Mapping New Expert-KEU

JOB ROLE COMPETENCY
AUDIT STRATEGIC SP/IA 01. Industry and Maket Analysis;

PLANNING SP/DPS/IA 03. Internal Capabilities Analysis;
SP/IA 04. Regulatory Assessment;
SP/IA/PRO 07. Strategy Development;
FIN/IA 04. Budgeting (RKAP);
IA 01. Risk Based Audit Planning.
AUDIT DEVELOPMENT IT/IA 38. Application Management ;

IA 02. IA System & Methodology
DIGITAL & ICT DELIVERY IA 03. Digital & ICT Audit;
AUDIT IA 04. Infrastructure Audit
COMMERCE & RELATIONS IA 05. Product & Service Audit;
DELIVERY AUDIT IA 06. Marketing & Sales Audit
ENTERPRISE MANAGEMENT
DELIVERY AUDIT
RM/IA 10. SOX Risk Management;
LC/IA/RMG 06. Compliance Management;
IA 07. Financial Audit;
IA 08. Enterprise Management Audit;
IA/LC 09. Fraud & Investigation Audit.
BUSINESS PROCESS MGT
BE/IA 08. Quality Management Assessment;
IA 09. Internal Audit Quality Assurance
IA = Internal Audit In Progress

SP = Smart Partner Not Allocation
FIN = Finanace Complete
RMG = Risk Management Find Exam
IT = Information Technology
RKAP = Rencana Kerja dan Anggaran Perusahaan
BE = Business Ethic
LC = Learning Center
Business Process Management
(Internal Audit Quality Assurance)
Pages from IIA_CFSA.pdf
Question No : 2 - (Topic 1)
Internal auditing ___________
A. Is an independent, objective assurance and consulting activity
designed to add value
and improve anorganizations operations
B. Is an independent, performance measurement and consulting
activity designed to
add Value and improve an organizations operations
C. Helps an organization accomplish objectives by bringing a
systematic,
disciplined Approach to evaluate but rarely improve the
effectiveness of risk management,
control and governance
D. Helps an organization accomplish objectives by bringing a
targeted, disciplined
approach to evaluate but rarely improve the effectiveness of risk
management, control and
governance
Answer: A
Reasonable assurance relates to the __________
A. Audit planning process
B. Scope of the internal audit
C. End of the audit process
D. Whole audit process
Answer: D
All these are disparities in public and private sector audits EXCEPT
____________
A. Objective and scope
B. Specific requirements of relevant regulation, ordinances or
ministerial directives
C. Specific and broad range mandate in public sector
D. Reasonable assurance
Answer: D
Following statements define risk EXCEPT __________

A. Organization has knowledge of facts constituting a dangerous
condition
B. Organization voluntarily exposes itself to the danger
C. The element of assurance in an undertaking
D. Measured in terms of impact and likelihood
Answer: C
Pages from IIA_CGAP.pdf
Question No : 4
IIA IIA-CGAP : Practice Test
Governmental auditing is distinctive and encompasses different
requirements from auditing commercial or not-for-profit
enterprises. The standards that apply specifically to
government audits are all of the following EXCEPT:
A. International Auditing and Assurance Standards Board (IAASB).
B. International Standards for the Professional Practice of Internal
Auditing (ISPPIA).
C. International Standards on Auditing (ISA).
D. International Organization of Supreme Audit Institutions
(INTOSAI) Standards.
Answer: A
Question No : 6
The purpose of the external quality control review is to determine
whether the organizations internal quality control system is in
place and operating effectively to provide reasonable assurance
that established policies and procedures and applicable auditing
standards are being followed.
A. Quality control, Quantity control
B. Internal quality control system, External quality control
C. External quality control, Internal quality control system
D. Quantity control, Quantity control
Answer: C
Question No : 17
____________ is an independent, objective assurance and
consulting activity designed to add value and improve an
organizations operations. It helps an organization accomplish its
objectives by bringing a systematic, disciplined approach to
evaluate and improve the effectiveness of risk management,
control, and governance processes.
A. Both C and D
B. Compliance audit
C. External auditing
D. Internal auditing
Answer: D
Question No : 18
The purpose of __________ is to promote an ethical culture in
the profession of internal auditing. A ___________ is necessary
and appropriate for the profession of internal auditing, founded
as it is on the trust placed in its objective assurance about risk
management, control, and governance:
A. Code of ethics, The IIAs Code of Ethics
B. The IIAs Code of Ethics, Code of ethics
C. Code of ethics, PPF Code of Ethics
D. PPF Code of Ethics, Code of ethics
Answer: B
Question No : 27
_________ is an independent, objective assurance and consulting
activity designed to add value and improve an organizations
operations. It helps an organization accomplish its objectives by
bringing a systematic, disciplined approach to evaluate and
improve the effectiveness of ________, _________, and
governance processes.
A. Internal auditing, risk management, control
B. Internal auditing, risk management, planning
C. Internal auditing, content management, control
D. External auditing, risk management, control
Answer: A
Question No : 28
Which services involve the internal auditors objective
assessment of evidence to provide an independent opinion or
conclusions regarding a process, system, or other subject matter?
A. Accounting services
B. Auditing services
C. Assurance services
D. Insurance services
Answer: C
Question No : 32
There is ________ of Attribute and Performance Standards;
however, there are _______of Implementation Standards: a set
for each of the major types of internal audit activity. The
__________ have been established for assurance (A) and
consulting (C) activities:
A. One set, multiple sets, Attribution Standards
B. One set, multiple sets, Implementation Standards
C. One set, multiple sets, Performance Standards
D. One set, multiple sets, Multiple Standards
Answer: B
Question No : 33
Assurance services involve the internal auditors objective
assessment of evidence to provide an independent opinion or
conclusions regarding a process, system, or other subject matter.
All of the following are the parties generally involved in assurance
services EXCEPT:
A. The team leader
B. The person or group making the assessment the internal
auditor
C. The person or group directly involved with the process, system,
or other subject matter the process owner.
D. The person or group using the assessment the user.
Answer: A
Question No : 44
With regard to __________, the auditor should prepare a written
report, which may either be a part of the report on the
____________ or a separate report on the tests of compliance
with applicable laws and regulations. The report should contain a
statement of positive assurance on those items tested for
compliance and negative assurance on those items not tested:
A. Income statements, financial audits
B. Financial statements, regularity audits
C. Regularity audits, financial statements
D. operational audits, financial statements
Answer: C
Question No : 48
All of the following are the objectives of an audit EXCEPT:
A. Compliance with legislative or regulatory requirements and
related authorities.
B. the auditors opinion enhances the credibility of the financial
statements, the user Cannot assume that the opinion is an
assurance as to the future viability of the entity nor the efficiency
or effectiveness with which management has conducted the
affairs of the entity.
C. The phrases used to express the auditors opinion are give a
true and fair view or present fairly, in all material respects,
which are equivalent terms.
D. The objective of an audit of financial statements is to enable
the auditor to express an opinion whether the financial
statements are prepared, in all material respects, in accordance
with and identified financial reporting framework.
Answer: A
Question No : 52
Following is the information that audit charters generally address
please choose the correct answer:
A. Definition of the audit units responsibilities, goals, and
objectives
B. The auditors opinion enhances the credibility of the financial
statements, the user cannot assume that the opinion is an
assurance as to the future viability of the entity nor the efficiency
or effectiveness with which management has conducted the
affairs of the entity.
C. The phrases used to express the auditors opinion are give a
true and fair view or present fairly, in all material respects,
which are equivalent terms.
D. The objective of an audit of financial statements is to enable
the auditor to express an opinion whether the financial
statements are prepared, in all material respects, in accordance
with an identified financial reporting framework.
Answer: A
Question No : 56
What type of reviews are designed to determine whether the
audit units internal quality control system is in place and
operating effectively to provide reasonable assurance that
established policies and procedures and applicable auditing
standards are being followed or not?
A. Formal reviews
B. Quality assurance reviews
C. Over-the-shoulder reviews
D. E-mail pass-around reviews
Answer: B
Question No : 60
If the audit organization has done what is given below then in
general, reviewers can conclude there is reasonable assurance
that an internal quality control system is effective. please mark
the correct option:
A. Not implemented adequate audit policies and procedures.
B. Followed applicable auditing standards.
C. Implemented adequate audit policies and procedures.
D. Not followed applicable auditing standards.
Answer: B,C
Question No : 61
The characteristics of ____________ will vary based on the _____
of the audit unit and the nature of its work. Where as The
frequency of required quality assurance reviews varies
based on the _____ of standards followed.
A. Internal quality control systems, length, type
B. External quality control systems, size, type
C. External quality control systems, quality, type
D. Internal quality control systems, size, type
Answer: D
Question No : 76
The__________ is where the audit determines whether process
controls exist and are sufficient to provide reasonable assurance
that the desired performance will be achieved.
Where as The ____________ is where the audit includes
methodology for measuring performance either because the
audited entity is not measuring its own performance or
because its performance measurement efforts are or may be
incomplete or unreliable.
A. Measurement-based approach, process-based approach
B. Process-based approach, measurement-based approach
C. Planning-based approach, measurement-based approach
D. Measurement-based approach, control-based approach
Answer: B
Pages from IIA_CIA-Part1.pdf
After several years in the engineering department,an engineer
was transferred to the internal audit department. One month
later,the new auditor was assigned to an assurance engagement
for the engineering department. When the auditor's former
engineering supervisor suggested a change in the sample
selection method,the auditor consulted with
the audit supervisor. They determined that the suggested method
would not be as representative and that the original selection
method should be used. In this situation,the
auditor:
A. Maintained an independent mental attitude and is therefore
objective.
B. Has subordinated professional judgment,and objectivity is
therefore impaired.
C. Does not have objectivity since the auditor recently transferred
from the engineering department.
D. Does not have independent organizational status since the
auditor recently transferred from the engineering department.
Answer: C
In an assurance engagement of treasury operations,an internal
auditor is required to consider all of the following issues except:
A. The audit committee has requested assurance on the treasury
department's compliance with a new policy on the use of
financial instruments.
B. Treasury management has not instituted any risk management
policies.
C. Due to the recent sale of a division,the amount of cash and
marketable securities managed by the treasury department has
increased by 350 percent.
D. The external auditors have indicated some difficulties in
obtaining account confirmations.
Answer: D
To promote a positive image within an organization,a chief audit
executive (CAE) adjusted the audit plan to focus on assurance
engagements that highlighted potential costs to be
saved. Negative observations were to be omitted from
engagement final communications.
Which action taken by the CAE would be considered a violation of
the Standards?
I.The focus of the audit function was changed without modifying
the audit charter or notifying the audit committee.
II.Negative observations were omitted from the engagement final
communications.
III.Cost savings and recommendations were highlighted in the
engagement final communications.
A. II only
B. I and II only
C. I and III only
D. I,II,and III.
Answer: B
When internal auditors perform consulting services that add
value and improve an organization's operations,these services:
A. Impair the internal auditors' objectivity with respect to an
assurance service involving the same engagement client.
B. Would preclude the achievement of assurance from the
consulting engagement.
C. Should be consistent with the internal audit activity's
empowerment reflected in the charter.
D. Impose no responsibility to communicate information other
than to the engagement client.
Answer: C
Which of the following is a role of the board of directors in the
governance process?
A. Conduct periodic assessments of the organization's governance
systems.
B. Obtain assurance concerning the effectiveness of the
organization's governance systems.
C. Implement an effective system of internal controls to support
the organization's governance systems.
D. Review and approve operational goals and objectives.
Answer: B
Which of the following audit activities is within the scope of
assurance activities as stated in the International Professional
Practices Framework?
A. Review a make-or-buy decision and report a recommendation
to management for approval.
B. Participate in negotiations for a corporate acquisition.
C. Assess financing alternatives for a new generator.
D. Perform an evaluation of management's planning process.
Answer: D
In order to exercise due professional care as defined in the
International Professional Practices Framework,an internal
auditor should:
I.Consider the probability of significant noncompliance in each
audit engagement.
II.Perform assurance procedures with sufficient care to ensure
that all risks are identified.
III.Weigh the cost of assurance against the benefits.
A. I and II only
B. I and III only
C. II and III only
D. I,II,and III.
Answer: B
Which of the following best contributes to the effectiveness of
the internal audit activity in an organization?
A. Appropriate terms of internal audit scope and responsibility in
the charter.
B. Appropriate compliance coverage in the annual audit plan.
C. Regular review of the audit charter by management.
D. Assurance of internal audit objectivity by the board.
Answer: A

According to the International Professional Practices Framework,a
primary purpose of evaluating the adequacy of an organization's
risk management,control,and governance
processes is to determine if it:
A. Was designed to ensure compliance with policies, plans,
procedures, laws, and regulations.
B. Provides reasonable assurance that the organization's
objectives will be met.
C. Mitigates inherent risk.
D. Assures the reliability and integrity of information used by
management.
Answer: B

When planning the work program for an assurance
engagement,an internal auditor should first review the
department's business objectives and then:
A. Identify risks.
B. Review controls.
C. Determine scope.
D. Evaluate vulnerabilities.
Answer: A
The main reason to establish internal controls in an organization
is to:
A. Encourage compliance with policies and procedures.
B. Safeguard the resources of the organization.
C. Ensure the accuracy,reliability,and timeliness of information.
D. Provide reasonable assurance on the achievement of
objectives.
Answer: D

It is important for a chief audit executive to seek formal approval
from the board regarding an internal audit charter so that:
A. The effectiveness of the internal audit activity can be
measured.
B. The status of the internal audit activity can be more clearly
established.
C. There is assurance that all internal audit activities will be
completed.
D. Improvements can be implemented in internal audit processes.
Answer: B

Management should be included in the development of the audit
plan in order to:
A. Provide assurance that past audit recommendations have been
properly implemented.
B. Select the audit tests that will be used for each engagement.
C. Verify that the highest risks are included in the risk-based audit
plan.
D. Guarantee access to the organization's sites and records for
audit work.
Answer: C
According to the Standards,which of the following must an
internal auditor take into consideration when performing an
assurance engagement of treasury operations?
I.The audit committee has requested assurance of the treasury
department's compliance with a new policy on the use of
financial instruments.
II.Treasury management has not instituted any risk management
policies.
III.Due to the recent sale of a division,the amount of cash and
marketable securities managed by the treasury department has
increased by 350 percent.
IV.The external auditors have indicated some difficulties in
obtaining account confirmations.
A. I and II only
B. I and IV only
C. I,II,and III only
D. II,III,and IV only
Answer: C

Question No : 22
Which of the following would not impair the objectivity of
internal auditor?
A. Management assurance on risks.
B. Implementing risk responses on behalf of management.
C. Providing assurance that risks assessed are correctly evaluated.
D. Setting the risk appetite.
Answer: C
Question No : 33
IIA IIA-CIA-Part3 : Practice Test
Which of the following does not provide operational assurance
that a computer system is operating properly?
A. Performing a system audit.
B. Making system changes.
C. Testing policy compliance.
D. Conducting system monitoring.
Answer: B
Question No : 7
An advantage of a direct investment strategy when entering a
foreign market is
A. Reduction in the capital at risk.
B. Shared control and responsibility.
C. Assurance of access when the foreign country imposes
domestic content rules.
D. Avoidance of interaction with the local bureaucracy.
Answer: C
IIA-CFSA.v2015.pdf
QUESTION 2
Reasonable assurance relates to the:
A. Audit planning process
B. Scope of the internal audit
C. End of the audit process
D. Whole audit process
Correct Answer: D
QUESTION 457
All these are disparities in public and private sector audits
EXCEPT:
A. Objective and scope
B. Specific requirements of relevant regulation, ordinances or
ministerial directives
C. Specific and broad range mandate in public sector
D. Reasonable assurance
Correct Answer: D
QUESTION 462
Internal auditing:
A. Is an independent, objective assurance and consulting activity
designed to add value and improve an organization's operations
B. Is an independent, performance measurement and consulting
activity designed to add Value and improve an organization's
operations
C. Helps an organization accomplish objectives by bringing a
systematic, disciplined Approach to evaluate but rarely improve
the effectiveness of risk management, control and governance
D. Helps an organization accomplish objectives by bringing a
targeted, disciplined approach to evaluate but rarely improve the
effectiveness of risk management, control and governance
Correct Answer: A
QUESTION 477
Faulty human judgments, misunderstanding of instructions,
errors, management override, and collusion and cost/benefit
considerations are the limitations of:
A. Reasonable Assurance
B. Internal Control System
C. Risk Management
D. Compliance Control
Correct Answer: B
IIA-CIA-Part3.v2015.pdf
QUESTION 30
Which of the following is a major element of the ISO 9000 quality
management system standards?
A. The principle that improved employee satisfaction will lead to
increased productivity.
B. The attitude and actions of the board and management
regarding the significance of control within the organization.
C. The assessment of the risk that objectives are not achieved.
D. A requirement for organizations to monitor information on
customer satisfaction as a measure of performance.
Correct Answer: D
QUESTION 52
An account executive has just designed a Monte Carlo model to
estimate the costs of a particular type of project. Validating the
model could include all except:
A. Checking for errors in the computer programming.
B. Checking that assumed probability distributions are
reasonable.
C. Comparing test results with previously validated models.
D. Applying the model.
Correct Answer: D
QUESTION 72
A bank has two drive-in lanes to serve customers:
<<IMAGE>>
The process of making sure that the model measures what it is
supposed to measure is called:
A. Statistical inference.
B. Hypothesis testing.
C. Confidence coefficient analysis.
D. Validation.
Correct Answer: D
QUESTION 191
Which of the following is a major element of the ISO 9000:2008
quality management system standards?
Correct Answer: D
QUESTION 237
D. Validation.
Correct Answer: D
QUESTION 240
model could include all except:
reasonable.
Correct Answer: D
QUESTION 476
Control objectives regarding effectiveness and efficiency,
reliability, and compliance are the basis of which control
framework?
A. GTAG
B. eSAC
C. COBIT
D. COSO
Correct Answer: D
QUESTION 478
Which of the following control frameworks groups IT business
assurance objectives into the five categories of availability,
capability, functionality, protectibility, and accountability?
A. COBIT
B. COSO
C. eSAC
D. GTAG
Correct Answer: C
QUESTION 483
COBIT is targeted at all of the following except:
A. Management.
B. Users.
C. Shareholders.
D. Auditors.
Correct Answer: C
QUESTION 494
The purpose of input controls is to ensure the:
A. Authorization of access to data files.
B. Authorization of access to program files.
C. Completeness, accuracy, and validity of updating.
D. Completeness, accuracy, and validity of input.
Correct Answer: D
QUESTION 543
Which of the following is not a major component of an audit of e-
commerce activities?
A. Make certain that goals and objectives can be achieved.
B. Assess the internal control structure.
C. Review the interface issues.
D. Evaluate the business continuity and disaster recovery plans.
Correct Answer: A
QUESTION 638
User acceptance testing is more important in an object-oriented
development process than in a traditional environment because
of the implications of the:
A. Absence of traditional design documents.
B. Lack of a tracking system for changes.
C. Potential for continuous monitoring.
D. Inheritance of properties in hierarchies.
Correct Answer: D
QUESTION 666
Traditional information systems development procedures that
ensure proper consideration of controls may not be followed by
users developing end-user computing EUC) applications.
Which of the following is a prevalent risk in the development of
EUC applications?
A. Management decision making may be impaired due to
diminished responsiveness to management's requests for
computerized information.
B. Management may be less capable of reacting quickly to
competitive pressures due to increased application development
time.
C. Management may place the same degree of reliance on
reports produced by EUC applications as it does on reports
produced under traditional systems development procedures.
D. Management may incur increased application development
and maintenance costs for EUC systems, compared with
traditional mainframe) systems.
Correct Answer: C
QUESTION 669
Which of the following risks is more likely to be encountered in an
end-user computing EUC) environment as compared with a
centralized environment?
A. Inability to afford adequate uninterruptible power supply
systems.
B. User input screens without a graphical user interface GUI).
C. Applications that are difficult to integrate with other
information systems.
D. Lack of adequate utility programs.
Correct Answer: C
QUESTION 689
Application control objectives do not normally include assurance
that:
A. Authorized transactions are completely processed once and
only once.
B. Transaction data are complete and accurate.
C. Review and approval procedures for new systems are set by
policy and adhered to.
D. Processing results are received by the intended user.
Correct Answer: C
QUESTION 699
Which of the following is the most effective user account
management control in preventing the unauthorized use of a
computer system?
A. Management enforces an aggressive password policy that
requires passwords to be 10 characters long, to be nonreusable,
and to be changed weekly.
B. An account manager is responsible for authorizing and issuing
new accounts.
C. The passwords and usernames of failed log-in attempts are
logged and documented in order to cite attempted infiltration of
the system.
D. Employees are required to renew their accounts semiannually.
Correct Answer: D
Q1010
A company produced and sold 100.000 units of a component
with a variable cost of US $20 per unit Of the units produced.
1,200 failed the company's tolerance specifications and were
reworked at a cost of US $12 per unit. Reworked units were sold
as factory seconds at US $45 each and first-quality units were sold
at US $50 each. If the company had implemented a quality
assurance program to ensure that all units produced conformed
to specifications, the increase in the company's contribution
margin from this component would have been:
A. US $14,400
B. US $20,400
C. US $21,600
D. US $39,600
Answer: B
Q1392
Answer: D
Q1433
D. Validation.
Answer: D
QUESTION 354
Correct Answer: D
QUESTION 395
D. Validation.
Correct Answer: D
QUESTION 541
A company produced and sold 100.000 units of a component
with a variable cost of US $20 per unit Of the units produced.
1,200 failed the company's tolerance specifications and were
reworked at a cost of US $12 per unit. Reworked units were sold
as factory seconds at US $45 each and first-quality units were sold
at US $50 each. If the company had implemented a quality
assurance program to ensure that all units produced conformed
to specifications, the increase in the company's contribution
margin from this component would have been:
A. US $14,400
B. US $20,400
C. US $21,600
D. US $39,600
Correct Answer: B
CIA Part3.pdf
[110] Gleim #: 1.110 -- Source: CIA 1192 III-97

(Refers to Fact Pattern #10)
supposed to measure is called
D. Validation.
Answer : D

model could include all except
reasonable.
Answer : D
[154] Gleim #: 1.154 -- Source: IIA, adapted
Which of the following is a major element of the ISO 9000:2000
quality management system standards?
Answer : D

A company produced and sold 100,000 units of a component
with a variable cost of $20 per unit. Of the units produced, 1,200
failed the companys tolerance specifications and were reworked
at a cost of $12 per unit. Reworked units were sold as factory
seconds at $45 each, and first-quality units were sold at $50 each.
If the company had implemented a quality assurance program to
ensure that all units produced conformed to specifications, the
increase in the companys contribution margin from this
component would have been
A. $14,400
B. $20,400
C. $21,600
D. $39,600
Answer : B
[941] Gleim #: 7.9 -- Source: Publisher

A major result of the Foreign Corrupt Practices Act is that
corporations are now required to
A. Keep accurate accounting records and maintain adequate
internal controls.
B. Permit authorized agencies access to company records.
C. Prepare financial statements in accordance with U.S. and
international accounting standards.
D. Produce information to the SEC on foreign commerce and
foreign political party information
Answer : A
User acceptance testing is more important in an object-oriented
development process than in a traditional environment because
of the implications of the
A. Absence of traditional design documents.
B. Lack of a tracking system for changes.
C. Potential for continuous monitoring.
D. Inheritance of properties in hierarchies
Answer : D
[1099] Gleim #: 8.31 -- Source: CIA 1193 I-26

Which of the following is the most appropriate activity for an
internal auditor to perform during a review of systems
development activity?
A. Serve on the MIS steering committee that determines what
new systems are to be developed.
B. Review the methodology used to monitor and control the
system development function.
C. Recommend specific automated procedures to be incorporated
into new systems that will provide reasonable assurance that all
data submitted to an application are converted to machine-
readable form.
D. Recommend specific operational procedures that will ensure
that all data submitted for processing are converted to
machine-readable form
Answer : B
[1100] Gleim #: 8.32 -- Source: CIA 1189 II-29
The purpose of input controls is to ensure the
A. Authorization of access to data files.
B. Authorization of access to program files.
C. Completeness, accuracy, and validity of updating.
D. Completeness, accuracy, and validity of input.
Answer : D

Traditional information systems development procedures that
ensure proper consideration of controls may not be followed by
users developing end-user computing (EUC) applications. Which
of the following is a prevalent risk in the development of
EUC applications?
A. Management decision making may be impaired due to
diminished responsiveness to managements requests for
computerized information.
B. Management may be less capable of reacting quickly to
competitive pressures due to increased application development
time.
C. Management may place the same degree of reliance on
reports produced by EUC applications as it does on reports
produced under traditional systems development procedures.
D. Management may incur increased application development
and maintenance costs for EUC systems, compared with
traditional (mainframe) systems.
Answer : C
To be more responsive to its customers, a bank wants a system
that will permit account representatives to consolidate
information about all the accounts belonging to individual
customers. Bank management is willing to experiment with
different approaches because the requirements are evolving
rapidly. The best development approach for this system is
A. Prototyping.
B. System development life cycle model.
C. Structured analysis and design technique.
D. Hierarchy-input-process-output.
Answer : A
[1156] Gleim #: 8.88 -- Source: CISA

Application control objectives do not normally include assurance
that
A. Authorized transactions are completely processed once and
only once.
B. Transaction data are complete and accurate.
C. Review and approval procedures for new systems are set by
policy and adhered to.
D. Processing results are received by the intended user.
Answer : C
[1157] Gleim #: 8.89 -- Source: CMA 693 4-6
Data processed by a computer system are usually transferred to
some form of output medium for storage. However, the
presence of computerized output does not, in and of itself, assure
the outputs accuracy, completeness, or authenticity. For this
assurance, various controls are needed. The major types of
controls for this area include
A. Transaction controls, general controls, and printout controls.
B. Activity listings, echo checks, and pre-numbered forms.
C. Tape and disk output controls and printed output controls.
D. Input controls, tape and disk output controls, and printed
output controls.
Answer : D

Reconciling input with processing control totals to ensure that all
transactions have been processed is an example of
A. An input control.
B. A processing control.
C. An output control.
D. An access control.
Answer : C

Which of the following risks is more likely to be encountered in an
end-user computing (EUC) environment as compared with
a mainframe computer system?
A. Inability to afford adequate uninterruptible power supply
systems.
B. User input screens without a graphical user interface (GUI).
C. Applications that are difficult to integrate with other
information systems.
D. Lack of adequate utility programs
Answer : C
Which of the following is the most effective user account
management control in preventing the unauthorized use of a
computer system?
A. Management enforces an aggressive password policy that
requires passwords to be 10 characters long, to be nonreusable,
and to be changed weekly.
B. An account manager is responsible for authorizing and issuing
new accounts.
C. The passwords and usernames of failed log-in attempts are
logged and documented in order to cite attempted infiltration of
the system.
D. Employees are required to renew their accounts semiannually
Answer : D

Which of the following is the best program for the protection of a
companys vital information resources from computer
viruses?
A. Stringent corporate hiring policies for staff working with
computerized functions.
B. Existence of a software program for virus prevention.
C. Prudent management policies and procedures instituted in
conjunction with technological safeguards.
D. Physical protection devices in use for hardware, software, and
library facilities.
Answer : C
CGAP.pdf
QUESTION: 4
Governmental auditing is distinctive and encompasses different
requirements from auditing commercial or not-for-profit
enterprises. The standards that apply specifically to government
audits are all of the following EXCEPT:
A. International Auditing and Assurance Standards Board (IAASB).
B. International Standards for the Professional Practice of Internal
Auditing (ISPPIA).
C. International Standards on Auditing (ISA).
D. International Organization of Supreme Audit Institutions
Answer: A
QUESTION: 6
The purpose of the external quality control review is to determine
whether the organizations internal quality control system is in
place and operating effectively to provide reasonable assurance
that established policies and procedures and applicable auditing
standards are being followed.
A. Quality control, Quantity control
B. Internal quality control system, External quality control
C. External quality control, Internal quality control system
D. Quantity control, Quantity control
Answer: C
BE/IA 08. Quality Management Assessment;

(Internal Audit Quality Management Assessment)
CIA Part3.pdf

The International Organization for Standardization has developed
standards for ring networks that include fault management,
configuration management, accounting management, security
management, and performance monitoring. Which of the
following controls is included in the performance-monitoring
standards?
A. Reporting the failure of network fiber-optic lines.
B. Recording unauthorized access violations.
C. Compiling statistics on the number of times that application
software is used.
D. Allocating network costs to system users of the network.
Answer : C

ISO 9000 standards for ring networks include fault management,
configuration management, accounting management, security
management, and performance monitoring. Which of the
following controls is included in the performance-monitoring
standards?
A. Reporting the failure of network fiber-optic lines.
B. Recording unauthorized access violations.
C. Compiling statistics on the number of times that application
software is used.
D. Allocating network costs to system users of the network
Answer : C
Which of the following methods of employee evaluation is best
used in a situation where employees are heavily involved in
teamwork?
A. 360-degree performance appraisal.
B. Attribution method.
C. Critical incident technique.
D. Behaviorally anchored rating scales (BARS)
Answer : A
[383] Gleim #: 3.93 -- Source: CIA 1192 IV-30

The management of ABC Corporation is analyzing the financial
statements of XYZ Corporation because ABC is strongly
considering purchasing a block of XYZ ordinary shares that would
give ABC significant influence over XYZ. Which financial statement
should ABC primarily use to assess the amounts, timing, and
certainty of future cash flows of XYZ Company?
A. Income statement.
B. Statement of changes in equity.
C. Statement of cash flows.
D. Balance sheet.
Answer : C

Changes in accounting estimates are viewed as
A. Extraordinary items.
B. Errors in reported amounts in prior periods.
C. Catch-up adjustments related to amounts reported in prior
periods.
D. Reassessments of current status and future benefits and
obligations
Answer : D
The following financial statement notes are extracts from the
audited financial statements of public entities. Which note
describes a change in accounting estimate?
A. The entity changed its amortization of capital assets based on a
reassessment of the useful lives of the assets. Accordingly, the
entity changed its rate of amortization from 5% and 6% to 8% and
10%, for machinery and equipment.
B. Prior to 20X5, plant and equipment (other than customer
service replacement parts) were depreciated using the
diminishing-balance method. Plant and equipment are now
depreciated on a straight-line basis.
C. During the year, the entity changed a method of accounting
pursuant to a change in an International Financial Reporting
Standard.
D. Effective January 1, 20X5, the entity changed to the LIFO
method of inventory valuation. Prior to 20X5, the FIFO method
was used
Answer : A
[578] Gleim #: 4.110 -- Source: CPA 590 T-33

In a business combination, the sum of the amounts assigned by
the acquiring entity to assets acquired and liabilities incurred and
assumed exceeds the cost of the acquired entity. The excess
should be reported as a ________
A. Deferred credit.
B. Reduction of the amounts assigned to current assets and a
deferred credit for any unallocated portion.
C. Gain immediately in profit or loss.
D. Pro rata reduction of the amounts assigned to all acquired
assets and a gain for any unallocated portion.
Answer : C
[1098] Gleim #: 8.30 -- Source: CISA
An MIS manager has only enough resources to install either a
new payroll system or a new data security system, but not both.
Which of the following actions is most appropriate?
A. Giving priority to the security system.
B. Leaving the decision to the MIS manager.
C. Increasing MIS staff output in order for both systems to be
installed.
D. Having the information systems steering committee set the
priority.
Answer : D

After using the mainframe report writer for several months, the
marketing analysts gained confidence in using it, but the
marketing department manager became concerned. Whenever
analysts revised reports they had written earlier, the coding errors
kept reappearing in their command sequences. The manager was
sure that all the analysts knew what the errors were and how to
avoid them. The most likely cause of the reappearance of the
same coding errors is inadequate
A. Backups.
B. Change control.
C. Access control.
D. Testing.
Answer : B
[1121] Gleim #: 8.53 -- Source: CPA 593 A-40

An auditor is least likely to use computer software to ________
A. Construct parallel simulations.
B. Access client data files.
C. Prepare spreadsheets.
D. Assess computer control risk.
Answer : D
Which of the following is an important senior management
responsibility with regard to information systems security?
A. Assessing exposures.
B. Assigning access privileges.
C. Identifying ownership of data.
D. Training employees in security matters.
Answer : A

According to eSAC, all of the following are responses to
technology challenges except __________
A. Risk assessment.
B. Internal control.
C. Change minimization.
D. E-assurance services.
Answer : C
IIA-CFSA.v2015.pdf
QUESTION 7
The major benefit of risk assessment is:
A. To staff the plans and financial budgets
B. To consider factor that may affect risk and giving the highest
priority to audit areas that have the highest potential for adverse
consequences
C. To identify the possible adverse effects based solely on the
type of activity, the type of resources, amount of assets or
complexity of transactions
D. Failure to achieve the organization's goal and objectives
Correct Answer: B
QUESTION 8
Site Selection Rationale Client officials client/requesters for
audit results Scope limitations encountered or anticipated Expert
advice The above elements should be documented in the:
A. Audit planning
B. Risk assessment
C. Audit scope
D. None of these
Correct Answer: C
QUESTION 14
An organization might decide that the risk of fire is high so it will
pay a high premium on its fire insurance policy to transfer the risk
as much as possible. However, the organization will still have to
pay deductible amount on the policy if a fire occurs. This scenario
depicts:
A. Assessment of the likelihood that a given risk will occur
B. Control the risk
C. Accept the risk
D. Transfer the risk
Correct Answer: C
QUESTION 92
Continuous auditing is a method used to automatically perform
control and risk assessment more frequently. Technology is the
key to enable such an approach. Continuous auditing changes the
audit paradigm from periodic reviews of a sample to ongoing
audit testing of ______ percent of transactions.
A. Ninety
B. Ninety nine
C. Seventy
D. Hundred
Correct Answer: D
QUESTION 198
Risk assessment may be:
A. Quantitative only
B. Qualitative only
C. Both A&B
D. Qualitative in general and quantitative in specific
Correct Answer: C
QUESTION 439
Not all misstatements will be material enough to affect the fair
presentation of the financial statement. A material misstatement
is one that the auditors determine would change or influence the
option of a reasonable person relying on the financial statements
for information. Ultimately, auditors must exercise judgment to
assess materiality based on the qualitative nature of the
misstatements and their quantitative extent. Materiality is also
based on auditors' assessment of control risk levels in the
organization. The following factors may influence the auditors'
assessment of control risk EXCEPT:
A. Management's awareness or lack of awareness of applicable
laws and regulations
B. Client policy regarding such matters as acceptable operating
practices and codes of conduct
C. Assignment of responsibility and delegation of authority to
deal with such matters asorganizational goals and objectives,
operating functions, and regulatory requirements
D. None of these
Correct Answer: D
QUESTION 460
Strategic planning is the process of taking a long-term view of the
organization, the longer the view, the greater the uncertainty of
risks and opportunities. Such reservations can better be handled
by:
A. Timely decisions
B. Flexible/ Adaptive plans and processes
C. Periodic risk assessments
D. Focusing on current period organizational activity
Correct Answer: B
QUESTION 465
Internal auditors make a balanced assessment of all the relevant
circumstances and are not unduly influenced by their own
interests or by others in forming judgments. This statement best
explains one of the following principles:
A. Competency
B. Confidentiality
C. Objectivity
D. Integrity
Correct Answer: C
QUESTION 478
Five internal control components are:
A. Control environment, Risk assessment, Control activities,
Information and communication & Monitoring
B. Control environment, Risk assessment, and Operational
control, Information and communication & Monitoring
C. Control environment, Risk Prioritization, Control activities,
D. Control environment, Risk Prioritization, Control activities,
Correct Answer: A
QUESTION 9
Which of the following best describes how the increased use of
computerization may impact an auditor's assessment of the risk
of fraud?
A. Access to assets may be available to information systems
personnel as well as to computer users.
B. Computer controls are generally less effective than human
review.
C. Overrides of key controls may require less collaboration.
D. Audit trails are less effective.
Correct Answer: A
QUESTION 36
A manufacturer uses a materials requirements planning (MRP)
system to track inventory, orders, and raw materials
requirements. What condition should an auditor search for in the
MRP database if a preliminary assessment indicated that
inventory is understated?
I. Item cost set at zero.
II.Negative quantities on hand.
III.Order quantity exceeding requirements.
IV.Inventory lead times exceeding delivery schedule.
A. I and II only
B. I and IV only
C. II and IV only
D. III and IV only
Correct Answer: A
QUESTION 38
The chief audit executive's responsibility regarding control
processes includes:
A. Assisting senior management and the audit committee in the
development of an annual assessment about internal control.
B. Overseeing the establishment of internal control processes.
C. Maintaining the organization's governance processes.
D. Ensuring that the internal audit activity assesses all control
processes annually.
Correct Answer: A
QUESTION 48
Which of the following would provide the most reliable
information on the risk associated with an auditable activity?
A. Event scenarios with regression analysis.
B. Past audit findings and instances of management failures.
C. Consequences and economic predictability of loss.
D. Management assessment and corroboration by the internal
audit activity.
Correct Answer: D
QUESTION 53
The internal audit activity's role in the risk assessment and
management processes of an organization is determined by the:
A. Board of directors.
B. Chief audit executive.
C. Risk management department.
D. External auditors.
Correct Answer: A
QUESTION 60
Due to urgent requests from management, a busy internal audit
activity finds that it can no longer meet all of its commitments
contained in the annual audit plan. The best course of action for
the chief audit executive to take would be to:
A. Continue with the plan and seek opportunities to adjust
priorities and reallocate resources.
B. Advise senior management and request that they reconsider
these additional requests using more rigorous risk assessment
and prioritization factors.
C. Advise the board and senior management and request a
reassessment of the plan.
D. Advise the board immediately and seek their support for
additional resources to meet the needs of the plan.
Correct Answer: C
QUESTION 70
Risk assessments can vary in format, but generally include.
I. A description of identified risks.
II.Tests of audit controls.
III.A system of rating risks.
IV.Sample size identification.
A. I and II only
B. I and III only
C. I, III, and IV only
D. II, III, and IV only
Correct Answer: B
QUESTION 71
Risk assessments are valuable to the internal audit activity's
planning process because they assist in:
A. Eliminating all areas with low risk from the audit plan.
B. Educating management on the importance of keeping the
internal audit activity informed of organizational changes.
C. Identifying the audit universe or auditable activities that
need to be reviewed.
D. Identifying risks that management and the internal auditors
have overlooked.
Correct Answer: C
QUESTION 72
A quantitative risk assessment model has all of the following
advantages except:
A. Accommodating a large number of risk factors in the
assessment.
B. Providing documentation for the chief audit executive, who
must defend the long-range audit plan.
C. Providing a systematic method of applying weightings to risks
and priorities.
D. Removing the need for judgment on the part of the chief audit
executive.
Correct Answer: D
QUESTION 75
Internal auditors who are concerned with potential risks due to
the mishandling of records or transactions should take into
consideration:
A. The type and nature of the activities to be examined.
B. Whether employees in key positions of trust are bonded.
C. The history of losses suffered by the company.
D. The results of prior risk assessments.
Correct Answer: A
QUESTION 76
Which of the following is true with respect to the risk assessment
process?
A. The ethical climate should not be included since this factor
cannot be measured quantitatively.
B. More than one risk factor may have to be used to ensure that
the risk assessment is comprehensive.
C. Each risk factor should be given equal weighting in order to
reduce the opportunity for bias.
D. The risk assessment process should be conducted at least
every three years.
Correct Answer: B
QUESTION 78
Which of the following would have the least impact (either
positive or negative) on an assessment of a department's control
environment?
A. The department managed long-term investments, including
investment in derivatives and other financial instruments, to
maximize return.
B. The department manager sets a tone of honesty and integrity
in all business dealings and this tone is emulated by department
personnel.
C. Many department functions were duplicated or verified by
other department employees as part of the department's normal
procedures.
D. Audit tests designed to verify compliance with control
procedures detected a general failure to follow standard
procedures for transaction authorization.
Correct Answer: A
QUESTION 80
When using a risk assessment model to develop audit plans, it is
essential that the chief audit executive take into account the:
A. Results of the last audit.
B. Planned visits by the external auditors during the upcoming
year.
C. Recent or expected changes in management direction and
objectives.
D. Dates of future board meetings.
Correct Answer: C
QUESTION 82
An internal quality assessment of the internal audit activity
should provide the chief audit executive with.
A. Recommendations for improvement.
B. Objectives for internal audit engagements.
C. Confirmation of action on past audit recommendations.
D. Appraisals of internal audit staff performance.
Correct Answer: A
QUESTION 84
An organization receives the most value from an internal audit
activity's enterprise-wide risk assessment when the auditor:
A. Focuses primarily on enterprise-level risks.
B. Considers activities at all levels of the organization.
C. Reviews special projects and new initiatives.
D. Validates supporting financial and operational data.
Correct Answer: B
QUESTION 88
The chief audit executive for an organization has just completed a
risk assessment process, identified the areas with the highest risk,
and assigned an audit priority to each. Which of the following
statements is true and consistent with the International
Professional Practices Framework?
I. Items should be ranked in the order of quantifiable dollar
exposure to the organization.
II.The audit priorities should be in order of major control
deficiencies.
III.The risk assessment, though quantified, is the result of
professional judgments about both exposures and probability of
occurrences.
A. I only
B. III only
C. II and III only
D. I, II, and III.
Correct Answer: B
QUESTION 92
Which of the following is not an appropriate role of the internal
audit activity in governance activities?
A. Support the board in enterprise-wide risk assessment.
B. Ensure the timely implementation of audit recommendations.
C. Monitor compliance with the organization's ethics policies.
D. Discuss areas of significant risk.
Correct Answer: B
QUESTION 93
When developing the annual audit plan and reviewing risk
assessment priorities, a chief audit executive should always
identify the:
A. Potential recommendations for each auditable activity.
B. Persons to whom engagement reports will be communicated.
C. Engagement procedures to be used during the engagements.
D. Internal audit resources required to achieve the audit plan.
Correct Answer: D
QUESTION 95
A chief audit executive would most likely use risk assessment for
audit planning because it provides:
A. A systematic process for assessing and integrating professional
judgment about probable adverse conditions.
B. A listing of potentially adverse effects on the organization.
C. A list of auditable activities in the organization.
D. The probability that an event or action may adversely affect
the organization.
Correct Answer: A
QUESTION 100
When a risk assessment process has been used to construct an
audit engagement schedule, which of the following should
receive attention first?
A. The external auditors have requested assistance for their
upcoming annual audit.
B. A new accounts payable system is currently undergoing testing
by the information technology department.
C. Management has requested an investigation of possible
lapping in receivables.
D. The existing accounts payable system has not been audited
over the past year.
Correct Answer: C
QUESTION 104
A chief audit executive used risk assessment to prepare the audit
work schedule. Which of the following would be the least
appropriate reason to modify the schedule?
A. Need for coordination of audit activities with the external
auditors.
B. Request for postponement since the audit would be too
complicated.
C. Change in the relative risk of auditable activities during the
year.
D. Budget constraints or expansions.
Correct Answer: B
QUESTION 111
A company has established its environmental audit activity as
part of its legal department rather than part of its internal audit
activity, which reports to the audit committee. The board has
requested that the chief audit executive (CAE) provide an annual
opinion on whether environmental risks are being properly
addressed. In these circumstances, the CAE should recommend
to the audit committee that the internal audit activity:
A. Review the recommendations in all environmental audit
reports.
B. Discuss with the environmental auditors the results of their
reviews.
C. Periodically carry out a quality assessment of the
environmental audit activity.
D. Include a review of environmental issues in some internal audit
engagements.
Correct Answer: C
QUESTION 135
Which of the following elements is important for an internal
auditor to consider when performing a privacy risk assessment of
an organization?
I. Areas where personal information is collected, used, stored,
and disseminated.
II.Inherent risk.
III.Privacy practices of competitors.
IV.Third-party recipients of information.
A. III only
B. I and II only
C. I, II, and IV only
D. I, II, III, and IV.
Correct Answer: C
QUESTION 156
According to the International Professional Practices Framework,
a review team must express an opinion on which of the following
when performing an external assessment of an internal audit
activity?
I. Conformance with the Standards and IIA Code of Ethics.
II.Effectiveness of continuous improvement activities.
III.Feedback from internal audit customers and other stakeholder
groups.
IV.Efficiency and effectiveness of the internal audit activity's
administration processes.
A. I only
B. III only
C. I and II only
D. II and IV only
Correct Answer: A
QUESTION 171
According to the Standards, a review team must express an
opinion on which of the following when performing an external
assessment of an internal audit activity?
1.Conformance with the Standards and IIA Code of Ethics.
2.Effectiveness of continuous improvement activities.
3.Feedback from internal audit customers and other stakeholder
groups.
4.Efficiency and effectiveness of the internal audit activity's
administration processes.
A. 1 only
B. 3 only
C. 1 and 2 only
D. 2 and 4 only
Correct Answer: A
QUESTION 176
Which of the following processes or tools can be used as ongoing
internal assessments of the performance of the internal audit
activity?
1.Analyses of audit plan completion and cost recoveries.
2.Selective peer reviews of work papers by staff involved in the
respective audits.
3.Self-assessment of the internal audit activity with on-site
validation by a qualified independent reviewer.
4.Feedback from audit customers and stakeholders.
A. 1 only
B. 1 and 2 only
C. 3 and 4 only
D. 1, 2, and 4 only
Correct Answer: D
QUESTION 181
An organization that outsources much of its internal audit work to
an external service provider is planning for an external quality
assessment. Which of the following options would accomplish
this task and be in conformance with the Standards?
A. Engaging an external industry associate that performed a
similar review for a supplier of the organization.
B. Selecting a team from an independent entity that previously
employed the chief audit executive of the organization.
C. Using a team under the direction of the organization's chief
audit executive, and obtaining validation from a former manager
of the internal audit activity.
D. Using the same external service provider because of its
competency and experience with the organization.
Correct Answer: A
QUESTION 182
In order to use "Conducted in accordance with the International
Standards for the Professional Practice of Internal Auditing, " an
internal audit activity must:
A. Satisfy all requirements of the International Professional
Practices Framework during each internal audit engagement.
B. Complete an external assessment of quality assurance to
demonstrate compliance with the Standards.
C. Establish a continuous quality assurance and improvement
program.
D. Have its charter reviewed and approved by management and
the board.
Correct Answer: B
QUESTION 263
An internal auditor is preparing a draft observation based on her
assessment of an accounts payable process. Which of the
following is a process recommendation?
A. Authorization policy for accounts payable was not followed for
payments above $10, 000.
B. Authorization policy requires two levels of approval for all
payments above $10, 000.
C. Because of non-compliance with authorization policy,
inappropriate payments may be made for payments above $10,
000.
D. The accounts payable authorization actions for all payments
should be automated.
Correct Answer: D
QUESTION 278
With regard to external assessments of an internal audit activity
(IAA), which of the following is the chief audit executive required
to discuss with the board?
A. External reviewer conflicts of interest, and the need for an
external assessment more frequently than once every five years.
B. External reviewer conflicts of interest, and the timeline of the
external assessment.
C. The need for an external assessment more frequently than
once every five years, and the simplest method for the external
reviewer to join the IAA's organization.
D. The simplest way for the external reviewer to join the IAA's
organization, and the timeline of the external assessment.
Correct Answer: A
QUESTION 282
According to the COSO framework, which of the following is not a
principle of internal control?
A. Management's philosophy and operating style.
B. Human resource policies and practices.
C. Integrity and ethical values.
D. Risk assessment.
Correct Answer: D
QUESTION 315
Which of the following statements about risk assessment is true?
A. Risk assessment focuses on the quantitative evaluation of
exposures.
B. Risk assessment evaluates risk both on an inherent and
residual basis.
C. Risk assessment determines the organization's tolerance for
exposure.
D. Risk assessment is the amount of inherent risk in a separately
identifiable business entity.
Correct Answer: B
QUESTION 318
What information should the internal quality assessment of the
internal audit activity communicate to the chief audit executive?
A. Detailed objectives for internal audit engagements.
B. Confirmation that past audit recommendations have been
implemented.
C. Evaluation of the adequacy of internal audit policies and
procedures.
D. Performance appraisals of the internal audit staff.
Correct Answer: C
QUESTION 379
According to IIA guidance, which of the following individuals
would best be considered independent for the purpose of
participating in an external assessment of the quality assurance
and improvement program for an internal audit activity (IAA)?
A. A former employee knowledgeable of the IAA who resigned
three years earlier from the organization.
B. A competent employee of an independent external
organization that provides co-sourcing services to the IAA.
C. An employee in an affiliated organization who has never
worked directly with the IAA.
D. An employee in the parent organization who has not had any
previous contact with the IAA.
Correct Answer: A
QUESTION 380
The results of an internal audit activity's (IAA) quality assurance
and improvement program are favorable and an external
assessment was completed within the last five years. Which of
the following statements may the IAA use to describe its work?
A. "Completed with the advance certification of the External
Assessors Association for Auditing Review."
B. "Conforms with the International Standards for the
Professional Practice of Internal Auditing."
C. "Certified 100% accuracy, per the International Standards of
External Assessment."
D. "Compliant with all domestic and international legal statutes,
and certified quality assured for ten years."
Correct Answer: B
QUESTION 403
According to IIA guidance, which of the following best describes
processes and tools typically used in ongoing internal
assessments?
A. Benchmarking of the internal audit activity's practices and
performance.
B. Report of internal assessment results, response plans, and
outcomes.
C. Analysis of performance metrics such as cycle times.
D. Self-assessments and surveys of stakeholder groups.
Correct Answer: C
QUESTION 408
Which of the following best describes the assessment of risks?
A. Assess the actions necessary to reduce the likelihood and/or
impact of risk to tolerable levels.
B. Assess the likelihood and/or impact of risk on the achievement
of organizational objectives.
C. Assess the amount of risk an organization can accept while
pursuing its objectives.
D. Assess alternative strategies to reduce or eliminate major risks.
Correct Answer: B
QUESTION 428
The last quality assessment of the internal audit activity identified
three areas for improvement: the achievement of audit
engagement objectives, quality of work, and staff development.
According to IIA guidance, which of the following should be the
chief audit executive's primary focus to achieve these
recommended improvements?
A. Demonstrated compliance with procedures.
B. Due professional care.
C. Engagement supervision.
D. Employment of tools and techniques.
Correct Answer: C
QUESTION 445
Which of the following best ensures an internal audit activity has
the ability to render impartial and unbiased assessments?
A. Organizational status and objectivity.
B. Supervision of the chief audit executive (CAE) by senior
management.
C. Organizational knowledge and skills.
D. CAE certification.
Correct Answer: A
QUESTION 449
The chief audit executive (CAE) of a mid-sized pharmaceutical
organization has operational responsibility for the regulatory
compliance function. The audit committee requests an
assessment of regulatory compliance. According to IIA guidance,
which of the following is the CAE's best course of action?
A. Have a proficient internal audit staff member perform the
assessment and disclose the impairment in the audit report and
to the board.
B. Have a regulatory compliance staff member perform a self-
assessment, to be reviewed by a proficient internal auditor.
C. Have a proficient internal audit staff member perform the audit
and report the results of the assessment directly to senior
management and the board.
D. Contract with a third-party entity or external auditor to
complete the assessment and report the results to senior
Correct Answer: D
QUESTION 475
Which of the following statements describes impairment to the
internal auditor's objectivity?
A. An internal auditor reviews a purchasing agent's contract drafts
prior to their execution.
B. An internal auditor reduces the scope of an audit engagement
due to budget restrictions.
C. An internal auditor receives a promotional gift that is available
to the organization's employees.
D. An internal auditor performs an assessment of the operations
for which he was recently responsible.
Correct Answer: D
QUESTION 479
According to IIA guidance, the results of a formal quality
assessment should be reported to which of the following groups?
A. The audit committee and senior management.
B. The audit committee and the external auditors.
C. Senior management and management of the audited area.
D. Senior management and the external auditors.
Correct Answer: A
QUESTION 492
The chief audit executive (CAE) is planning to conduct an internal
assessment of the internal audit activity (IAA). Part of this
assessment will include benchmarking. According to IIA guidance,
which of the following qualitative metrics would be appropriate
for the CAE to use?
1.Average client customer satisfaction score for a given year.
2.Client survey comments on how to improve the IAA.
3.Auditor interviews once an audit has been completed.
4.Percentage of audits completed within 90 days.
A. 1 and 2.
B. 1 and 3.
C. 2 and 3.
D. 3 and 4.
Correct Answer: C
QUESTION 499
An auditor in charge was reviewing the workpapers submitted by
a newly hired internal auditor. She noted that the new auditor's
analytical work did not include any
rating or quantification of the risk assessment results, and she
returned the workpapers for correction. Which section of the
workpapers will the new auditor need to
modify?
A. Condition section.
B. Criteria section.
C. Effect section.
D. Cause section.
Correct Answer: C
QUESTION 518
an external service provider is planning for an external quality
assessment. Which of the following
options would accomplish this task and be in conformance with
the Standards?
A. External industry associate that performed a similar review for
a supplier of the organization.
B. A team from an independent entity that previously employed
the chief audit executive of the organization.
C. A team under the direction of the organization's chief audit
executive with validation by a former manager of the internal
audit activity.
D. The same external service provider because of its competency
and experience with the organization.
Correct Answer: A
QUESTION 524
Which of the following risk assessment tools would best facilitate
the matching of controls to risks?
A. Control matrix.
B. Internal control questionnaire.
C. Control flowchart.
D. Program evaluation and review technique (PERT) analysis.
Correct Answer: A
QUESTION 536
Which of the following would be the most useful in developing an
annual audit plan?
A. General purpose audit software.
B. Voting software and hardware.
C. Flowcharting and data capture software.
D. Risk assessment software.
Correct Answer: D
QUESTION 538
Inadequate risk assessment would have the strongest negative
impact in which of the following phases of an audit engagement?
A. Determining the scope.
B. Reviewing internal controls.
C. Testing.
D. Evaluating findings.
Correct Answer: A
QUESTION 40
Which of the following factors is least essential to a successful
control self-assessment workshop?
A. Voting technology.
B. Facilitation training.
C. Prior planning.
D. Group dynamics.
Correct Answer: A
QUESTION 41
Which of the following would not be characteristic of control self-
assessment implemented by an audit
department?
A. An auditor usually facilitates the discussion during the
workshop phase while another records comments
for subsequent use.
B. Auditors and business-unit employees work as a team.
C. Auditors perform traditional audit tests to identify control
weaknesses.
D. Participants discuss the control weaknesses that hinder the
achievement of objectives.
Correct Answer: C
QUESTION 42
Which of the following is an advantage of control self-assessment
(CSA) over conventional auditing
techniques?
A. CSA evaluates control activities and human resource practices.
B. CSA provides assurance about whether business objectives will
be met.
C. CSA facilitates obtaining input from subject-matter experts
efficiently.
D. CSA provides assurance that action will be taken to improve
deficiencies.
Correct Answer: C
QUESTION 48
What is the primary factor that determines the depth and
breadth of audit follow-up?
A. The engagement client's written response to the audit findings.
B. The auditor's assessment of risk associated with the audit
findings.
C. The auditor's assessment of personnel responsible for
correcting audit findings.
D. The availability of audit personnel and financial resources.
Correct Answer: B
QUESTION 60
Which of the following would not be an appropriate step for an
internal auditor to perform during an
assessment of compliance with an organization's privacy policy?
A. Determine who can access databases containing confidential
information.
B. Evaluate the organization's privacy policy to determine if
appropriate information is covered.
C. Analyze access to permanent files and reports containing
confidential information.
D. Evaluate the government's security measures related to
confidential information received from the
organization.
Correct Answer: D
QUESTION 80
Which of the following types of internal audit consulting
engagements is an example of a facilitation
service?
A. Conducting control self-assessment workshops.
II. Participating on standing committees.
III. Reviewing regulatory compliance.
IV. Benchmarking.
B. Estimating savings from outsourcing processes.
C. I and IV only
D. I, III, and IV only
E. II, III, and V only
F. I, II, III, IV, and V.
Correct Answer: A
QUESTION 84
Which of the following are typical steps in the design of an
organization's performance measurement
system?
A. Understand organizational strategy; perform a situational
assessment; establish measurement
categories; and take actions based upon measurement results.
B. Categorize performance measures; establish a data collection
plan; analyze data; and predict future
performance.
C. Establish a measurement plan; create an organizational
strategy linked to those measurements; trend
measurement data; and measure data variability.
D. Perform a situational assessment; generate macro
measurements; review measurement data; and
change strategy based upon measurement results.
Correct Answer: A
QUESTION 94
In preparing to facilitate a control self-assessment session, an
auditor would be least likely to ensure that:
A. Key stakeholders are represented in the group.
B. An independent content expert is available to help settle
disagreements.
C. Background research is completed to familiarize the auditor
with relevant issues.
D. Management is consulted on the issues and priorities.
Correct Answer: B
QUESTION 95
What decision-making approach should a facilitator initiate if a
group addresses an unfamiliar situation
during a control self-assessment session?
A. Spontaneous agreement.
B. Consensus building.
C. Majority voting.
D. Compromise.
Correct Answer: B
QUESTION 96
If participants in a control self-assessment workshop begin
breaking their agreed-upon ground rules, the
facilitator should:
A. Ignore the behavior and continue the workshop.
B. Allow them to continue briefly and then remind them of the
ground rules.
C. Have the participants modify the ground rules.
D. Strictly enforce the ground rules.
Correct Answer: B
QUESTION 130
Which of the following would have the least impact (either
positive or negative) on an assessment of a
department's control environment?
A. The department managed long-term investments, including
investment in derivatives and other financial
instruments, to maximize return.
B. The department manager sets a tone of honesty and integrity
in all business dealings and this tone is
emulated by department personnel.
C. Many department functions were duplicated or verified by
other department employees as part of the
department's normal procedures.
D. Audit tests designed to verify compliance with control
procedures detected a general failure to follow
standard procedures for transaction authorization.
Correct Answer: A
QUESTION 136
Risk assessments can vary in format, but generally include:
1. A description of identified risks.
2. Tests of audit controls.
3. A system of rating risks.
4. Sample size identification.
A. 1 and 2 only
B. 1 and 3 only
C. 1, 3, and 4 only
D. 2, 3, and 4 only
Correct Answer: B
QUESTION 137
An internal auditor has just undertaken an organization-wide risk
assessment. In identifying potential audit
engagements the internal auditor should consider least:
A. Focusing on the high risk areas as sources of potential
engagements.
B. Focusing in areas not audited last year.
C. Factoring in management requests.
D. Focusing on those risks highlighted by the external auditor.
Correct Answer: B
QUESTION 144
The chief audit executive's responsibility regarding control
processes includes:
A. Assisting senior management and the audit committee in the
development of an annual assessment
about internal control.
B. Overseeing the establishment of internal control processes.
C. Maintaining the organization's governance processes.
D. Ensuring that the internal audit activity assesses all control
processes annually.
Correct Answer: A
QUESTION 145
Inadequate risk assessment would have the strongest negative
impact in which of the following phases of
an audit engagement?
A. Determining the scope.
B. Reviewing internal controls.
C. Testing.
D. Evaluating findings.
Correct Answer: A
QUESTION 174
Because of an abundance of high priority requests from
management, an internal audit activity no longer
has the resources to meet all of its commitments contained in the
annual audit plan. Which of the following
would be the best course of action for the chief audit executive to
follow?
A. Continue with the plan and seek opportunities to adjust
priorities and reallocate resources.
B. Present a reassessment of the plan to the board and senior
management for consideration.
C. Reassess the plan and either cancel or divert resources away
from the lowest priority activities.
D. Advise the board immediately and seek their support for
additional resources to meet the needs of the
plan.
Correct Answer: B
QUESTION 179
Which of the following statements is correct regarding the
assessment of risk in the annual audit planning
process?
1. Activities requested by management should be considered
higher risk than those requested by the audit
committee.
2. Activities with lower budgets can be as high risk as those with
higher budgets.
3. The potential financial or adverse exposure should always be
considered in the assessment of risk.
A. 1 only
B. 2 only
C. 3 only
D. 2 and 3 only
Correct Answer: D
QUESTION 190
Which of the following tasks would be considered unusual for
planning a control self-assessment
workshop?
A. Conducting interviews to identify relevant issues for the
discussion.
B. Identifying key stakeholders and ensuring they are represented
in the group.
C. Securing an external subject matter expert to arbitrate
disputes.
D. Ensuring that managers are willing to accept constructive
criticism.
Correct Answer: C
QUESTION 196
The chief audit executive (CAE) of an organization has established
an internal audit activity (IAA) quality
assessment program. According to IIA guidance, which of the
following would be part of this program?
A. Assessment of the IAA conducted independently of client
feedback, and the review of individual audits
to determine the quality and timeliness of supervision.
B. Assessment of the IAA conducted independently of client
feedback, and identified areas of
improvement reviewed at the end of the year.
C. Compliance with a checklist of required audit procedures, and
review of individual audits to determine
the quality and timeliness of supervision.
D. Compliance with a checklist of required audit procedures, and
identified areas of improvement reviewed
at the end of the year.
Correct Answer: C
QUESTION 221
An airline contracted with an external service provider to perform
maintenance on all aircraft ground support
equipment. Management then asked the internal audit activity
(IAA) to evaluate the controls in place that
would permit appropriate oversight of the service provider in
maintaining required maintenance standards.
which of the following would be the most
appropriate course of action for the IAA to undertake to establish
the engagement objectives?
A. Develop a draft audit plan and create an appropriate scope and
resource schedule.
B. Develop a preliminary audit program and obtain senior
management's approval.
C. Conduct a preliminary assessment of the risks associated with
the maintenance contract.
D. Obtain a copy of the maintenance contract and review the
contract for pricing discrepancies.
Correct Answer: C
QUESTION 222
which of the following would not be
considered when performing an initial risk assessment in
engagement planning?
A. The reliability of management's assessment of risk.
B. Management's process for monitoring, reporting, and resolving
risk issues.
C. Management's methodology for defining risk criteria.
D. Risks in related activities relevant to the activity under review.
Correct Answer: C
QUESTION 237
Which of the following would be included in an internal audit
department's quality assurance and
improvement program?
1. Ongoing internal assessments of the performance of the
internal audit department.
2. Periodic internal reviews through self-assessments.
3. Assessments conducted by a qualified external reviewer at
least once every five years.
A. 1 only
B. 1 and 2 only
C. 2 and 3 only
D. 1, 2, and 3
Correct Answer: D
QUESTION 243
Management requested the chief audit executive (CAE) to include
an audit of the organization's health and
safety program in next year's annual audit plan. However, the
internal audit department has no expertise in
this area. Which of the following would be the most appropriate
action by the CAE?
A. With management's agreement, amend the scope of the audit
to ensure that areas examined do not
require specialized knowledge and expertise.
B. Meet with management to explain that the audit cannot be
undertaken and discuss alternative strategies
that can be implemented until internal audit can develop its
capability in the area.
C. Accept the request provided management has conducted a
thorough risk assessment prior to the
engagement to help guide the audit.
D. Advise management that compliance audits of this type should
only be conducted by the corresponding
regulatory agency to ensure independence.
Correct Answer: B
QUESTION 244
While developing a risk based audit plan, which of the following
sources of information would provide the
least value to the chief audit executive?
A. Results from the organization's business process management
program.
B. User acceptance testing of the organization's enterprise
resource planning application.
C. Risk assessments conducted by the board.
D. Key business strategies adopted by the organization in the
strategic plan.
Correct Answer: B
QUESTION 246
Which of the following is correct with respect to roles within an
enterprise-wide risk management process?
1. The board provides oversight to the risk management process.
2. Executive management owns the risk management framework.
3. Senior management is assigned ownership of risks.
4. Internal audit modifies the risk assessment determined by
management.
A. 1 and 2 only
B. 3 and 4 only
C. 1, 2, and 3 only
D. 1, 2, 3, and 4
Correct Answer: C
QUESTION 248
During the planning phase of an audit of the treasury function, an
internal auditor conducted a risk
assessment of the function in order to:
A. Report any high-risk exposures of the treasury function to
B. Determine whether appropriate resources are present to carry
out the treasury function.
C. Comply with the internal audit charter and applicable
regulatory requirements.
D. Identify areas of the treasury function that should be
considered for potential engagement objectives.
Correct Answer: D
QUESTION 277
Which of the following is an advantage to using the questionnaire
approach when conducting risk and
control self assessments?
A. Responses can easily be quantified and analyzed.
B. Follow-up for clarification is efficient.
C. It is educational for participants.
D. It allows for in-depth probing of issues.
Correct Answer: A
QUESTION 289
An internal auditor is conducting an assessment of the
organization's fraud controls. Which of the following
would not be considered a preventive control?
1. Daily report that identifies unsuccessful system log-in attempts.
2. Weekly management communication with tips on identifying
possible fraud.
3. E-mail alert sent to management for checks issued over
$100,000.00.
4. New hire training to explain fraud and employee misconduct.
A. 1 and 2 only
B. 1 and 3 only
C. 2 and 4 only
D. 3 and 4 only
Correct Answer: B
QUESTION 323
When setting the scope for the identification and assessment of
key risks and controls in a process, which
of the following would be the least appropriate approach?
A. Develop the scope of the audit based on a bottom-up
perspective to ensure that all business objectives
are considered.
B. Develop the scope of the audit to include controls that are
necessary to manage risk associated with a
critical business objective.
C. Specify that the auditors need to assess only key controls, but
may include an assessment of non-key
controls if there is value to the business in providing such
assurance.
D. Ensure the audit includes an assessment of manual and
automated controls to determine whether
business risks are effectively managed.
Correct Answer: A
QUESTION 329
An internal auditor has been assigned to facilitate a risk and
control self-assessment for the finance group.
Which of the following is the most appropriate role that she
should assume when facilitating the workshop?
A. Express an opinion on the participants' inputs and conclusions
as the assessment progresses.
B. Provide appropriate techniques and guidelines on how the
exercise should be undertaken.
C. Evaluate and report on all issues that may be uncovered during
the exercise.
D. Screen and vet participants so that the most appropriate
candidates are selected to participate in the
exercise.
Correct Answer: B
QUESTION 331
Which of the following is not an outcome of control self-
assessment?
A. Informal, soft controls are omitted, and greater focus is placed
on hard controls.
B. The entire objectives-risks-controls infrastructure of an
organization is subject to greater monitoring and
continuous improvement.
C. Internal auditors become involved in and knowledgeable about
the self-assessment process.
D. Nonaudit employees become experienced in assessing controls
and associating control processes with
managing risks.
Correct Answer: A
QUESTION 335
According to IIA guidance, which of the following statements are
true regarding the internal audit plan?
1. The audit plan is based on an assessment of risks to the
organization.
2. The audit plan is designed to determine the effectiveness of
the organization's risk management
process.
3. The audit plan is developed by senior management of the
organization.
4. The audit plan is aligned with the organization's goals.
A. 1 and 2 only
B. 3 and 4 only
C. 1, 2, and 4
D. 1, 3, and 4
Correct Answer: C
QUESTION 354
The chief audit executive (CAE) of a small internal audit activity
(IAA) plans to test conformance with the
Standards through a quality assurance review. According to the
Standards, which of the following are
acceptable practice for this review?
1. Use an external service provider.
2. Conduct a self-assessment with independent validation.
3. Arrange for a review by qualified employees outside of the IAA.
4. Arrange for reciprocal peer review with another CAE.
A. 1 and 2
B. 2 and 4
C. 1, 2, and 3
D. 2, 3, and 4
Correct Answer: A
QUESTION 361
Which of the following is least likely to help ensure that risk is
considered in a work program?
A. Risks are discussed with audit client.
B. All available information from the risk-based plan is used.
C. Client efforts to affect risk management are considered.
D. Prior risk assessments are considered.
Correct Answer: D
QUESTION 362
An internal auditor is conducting an assessment of the purchasing
department. She has worked the full
amount of hours budgeted for the engagement; however, the
audit objectives are not yet complete.
According to IIA guidance, which of the following are appropriate
options available to the chief audit
executive?
1. Allow the auditor to decide whether to extend the audit
engagement.
2. Determine whether the work already completed is sufficient to
conclude the engagement.
3. Provide the auditor feedback on areas of improvement for
future engagements.
4. Provide the auditor with instructions and directions to
complete the audit.
A. 1, 2, and 3
B. 1, 2, and 4
C. 1, 3, and 4
D. 2, 3, and 4
Correct Answer: D
QUESTION 484
Which of the following would constitute a violation of the IIA
Code of Ethics?
A. An internal auditor, who has recently joined the organization,
has accepted an assignment to audit the
electronics manufacturing division. The auditor previously served
as senior auditor for the external audit
of that division and has audited many electronics companies
during the past two years.
B. An internal auditor has accepted an assignment to audit the
warehousing function six months from now.
The auditor has no expertise in that area but has signed up for
courses in warehousing that will be
completed before the assignment begins.
C. An internal auditor has no ambitions for promotion and has
not engaged in training or other professional
development activities during the last three years. The auditor's
performance assessments indicate
consistent quality of work.
D. An internal auditor discovered an internal financial fraud
during the year, and the financial statements
were adjusted to properly reflect the loss associated with the
fraud. The auditor discussed the fraud with
the external auditor during the external auditor's review of the
working papers detailing the incident.
Correct Answer: C
QUESTION 311
A manufacturer uses a materials requirements planning 1RP)
system to track inventory, orders, and raw
material requirements. A preliminary audit assessment indicates
that the organization's inventory is
understated. Using audit software, what conditions should the
auditor search for in the MRP database to
support this hypothesis?
A. Item cost set at zero.
II. Negative quantities on hand.
III. Order quantity exceeding requirements.
IV. Inventory lead times exceeding delivery schedule.
B. I and II only.
C. I and I only.
D. II and I only.
E. III and I only.
Correct Answer: A
QUESTION 640
An IT manager has only enough resources to install either a new
payroll system or a new data security
system, but not both. Which of the following actions is most
appropriate?
A. Giving priority to the security system.
B. Leaving the decision to the IT manager.
C. Increasing IT staff output in order for both systems to be
installed.
D. Having the information systems steering committee set the
priority.
Correct Answer: D
QUESTION 656
After using the report writer for several months, the marketing
analysts gained confidence in using it but the
marketing department manager became concerned. Whenever
analysts revised reports they had written
earlier, the coding errors kept reappearing in their command
sequences. The manager was sure that all the
analysts knew what the errors were and how to avoid them. The
most likely cause of the reappearance of
the same coding errors is inadequate:
A. Backups.
B. Change control
C. Access control.
D. Testing.
Correct Answer: B
Q1485
Sales representatives for a manufacturing company are
reimbursed for 100% of their cellular telephone
bills. Cellular telephone costs vary significantly from
representative to representative and from month to
month, complicating the budgeting and forecasting processes.
Management has requested that the internal
auditors develop a method for controlling these costs. Which of
the following would most appropriately be
included in the scope of the consulting project?
A. Control self-assessment involving sales representatives.
B. Benchmarking with other cellular telephone users
C. Business process review of procurement and payables
routines.
D. Performance measurement and design of the budgeting and
forecasting processes.
Answer: C
QUESTION 275
Changes in accounting estimates are viewed as:
A. Extraordinary items.
B. Errors in reported amounts in prior periods.
C. Catch-up adjustments related to amounts reported in prior
periods.
D. Reassessments of current status and future benefits and
obligations.
Correct Answer: D
QUESTION 447
Sales representatives for a manufacturing company are
reimbursed for 100% of their cellular telephone
bills. Cellular telephone costs vary significantly from
representative to representative and from month to
month, complicating the budgeting and forecasting processes.
Management has requested that the internal
auditors develop a method for controlling these costs. Which of
the following would most appropriately be
included in the scope of the consulting project?
A. Control self-assessment involving sales representatives.
B. Benchmarking with other cellular telephone users
C. Business process review of procurement and payables
routines.
D. Performance measurement and design of the budgeting and
forecasting processes.
Correct Answer: C

Internal auditors make a balanced assessment of all the relevant
circumstances and are
not unduly influenced by their own interests or by others in
forming judgments. This
statement best explains one of the following principles:
A. Competency
B. Confidentiality
C. Objectivity
D. Integrity
Answer: C
An organization might decide that the risk of fire is high so it will
pay a high premium on its
fire insurance policy to transfer the risk as much as possible.
However, the organization will
still have to pay deductible amount on the policy if a fire occurs.
This scenario depicts:
A. Assessment of the likelihood that a given risk will occur
B. Control the risk
C. Accept the risk
D. Transfer the risk
Answer: C
Question No : 28
Which services involve the internal auditors objective
assessment of evidence to provide
an independent opinion or conclusions regarding a process,
system, or other subject
matter?
A. Accounting services
B. Auditing services
C. Assurance services
D. Insurance services
Answer: C
Question No : 33
Assurance services involve the internal auditors objective
assessment of evidence to
provide an independent opinion or conclusions regarding a
process, system, or other
subject matter. All of the following are the parties generally
involved in assurance services
EXCEPT:
A. The team leader
B. The person or group making the assessment the internal
auditor
or other subject matter
the process owner.
D. The person or group using the assessment the user.
Answer: A
Question No : 34
Consulting services are advisory in nature, and are generally
performed at the specific
request of an engagement client. The nature and scope of the
consulting engagement are
subject to agreement with the engagement client. All of the
following are the parties
generally involved in consulting services EXCEPT:
A. The person or group using the assessment the user.
B. the person or group offering the advice the internal auditor
or other subject matter
the process owner.
D. the person or group seeking and receiving the advice the
engagement client
Answer: B,D
Question No : 36
Although some Practice Advisories may be applicable to all
internal auditors, others may
be developed to meet the needs of a _______, a __________, or
_________, including
guidance on topics such as environmental issues, control self
assessment, information
technology, government auditing, and guidance issued by other
standard setting bodies
and adopted by ______________.
A. Specific audit specialty, Specific geographic area, Specific
industry, committees of The
IIA
B. Specific industry, Specific geographic area, committees of The
IIA, Specific audit
specialty
C. Specific industry, Specific audit specialty, committees of The
IIA, Specific geographic
area,
D. Specific industry, Specific audit specialty, Specific geographic
area, committees of The
IIA.
Answer: D
Question No : 57
_________ are periodic assessments of audit quality by members
of the audit staff. Where
as ___________ are conducted periodically by qualified members
outside the audit
organization.
A. external reviews, internal reviews
B. formal reviews, external reviews
C. internal reviews, external reviews
D. periodic reviews, internal reviews
Answer: C
Question No : 58
The purpose of an __________is to have an independent
assessment of the quality of the
audit units work. Also __________ focus on assessing the extent
the audit organization
followed applicable standards in conducting its work:
A. External reviews, internal reviews
B. Formal reviews, external reviews
C. Internal reviews, external reviews
D. External reviews, external reviews
Answer: D
Question No : 83
An assessment of management controls can influence all of the
following elements of the
audit program EXCEPT:
A. Objectives:
B. Structure
C. Methodology.
D. Scope
Answer: B
Question No : 92
Which of the following factors may influence the auditors
assessment of control risk please
choose the correct option:
A. Assignment of responsibility and delegation of authority to
deal with such matters as
organizational goals and objectives, operating functions, and
regulatory requirements.
B. Customer policy regarding such matters as acceptable
operating practices and codes of
conduct.
C. Managements awareness or lack of awareness of applicable
laws and regulations.
D. All of the above
Answer: D

A manufacturer uses a materials requirements planning (MRP)
system to track
inventory,orders,and raw materials requirements. What condition
should an auditor search
for in the MRP database if a preliminary assessment indicated
that inventory is
understated?
I.Item cost set at zero.
II.Negative quantities on hand.
III.Order quantity exceeding requirements.
IV.Inventory lead times exceeding delivery schedule.
A. I and II only
B. I and IV only
C. II and IV only
D. III and IV only
Answer: A
an external service
provider is planning for an external quality assessment. Which of
the following options
would accomplish this task and be in conformance with the
Standards?
A. External industry associate that performed a similar review for
a supplier of the
organization.
B. A team from an independent entity that previously employed
the chief audit executive of
the organization.
C. A team under the direction of the organization's chief audit
executive with validation by a
former manager of the internal audit activity.
D. The same external service provider because of its competency
and experience with the
organization.
Answer: A
computerization may
impact an auditor's assessment of the risk of fraud?
personnel as well as to
computer users.
review.
Answer: A
Which of the following would provide the most reliable
information on the risk associated with an auditable activity?
A. Event scenarios with regression analysis.
B. Past audit findings and instances of management failures.
C. Consequences and economic predictability of loss.
D. Management assessment and corroboration by the internal
audit activity.
Answer: D
Quality Management Assessment;

(BE Quality Management Assessment)
Enterprise Management Delivery Audit
(IA Fraud & Investigation Audit)
QUESTION 3
A code of business conduct provides?
A. A fraud avoidance plan that does not explicitly describe
punishments for violations.
B. A passive method of fraud deterrence.
C. A program to anonymously report irregularities to authorities.
D. An alternative to "tone at the top" programs.
Correct Answer: B
QUESTION 4
Fraud is most frequently detected by:
A. Following up on tips from employees or citizens.
B. Following up on analytical review of high-risk areas.
C. Performing periodic reconciliations over cash and other assets.
D. Performing unannounced audits or reviews of programs or
departments.
Correct Answer: A
QUESTION 6
A charitable organization provides substantial grants for
important medical research. Assuming marginal controls are in
place, which of the following possible
frauds or misuses of organization assets should be considered the
area of greatest risk?
A. Senior executives are using company travel and entertainment
funds for activities that might be considered questionable.
B. Purchases of office supplies are made from fictitious vendors.
C. Grants are made to organizations associated with senior
executives.
D. A payroll clerk has added a fictitious employee.
Correct Answer: C
QUESTION 9
computerization may impact an auditor's assessment of the risk
of fraud?
personnel as well as to computer users.
review.
Correct Answer: A
QUESTION 10
An internal auditor plans to use an analytical review to verify the
correctness of various operating expenses in a division. The use
of an analytical review as a
verification technique would not be a preferred approachif.
A. The auditor notes strong indicators of a specific fraud involving
this account.
B. The company has relatively stable operations which have not
changed much over the past year.
C. The auditor would like to identify large, unusual, or non-
recurring transactions during the year.
D. The operating expenses vary in relation to other operating
expenses, but not in relation to revenue.
Correct Answer: A
QUESTION 94
Which of the following actions by a chief audit executive would
be most effective in preventing fraud?
A. Ensure that the board is aware of all fraud that has been
identified or reported.
B. Train the internal audit staff in identifying fraud indicators.
C. Review the adequacy of all policies that describe prohibited
activities.
D. Submit an annual report to the board on all fraud that has
been detected.
Correct Answer: C
QUESTION 136
A dental insurance provider has implemented an electronic claim
submission process and is concerned that dentists are submitting
claims for services that were
not provided. Which of the following control procedures would
be most effective in preventing this type of fraud?
A. Develop a program that identifies procedures performed on an
individual which are either in excess of expectations based on the
age of the insured or are
similar to other procedures recently performed on the individual.
B. Require all submitted claims to be followed by a signed
statement by the dentist testifying to the fact that the claimed
procedures were performed.
C. Send confirmations to the dentists requesting them to confirm
the exact nature of the claims submitted to the insurance
provider.
D. Develop an integrated test facility and submit false claims to
verify that the system is detecting such claims on a consistent
basis.
Correct Answer: A
QUESTION 157
When planning an audit engagement, what should an internal
auditor first consider when assessing the risk of fraud in the area
to be audited?
A. Impact of and exposure to fraud.
B. Existence of evidence of fraud.
C. Organizational structure.
D. Management's risk appetite.
Correct Answer: A
QUESTION 193
Which of the following statements best describes the
competency requirement for an auditor regarding fraud risks
encountered in an engagement execution?
A. The auditor should be able to have comparable competencies
of a person whose primary responsibility is detecting and
investigating fraud.
B. The auditor must have sufficient knowledge to evaluate the risk
of fraud and the manner in which it is managed by the
organization.
C. The auditor is not expected to have any competency
requirement regarding fraud since the role of investigating and
detecting fraud belongs to other functions in
the organization.
D. The auditor must be able to have an appreciation of the
fundamentals of fraud detection and investigation techniques.
Correct Answer: B
QUESTION 219
Which of the following, if observed, would not indicate the need
to extend the search for other indicators of fraud in a purchasing
department?
A. The standard of living of one of the purchasing agents has
increased.
B. The internal control structure has significant weaknesses.
C. The purchasing agents have convinced management to adopt a
policy of paying vendors on a more timely basis in order to avoid
incurring penalty charges.
D. The cost of goods procured seems to be excessive in
comparison with previous years.
Correct Answer: C
QUESTION 220
Which of the following might alert an internal auditor to the
possibility of fraud in a division? 1.The division is not scheduled
for an external audit this year.
2.Sales have increased by 10 percent.
3.A significant portion of management's compensation is directly
tied to reported net income of the division.
A. 1 only
B. 3 only
C. 1 and 2 only
D. 1, 2, and 3
Correct Answer: B
QUESTION 234
During an audit of a major contract, an internal auditor finds that
actual hours and dollars billed are consistently at or near
budgeted amounts. This condition is a
red flag for which of the following procurement fraud schemes?
A. Defective pricing.
B. Cost mischarging.
C. Fictitious vendor.
D. Bid rotation.
Correct Answer: B
QUESTION 244
Which of the following is considered a common red flag indicator
in helping to uncover fraud?
A. Improper segregation of duties.
B. Repeated poor performance.
C. Termination from previous employer.
D. Experiencing financial difficulty.
Correct Answer: D
QUESTION 250
In which of the following circumstances is it apparent that the
internal auditor exercised due professional care in carrying out his
duties?
1.The internal auditor weighed the cost of the engagement
against its potential benefits. 2.The internal auditor used
anonymous information from a whistleblower to
report the existence of fraudulent activity.
3.The internal auditor found minor and major instances of fraud
and highlighted only the major instances in its report, in
consideration of the board's limited time.
4.The internal auditor decided to use new auditing software to
assist with the statistical analysis required during the
engagement.
A. 1 and 2 only
B. 2 and 3 only
C. 3 and 4 only
D. 1 and 4 only
Correct Answer: D
QUESTION 260
An employee is more likely to commit fraud if which of the
following red flags are present? 1.The employee believes that he
is being underpaid and deserves a
higher salary. 2.The employee is close to retirement and has
expressed a desire to take an expensive trip around the world.
3.The employee has personal financial problems and seems very
unhappy. 4.The employee is spending much more time at the
office than usual and has been
asking about opportunities for professional advancement.
A. 1 and 2 only
B. 1 and 3 only
C. 3 and 4 only
D. 2 and 4 only
Correct Answer: B
QUESTION 260
An employee is more likely to commit fraud if which of the
following red flags are present? 1.The employee believes that he
is being underpaid and deserves a
higher salary. 2.The employee is close to retirement and has
expressed a desire to take an expensive trip around the world.
3.The employee has personal financial problems and seems very
unhappy. 4.The employee is spending much more time at the
office than usual and has been
asking about opportunities for professional advancement.
A. 1 and 2 only
B. 1 and 3 only
C. 3 and 4 only
D. 2 and 4 only
Correct Answer: B
QUESTION 269
Which of the following is not considered one of the most
common red flags for perpetrators of fraud?
A. Excessive control issues.
B. Repeat performance issues.
C. Unusually close association with customers.
D. Experiencing financial difficulty.
Correct Answer: B
QUESTION 273
An internal auditor has been engaged to assess fraud risks
associated with a new financial software system.
Which competency would best help the auditor complete the
task?
A. Expertise in identifying information technology risks.
B. A thorough understanding of organizational governance
principles.
C. Proficiency in creating and utilizing process maps.
D. Knowledge of key management and business principles.
Correct Answer: A
QUESTION 279
Performing a monthly analysis of potential duplicate invoices paid
to suppliers is an example of which type of fraud control?
A. Preventive control.
B. Corrective control.
C. Proactive control.
D. Detective control.
Correct Answer: D
QUESTION 284
An internal auditor is planning an operational audit of the
accounts payable function. Which of the following best mitigates
the risk of the organization being a victim
of disbursement fraud by employees?
A. Accounts payable payment records are checked against
supplier invoices.
B. Accounts payable are aged by vendors.
C. The accounts payable trial balance is reconciled to the general
ledger.
D. The accounts payable function is properly segregated from the
cash custody function.
Correct Answer: D
QUESTION 300
While conducting an audit, an internal auditor notices an unusual
increase in sales among a small number of units within the
organization. The units also
experienced persistent negative cash flows despite reported
earnings and earnings growth. Which type of fraud do the
auditor's findings most likely indicate?
A. Employee collusion with customer organizations.
B. Improper asset valuation.
C. Inventory theft.
D. Fictitious revenues.
Correct Answer: D
QUESTION 316
Which of the following statements regarding an internal auditor's
responsibility for detecting fraud is not correct?
A. The auditor should have sufficient knowledge to detect red
flags.
B. The auditor may obtain assistance from outside experts in
areas where the auditor is not sufficiently proficient.
C. The auditor should identify control weaknesses which could
allow fraud to occur.
D. The auditor should detect fraud before recommending a fraud
investigation should take place.
Correct Answer: D
QUESTION 329
A manufacturer uses improved linkage between order entry,
production, and shipping to reduce raw materials and work-in-
process inventory. Which type of fraud
will these changes likely reduce?
A. Payment of fraudulent invoices.
B. Purchases from a related party.
C. Theft of resources from inventory.
D. False reporting of hours worked.
Correct Answer: C
QUESTION 341
Which of the following procedures would be most effective in
detecting fraud in electronically- submitted claims to insurance
companies?
A. Creating a monitoring program that detects unusual claims to
be investigated by the claims department.
B. Using generalized audit software to match the claimant
identification number with a master list of valid policyholders.
C. Testing the accuracy of processing by using integrated test
facilities.
D. Creating batch controls over all claims arriving from a
particular organization and process those claims separately.
Correct Answer: A
QUESTION 377
Suspecting fraud, the chief financial officer (CFO) asked the
internal audit activity to investigate a significant increase in travel
related expenditures. Work was
performed by a qualified internal auditor. Following the
completion of the engagement, the chief audit executive (CAE)
reported to the CFO that no violations were
found and no fraud had occurred.
According to the Standards, which of the following principles did
the CAE violate?
A. Due professional care.
B. Individual objectivity.
C. Proficiency.
D. Organizational independence.
Correct Answer: A
QUESTION 387
During an internal audit, an organization's processing department
is found to have incidences of both duplicate invoices and notices
from customers that purchased
goods were not received. The department under review insists
that some of these reports are false and that others were isolated
oversights due to understaffing.
Which of the following tests would best help the internal auditor
detect fraudulent activity?
A. Check inventory levels.
B. Search for gaps in check numbers.
C. Compare vendor summaries.
D. Review raw material purchase quantities.
Correct Answer: A
QUESTION 410
Which of the following would most likely be considered a red flag
for fraud?
A. An organization lacks a whistleblower hotline for reporting
suspicious activity.
B. A senior manager has been delegating the authority to sign-off
on small dollar amount purchases to a subordinate.
C. An employee in charge of payroll disbursements has rotated
these duties with several colleagues.
D. An employee with significant personal debt is in charge of
handling large wire transfers for the organization.
Correct Answer: D
QUESTION 434
An accounts receivable clerk receives cash payments, posts the
payments to customer accounts, and prepares the daily cash
deposit.
The clerk has been stealing some cash and manipulating the
customer payments to hide the theft.
This fraud could be detected with which of the following
controls?
A. Monthly bank reconciliations are performed by the clerk on a
timely basis.
B. Total cash deposits for the month are reconciled to the cash
receipts journal.
C. Names, amounts, and dates on remittance advices are
reconciled with the names, amounts, and dates recorded in the
cash receipts journal.
D. Total cash deposits are compared with the bank reconciliation.
Correct Answer: C
QUESTION 435
Which of the following conditions is the most likely indicator of
fraud?
A. Commissions are paid based on verified increases to sales.
B. Departmental reports are consistently issued in an untimely
manner.
C. A manager regularly assumes subordinates' duties.
D. Lower earnings occur during the industry's down cycle.
Correct Answer: C
QUESTION 436
Which of the following would not be a red flag for fraud?
A. Several recent, large expenditures to a new vendor have not
been documented.
B. A manager has bragged about multiple extravagant vacations
taken within the last year, which are excessive relative to the
manager's salary.
C. A weak control environment has been accepted by
management to encourage creativity.
D. New employees occasionally fail to meet established project
deadlines due to staffing shortages.
Correct Answer: D
QUESTION 456
Which segregation of duties would best reduce the risk of payroll
fraud?
A. Human resources personnel add employees, and payroll
personnel process hours and enter employee bank account
numbers. Paychecks are automatically
deposited in the employee's bank account.
B. Human resources personnel add employees, payroll personnel
process hours, and human resources personnel deliver paychecks
to employees.
C. Human resources personnel add employees, review and
submit payroll hours to the payroll department for processing,
and deliver paychecks to employees.
D. Human resources personnel add employees and enter
employee bank information. Payroll personnel process hours,and
paychecks are automatically deposited
in the employee's bank account.
Correct Answer: A
QUESTION 459
Which of the following best describes the misdirection of
payments on accounts receivable to an employee's bank
account?
A. Fraud open on the books.
B. Fraud hidden on the books.
C. Fraud off the books.
D. Fraud on the balance sheet.
Correct Answer: C
QUESTION 460
When auditing the award of a major contract, which of the
following should an internal auditor suspect as a red flag for a
bidding fraud scheme?
1.Subsequent change orders increase requirements for low-bid
items. 2.Material contract requirements are different on the
actual contract than on the request for
bids. 3.A high percentage of employees are charged to indirect
accounts.
4.Losing bidders are hired as subcontractors.
A. 1 only
B. 2 only
C. 1 and 3.
D. 2 and 4.
Correct Answer: D
QUESTION 461
Which of the following combinations of conditions is most likely a
red flag for fraud?
A. The practice of surprise audits and the implementation of an
employee support program.
B. Hiring an employee with a prior fraud conviction and yearly
management review.
C. Occasional accounting department overrides and
discontinuation of the anonymous fraud hotline due to
infrequent use.
D. A veteran employee in upper management experiencing
financial difficulties and recently implemented enhanced
controls.
Correct Answer: C
QUESTION 480
A medical insurance provider uses an electronic claims-
submission process and suspects that a number of physicians
have submitted claims for treatments that
were not performed. Which of the following control procedures
would be most effective to detect this type of fraud?
A. Require the physician to submit a signed statement attesting
that the treatments had been performed.
B. Send confirmations to the physicians, requesting them to verify
the exact nature of the claims submitted to the insurance
provider.
C. Develop an integrated test facility and submit false claims to
verify that the system is detecting such claims on a consistent
basis.
D. Use computer software to identify abnormal claims based on
the insured's age and medical history.
Correct Answer: D
QUESTION 484
Which of the following control methods is effective in reducing
the risk of purchasing-scheme fraud?
1.Periodically reviewing the vendor list for unusual vendors and
addresses. 2.Segregating duties for amount purchasing, receiving,
shipping, and accounting.
3.Validating sequential integrity of purchase orders. 4.Verifying
the validity of invoices with post office box addresses.
A. 1 and 2 only
B. 3 and 4 only
C. 1, 2, and 4 only
D. 1, 2, 3, and 4
Correct Answer: B
QUESTION 485
Which of the following is a common type of payroll fraud?
A. Unauthorized overtime.
B. Fictitious employees.
C. Unearned bonuses or commissions.
D. Skimming.
Correct Answer: B
QUESTION 497
In which of the following functions would fraud be most likely to
occur?
A. Maintaining custody of inventory records.
B. Collecting payments on accounts.
C. Approving changes to employee records.
D. Preparing customer statements.
Correct Answer: B
QUESTION 498
Which of the following is the best way to detect fraud?
A. Conduct anti-fraud training.
B. Perform background investigations.
C. Implement process controls.
D. Activate a whistleblower hotline.
Correct Answer: D
QUESTION 508
Internal auditors must exercise due professional care by
considering which of the following? 1.Cost of assurance in
relation to potential benefits. 2.Adequacy and
effectiveness of governance, risk management, and control
processes. 3.Management's competency level in the area being
evaluated. 4.Probability of significant
errors, fraud, or noncompliance.
A. 1 and 2 only
B. 1, 2, and 3 only
C. 1, 2, and 4 only
D. 2, 3, and 4 only
Correct Answer: C
QUESTION 530
Senior management at a financial institution has received
allegations of fraud at its derivatives trading desk and has asked
the internal audit activity to investigate
and issue a report concerning the allegations. The internal audit
activity has not yet developed sufficient proficiency regarding
derivatives trading to conduct a
thorough fraud investigation in this area. Which of the following
courses of action should the chief audit executive (CAE) take to
comply with the Standards?
A. Engage the former head of the institution's derivatives trading
desk to perform the investigation and submit a report with
supporting documentation to the CAE.
B. Request that senior management allow a delay of the fraud
investigation until the internal audit activity's on-staff certified
fraud examiner is able to obtain the
appropriate training regarding the analysis of derivatives trading.
C. Request that senior management exclude the internal audit
activity from the investigation completely and instead contract
with an external certified fraud
examiner with derivatives experience to perform all aspects of
the investigation and subsequent reporting.
D. Contract with an external certified fraud examiner with
derivatives experience to perform the investigation and
subsequent reporting, with the chief audit
executive approving the scope of the investigation and evaluating
the adequacy of the work performed.
Correct Answer: D
QUESTION 530
allegations of fraud at its derivatives trading desk and has asked
the internal audit activity to investigate
and issue a report concerning the allegations. The internal audit
activity has not yet developed sufficient proficiency regarding
derivatives trading to conduct a
thorough fraud investigation in this area. Which of the following
courses of action should the chief audit executive (CAE) take to
comply with the Standards?
desk to perform the investigation and submit a report with
supporting documentation to the CAE.
investigation until the internal audit activity's on-staff certified
fraud examiner is able to obtain the
appropriate training regarding the analysis of derivatives trading.
activity from the investigation completely and instead contract
with an external certified fraud
examiner with derivatives experience to perform all aspects of
the investigation and subsequent reporting.
derivatives experience to perform the investigation and
subsequent reporting, with the chief audit
executive approving the scope of the investigation and evaluating
the adequacy of the work performed.
Correct Answer: D
QUESTION 7
An audit department has received anonymous information that
an employee has allegedly been able to
steal and cash checks sent to the organization by customers.
What is the most efficient way for an auditor
to determine how this type of fraud could occur and who might
be the perpetrator?
A. Confirm accounts receivable.
B. Confirm accounts payable.
C. Review the endorsements and banks of deposit on customers'
canceled checks.
D. Flowchart and analyze key controls in the cash receipts
process.
Correct Answer: D
QUESTION 9
During an audit of a retail organization, an internal auditor found
a scheme in which the warehouse director
and the purchasing agent diverted approximately $500,000 of
goods to their own warehouse, then sold the
goods to third parties. The fraud was not found earlier since the
warehouse director updated the perpetual
inventory records and then forwarded receiving reports to the
accounts payable department for processing.
Which of the following procedures would have most likely led to
the discovery of the missing materials and
the fraud?
A. Select a random sample of receiving reports and trace to the
recording in the perpetual inventory
records. Note differences and investigate by type of product.
B. Select a random sample of purchase orders and trace to
receiving reports and to the records in the
accounts payable department.
C. Take an annual physical inventory, reconciling amounts with
the perpetual inventory records. Note the
pattern of differences and investigate.
D. Select a random sample of sales invoices and trace to the
perpetual inventory records to see if
inventory was on hand. Investigate any differences.
Correct Answer: C
QUESTION 12
Which of the following describes an internal auditor's
responsibilities to include audit procedures to detect
fraud in audits of a multinational organization?
A. International Accounting Standards require the internal auditor
to include audit procedures which would
detect fraud if it would cause a material misrepresentation of the
financial statements.
B. Internal auditors do not have any specific responsibilities with
respect to including fraud-related audit
procedures.
C. Proper audit procedures, when carried out with due
professional care, will guarantee that fraud, if
present, will be detected.
D. If significant control weaknesses are detected, additional tests
should be directed toward other
indicators of fraud.
Correct Answer: D
QUESTION 24
Which of the following would be the best audit procedure to use
to determine if a division's unusually high
sales and gross margin for November and December were the
result of fraudulently recorded sales?
A. Trace a sample of shipping documents to related sales invoices
to verify proper billing.
B. Confirm accounts receivable balances with customers.
C. Compare sales and gross margin totals with those of the
previous ten months and the first month of the
following year.
D. Use regression analysis techniques to estimate the sales and
cost of goods sold for November and
December.
Correct Answer: B
QUESTION 29
A manager of one of a retailer's several retail outlets is stealing
cash from cash sales, recording the sales
as accounts receivable, and subsequently writing off the fictitious
accounts receivable as bad debts. Which
of the following comparisons would be most effective in signaling
the possibility of such a fraud?
A. Bad debt expense as a percentage of sales, compared to that
of the other outlets.
B. Bad debt expense as a percentage of sales, compared to that
of previous years.
C. Percentage of past-due accounts receivable, compared to that
D. Percentage of past-due accounts receivable, compared to that
of previous years.
Correct Answer: A
QUESTION 50
When interrogating an individual who is suspected of fraud, it is
appropriate to:
A. Tell the individual that any information disclosed in the
interrogation will not be disclosed outside of the
company.
B. Start the interview with questions to which the interviewer
already knows the answer.
C. Discontinue questioning once the individual has confessed to
the fraud.
D. Prepare a list of questions prior to the interrogation and strictly
adhere to the list.
Correct Answer: B
QUESTION 51
Questions used to interrogate individuals suspected of fraud
should:
A. Adhere to a predetermined order.
B. Cover more than one subject or topic.
C. Move from general to specific.
D. Direct the individual to a desired answer.
Correct Answer: C
QUESTION 53
While conducting a payroll audit, an internal auditor in a large
government organization found inadequate
segregation in the duties assigned to the assistant director of
personnel. When the auditor explained the
risk of fraud, the assistant director became upset, terminated the
interview, and threatened to sue the
organization for defamation of character if the audit engagement
was not curtailed. The auditor discussed
the situation with the chief audit executive (CAE). The CAE should
then:
A. Curtail the audit engagement to avoid potential legal action.
B. Provide a report to senior management recommending a fraud
investigation.
C. Continue the original engagement program as planned but
include a comment about the assistant
director's reaction in the engagement final communication.
D. Add additional testing to determine whether other indicators
of fraud exist.
Correct Answer: D
QUESTION 54
Which of the following is the most appropriate step for the chief
audit executive to take in order to avoid
defamation of character of the principal suspect in a fraud
investigation?
A. Restrict the use of potentially damaging words to privileged
reports or discussions.
B. Label all workpapers, reports, and correspondence of the
internal audit activity as private.
C. Restrict discussions of the fraud to members of management
who express an interest in the
investigation.
D. Destroy all investigation workpapers and reports if the fraud
cannot be proven.
Correct Answer: A
QUESTION 64
Which of the following must an auditor establish in order to
demonstrate that fraud has occurred?
A. Monetary damage to the victim.
B. The suspect's intent.
C. Existence of an internal control deficiency.
D. Evidence of collusion.
Correct Answer: B
QUESTION 68
After completing a fraud investigation but before publishing a
formal written report, the chief audit executive
should submit a draft of the final report to the organization's:
A. Legal counsel.
B. External auditor.
C. Audit committee chairperson.
D. Chief executive officer.
Correct Answer: A
QUESTION 83
Which of the following actions by management would reduce an
employee's opportunity to commit fraud?
A. Establishing physical controls over company assets.
B. Eliminating bonuses tied to sales or other performance goals.
C. Defining ethical behavior expectations in the company
handbook.
D. Identifying consequences, such as termination, for fraudulent
activities.
Correct Answer: A
QUESTION 85
When interviewing an individual suspected of fraud, what type of
questions would be asked after the
introductory questions?
A. Informational questions.
B. Admission-seeking questions.
C. Assessment questions.
D. Closing questions.
Correct Answer: A
QUESTION 89
Which of the following is a responsibility of the internal auditor
once a fraud investigation has been
concluded?
A. Ascertain the extent to which fraud has been perpetrated.
B. Notify the appropriate regulatory authorities regarding the
outcome of the investigation.
C. Determine if controls need to be implemented or strengthened
to reduce future vulnerability.
D. Implement controls to prevent future occurrences.
Correct Answer: C
QUESTION 103
An internal auditor is conducting tests to determine if an
organization is in compliance with its payment
approval policies. After reviewing a sample of vouchers selected,
the internal auditor concluded that there
were indicators of fraud. Which of the following would be the
most appropriate method to expand the audit
test to achieve the audit objective?
A. Validate the completeness of the accounts payable files.
II.
Examine the sample of vouchers in greater detail.
III.
Increase the number of vouchers in the sample.
IV.
Broaden the scope of the examination to include credits received
by accounts payable.
B. I and II only
C. II and III only
D. I, II, and IV only
E. I, III, and IV only
Correct Answer: B
QUESTION 107
Which of the following is typically not a reason for committing
financial statement fraud?
A. To dispel negative market perception.
B. To disguise a duplicate payment to a vendor.
C. To obtain more favorable terms on financing.
D. To receive performance-related bonuses.
Correct Answer: B
QUESTION 113
During an audit of a major contract, an auditor finds that actual
hours and dollars billed are consistently at
or near budgeted amounts. This condition is a red flag for which
of the following procurement fraud
schemes?
A. Defective pricing.
B. Cost mischarging.
C. Fictitious vendor.
D. Bid rotation.
Correct Answer: B
QUESTION 119
Persuasive evidence indicates that a member of senior
management has been involved in insider trading
that would be considered fraudulent. However, the evidence was
encountered during an operational audit
and is not considered relevant to the audit. Which of the
following is the most appropriate action for the
chief audit executive to take?
A. Report the evidence to external legal counsel for investigation.
Report the legal counsel findings to
management.
B. Report the evidence to the chairperson of the audit committee
and recommend an investigation.
C. Conduct sufficient audit work to conclude whether fraudulent
activity has taken place, then report the
findings to the chairperson of the audit committee and to
government officials if appropriate action is not
taken.
D. Discontinue audit work associated with the insider trading
since it is not relevant to the existing audit.
Correct Answer: B
QUESTION 138
When planning an audit engagement, what should an internal
auditor first consider when assessing the risk
of fraud in the area to be audited?
A. Impact of and exposure to fraud.
B. Existence of evidence of fraud.
C. Organizational structure.
D. Management's risk appetite.
Correct Answer: A
QUESTION 140
A code of business conduct provides:
Correct Answer: B
QUESTION 158
An organization's policies allow buyers to authorize expenditures
up to $50,000 without any other approval.
Which of the following audit procedures would be most effective
in determining if fraud in the form of
payments to fictitious companies has occurred?
A. Use generalized audit software to list all purchases over
$50,000 to determine whether they were
properly approved.
B. Develop a snapshot technique to trace all transactions by
suspected buyers.
C. Use generalized audit software to take a random sample of all
expenditures under $50,000 to determine
whether they were properly approved.
D. Use generalized audit software to select a sample of paid
invoices to new vendors and examine
evidence that shows that services or goods were received.
Correct Answer: D
QUESTION 160
Which of the following is most appropriate when conducting an
interview during the course of a fraud
investigation?
A. Schedule the interview well in advance.
B. Explain the detailed purpose to the interviewee.
C. Assume that the interviewee is guilty.
D. Have a witness present during the interview.
Correct Answer: D
QUESTION 163
Information gathered in a forensic investigation of business fraud
is usually gathered with which of the
following standards in mind?
A. Generally Accepted Auditing Standards.
B. Generally Accepted Accounting Principles.
C. The International Professional Practices Framework.
D. Legal evidence.
Correct Answer: D
QUESTION 185
An internal auditor notices that a division has recorded
uncharacteristically high sales and gross margins for
the past three months and now suspects the division is reporting
fictitious sales. Which course of action
should the auditor follow to determine whether fraud has
occurred?
A. Trace a sample of shipping documents to related sales invoices
to verify proper billing.
B. Send accounts receivable balance confirmations to customers.
C. Compare the division's sales and gross margins to those of the
prior three-month period.
D. Estimate the sales and cost of goods sold for the three-month
period by using regression analysis.
Correct Answer: B
QUESTION 187
When interviewing an individual in relation to a fraud
investigation, which course of action should the
internal auditor follow?
A. Assure the individual that the results of the interview will
remain confidential.
B. Establish a rapport with the subject to encourage openness.
C. Discontinue questioning once the individual has confessed to
the fraud.
D. Refrain from deviating from the list of questions prepared
before the interview.
Correct Answer: B
QUESTION 210
According to the Standards, which of the following would least
likely be considered a red flag when
evaluating the risk for fraud?
A. Cash receipts appear to be lower than expected from an
employee's cash drawer.
B. Health benefits are detected to be claimed for a deceased
employee.
C. An employee did not approve an internal report detailing
expenses for the month.
D. It is alleged that an employee is receiving vendor kickbacks.
Correct Answer: C
QUESTION 211
A payroll clerk enters payroll transactions into the general ledger.
The staff accountant reconciles the
payroll ledgers. The payroll manager issues the manual payroll
checks. The checks are maintained in a
locked cabinet. The chief financial officer secures the keys to the
cabinet. The payroll clerk distributes the
manual checks.
The payroll manager reconciles the bank statements monthly.
Which of the following audit steps best
addresses the risk of fraud in the payroll process?
A. Examine whether the payroll manager approves the
reconciliations of ledgers.
B. Determine whether an approved list of voided checks exists.
C. Determine whether the cabinet keys are secured properly.
D. Vouch a sample of items on bank reconciliations to supporting
documentation.
Correct Answer: D
QUESTION 254
Which of the following is a preventive control strategy against
fraud?
A. Performing a surprise audit.
B. Maintaining a whistleblower hotline.
C. Implementing control self-assessment.
D. Performing background checks on employees.
Correct Answer: D
QUESTION 267
Which of the following is a preventive control for fraud?
A. Determining if the number of manually prepared disbursement
checks is high.
B. Reconciling the purchase orders with the requisitions.
C. Verifying that new vendors appear on the vendor pre-approved
list.
D. Conducting an inventory count of the warehouse.
Correct Answer: C
QUESTION 282
During the audit of a large decentralized supply chain function,
the chief audit executive (CAE) receives
serious allegations of fraud concerning the vice president
responsible for this function. The CAE engages a
third party to provide forensic audit services and lead the
investigation portion of the engagement. As part
of this team, which of the following would be an appropriate role
for the investigator?
1. Authenticate the original approval signatures on contracts.
2. Interview personnel to understand the supply chain processes.
3. Provide certified copies of relevant original documents for the
audit file.
4. Identify variances in pixels on original electronic documents.
A. 1 and 2 only
B. 1 and 4 only
C. 2 and 3 only
D. 3 and 4 only
Correct Answer: B
QUESTION 287
The internal auditor is asked to conduct an investigation involving
a suspected fraud. According to the
Standards, which of the following statements regarding the
investigation process is false?
A. The auditor should use anonymous surveys of coworkers to
assess the character and behavior of the
suspect.
B. The auditor must give consideration to the risk of unidentified
co-conspirators whether indications exist
or not.
C. The auditor should not limit the collection of information by
prejudging its relevance to the investigation.
D. The auditor must consider the risk that audit procedures may
inadvertently violate the rights of the
suspect.
Correct Answer: A
QUESTION 288
According to the Standards, which of the following control
strategies would be the most effective in helping
to prevent fraud?
A. Have employees annually sign a code of conduct requiring that
they report any known violations.
B. Implement a whistleblower hotline where individuals can make
anonymous phone calls to report
fraudulent activities.
C. Provide periodic fraud awareness training to employees and
test their understanding of the training
through online surveys.
D. Conduct routine employee surveys to solicit their knowledge of
fraud and unethical behavior within the
organization.
Correct Answer: C
QUESTION 289
An internal auditor is conducting an assessment of the
organization's fraud controls. Which of the following
would not be considered a preventive control?
1. Daily report that identifies unsuccessful system log-in attempts.
2. Weekly management communication with tips on identifying
possible fraud.
3. E-mail alert sent to management for checks issued over
$100,000.00.
4. New hire training to explain fraud and employee misconduct.
A. 1 and 2 only
B. 1 and 3 only
C. 2 and 4 only
D. 3 and 4 only
Correct Answer: B
QUESTION 306
Which of the following is a detective control for managing the risk
of fraud?
A. Awareness of prior incidents of fraud.
B. Contractor non-disclosure agreements.
C. Verification of currency exchange rates.
D. Receipts for employee expenses.
Correct Answer: C
QUESTION 308
According to IIA guidance, organizations have the most influence
on which element of fraud?
A. Opportunity.
B. Rationalization.
C. Pressure.
D. Incentives.
Correct Answer: A
QUESTION 314
For which of the following fraud engagement activities would it
be most appropriate to involve a forensic
auditor?
A. Independently evaluating conflicts of interests.
B. Assessing contracts for relevant terms and conditions.
C. Performing statistical analysis for data anomalies.
D. Preparing evidentiary documentation.
Correct Answer: D
QUESTION 316
During a fraud interview, it was discovered that unquestioned
authority enabled a vice president to steal
funds from the organization. Which of the following best
describes this condition?
A. Scheme.
B. Opportunity.
C. Rationalization.
D. Pressure.
Correct Answer: B
QUESTION 342
After the team member who specialized in fraud investigations
left the internal audit team, the chief audit
executive decided to outsource fraud investigations to a third
party service provider on an as needed basis.
Which of the following is most likely to be a disadvantage of this
outsourcing decision?
A. Cost.
B. Independence.
C. Familiarity.
D. Flexibility.
Correct Answer: C
QUESTION 369
Which of the following would most likely cause an internal
auditor to consider adding fraud work steps to
the audit program?
A. Improper segregation of duties.
B. Incentives and bonus programs.
C. An employee's reported concerns.
D. Lack of an ethics policy.
Correct Answer: C
QUESTION 370
Which of the following recommendations made by the internal
audit activity (IAA) is most likely to help
prevent fraud?
A. A review of password policy compliance found that employees
frequently use the same password more
than once during a year. The IAA recommends that the access
control software reject any password
used more than once during a 12-month period.
B. A review of internal service-level agreement compliance in
financial services found that requests for
information frequently are fulfilled up to two weeks late. The IAA
recommends that the financial services
unit be eliminated for its ineffectiveness.
C. A vacation policy compliance review found that employees
frequently leave on vacation before their
leave applications are signed by their manager. The IAA
recommends that the manager attend to the
leave applications in a more timely fashion.
D. A review of customer service-level agreements found that
orders to several customers are frequently
delivered late. The IAA recommends that the organization extend
the expected delivery time advertised
on its website.
Correct Answer: A
QUESTION 377
Due to a recent system upgrade, an audit is planned to test the
payroll process. Which of the following audit
objectives would be most important to prevent fraud?
A. Verify that amounts are correct.
B. Verify that payments are on time.
C. Verify that recipients are valid employees.
D. Verify that benefits deductions are accurate.
Correct Answer: C
QUESTION 381
An employee in the sales department completes a purchase
requisition and forwards it to the purchaser.
The purchaser places competitive bids and orders the requested
items using approved purchase orders.
When the employee receives the ordered items, she forwards the
packing slips to the accounts payable
department. The invoice for the ordered items is sent directly to
the sales department, and an
administrative assistant in the sales department forwards the
invoices to the accounts payable department
for payment. Which of the following audit steps best addresses
the risk of fraud in the cash receipts
process?
A. Verify that approvals of purchasing documents comply with
the authority matrix.
B. Observe whether the purchase orders are sequentially
numbered.
C. Examine whether the sales department supervisor approves
invoices for payment.
D. Determine whether the accounts payable department
reconciles all purchasing documents prior to
payment.
Correct Answer: C
QUESTION 388
According to IIA guidance, which of the following procedures
would be least effective in managing the risk
of payroll fraud?
A. The employee's name listed on organization's payroll is
compared to the personnel records.
B. Payroll time sheets are reviewed and approved by the
timekeeper before processing.
C. Employee access to the payroll database is deactivated
immediately upon termination.
D. Changes to payroll are validated by the personnel department
before being processed.
Correct Answer: B
QUESTION 401
Which of the following statements is true pertaining to
interviewing a fraud suspect?
1. Information gathered can be subjective as well as objective to
be useful.
2. The primary objective is to obtain a voluntary written
confession.
3. The interviewer is likely to begin the interview with open-
ended questions.
4. Video recordings always should be used to provide the highest
quality evidence.
A. 1 only
B. 4 only
C. 1 and 3
D. 2 and 4
Correct Answer: C
QUESTION 402
According to IIA guidance, which of the following statements is
false regarding a review of the controls in
place to prevent fraud?
A. The review should focus on the efficiency of the controls in
place to prevent fraud.
B. The scope of the review does not need to include all operating
areas of the organization.
C. The cost of the control should be compared to the benefit of
mitigating the related risk.
D. The review should assess whether the internal controls can be
circumvented.
Correct Answer: A
QUESTION 411
Which of the following would be a red flag that indicates the
possibility of inventory fraud?
A. The controller has assumed responsibility for approving all
payments to certain vendors.
II. The controller has continuously delayed installation of a new
accounts payable system, despite a
corporate directive to implement it.
III. Sales commissions are not consistent with the organization's
increased levels of sales.
IV. Payments to certain vendors are supported by copies of
receiving memos, rather than originals.
B. I and II only
C. II and III only
D. I, II, and IV only
E. I, III, and IV only
Correct Answer: C
QUESTION 478
An auditor for a major retail company suspects that inventory
fraud is occurring at three stores which have
high costs of goods sold. Which of the following audit activities
would provide the most persuasive evidence
that fraud is occurring?
A. Use an integrated test facility (ITF) to compare individual sales
transactions with test transactions
submitted through the ITF and investigate all differences.
B. Interview the three individual store managers to determine if
their explanations about the observed
differences are the same, and then compare their explanations to
that of the section manager.
C. Schedule a surprise inventory audit to include a physical
inventory and investigate areas of inventory
shrinkage.
D. Select a sample of individual store prices and compare them
with the sales entered on the cash register
for the same items.
Correct Answer: C
QUESTION 480
Insurance companies often receive electronic hospitalization
claims directly from hospitals. Which of the
following control procedures would be most effective in detecting
fraud in such an environment?
A. Use integrated test facilities to test the accuracy of processing
in a manner that is transparent to data
processing.
B. Develop monitoring programs to identify unusual types of
claims or an unusual number of claims by
demographic class for investigation by the claims department.
C. Use generalized audit software to match the claimant
identification number with a master list of valid
policyholders.
D. Develop batch controls over all items received from a
particular hospital and process those claims in
batches.
Correct Answer: B
QUESTION 490
After becoming aware of control weaknesses indicating that a
fraud could have been committed, which of
the following actions should an internal auditor take next?
A. Issue a written report identifying the control weaknesses.
B. Perform tests directed toward the identification of other fraud
indicators.
C. Notify external auditors of the suspicion that fraud has been
committed.
D. Recommend that a fraud investigation be conducted involving
internal auditors, lawyers, investigators,
security personnel, and other specialists, as appropriate.
Correct Answer: B
QUESTION 495
to extend the search for other indicators of
fraud in a purchasing department?
increased.
policy of paying vendors on a more
timely basis in order to avoid incurring penalty charges.
Correct Answer: C
QUESTION 496
Which of the following does not represent a difficulty in using red
flags as fraud indicators?
A. Many common red flags are also associated with situations
where no fraud exists.
B. Some red flags are difficult to quantify or to evaluate.
C. Red flag information is only gathered in extraordinary
circumstances.
D. The red flags literature is not well enough established to have a
positive impact on auditing.
Correct Answer: D
QUESTION 497
Which of the following might alert an auditor to the possibility of
fraud in a division?
A. The division is not scheduled for an external audit this year.
II. Sales have increased by 10 percent.
III. A significant portion of management's compensation is
directly tied to reported net income of the
division.
B. I only
C. III only
D. I and II only
E. I, II, and III
Correct Answer: B
QUESTION 498
The most common motivation for management fraud is the
existence of:
A. Vices, such as a gambling habit.
B. Job dissatisfaction.
C. Financial pressures on the organization.
D. The challenge of committing the perfect crime.
Correct Answer: C
QUESTION 499
Which of the following conditions is the strongest indicator of
possible fraud?
A. An assistant treasurer who refuses to take vacations.
B. Independent reconciliations of subsidiary to general ledgers
that are not always completed on a timely
basis.
C. A condition of excess manufacturing waste material.
D. A manager who is often over budget at the end of a reporting
period.
Correct Answer: A
QUESTION 501
After partially completing an internal control review of the
accounts payable department, an auditor
suspects that some type of fraud has occurred. To ascertain
whether the fraud is present, the best
sampling approach would be to usE.
A. Simple random sampling to select a sample of vouchers
processed by the department during the past
year.
B. Probability-proportional-to-size sampling to select a sample of
vouchers processed by the department
during the past year.
C. Discovery sampling to select a sample of vouchers processed
by the department during the past year.
D. Judgmental sampling to select a sample of vouchers processed
by clerks who were identified by the
department manager as acting suspiciously.
Correct Answer: C
QUESTION 505
An auditor receives anonymous information that fraud is
occurring in the operation being audited, but no
details are given as to the type of fraud or the individuals
involved. There are several areas in which fraud
could occur. The auditor should:
A. Identify the area that has the greatest volume of transactions
and design a sampling plan for
substantive testing.
B. Apply analytical procedures to areas that might be impacted by
possible fraudulent activities.
C. Interview employees to identify areas where the fraud could
be occurring.
D. Plan detailed tests of the areas that have the highest dollar
amount of transactions.
Correct Answer: B

During a payroll audit of a large organization,an auditor noted
that the assistant personnel
director is responsible for many aspects of the computerized
payroll system,including
adding new employees in the system; entering direct-deposit
information for employees;
approving and entering all payroll changes; and providing training
for system users. After
discussions with the director of personnel,the auditor concluded
that the director was not
comfortable dealing with information technology issues and felt
obliged to support all
actions taken by the assistant director. The auditorshould:
A. Continue to follow the engagement program because the
engagement scope and
objectives have already been discussed with management.
B. Review the engagement program to ensure testing of direct
deposits to employee bank
accounts is adequately covered.
C. Recommend to the chief audit executive that a fraud
investigation be started.
D. Test a sample of payroll changes to ensure that they were
approved by the assistant
director before being processed.
Answer: B
A code of business conduct provides?
Answer: B
Fraud is most frequently detected by:
A. Following up on tips from employees or citizens.
B. Following up on analytical review of high-risk areas.
C. Performing periodic reconciliations over cash and other assets.
D. Performing unannounced audits or reviews of programs or
departments.
Answer: A
computerization may
impact an auditor's assessment of the risk of fraud?
personnel as well as to
computer users.
review.
Answer: A
An internal auditor plans to use an analytical review to verify the
correctness of various
operating expenses in a division. The use of an analytical review
as a verification technique
would not be a preferred approachif.
A. The auditor notes strong indicators of a specific fraud involving
this account.
B. The company has relatively stable operations which have not
changed much over the
past year.
C. The auditor would like to identify large,unusual,or non-
recurring transactions during the
year.
D. The operating expenses vary in relation to other operating
expenses,but not in relation
to revenue.
Answer: A
A charitable organization provides substantial grants for
important medical research.
Assuming marginal controls are in place,which of the following
possible frauds or misuses
of organization assets should be considered the area of greatest
risk?
A. Senior executives are using company travel and entertainment
funds for activities that
might be considered questionable.
B. Purchases of office supplies are made from fictitious vendors.
C. Grants are made to organizations associated with senior
executives.
D. A payroll clerk has added a fictitious employee.
Answer: C
allegations of fraud at its
derivatives trading desk and has asked the internal audit activity
to investigate and issue a
report concerning the allegations. The internal audit activity has
not yet developed sufficient
proficiency regarding derivatives trading to conduct a thorough
fraud investigation in this
area. Which of the following courses of action should the chief
audit executive (CAE) take
to comply with the Standards?
desk to perform the
investigation and submit a report with supporting documentation
to the CAE.
investigation until the
internal audit activity's on-staff certified fraud examiner is able to
obtain the appropriate
training regarding the analysis of derivatives trading.
activity from the
investigation completely and instead contract with an external
certified fraud examiner with
derivatives experience to perform all aspects of the investigation
and subsequent reporting.
derivatives experience to perform
the investigation and subsequent reporting,with the chief audit
executive approving the
scope of the investigation and evaluating the adequacy of the
work performed.
Answer: D

Which of the following actions by a chief audit executive would
be most effective in
preventing fraud?
A. Ensure that the board is aware of all fraud that has been
identified or reported.
B. Train the internal audit staff in identifying fraud indicators.
C. Review the adequacy of all policies that describe prohibited
activities.
D. Submit an annual report to the board on all fraud that has
been detected.
Answer: C
A dental insurance provider has implemented an electronic claim
submission process and
is concerned that dentists are submitting claims for services that
were not provided. Which
of the following control procedures would be most effective in
preventing this type of fraud?
A. Develop a program that identifies procedures performed on an
individual which are
either in excess of expectations based on the age of the insured
or are similar to other
procedures recently performed on the individual.
B. Require all submitted claims to be followed by a signed
statement by the dentist
testifying to the fact that the claimed procedures were
performed.
C. Send confirmations to the dentists requesting them to confirm
the exact nature of the
claims submitted to the insurance provider.
D. Develop an integrated test facility and submit false claims to
verify that the system is
detecting such claims on a consistent basis.
Answer: A
Which of the following actions by a chief audit executive is most
likely to prevent
exaggerated sales reports by division management?
I.Hire a new internal auditor who has fraud investigation
credentials.
II.Assist the controller in developing and monitoring a series of
business process indicators
which are historically correlated with,but independent of,sales.
III.Announce a series of internal audit engagements focusing on
compliance with corporate
sales-reporting policies.
IV.Ask the president and the board to issue a statement of
corporate policy stressing the
importance of accurate management reporting and the negative
consequences of
intentional misreporting.
A. I and IIonly
B. II and IIIonly
C. III and IVonly
D. I,II,III,and IV.
Answer: C

An internal audit activity's work schedule should always provide
sufficient information to the
audit committee to enable it to determine whether the proposed
engagements:
A. Support the organization's objectives.
B. Include sufficient fraud awareness.
C. Will likely result in the detection of any major risk exposures.
D. Are likely to detect control deficiencies.
Answer: A

to extend the search for
other indicators of fraud in a purchasing department?
increased.
policy of paying
vendors on a more timely basis in order to avoid incurring penalty
charges.
Answer: C
Which of the following does not represent a difficulty in using red
flags as fraud indicators?
A. Many common red flags are also associated with situations
where no fraud exists.
B. Some red flags are difficult to quantify or to evaluate.
C. Red flag information is only gathered in extraordinary
circumstances.
D. The red flags literature is not well enough established to have a
positive impact on
auditing.
Answer: D
During an audit of a retail organization, an internal auditor found
a scheme in which the
warehouse director and the purchasing agent diverted
approximately $500,000 of goods to
their own warehouse, then sold the goods to third parties. The
fraud was not found earlier
since the warehouse director updated the perpetual inventory
records and then forwarded
receiving reports to the accounts payable department for
processing. Which of the following
procedures would have most likely led to the discovery of the
missing materials and the
fraud?
A. Select a random sample of receiving reports and trace to the
recording in the perpetual
inventory records. Note differences and investigate by type of
product.
B. Select a random sample of purchase orders and trace to
receiving reports and to the
records in the accounts payable department.
C. Take an annual physical inventory, reconciling amounts with
the perpetual inventory
records. Note the pattern of differences and investigate.
D. Select a random sample of sales invoices and trace to the
perpetual inventory records to
see if inventory was on hand. Investigate any differences.
Answer: C
Insurance companies often receive electronic hospitalization
claims directly from hospitals.
Which of the following control procedures would be most
effective in detecting fraud in such
an environment?
A. Use integrated test facilities to test the accuracy of processing
in a manner that is
transparent to data processing.
B. Develop monitoring programs to identify unusual types of
claims or an unusual number
of claims by demographic class for investigation by the claims
department.
C. Use generalized audit software to match the claimant
identification number with a
master list of valid policyholders.
D. Develop batch controls over all items received from a
particular hospital and process
those claims in batches.
Answer: B
An audit department has received anonymous information that
an employee has allegedly
been able to steal and cash checks sent to the organization by
customers. What is the
most efficient way for an auditor to determine how this type of
fraud could occur and who
might be the perpetrator?
A. Confirm accounts receivable.
B. Confirm accounts payable.
C. Review the endorsements and banks of deposit on customers'
canceled checks.
D. Flowchart and analyze key controls in the cash receipts
process.
Answer: D
An auditor receives anonymous information that fraud is
occurring in the operation being
audited, but no details are given as to the type of fraud or the
individuals involved. There
are several areas in which fraud could occur. The auditor should:
A. Identify the area that has the greatest volume of transactions
and design a sampling
plan for substantive testing.
B. Apply analytical procedures to areas that might be impacted by
possible fraudulent
activities.
C. Interview employees to identify areas where the fraud could
be occurring.
D. Plan detailed tests of the areas that have the highest dollar
amount of transactions.
Answer: B
Which of the following would be a red flag that indicates the
possibility of inventory fraud?
I. The controller has assumed responsibility for approving all
payments to certain vendors.
II. The controller has continuously delayed installation of a new
accounts payable system,
despite a corporate directive to implement it.
III. Sales commissions are not consistent with the organization's
increased levels of sales.
IV. Payments to certain vendors are supported by copies of
receiving memos, rather than
originals.
A. I and II only
B. II and III only
C. I, II, and IV only
D. I, III, and IV only
Answer: C
The most common motivation for management fraud is the
existence of:
A. Vices, such as a gambling habit.
B. Job dissatisfaction.
C. Financial pressures on the organization.
D. The challenge of committing the perfect crime.
Answer: C
fraud is occurring at three
stores which have high costs of goods sold. Which of the
following audit activities would
provide the most persuasive evidence that fraud is occurring?
transactions with test
transactions submitted through the ITF and investigate all
differences.
their explanations about the
observed differences are the same, and then compare their
explanations to that of the
section manager.
inventory and investigate areas
of inventory shrinkage.
with the sales entered on
the cash register for the same items.
Answer: C
fraud is occurring at three
stores which have high costs of goods sold. Which of the
following audit activities would
provide the most persuasive evidence that fraud is occurring?
transactions with test
transactions submitted through the ITF and investigate all
differences.
their explanations about the
observed differences are the same, and then compare their
explanations to that of the
section manager.
inventory and investigate areas
of inventory shrinkage.
with the sales entered on
the cash register for the same items.
Answer: C
Which of the following might alert an auditor to the possibility of
fraud in a division?
I. The division is not scheduled for an external audit this year.
II. Sales have increased by 10 percent.
III. A significant portion of management's compensation is
directly tied to reported net
income of the division.
A. I only
B. III only
C. I and II only
D. I, II, and III
Answer: B
Which of the following conditions is the strongest indicator of
possible fraud?
A. An assistant treasurer who refuses to take vacations.
B. Independent reconciliations of subsidiary to general ledgers
that are not always
completed on a timely basis.
C. A condition of excess manufacturing waste material.
D. A manager who is often over budget at the end of a reporting
period.
Answer: A
In which of the following situations would it be most appropriate
to employ the services of a
forensic specialist?
A. Detection of unauthorized changes to source documents.
B. Review for misapplication of general computer controls over
accounts receivable.
C. Investigation of ghost employees in a large business.
D. Verification of fixed assets in a manufacturing company.
Answer: A
accounts payable department, an
auditor suspects that some type of fraud has occurred. To
ascertain whether the fraud is
present, the best sampling approach would be to usE.
processed by the department
vouchers processed by
the department during the past year.
by the department during
the past year.
by clerks who were
identified by the department manager as acting suspiciously.
Answer: C
accounts payable department, an
auditor suspects that some type of fraud has occurred. To
ascertain whether the fraud is
present, the best sampling approach would be to usE.
processed by the department
vouchers processed by
the department during the past year.
by the department during
the past year.
by clerks who were
identified by the department manager as acting suspiciously.
Answer: C

Which of the following actions by management would reduce an
employee's opportunity to commit fraud?
IIA IIA-CIA-Part2 : Practice Test
A. Establishing physical controls over company assets.
B. Eliminating bonuses tied to sales or other performance goals.
C. Defining ethical behavior expectations in the company
handbook.
D. Identifying consequences, such as termination, for fraudulent
activities.
Answer: A

Which of the following is typically not a reason for committing
financial statement fraud?
A. To dispel negative market perception.
B. To disguise a duplicate payment to a vendor.
C. To obtain more favorable terms on financing.
D. To receive performance-related bonuses.
Answer: B
A manager of one of a retailer's several retail outlets is stealing
cash from cash sales,
recording the sales as accounts receivable, and subsequently
writing off the fictitious
accounts receivable as bad debts. Which of the following
comparisons would be most
effective in signaling the possibility of such a fraud?
A. Bad debt expense as a percentage of sales, compared to that
B. Bad debt expense as a percentage of sales, compared to that
of previous years.
C. Percentage of past-due accounts receivable, compared to that
D. Percentage of past-due accounts receivable, compared to that
of previous years.
Answer: A

Which of the following must an auditor establish in order to
demonstrate that fraud has
occurred?
A. Monetary damage to the victim.
B. The suspect's intent.
C. Existence of an internal control deficiency.
D. Evidence of collusion.
Answer: B

In response to an accounts receivable confirmation, a customer
indicated that the invoice
listed on the confirmation letter had been paid two months
earlier.
This may indicate that:
A. The receivable was selected for confirmation in error.
B. The customer is a bad credit risk.
C. The receivable should be written off.
D. Fraudulent activity has occurred.
Answer: D
While conducting a payroll audit, an internal auditor in a large
government organization
found inadequate segregation in the duties assigned to the
assistant director of personnel.
When the auditor explained the risk of fraud, the assistant
director became upset,
terminated the interview, and threatened to sue the organization
for defamation of
character if the audit engagement was not curtailed. The auditor
discussed the situation
with the chief audit executive (CAE). The CAE should then:
A. Curtail the audit engagement to avoid potential legal action.
B. Provide a report to senior management recommending a fraud
investigation.
C. Continue the original engagement program as planned but
include a comment about the
assistant director's reaction in the engagement final
communication.
D. Add additional testing to determine whether other indicators
of fraud exist.
Answer: D

Which of the following is a responsibility of the internal auditor
once a fraud investigation
has been concluded?
A. Ascertain the extent to which fraud has been perpetrated.
B. Notify the appropriate regulatory authorities regarding the
outcome of the investigation.
C. Determine if controls need to be implemented or strengthened
to reduce future
vulnerability.
D. Implement controls to prevent future occurrences.
Answer: C
Which of the following is the most appropriate step for the chief
audit executive to take in
order to avoid defamation of character of the principal suspect in
a fraud investigation?
A. Restrict the use of potentially damaging words to privileged
reports or discussions.
B. Label all workpapers, reports, and correspondence of the
internal audit activity as
private.
C. Restrict discussions of the fraud to members of management
who express an interest in
the investigation.
D. Destroy all investigation workpapers and reports if the fraud
cannot be proven.
Answer: A
(LC Fraud & Investigation Audit)
(IA Enterprise Management Audit)
Question No : 7
One mechanism to help ensure the proper application of audit
standards is through ____________. The purpose of
_______________ is to provide feedback to management on the
effectiveness of the quality control policies and procedures of an
organization:
A. An external quality review process
B. An internal quality review process
C. Organizational review process
D. Audit review process
Answer: B
Question No : 39
Which institution plays a major role in auditing government
accounts and operations and in promoting sound financial
management and accountability in their governments?
A. International Standards for the Professional Practice of Internal
Auditing (ISPPIA).
B. Supreme Audit Institutions (SAIs)
C. International Organization of Supreme Audit Institutions
D. International Standards on Auditing (ISA).
Answer: B
Question No : 55
All of The following items are often contained in written auditing
policies and procedures in the management of an audit function
EXCEPT:
A. Definition of the audit units responsibilities, goals, and
objectives and Legislative or other source of audit authority
B. The reporting relationship between the audit unit and
management and/or the governing Body and The process for
hiring and dismissing auditors
C. Access to information and people and the scope of work to be
undertaken
D. There must not be written rules.
Answer: D
Question No : 68
All of the following are guidelines for effective personnel
management EXCEPT:
A. Plan for personnel needs and review hiring results periodically
to determine whether personnel needs are being achieved.
B. Estimate the significance of a risk (e.g., magnitude of exposure
in dollars or other type of measure, type of threat, duration, etc.).
C. Provide continuing education and training for staff (e.g.,
external or in-house training courses, professional conferences, or
seminars).
D. Develop procedures to identify sources of potential hires,
methods of contacting and attracting potential hires, and
methods of evaluating and selecting potential hires.
Answer: B
Question No : 69
Which is the practice that an organization uses when the audit
staff does not possess the needed skills, and management may
temporally contract with a specialist to perform the needed
function?
A. Control
B. Fraud risk assessment practice
C. Outsourcing
D. Accountancy practice
Answer: C
Question No : 81
Management controls are the plans, methods, and procedures
adopted by management for measuring, reporting, and
monitoring program performance. All of the following are
objectives of management control EXCEPT:
A. Program operations
B. controlled operations
C. Compliance with laws and regulations.
D. Validity and reliability of data.
Answer: B
Question No : 82
_____________involves interviews, observations, and inspections
appropriate to the audit objectives. Auditors often design tests of
specific management controls based on information gained in
previous audits:
A. Market control management
B. Bureaucratic control management
C. Clan control
D. Testing management controls
Answer: D
Question No : 83
An assessment of management controls can influence all of the
following elements of the audit program EXCEPT:
A. Objectives:
B. Structure
C. Methodology.
D. Scope
Answer: B
Question No : 85
Which of The following two approaches can be used to evaluate
management controls in Performance audits please choose the
correct option?
A. measurement based approach
B. Targeted approach
C. Planning based approach
D. Comprehensive approach
Answer: C
Question No : 93
___________are the framework that management establishes to
ensure that it meets its responsibilities in a variety of areas. The
objectives _________of are that all transactionsshould be
authorized, accounted for accurately and completely, and in the
correct time frame.
A. accounting controls, internal controls
B. Internal controls, accounting controls
C. Internal controls, external controls
D. External controls, internal controls
Answer: D
Question No : 94
All of the following are the General questions auditors need to
answer when auditing an organizations control environment
please chooses the correct option:
A. Does management communicate its support for controls
throughout the organization?
B. Does management establish and maintain effective policies
and procedures related to control?
C. Does management provide a favorable control environment in
the organization?
D. All of the above
Answer: D
Question No : 8
Which of the following best describes an objective for an audit of
an environmental management system?
A. To assess whether an annual control review is necessary.
B. To determine conformance with requirements and
agreements.
C. To evaluate executive management oversight.
D. To promote environmental awareness.
Answer: B
Question No : 11
An organization decided to install a motion detection system in its
warehouse to protect against after-hours theft. According to the
COSO enterprise risk management framework, which of the
following best describes this risk management strategy?
A. Avoidance.
B. Reduction.
C. Elimination.
D. Sharing.
Answer: B
Question No : 18
For an engineering department with a total quality management
program, important elements of quality management include all
of the following except:
A. Basing performance evaluations on the number of projects
completed.
B. Comparing results with those of other engineering
departments.
C. Creating a quality council within the engineering department.
D. Conducting post-project surveys on performance.
Answer: A
Question No : 25
Which of the following statements is correct regarding risk
analysis?
A. The extent to which management judgments are required in an
area could serve as a risk factor in assisting the auditor in making
a comparative risk analysis.
B. The highest risk assessment should always be assigned to the
area with the largest potential loss.
C. The highest risk assessment should always be assigned to the
area with the highest probability of occurrence.
D. Risk analysis must be reduced to quantitative terms in order to
provide meaningful comparisons across an organization.
Answer: A
Question No : 28
The first stage in the development of a crisis management
program is to:
A. Formulate contingency plans.
B. Conduct a risk analysis.
C. Create a crisis management team.
D. Practice the response to a crisis.
Answer: B
Question No : 31
Which of the following factors would reduce dissatisfaction for a
management trainee but would not particularly motivate the
trainee?
A. A sense of achievement.
B. Promotion.
C. Recognition.
D. An incremental increase in salary.
Answer: D
Question No : 34
An organization facing rapid growth decides to employ a third
party service provider to manage its customer relationship
management function. Which of the following is true regarding
the supporting application software used by that provider
compared to an inhouse
developed system?
1.Updating documentation is always a priority.
2.System availability is usually more reliable.
3.Data security risks are lower.
4.Overall system costs are lower.
A. 1 and 2 only
B. 1 and 3 only
C. 2 and 4 only
D. 3 and 4 only
Answer: C
Question No : 36
Which mindset promotes the most comprehensive risk
management strategy?
A. Increase shareholder value.
B. Maximize market share.
C. Improve operational efficiency.
D. Mitigate losses.
Answer: A
Question No : 41
When auditing an application change control process, which of
the following procedures should be included in the scope of the
audit?
1.Ensure system change requests are formally initiated,
documented, and approved.
2.Ensure processes are in place to prevent emergency changes
from taking place.
3.Ensure changes are adequately tested before being placed into
the production environment.
4.Evaluate whether the procedures for program change
management are adequate.
A. 1 only
B. 1 and 3 only
C. 2 and 4 only
D. 1, 3, and 4 only
Answer: D
Question No : 53
Which of the following are likely indicators of ineffective change
management?
1.IT management is unable to predict how a change will impact
interdependent systems or business processes.
2.There have been significant increases in trouble calls or in
support hours logged by programmers.
3.There is a lack of turnover in the systems support and business
analyst development groups.
4.Emergency changes that bypass the normal control process
frequently are deemed necessary.
A. 1 and 3 only
B. 2 and 4 only
C. 1, 2, and 4 only
D. 1, 2, 3, and 4
Answer : C
Question No : 70
Organizations use matrix management to accomplish which of
the following?
A. To improve the chain of command.
B. To strengthen corporate headquarters.
C. To focus better on a single market.
D. To increase lateral communication.
Answer: D
The responsibility for preparing and presenting the audited
financial statements is that of:
A. Internal auditor
B. Engagement client/ Management of the entity
C. Process owner
D. Auditing Agency
Answer: B
Management must ___________ assess business risk and
develop clearly defined control objectives:
A. Continually
B. Annually
C. Periodically
D. Weekly
Answer: A
Risks inherent in the management process are known as:
A. Residual risks
B. Long-term risks
C. Control risks
D. Strategic risks
Answer: C
Both residual and control risk need to be_______________ dealt
with in project management.
A. Timely
B. Implicitly
C. Professionally
D. Explicitly
Answer: D
Faulty human judgments, misunderstanding of instructions,
errors, management override, and collusion and cost/benefit
considerations are the limitations of:
A. Reasonable Assurance
B. Internal Control System
C. Risk Management
D. Compliance Control
Answer: B
Engagement client management often has a negative perception
of audit process; therefore, communication throughout the audit
process is essential to alleviate some of the concerns of
management. The very first step in communicating the audit
information with
the client is:
A. Entrance conference
B. Formal notification of the audit
C. Explanation of the scope of audit
D. None of these
Answer: B
Audit management must decide whether to sample (judgment
or statistical) or use the entire universe, and which specific
quantitative and qualitative methodologies will provide sufficient,
competent and relevant evidence to answer the questions posed
in the audit objectives. It is an example of:
A. Determining appropriate audit methods and strategies
B. Determining resources needed to conduct the audit
C. Determining audit scope
D. None of these
Answer: A
Internal auditing controls (e.g. segregation of duties, monitoring,
reconciliation), management controls (e.g. the plan, methods and
procedures adopted by management to ensure its goals are met,
including systems for measuring reporting and monitoring
program performance), physical controls (e.g. security), and
Information technology control (e.g. access security controls ,data
center operation controls). All these are examples of:
A. Detective controls
B. Control activities
C Corrective controls
D Preventive controls
Answer: B
Internal auditing controls (e.g. segregation of duties, monitoring,
reconciliation), management controls (e.g. the plan, methods and
procedures adopted by management to ensure its goals are met,
including systems for measuring reporting and monitoring
program performance), physical controls (e.g. security), and
Information technology control (e.g. access security controls ,data
center operation controls). All these are examples of:
A. Detective controls
B. Control activities
C Corrective controls
D Preventive controls
Answer: B
Management of the lending institution sets a reserve for loan
losses at a given point based onsuch factors as mentioned below
EXCEPT:
A. Number and type of loans made
B. Quality of loans made
C. Historical loss experience
D. Loan portfolio
Answer: D
Many businesses generally find CDs to be a:
A. Satisfactory money management approach
B. More than satisfactory money management approach
C. Less than satisfactory money management approach
D. Dissatisfactory money management approach
Answer: C
Obtaining feedback from client management throughout the
audit is encouraged in order to ensure that appropriate
information is being obtained and to alleviate problems at the
conclusions of the audit. Some specific components of continual
communication to consider include:
A. Keep client management informed of audit issues and
concerns as they arise.
B. Submit a draft audit report ensure that accurate and
appropriate information has beenreported
C. Advise client management of projected audit days and weeks
D. Both A and B
Answer: D

An objective of an exit conference is that it provides the client
management with findings and recommendations identified
during the audit which addresses all of the followings EXCEPT:
A. Allow client management to state concerns and objections to
the findings and recommendations
B. Give the client management and the audit team the
opportunity to identify and correct any errors or
misinterpretations that may appear in the draft report
C. It should include a description of significant noteworthy
accomplishments and issues that need further work
D. Provide the audit team with the formal opportunity to explain
the remaining steps in the auditprocess prior to the release of the
final report
Answer: C
The purpose of audits of financial statements is to issue an
opinion on the fairness of the financial statements and to
evaluate all of the following assertions (explicit or implicit) by
management EXCEPT:
A. Existence or occurrence assertions address whether available
information addresses actualtransactions, assets, and liabilities
B. completeness assertions address whether all material financial
information is included infinancial statements
C. Rights and obligations assertions address whether the entity
has legal rights to the assets andobligations to the liabilities
disclosed on the financial statements
D. Presentation and disclosure assertions address whether the
elements of the financialstatements are properly organized,
classified and disclosed
Answer: C

All lending institutions assume some loans will not be repaid and
thus estimate the losses they expect from their loan portfolio.
Management of the lending institution sets a reserve for loan
losses at a given point based on factors such as:
A. The number and type of loans made
B. The quality of loans made
C. The number of problem loans
D. All of these
Answer: D
(IA Compliance Management)
(LC Compliance Management)
Commerce & Relations Delivery Audit
(IA Marketing & Salses Audit)
Commerce & Relations Delivery Audit
(IA Marketing & Sales Audit)
Question No : 46
Which of the following strategies is most appropriate for an
industry that is in decline?
A. Invest in marketing.
B. Invest in research and development.
C. Control costs.
D. Shift toward mass production.
Answer: C
Question No : 48
The activity that involves a trial run of a product in a typical
segment of the market before proceeding to a national launch is
referred to as:
A. Test marketing
B. Experimentation
C. Segmentation
D. Positioning
Answer: A
Question No : 59
During the last year, an organization had an opening inventory of
$300,000, purchases of $980,000, sales of $1,850,000, and a
gross margin of 40 percent. What is the closing inventory if the
periodic inventory system is used?
A. $170,000
B. $280,000
C. $300,000
D. $540,000
Answer: A
Question No : 63
An organization has recorded the following profit and expenses:
Profit before interest and tax
$200,000
Sales
$2,300,000
Purchases of materials
$700,000
Interest expenses
$30,000
If the value-added tax (VAT) rate is 20 percent and the corporate
tax rate is 30 percent, which of the following is the amount of VAT
that the organization has to pay?
A. $34,000
B. $51,000
C. $60,000
D. $320,000
Answer: D
Question No : 66
What must be monitored in order to manage risk of consumer
product inventory obsolescence?
1.Inventory balances.
2.Market share forecasts.
3.Sales returns.
4.Sales trends.
A. 1 only
B. 4 only
C. 1 and 4 only
D. 1, 2, and 3 only
Answer: C
CIA Part3.pdf
[12] Gleim #: 1.12 -- Source: CMA 697 3-27

All of the following are generally included in a cost-of-quality
report except
A. Warranty claims.
B. Design engineering.
C. Supplier evaluations.
D. Lost contribution margin.
Answer : D
Which of the following criteria would be most useful to a sales
department manager in evaluating the performance of the
managers customer-service group?
A. The customer is always right.
B. Customer complaints should be processed promptly.
C. Employees should maintain a positive attitude when dealing
with customers.
D. All customer inquiries should be answered within 7 days of
receipt.
Answer : D

A division uses a regression in which monthly advertising
expenditures are used to predict monthly product sales (both in
millions of dollars). The results show a regression coefficient for
the independent variable equal to 0.8. This coefficient value
indicates that
A. The average monthly advertising expenditure in the sample is
$800,000.
B. When monthly advertising is at its average level, product sales
will be $800,000.
C. On average, every additional dollar of advertising results in
$.80 of additional sales.
D. Advertising is not a good predictor of sales because the
coefficient is so small.
Answer : C

As part of a risk analysis, an auditor wishes to forecast the
percentage growth in next months sales for a particular plant
using the past 30 months sales results. Significant changes in the
organization affecting sales volumes were made within the last 9
months. The most effective analysis technique to use would be
A. Unweighted moving average.
B. Exponential smoothing.
C. Queuing theory.
D. Linear regression analysis
Answer : B
A company, which has many branch stores, has decided to
benchmark one of its stores for the purpose of analyzing the
accuracy and reliability of branch store financial reporting. Which
one of the following is the most likely measure to be included in a
financial benchmark?
A. High turnover of employees.
B. High level of employee participation in setting budgets.
C. High amount of bad debt write-offs.
D. High number of suppliers.
Answer : C
[162] Gleim #: 1.162 -- Source: CIA 596 I-20

If a manufacturer has established a limit on the number of
defects that are tolerable in the final assembly of its product,
which of the following quality control procedures should be
employed?
I. Inspect completed goods for compliance with established
tolerances.
II. Review sales returns for defects not detected during the final
inspection process.
III. Compare materials and machinery specifications with original
product designs.
IV. Establish a quality circle that includes management and
subordinates to discuss labor efficiency.
A. I, III, and IV.
B. II and III only.
C. I, II, and III.
D. III and IV only.
Answer : C

The bullwhip or whiplash effect on inventories begins when
retailers face uncertain demand from consumers caused by
randomness in buying habits. It can be avoided by
A. The need to purchase or manufacture goods in cost-efficient
batches.
B. Changes in price that may encourage purchases in anticipation
of future increases.
C. Shortages that may lead to rationing by suppliers or
manufacturers and hoarding by manufacturers or retailers.
D. Sharing of information and coordination among the
organizations in the supply chain.
Answer : D
A desired result of the sharing of information by all functions and
organizations in the supply chain is
A. Fewer rush orders.
B. Maximization of inventories held by suppliers, manufacturers,
and retailers.
C. Stockouts.
D. Incompatibility of the information systems of the parties.
Answer : A
[190] Gleim #: 2.28 -- Source: CMA 1296 4-6

Several surveys point out that most managers use full product
costs, including unit fixed costs and unit variable costs, in
developing cost-based pricing. Which one of the following is least
associated with cost-based pricing?
A. Price stability.
B. Price justification.
C. Target pricing.
D. Fixed-cost recovery
Answer : C

During the growth stage of a products life cycle
A. The quality of products is poor.
B. New product models and features are introduced.
C. There is little difference between competing products.
D. The quality of the products becomes more variable and
products are less differentiated
Answer : B

In a products life cycle, the first symptom of the decline stage is a
decline in the
A. Firms inventory levels.
B. Products sales.
C. Products production cost.
D. Products prices.
Answer : B

At the introduction stage of an innovative product, the profit
growth is normally slow due to
A. Expensive sales promotion.
B. High competition.
C. A mass market.
D. Available alternatives.
Answer : A
An organization sells a product for which demand is uncertain.
Management would like to ensure that there is sufficient
inventory on hand during periods of high demand so that it does
not lose sales (and customers). To do so, the organization should
A. Keep a safety stock.
B. Use a just-in-time inventory system.
C. Employ a materials requirements planning system.
D. Keep a master production schedule.
Answer : A

Manx Co. produces and sells two products. Product A costs $10
per unit and Product B costs $5 per unit. The As are selling very
well, but sales of B are low. In order to increase sales of B, Manx
has begun setting a price of $13 for one of each. This pricing
method is
A. Product-bundle pricing.
B. By-product pricing.
C. Value pricing.
D. Collusive pricing.
Answer : A

To comply with the matching principle, the cost of labor services
of an employee who participates in the manufacturing of a
product normally should be charged to the income statement in
the period in which the
A. Work is performed.
B. Employee is paid.
C. Product is completed.
D. Product is sold.
Answer : D
An entity had cash receipts from sales of 175,000 during 20X4, of
which 30,000 was unearned at the end of 20X4. At the end of
20X3, the company had 40,000 of unearned revenue, all of which
was earned in 20X4. The companys sales revenue for
20X4 would be
A. 145,000
B. 165,000
C. 175,000
D. 185,000
Answer : D

If sales are accounted for using the installment method, which of
the following is(are) only recognized in proportion to the cash
collected on the sales during the period?
A. Sales.
B. Sales and cost of sales.
C. Sales and cost of sales and selling expenses.
D. Sales and cost of sales and administrative expenses.
Answer : B

An entity has a 50% gross margin, general and administrative
expenses of 50, interest expense of 20, and net profit of 10 for
the year just ended. If the corporate tax rate is 50%, the level of
sales for the year just ended was
A. 90
B. 135
C. 150
D. 180
Answer : D
Which of the following is a unique reporting problem associated
with the determination of the results of operations for an interim
period?
A. Advertising and similar costs expensed in one interim period
may benefit other interim periods in the same annual period.
B. Cost of goods sold for an interim period reflects only the
amount of product cost applicable to sales revenue recognized in
the interim period.
C. Depreciation for an interim period represents an estimate.
D. An extraordinary loss occurring in the second quarter must be
prorated over the last three interim periods of the year.
Answer : A

A department store sells gift certificates that may be redeemed
for merchandise. Each certificate expires 3 years after issuance.
The revenue from the gift certificates should be recognized
A. Evenly over 3 years from the date of issuance.
B. In the period the certificates are sold.
C. In the period the certificates expire.
D. In the period the certificates are redeemed or in the period
they expire if they are allowed to lapse.
Answer : D

IAS 34, Interim Financial Reporting, provides guidelines for
interim reporting stating that enterprises ____
A. May use estimates based on sales margins for interim
inventory valuation although a different method is used for
annual reporting.
B. Must determine income tax expense by applying progressive
tax rates to income on a quarterly basis.
C. May prorate extraordinary items over four quarters.
D. Need not disclose basic and diluted earnings per share each
quarter.
Answer : A
An enterprise that owns a new professional basketball team sells
season tickets to its teams games. The season lasts from
November through April, with 10 games played each month. In
20X3, the enterprise collected 3 million from season-ticket sales
for the 20X3-20X4 season. Its fiscal year-end is December 31.
Based on this information, the enterprise should
A. Report a liability for unearned income of 2 million on its
December 31, 20X3 balance sheet.
B. Report a liability for unearned income of 3 million on its
December 31, 20X3 balance sheet.
C. Report income of 3 million on its 20X3 income statement.
D. Report income of 1 million on its 20X4 income statement
Answer : A

An entity has excess capacity in production-related property,
plant, and equipment. If in a given year these assets are being
used to only 80% of capacity and the sales level in that year is 2
million, the full capacity sales level is
A. 1,600,000
B. 2,000,000
C. 2,500,000
D. 10,000,000
Answer : C

An entity purchased a machine on January 1, 20X1 for 1,000,000.
The machine had an estimated useful life of 9 years and a residual
value of 100,000. The company uses straight-line depreciation.
On December 31, 20X3, the machine was sold for 535,000. The
gain or loss that should be recorded on the disposal of this
machine is
A. 35,000 gain.
B. 65,000 loss.
C. 365,000 loss.
D. 465,000 loss.
Answer : B
Whenever an entity must use net realizable value rather than cost
to value an inventory item, the inventory account is reduced and
the account expense due to decline of inventory to net realizable
value is increased. The balance of this account is reflected as a
separate item on the _____
A. Balance sheet as a deduction from inventory.
B. Income statement as an extraordinary loss.
C. Income statement as a deduction from gross profit on sales.
D. Income statement as an operating expense
Answer : C

Mapping New Expert-KEU

Hochgeladen von

Dokumentinformationen

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Mapping New Expert-KEU

Hochgeladen von

Copyright:

Verfügbare Formate

JOB ROLE COMPETENCY

AUDIT STRATEGIC SP/IA 01. Industry and Maket Analysis;

AUDIT DEVELOPMENT IT/IA 38. Application Management ;

IA = Internal Audit In Progress

Pages from IIA_CFSA.pdf

Following statements define risk EXCEPT __________

Question No : 118 - (Topic 2)

Question No : 124 - (Topic 2)

Question No : 154 - (Topic 2)

Question No : 158 - (Topic 2)

Pages from IIA_CIA-Part3.pdf

[110] Gleim #: 1.110 -- Source: CIA 1192 III-97

[113] Gleim #: 1.113 -- Source: CIA 1190 III-41

[914] Gleim #: 6.117 -- Source: IIA, adapted

[941] Gleim #: 7.9 -- Source: Publisher

[1099] Gleim #: 8.31 -- Source: CIA 1193 I-26

[1115] Gleim #: 8.47 -- Source: CIA 1196 III-36

[1156] Gleim #: 8.88 -- Source: CISA

[1168] Gleim #: 8.100 -- Source: CIA 1189 II-31

[1175] Gleim #: 8.107 -- Source: CIA 596 III-61

[1340] Gleim #: 10.55 -- Source: CIA 593 II-20

Business Process Management

[45] Gleim #: 1.45 -- Source: CIA 1196 III-60

[138] Gleim #: 1.138 -- Source: CIA 1196 III-60

[383] Gleim #: 3.93 -- Source: CIA 1192 IV-30

[560] Gleim #: 4.92 -- Source: CIA 1195 IV-24

[578] Gleim #: 4.110 -- Source: CPA 590 T-33

[1113] Gleim #: 8.45 -- Source: CIA 1195 III-34

[1121] Gleim #: 8.53 -- Source: CPA 593 A-40

[1130] Gleim #: 8.62 -- Source: Publisher

Pages from IIA_CFSA.pdf

Pages from IIA_CIA-Part1.pdf

Business Process Management

Pages from IIA_CIA-Part1.pdf

Question No : 105 - (Topic 2)

Question No : 164 - (Topic 2)

Pages from IIA_CIA-Part2.pdf

Question No : 104 - (Topic 2)

Question No : 112 - (Topic 2)

Question No : 124 - (Topic 2)

Question No : 130 - (Topic 2)

Question No : 159 - (Topic 2)

Pages from IIA_CGAP.pdf

Question No : 133 - (Topic 2)

Question No : 150 - (Topic 2)

[12] Gleim #: 1.12 -- Source: CMA 697 3-27

[53] Gleim #: 1.53 -- Source: CIA 1195 II-30

[58] Gleim #: 1.58 -- Source: CIA 594 II-38

[162] Gleim #: 1.162 -- Source: CIA 596 I-20

[180] Gleim #: 2.18 -- Source: Publisher

[190] Gleim #: 2.28 -- Source: CMA 1296 4-6

[197] Gleim #: 2.35 -- Source: IIA, adapted

[198] Gleim #: 2.36 -- Source: IIA, adapted

[199] Gleim #: 2.37 -- Source: IIA, adapted

[256] Gleim #: 2.94 -- Source: Publisher

[298] Gleim #: 3.8 -- Source: CIA 1191 IV-29

[311] Gleim #: 3.21 -- Source: CIA 595 IV-11

[317] Gleim #: 3.27 -- Source: CIA 596 IV-44

[393] Gleim #: 3.103 -- Source: CIA 1189 IV-29

[411] Gleim #: 3.121 -- Source: Publisher

[423] Gleim #: 3.133 -- Source: CIA 597 IV-55

[425] Gleim #: 3.135 -- Source: CIA 597 IV-34

Das könnte Ihnen auch gefallen