Free Certified Internal Auditor IIA-CIA-Part1 Exam Practice Test

Which of the following is the internal audit activity expected to do with respect to the organization's governance processes?

• Formally audit all governance activities.
• Provide strategic guidance on the organizational processes to senior management.
• Achieve agreement with the board regarding the range of activities, depth of review, and time period to include in the assessment.
• Audit against the governance structures and practices widely used in the industry.

A subsidiary of the organization was preparing for an initial public offering (IPO). Af the request of the audit committee, the chief audit executive (CAE) and all senior audit staff were actively involved in the process by helping collect and validate financial data, conducting assessments, and participating in meetings with IPO advisors. Six months later, it became obvious that the IPO had to be canceled. Newly appointed audit committee members requested an assurance engagement that v/ould assess the IPO preparation process. Which of the following would be the best course of action for the chief audit executive (CAE) to take?

• The decision to involve auditors in the IPO was made by former audit committee members; therefore, the CAE is not responsible and can proceed with the new assignment.
• The CAE should reject the assignment, as such engagements are beyond the scope of auditors who are usually not familiar with root cause analysis methodology.
• The engagement should be undertaken by audit assistants and other junior staff members who were not involved in the IPO process.
• The CAE should disclose objectivity limitations to the audit committee and suggest alternatives, such as outsourcing the engagement.

Which of the following actions would be most effective to help an internal auditor determine how successful the organization has been in communicating the existence of its ethics hotline?

• Reviewing the number of anonymous hotline allegations against employee complaints.
• Surveying employees to determine whether they are aware of the hotline.
• Benchmarking the average time to investigate hotline complaints.
• Tracking the number of hotline allegations per total number of employees.

According to The IIA's Code of Ethics, an internal auditor who has a romantic relationship with an audit client violates which of the following rules of conduct?

• Confidentiality.
• Independence.
• Integrity.
• Objectivity.

An internal auditor has documented several instances in which management asked employees to ad against the policies and procedures. Which of the following is the most appropriate next step?

• Report the non-compliance cases to the board of directors.
• Recommend that management update its policies and procedures based on the circumstances.
• Investigate the rationale for management's actions.
• Recommend those employees to report the cases through the designed whistleblowing channel for the appropriate treatment.

Which of the following requests, if accepted by the internal audit activity, would impair its independence?

• A request to develop workshops on corporate governance for management.
• A request to act as liaison with external auditors.
• A request to determine appropriate risk management responses for management.
• A request to provide counseling services on ethical matters.

An organization allows the same individuals to physical access inventory and purchase new assets when supplies are depleted. Which of the following would best help the organization manage the risk of fraud?

• Accounting personnel should regularly perform reconciliation between invoices and purchase orders
• Accounting personnel should conduct a periodic inventory count and reconcile inventory movements
• internal auditors should review Vie frequency and volume of purchased assets to detect trends in the inventory levels
• Management should established a policy requiring new inventory asset purchases to be made on serialized order forms with copies retained

A chief audit executive (CAE) was asked by senior management to establish and manage a risk management function. A new chief risk officer was hired a year later to assume these responsibilities. As this function was included in the current annual audit plan, the CAE engaged an external resource for a risk management engagement. Which of the following potential threats to objectivity was the CAE likely addressing?

• Self-review threat.
• Advocacy threat.
• Familiarity threat.
• Personal relationship threat.

The largest risks facing an organization should be mitigated by which type of controls?

• Entity-level
• Activity-level
• Transaction-level
• Process-level

According to HA guidance, if an internal auditor suspects fraud during an assurance engagement, what should the auditor do first?

• Recommend parties involved to be sanctioned in accordance with the organization's policy.
• Determine whether any additional audit work needs to be performed.
• Launch an investigation to obtain details of the fraud and parties involved.
• Request that the responsible process owner remediate the issue immediately.