A.R.M. 400 Exam Practice || Most Recent Exam 2026-2027
Actual Complete Real Exam Questions And Correct
Answers (Verified Answers) Already Graded A+ | Guaranteed
Success!! Newest Exam | Just Released!!
Which one of the following best describes why the Institute for
Internal Auditors (IIA) has designed standards addressing the
need for internal audit to evaluate the effectiveness of risk
management?
A. Audits are objective and independent of the politics of an
organization. A pronouncement assists the auditor by defining
review criteria.
B. Audits may be self-serving to an organization depending
on the experience level of an auditor. By indicating specific
criteria, an auditor should be able to conduct a valid audit.
C. Audits are conducted under diverse legal and cultural
environments. Requiring an auditor to validate particular points
ensures that auditors and their activities meet their
responsibilities.
D. Audits are conducted annually in many organizations.
Requiring an auditor to validate the findings of prior years
provides a comfort level to stakeholders. -
ANSWER -C
Which one of the following best describes how internal audit
compliments a risk management initiative?
,A. Internal audit tests controls for risks identified by risk
managers. Risk management and internal audit are similar in
that they are both charged with protecting the assets of an
organization.
B. Internal audit tests the controls initiated by the risk
management team. The risk management team reviews the
results and responds to internal audit on the control
assessment.
C. Risk managers identify, assess and prioritize risks.
Internal audit develops a risk-based auditing plan that
addresses material risks to an organization.
D. Risk managers identify, assess and prioritize risks with
the assistance of internal audit. Internal audit requires that the
controls for the risks are tested. -
ANSWER -C
Which one of the following best explains how the role of the
internal auditor changed with the passage of the Sarbanes-
Oxley Act of 2002?
A. The internal auditor must adapt to the ever changing
environment of risk control through the use of electronic
reconciliation programs.
B. The internal auditor must adopt a stakeholder orientation
by anticipating, monitoring and assessing business and
operational risk.
C. The internal auditor must adopt the attitude of an external
auditor, carefully reviewing and critiquing the finances of an
organization.
,D. The internal auditor must be able to recognize current
fraud risks as well computer theft of intellectual property. -
ANSWER -B
An auditor identifies risks under the risk-based approach by
A. Reviewing the organization, department by department to
determine if the controls overlap asking, "Is the redundancy
needed?"
B. Reviewing prior audits, comparing results and asking, and
"Has the control environment changed?"
C. Looking at each objective, testing each control by asking,
"Does this seem appropriate?"
D. Looking at each objective and its controls identifying
risks by asking, "What might go wrong?" - ANSWER -D
Which one of the following is true regarding internal audit
involvement with enterprise risk management (ERM) efforts?
A. Internal audit is not becoming more involved with ERM
efforts because internal audit must remain independent and
objective.
B. Internal audit is responsible for the organization's
compliance with all governance issues, including ERM
compliance.
C. Internal audit is responsible for reviewing controls in an
organization which includes ERM programs.
D. Internal audit is increasingly asked to evaluate
organizational risks, including strategic, financial and hazard
risks. - ANSWER -D
, Colossal Casualty Insurance Company decided to conduct an
internal audit of the company's operations. As part of the
internal audit, several fictitious claims were submitted to the
claims department to see if the claims would be approved and
paid. Which one of the Committee of Sponsoring Organizations
of the Treadway Commission's (COSO's) components of
internal control was examined by this internal audit test? A.
Control environment.
B. Information and communication.
C. Monitoring activities.
D. Risk assessment. - ANSWER -A
An independent auditor has been given the task of evaluating
internal controls at Westside Company (Westside). The auditor
has determined that Westside's board of directors has
endorsed a framework requiring management to have
documented internal reporting controls to ensure efficient
operations, accuracy of financial statements, and compliance
with regulations. The framework is applied at the entity and
divisional levels, but not the operating unit or functional levels.
The program is new so it has not yet been monitored. The
auditor is likely to report that
A. The selected method does not align with the Committee of
Sponsoring
Organizations of the Treadway Commission's (COSO) Internal
Control— Integrated Framework. It must also be applied at the
operating unit level, but not the functional level. Regular
monitoring must be implemented.
Actual Complete Real Exam Questions And Correct
Answers (Verified Answers) Already Graded A+ | Guaranteed
Success!! Newest Exam | Just Released!!
Which one of the following best describes why the Institute for
Internal Auditors (IIA) has designed standards addressing the
need for internal audit to evaluate the effectiveness of risk
management?
A. Audits are objective and independent of the politics of an
organization. A pronouncement assists the auditor by defining
review criteria.
B. Audits may be self-serving to an organization depending
on the experience level of an auditor. By indicating specific
criteria, an auditor should be able to conduct a valid audit.
C. Audits are conducted under diverse legal and cultural
environments. Requiring an auditor to validate particular points
ensures that auditors and their activities meet their
responsibilities.
D. Audits are conducted annually in many organizations.
Requiring an auditor to validate the findings of prior years
provides a comfort level to stakeholders. -
ANSWER -C
Which one of the following best describes how internal audit
compliments a risk management initiative?
,A. Internal audit tests controls for risks identified by risk
managers. Risk management and internal audit are similar in
that they are both charged with protecting the assets of an
organization.
B. Internal audit tests the controls initiated by the risk
management team. The risk management team reviews the
results and responds to internal audit on the control
assessment.
C. Risk managers identify, assess and prioritize risks.
Internal audit develops a risk-based auditing plan that
addresses material risks to an organization.
D. Risk managers identify, assess and prioritize risks with
the assistance of internal audit. Internal audit requires that the
controls for the risks are tested. -
ANSWER -C
Which one of the following best explains how the role of the
internal auditor changed with the passage of the Sarbanes-
Oxley Act of 2002?
A. The internal auditor must adapt to the ever changing
environment of risk control through the use of electronic
reconciliation programs.
B. The internal auditor must adopt a stakeholder orientation
by anticipating, monitoring and assessing business and
operational risk.
C. The internal auditor must adopt the attitude of an external
auditor, carefully reviewing and critiquing the finances of an
organization.
,D. The internal auditor must be able to recognize current
fraud risks as well computer theft of intellectual property. -
ANSWER -B
An auditor identifies risks under the risk-based approach by
A. Reviewing the organization, department by department to
determine if the controls overlap asking, "Is the redundancy
needed?"
B. Reviewing prior audits, comparing results and asking, and
"Has the control environment changed?"
C. Looking at each objective, testing each control by asking,
"Does this seem appropriate?"
D. Looking at each objective and its controls identifying
risks by asking, "What might go wrong?" - ANSWER -D
Which one of the following is true regarding internal audit
involvement with enterprise risk management (ERM) efforts?
A. Internal audit is not becoming more involved with ERM
efforts because internal audit must remain independent and
objective.
B. Internal audit is responsible for the organization's
compliance with all governance issues, including ERM
compliance.
C. Internal audit is responsible for reviewing controls in an
organization which includes ERM programs.
D. Internal audit is increasingly asked to evaluate
organizational risks, including strategic, financial and hazard
risks. - ANSWER -D
, Colossal Casualty Insurance Company decided to conduct an
internal audit of the company's operations. As part of the
internal audit, several fictitious claims were submitted to the
claims department to see if the claims would be approved and
paid. Which one of the Committee of Sponsoring Organizations
of the Treadway Commission's (COSO's) components of
internal control was examined by this internal audit test? A.
Control environment.
B. Information and communication.
C. Monitoring activities.
D. Risk assessment. - ANSWER -A
An independent auditor has been given the task of evaluating
internal controls at Westside Company (Westside). The auditor
has determined that Westside's board of directors has
endorsed a framework requiring management to have
documented internal reporting controls to ensure efficient
operations, accuracy of financial statements, and compliance
with regulations. The framework is applied at the entity and
divisional levels, but not the operating unit or functional levels.
The program is new so it has not yet been monitored. The
auditor is likely to report that
A. The selected method does not align with the Committee of
Sponsoring
Organizations of the Treadway Commission's (COSO) Internal
Control— Integrated Framework. It must also be applied at the
operating unit level, but not the functional level. Regular
monitoring must be implemented.
