An organization has implemented a new automated payroll system that contains a table of pay rates that are matched to employee job classifications. Which control should an internal auditor suggest in order to ensure that the table is updated correctly, and is used only for valid pay changes?
Allegations have been made that an organization's share price has been manipulated.
Which of the following would provide an internal auditor with the most objective evidence in this case?
According to IIA guidance, which of the following statements regarding the internal audit charter is true?
Which of the following statements best explains why internal auditors map processes?
1. To obtain audit evidence to support auditor's observations.
2. To determine scope and objectives of the audit.
3. To facilitate the identification of ownership and responsibility for key risks.
4. To identify potential efficiency improvements.
Which of the following would provide the best evidence of errors in the quantities of items received from suppliers?
During the course of an audit, an internal auditor discovers that a valuable employee in the research department has been patenting new developments in the employee's name that are unrelated to the basic business of the organization.
The organization does not have a policy addressing this specific issue, but does have a general policy that all important new discoveries by employees are the property of the organization.
Division management views the employee's actions as extra incentive to retain the employee.
A decision to include the employee's action in the engagement final communication would be:
1. A violation of the IIA Code of Ethics.
2. A violation of the reporting requirements in the Standards.
3. Justified and necessary, according to the IIA Code of Ethics and Standards.
Which of the following statements describes a control failure that is not directly attributable to a customer billing application?
1. End users have raised a number of concerns regarding data integrity.
2. An untested program change is transferred from the test environment to production.
3. Purchase history does not reconcile with accounts receivable for some customers.
4. End user security is inadvertently granted to an unauthorized individual by management.
When conducting an interview, an internal auditor is most likely to ask open-ended questions in order to:
According to IIA guidance, which of the following is the best example of a system application control?
Which of the following decisions made during the testing phase of a compliance audit requires the most judgment by an internal auditor?
Management of a publicly-held organization requires the internal audit activity to be involved with quarterly financial statements, which are made public and used internally. Which of the following explanations of management's decision is least plausible?
While reviewing first quarter sales transactions, an internal auditor discovered that 10 invoices for a new customer had not been posted into the accounts receivable subsidiary ledger. Those 10 invoices were listed in an error report automatically generated by the sales processing system. The system had rejected the invoices because the customer's account number was not found in the customer master file. In this scenario, which of the following controls was lacking?
After being terminated due to downsizing, an internal auditor finds a different job with an organization in the same industry. Which of the following actions would violate the IIA Code of Ethics?
Which of the following types of social responsibilities is voluntary and guided purely by the organization's desire to make social contributions?
Which of the following activities should the chief audit executive perform to ensure compliance with an organization's code of conduct?
According to The IIA's Code of Ethics, which of the following statements is true?
Which of the following combinations of conditions is most likely a red flag for fraud?
Which of the following would be the most appropriate first step for the board to take when developing an effective system of governance?
According to IIA guidance, which of the following should be formally documented in the internal audit charter?
According to IIA guidance, which of the following statements describes one of the similarities between assurance and consulting services?
The chief audit executive (CAE) of a small internal audit activity (IAA) performs all high-risk engagements on the annual audit plan to make use of his knowledge and experience and to maximize the efficient use of audit resources. Which of the following statements is most relevant regarding this practice?
Which of the following control methods is effective in reducing the risk of purchasing-scheme fraud?
1. Periodically reviewing the vendor list for unusual vendors and addresses.
2. Segregating duties for amount purchasing, receiving, shipping, and accounting.
3. Validating sequential integrity of purchase orders.
4. Verifying the validity of invoices with post office box addresses.
Which of the following factors have the greatest influence on the independence of the internal audit activity?
A snow removal company is conducting a scenario planning exercise where participating employees consider the potential impacts of a significant reduction in annua snowfall for the coming winter. Which of the following best describes this type of risk?
Click the Exhibit.
Internal auditors are asked to keep track of how many hours per day they spend planning the audit, conducting the engagement, and writing the audit report. The data for two days has been collected as follows:
Day 1
Day 2
Planning the audit
2 hours
3 hours
Conducting the engagement
1 hour
1 hour
Writing the audit report
2 hours
4 hours
Which of the following graphs depicts the data accurately?
Which of the following is the primary engagement responsibility of an entry-level internal auditor?
An internal audit charter, approved by the board, restricts the internal audit activity to providing assurance only on the reliability of financial information and the effectiveness of internal accounting controls. Which of the following statements is true regarding the extent to which the external auditor may rely on the internal audit activity's work?
According to COSO, which of the following is not considered one of the components of an organization's internal environment?
The chief audit executive (CAE) is planning to conduct an internal assessment of the internal audit activity (IAA). Part of this assessment will include benchmarking. According to IIA guidance, which of the following qualitative metrics would be appropriate for the CAE to use?
1. Average client customer satisfaction score for a given year.
2. Client survey comments on how to improve the IAA.
3. Auditor interviews once an audit has been completed.
4. Percentage of audits completed within 90 days.
Which of the following statements is true regarding assurance services provided to clients outside of the organization?
A furniture manufacturer has installed a new fire sprinkler system at its central warehouse and canceled the existing fire insurance policy on that property. What change of risk response strategy does this course of action most likely reflect?
Which of the following documents is most appropriate in promoting the objectivity of the internal audit activity?