Beruflich Dokumente
Kultur Dokumente
1- The internal and external auditors report directly to an audit committee composed of independent
directors. This practice is directly related to which of the following governance principles?
A. 3 and 4 only.
B. 1 and 2 only.
C. 1, 2, 3, and 4.
D. 2 and 3 only.
Albert is in charge of the accounting department. His duties involve the daily audit and producing
the year-end financial statements.
Bradley is in charge of production. His duties involve ensuring that production stays on schedule
and that waste is minimized.
Chris is in charge of support staff. His duties include ensuring that the workplace remains clean.
This practice is most closely related to which of the following governance principles?
A. An independent and objective board with sufficient expertise, experience, authority, and
resources to conduct independent inquiries.
3- The responsibility of the internal audit activity in an assurance engagement for ethics-related matters
is
A. The leadership, organizational structures, and processes that ensure that the enterprise’s
information technology supports the organization’s strategies and objectives.
B. A process to identify, assess, manage, and control potential events or situations to provide
reasonable assurance regarding the achievement of the organization’s objectives.
C. The combination of processes and structures implemented by the board to inform, direct,
manage, and monitor the activities of the organization toward the achievement of its objectives.
D. The highest level governing body charged with the responsibility to direct and or oversee the
organization’s activities and hold senior management accountable.
5- Governance should help ensure that the objectives of an entity’s stakeholders are met. Stakeholders
include
1. Employees
2. Regulators
3. Suppliers
4. Customers
A. 2, 3, and 4 only.
B. 2 and 3 only.
C. 1, 2, 3, and 4.
D. 1 and 4 only.
Answer (A) is incorrect.
Employees are stakeholders
Answer (B) is incorrect.
Employees and customers are stakeholders
B. The organizational culture sets the values, objectives, and strategies of the organization.
1. Strategic direction
2. Oversight
3. Regulations
4. Ethics
A. 1, 2, and 4 only.
B. 2 and 4 only.
C. 3 and 4 only.
D. 1 and 2 only.
11- The internal audit activity most directly contributes to an organization’s governance process by
12- Which of the following is a situation in which an internal auditor’s role of chief ethics officer conflicts
with the independence attribute of the internal audit activity?
A. The internal audit activity informs the chief ethics officer that the organization is in compliance
with all laws and regulations.
B. The chief ethics officer requests that the internal auditors assess whether the organization as a
whole is not complying with the organization’s code of conduct.
C. The chief ethics officer informs the board of recommendations made by the internal audit activity
regarding the organization’s compliance with the code of conduct.
D. The chief ethics officer proposes and implements a new whistleblower program for the
organization.
13- Which of the following is a false statement about the role of internal auditors in an
organization’s ethical culture?
A. Roles may include chief ethics officer.
B. In a more mature governance system, the internal audit activity’s emphasis is on optimizing
structure and practices.
D. The role of chief ethics officer sometimes conflicts with the independence of the internal audit
activity.
14- Which of the following correctly classifies the corporate governance functions as internal or external?
Internal External
A. The attitude and actions of the board and management regarding the importance of control within
the organization.
B. A reflection of the organization’s mission and vision and consists of the attitudes, behaviors, and
understanding about risk.
20- In an assurance engagement, what is the internal auditor’s responsibility for evaluating ethics-related
activities?
A. Evaluate their design, implementation, and effectiveness.
B. Evaluate only the design of ethics-related activities.
C. Perform tests on various employee transactions.
D. Review employee activities for compliance with provisions of the code.
A. Measure performance.
22- The internal audit activity periodically assesses the elements of the ethical climate of the organization
and its effectiveness in achieving legal and ethical compliance. Internal auditors therefore evaluate
the effectiveness of which of the following?
C.1, 2, and 3.
23- Directors, management, external auditors, and internal auditors all play important roles in
creating proper control processes. Senior management is primarily responsible for
A. Ensuring that external and internal auditors oversee the administration of the system of risk
management and control processes.
B. Implementing and monitoring controls designed by the board of directors.
C. Establishing and maintaining an organizational culture.
D. Reviewing the reliability and integrity of financial and operational information.
24- The internal audit activity’s evaluation of the ethical climate of the organization extends to
26- Which of the following most likely are considered potential stakeholders of an entity?
A. Neighbors of its facilities.
B. Tax authorities.
C. Creditors of employees.
D. Close competitors.
Answer (A) is correct.
Stakeholders are persons or entities who are affected by the activities of the entity. Among others, they
include (1) shareholders, (2) employees, (3) suppliers, (4) customers, (5) neighbors of the entity’s
facilities, and (6) government regulators.
27- Which of the following is a situation in which an internal auditor’s role conflicts with the
independence attribute of the internal audit activity?
A. The internal audit activity recommends a new whistleblower program for the organization.
B. The CEO informs the board of recommendations made by the internal audit activity regarding the
organization’s compliance with the code of conduct.
C. The board requests that the internal auditors assess whether the organization is complying with
the code of conduct.
D. The internal audit activity informs the board that it has implemented an organization-wide
employee ethics program.
28- A corporation’s results met the expectations of the market, but many people in the organization
noticed that they were overly optimistic. Moreover, no one suggested that the results be changed.
Who, whether officially or informally, should have been an ethics advocate regarding the results?
1. Senior management
2. Internal auditors
3. Employees in the accounting department
B.1 only.
D.1, 2, and 3.
29- Which of the following is most likely an internal audit role in a less structured governance process
I. Evaluating the organization’s ability to carry out risk management activities as designed.
II. Determining the expectations of stakeholders and the outcomes that are unacceptable.
III. Establishing monitoring activities.
IV. Ensuring that information to be reported is accurate, timely, and available.
31- The role of the internal audit activity in the ethical culture of an organization is to
A. Evaluate the effectiveness of the organization’s formal code of conduct.
B. Avoid active support of the ethical culture because of possible loss of independence.
C. Assume accountability for the effectiveness of the governance process.
D. Become the chief ethics officer.
A. 1 and 2 only.
B. 1, 2, and 3.
C. 2 and 3 only.
D. 1 and 3 only.
34- <List A> applies to all organizational activities. Thus, its processes provide overall direction for
<List B> activities. <List C> activities are a key element of risk management.
List A List B List C
C. Evaluating the controls over the reliability and integrity of financial and operational information.
D. Ensuring that external auditors oversee risk management and control processes.
36- The role of the internal audit activity in the ethical culture of an organization is to
A. Assume responsibility for the governance process.
B. Assess its effectiveness in achieving legal compliance.
C. Avoid involvement in the ethical culture because of loss of objectivity.
D. Become a member of an ethics council.
I. Measuring performance
II. Specifying accountability
III. Complying with corporate social responsibilities
A. I only.
B. I and II only.
C. II and III only.
D. I, II, and III.
A. Fully evaluate organizational practices for compliance with the code and report to the board.
B. Perform tests on various employee transactions to detect potential violations of the code of
conduct.
C. Fully evaluate the comprehensiveness of the code and compliance with it and report the results
to the board.
D. Review employee activities for compliance with provisions of the code and report to the board.
40- Which of the following statements regarding oversight as a component of governance is false?
A. Oversight is the governance component with which internal auditing is most concerned.
B. Oversight includes internal and external assurance activities.
C. Oversight determines the overall objectives.
D. Risk management activities are performed by senior management and risk owners.
A. 3 and 4 only.
B. 2 and 4 only.
C. 1, 2, 3, and 4.
D. 1, 2, and 4 only.
D. Personnel policies.
44- Which of the following correctly classifies governance functions as internal or external?
Internal External
C. Government regulators.
48- Which of the following statements regarding corporate governance is not correct?
A. The dilution of shareholders’ wealth resulting from employee stock options or employee stock
bonuses is an accounting issue rather than a corporate governance issue.
B. The compensation scheme for management is part of the corporate control mechanisms.
C. Corporate control mechanisms include internal and external mechanisms.
D. The internal auditor of a company has more responsibility than the board for the company’s
corporate governance.
Answer (A) is incorrect.
The dilution of shareholders’ wealth resulting from employee stock options or employee stock bonuses is
an accounting issue. Governance is “the combination of processes and structures implemented by the
board to inform, direct, manage, and monitor the activities of the organization toward the achievement of
its objectives” (The IIA Glossary).
49- Ensuring effective organizational performance management and accountability is most directly
the proper function of
A. Governance.
B. Risk management.
D. Control.
50- Careful Corp. always has its internal auditors review transactions between Careful Corp. and its
subsidiary, Risky Corp., to ensure that the transactions are carried out in a fair and transparent
manner. This practice is most closely related to which of the following governance principles?
A. An organizational structure used to measure organizational and individual performance.
51- Which of the following is a function of the internal audit activity in organizational governance?
52- Which group is responsible for the initiation of fundamental changes for the organization?
A. Board of directors.
C. Senior management.
D. Risk committee.
A. Governance models are most effective when the framework is modeled after publicly traded
companies’ processes or systems.
D. Governance exists as a distinct process and structure separate from risk management and
control.
54- Which of the following is most likely an internal audit activity’s function in a less structured
governance process?
C. Evaluating the effectiveness of specific governance processes that are distinct from control.
Importance of control within the organization Engagement risks are assessed high
B. The compliance of the organization with the internal audit activity’s definition of governance.
An audit should address controls in governance processes that are designed to prevent or detect
events that could have a negative effect on the organization;
Controls within governance processes often are significant in managing multiple risks; and,
If other audits assess controls in governance processes, the auditor should consider relying on
their results.
2- Which of the following is not a role of the internal audit activity in best practice governance activities?
A. Ensure the timely implementation of audit recommendations.
B. Discuss areas of significant risks.
C. Support the board in enterprise-wide risk assessment.
D. Monitor compliance with the corporate code of conduct.
Answer (A) is correct.
Management has the responsibility of ensuring the timely implementation of the audit recommendations.
The internal audit activity is responsible for the development of a timely procedure to monitor the
disposition of the audit recommendations. It works with senior management and the board to ensure that
audit recommendations receive appropriate attention.
A. Exclusive use of external auditors to provide assurance about the governance process.
B. Holding the board, senior management, and the internal audit activity accountable for its
effectiveness.
D. Separation of the governance process from promoting an ethical culture in the organization.
4- The internal audit activity should contribute to the organization’s governance process by evaluating
the processes through which
A. 1, 2, 3, and 4.
B. 2 and 3 only.
C. 4 only.
D. 1 only.
5- The internal audit activity most directly contributes to the governance process by
A. Assessing whether the organization’s objectives align with its mission.
B. Evaluating the adequacy of controls over safeguarding of assets.
C. Assessing organizational performance management.
D. Evaluating the effectiveness of the risk-management system.
Communicating risk and control information to appropriate areas of the organization; and
Coordinating the activities of, and communicating information among, the board, external and
internal auditors, other assurance providers, and management (Perf. Std. 2110).
A. Yes No
B. Yes Yes
C. No No
D. No Yes
7- Which of the following should be defined in the internal audit plan for an assessment of governance?
A. 1 and 3 only.
B. 1, 2, and 3.
C. 1 and 2 only.
D. 2 and 3 only.
A. 1 and 3 only.
B. 1, 2, and 3.
C. 2 and 3 only.
D. 1 and 2 only.
9- The internal audit activity assesses the coordination of the activities of the board, management, and
auditors. This assessment most directly relates to the function of
A. Risk management.
B. Governance.
C. Quality assurance.
D. The control environment.
12- Which of the following are roles of the internal audit activity in best practice governance activities?
A. 2 and 4 only.
B. 1 and 3 only.
C. 1, 2, and 3 only.
D. 1, 2, 3, and 4.
13- In the governance process, the internal audit activity most likely should
A. Evaluate the process for performance management.
B. Communicate risk and control information.
C. Promote ethics and values.
D. Coordinate the activities of the external and internal auditors and management.
14- Craig is the chief audit executive (CAE) of Marlin, Inc., and is in the process of planning an
assessment of governance at Marlin. Which of the following should Craig consider in planning the
assessment of governance?
C. Whether he can rely on the assessment of internal control performed by external auditors.
D. Whether employees at all levels of the organization adhere to the code of ethics.
An audit should address controls in governance processes that are designed to prevent or detect
events that could have a negative effect on the organization;
Controls within governance processes often are significant in managing multiple risks; and,
If other audits assess controls in governance processes, the auditor should consider relying on
their results.
Thus, Craig should consider all of the answer choices when planning the assessment of governance.
Answer (C) is incorrect.
Craig also should verify that all major decisions have been authorized by senior management and
determine whether employees at all levels of the organization adhere to the code of ethics.
15- Which of the following should an internal auditor consider when assessing governance?
A. 2 and 4 only.
B. 1, 2, and 3 only.
C. 1 and 3 only.
D. 1, 2, 3, and 4.
1- Which of the following stakeholders have needs that must be considered when determining the
effects of a corporate social responsibility (CSR) program?
1. Shareholders
2. Employees
3. Competitors
4. Society
A. 1, 2, and 4 only.
B. 1 and 3 only.
C. 1 only.
D. 4 only.
A. It is a set of criteria established by the International Organization for Standardization for financial
reporting.
C. It details certain requirements for environmental performance and details the punishments for
failing to meet those requirements.
D. It often results in higher costs in processes but is compensated for by an improved public image.
3- Business ethics scholar Archie B. Carroll has identified four responsibilities an organization must
fulfill to be called socially responsible. All of the following is one of these four responsibilities except
4- Which of the following is the least likely risk of failing to implement an effective CSR program?
A. Loss of employees.
5- A CSR audit procedure requires the internal auditor to determine if the organization’s code of
conduct includes provisions on anti-corruption. This procedure is most likely testing which CSR
element?
A. Governance.
B. Environment.
C. Ethics.
D. Working conditions.
7- The internal auditor is performing a CSR audit by stakeholder group. Which of the following represent
a stakeholder group?
I. Shareholders.
II. Neighboring communities.
III. Employees and their families.
IV. The environment.
8- The Global Reporting Initiative (GRI) has developed a sustainability reporting framework that
D. Provides a forum in which governments can work together to share experiences and to seek
solutions to common problems.
C. A delivery company uses its distribution network to deliver supplies for free to areas affected by
natural disasters.
D. A professional services firm pays its employees a bonus each year for providing services as
volunteers to local not-for-profit organizations.
10- Although corporate social responsibility (CSR) involves the incurrence of certain costs, in what
ways can CSR also produce benefits?
A. 2, 3, and 4 only.
B. 1 and 3 only.
C. 2 and 4 only.
D. 1, 2, 3, and 4.
D. It states requirements for environmental performance, such as efficient uses of resources and
reductions of waste.
12- In which CSR business activity would an organization consider CSR risks before projects are
approved?
A. Establishing and communicating policies and procedures.
B. Monitoring, evaluating results, and benchmarking.
C. External and internal reporting of results.
D. Integrating CSR principles and controls into the decision-making process.
13- A company has denied for years that it bears any responsibility for damage allegedly caused by
its trucks to public roads. No further actions have been taken by the company. This is an example of
which corporate social responsibility strategy?
A. Accommodation.
B. Pro action.
C. Defense.
D. Reaction.
14- Within the organization, who generally is responsible for establishing CSR objectives and
measuring performance?
A. The board.
B. Management.
C. Internal auditors.
D. All employees.