36. Kevin is the new internal auditor of XYZ. Kevin was in charge of payroll for XYZ

just 10 months ago. Performing what services in regard to payroll is considered an

impairment of independence or objectivity if performed by Kevin ?
A. Consulting
B. Assurance
C. A or B.
D. Neither A or B
37. The chief audit executive is best defined as the

A. Inspector General
B. Person responsible for the IA function
C. Outside provider of IA services

D. Person responsible for overseeing the contract with the outside provider
of IA services
38. Which of the following is the most accurate term for attitudes and actions of the

board and management regarding the significance of control within the entity?
A. Control Processes
B. Control environment
C. Governance
D. Management philosophy and operating styles
39. Which of the following action should the chief audit executive take when he/she

believes that senior management has accepted a level of risk that is unacceptable to
the entity?
A. Report the matter to the board
B. Report the matter to the police
C. Discuss the matter with the independent auditors
D. Discuss the matter with senior management
40. Which of the following is the main purpose of the internal auditing profession?

a. To find errors and fraud.

b. to act as management
c. to prosecute fraudulent matters
d. to serve as an independent, objective, assurance and consulting activity to
add value and improve the organisations operations.
41. Which of the following is not a main type of audit?

a.Fraud audit
b. Operational audit
c. Compliance audit
d. financial audit
42.

17. Which of the following audit has a focus of improving an entitys

operations?
a. financial
b. operational
c. compliance
d. fraud.

43. Which of the following audit seeks to ensure that the entity is in agreement with

government policies?
a. financial
b. operational

c. fraud.
d. compliance
44. An audit that seeks to ensure that an entity is adhering to the local companies act:

a. operational
b. compliance
c. financial
d. external
45. Which of the following auditors mostly practice operational audits?

a. government auditors
b. forensic
c. internal
d. external
46. Which of the following is the most appropriate title for the body that regulates the

profession?
a. Institute of internal auditing
b. Institute of internal auditors
c. Institute for internal audit
d. institute of internal audit
47. Which of the following is not a characteristic of the internal auditor?

a. An employee of the client

b. Professional that performed operational audits
c. Individuals independent of management
d. An employee who cannot be independent.
48. Which of the following is not a reason for the development of the internal audit

profession?
a. Increase complexity
b.Increase in entitys size
c. Technological sophistications
d.All of the above are valid reasons
49. Which of the following concerns the traits of the internal auditors

a. Attribute standards
b. Performance standards
c. Implementation standards.
d. None of the above

50. Where can the internal auditor locate the purposes, authority and responsibility of

the internal audit function?

a. the engagement letter
b. the charter
c. the representation letter
d. the management letter