Bold = possibly the answer Green = confirmed
answer Red = what I think is incorrect Use ctrl+f to find a
question
ABC utility company sells electricity to residential customers and is a member of an
industry association that provides guidance to electric utilities, lobbies on behalf of
the industry, and facilitates sharing among its members. From ABC's perspective,
what type of stakeholder is this industry association?
a. Directly involved in the operation of the company.
b. Interested in the success of the company.
c. Influences the company.
d. Not a stakeholder.
Internal audit activities may involve which of the following?
a. Assurance services.
b. Consulting services.
c. Both assurance and consulting services.
d. Neither assurance nor consulting services.
Risk management processes most likely are not
A. Quantitative or subjective
B. Embedded in business units or centralized
C. Formalized even in small organizations
D. Formal or informal.
Which of the following would constitute a violation of the Code of Ethics?
a. Discussing your organization's data processing control system at a trade
convention.
b. Purchasing stock in a target after overhearing an organization executive discussing
a possible acquisition.
c. Deleting sensitive information from a report at the request of senior management.
d. Investigating executive expense reports based on rumors of padding.
In a broad sense, society benefits from internal auditing because internal auditing:
a. Enforces corporate compliance with the standards of public policy
b. Promotes the efficient and effective use of resources.
c. Evaluates financial data against professional standards
d. Reviews systems established to ensure compliance with corporate policy.
Under what circumstances would an internal auditor be required to forfeit the CIA
designation?
a. Upon leaving the internal auditing profession.
b. After action by The IIA's International Ethics Committee
c. When found by the IIA's Board of Directors to be in violation of the Code of Ethics.
d. Upon commission of a felony or other action resulting in serious criminal charges.
According to the Standards, internal auditors should possess the knowledge, skills,
and
,discipline essential to the performance of internal auditing. This means that all
internal auditors should be proficient in applying:
a. Internal auditing standards
b.Quantitative methods
c.Management principles
d.Structured systems analysis
The proper organizational role of internal auditing is to
a. Perform studies to assist in the attainment of more efficient operations.
b. Assist the external auditor in order to reduce external audit fees.
c. Serve as the investigative arm of the board.
d. Serve as an independent, objective assurance and consulting activity that adds value
to operations.
Which of the following activities would NOT be presumed to impair the independence
of an internal auditor?
1. Recommending standards of control for a new computer application
ensure that proper controls are installed.
2. Drafting procedures for running a new computer application to ensure
that proper controls are installed.
3. Performing reviews of procedures for a new computer application before it is
installed.
a. I only
b. II only
c. III only
d. I and III only
As used by the internal auditing profession, the Standards refers to all of the
following except:
a. Criteria by which the operations of an internal audit department are evaluated
and measured. b. Criteria which dictate the minimum level of ethical actions to be taken
by internal auditors.
c. Statements intended to represent the practice of internal auditing as it should be.
d. Criteria that are applicable to all types of internal audit departments.
According to the Standards, an internal auditor's role with respect to operating
objectives and goals includes:
a. Approving the operating objectives or goals to be met.
b. Determining whether underlying assumptions are appropriate.
c. Developing and implementing control procedures.
d. Accomplishing desired operating program results.
Assurance, Insight, and Objectivity comprise:
a. The mission of internal auditing.
b. The three lines of defense model.
c. The objectives of internal auditing.
,d. The value proposition
Who is responsible for establishing the strategic objectives of an organization?
a. The board of directors
b. Senior management
c. Consensus among all levels of management
d. The board and senior management jointly.
The purpose of governmental effectiveness or program results auditing is to
determine if desired results of a program are being achieved. The first step in
conducting such an audit should be to:
a. Evaluate the system used to measure results.
b. Determine the time frame to be audited.
c. Collect quantifiable data on the program's success or failure.
d. Identify the legislative intent of the program being audited
According to the Standards, who is responsible for coordinating internal and
external audit efforts?
A. Chief audit executive
B. External auditors
C. Audit committee of the board of directors
D. Chief financial officer.
Which of the following are required of the internal audit function per the Standards?
A. Evaluate annually the effectiveness of the audit committee.
B. Issue annually an overall opinion on the adequacy of the organization's
system of internal controls.
C. Obtain an annual representation from management acknowledging management's
responsibility for the design and implementation of internal controls to prevent
illegal acts.
D. Assess whether the information technology governance of the organization
sustains and supports the organization's strategies and objectives.
According to the Standards, the independence of internal auditors is achieved
through:
a. Staffing and supervision
b. Continuing education and due professional care
c. Human relations and communications
d. Organizational status and objectivity
The board's expectations of the internal audit activity regarding the risk
management process is:
a. Noted in the work programs for formal consulting engagements.
b. Included in the business continuity plan
c. Codified in the charters of the internal audit activity and the board.
, d. Reviewed by the internal auditors immediately following a disaster.
The role of internal auditing in enterprise-wide risk management (ERM) most
likely includes a. Providing consulting services when the organization's risk
maturity is low.
b. Determining risk appetite.
c. Operating the risk management framework.
d. Making decisions on risk responses.
Which of the following is most likely an internal audit role in a less structured
governance process?
a. Designing specific governance processes.
b. Playing a consulting role in optimizing governance practices and
structure. c. Providing advice about basic risks to the organization.
d. Evaluating the effectiveness of specific governance processes.
Which of the following are elements included in the control environment?
a. Organizational structure, management philosophy, and planning.
b. Integrity and ethical values, assignment of authority and human resource policies.
c. Competence of personnel, backup facilities, laws, and regulations.
d. Risk assessment, assignment of responsibility, and human resource practices.
The policies and procedures helping to ensure that management directives are
executed and actions are taken to address risks to achievement of objectives
describes
a. Risk assessments.
b. Control
environments. c.
Control activities.
d. Monitoring.
Which of the following threatens the independence of an internal auditor who had
participated in the initial establishment of a risk management process?
a. Developing assessments and reports on the risk management
process. b. Managing the identified risks
c. Evaluating the adequacy and effectiveness of management's risk processes
d. Recommending controls to address the risks identified
Which of the following members of an organization has ultimate ownership
responsibility of the ERM, provides leadership and direction to senior managers,
and monitors the entity's overall risk activities in relation to its risk appetite?
a. Chief Risk Officer
b. Chief Executive Officer
c. Internal auditors
d. Chief Financial Officer
All of the following are primary objectives of the overall management process
except:
answer Red = what I think is incorrect Use ctrl+f to find a
question
ABC utility company sells electricity to residential customers and is a member of an
industry association that provides guidance to electric utilities, lobbies on behalf of
the industry, and facilitates sharing among its members. From ABC's perspective,
what type of stakeholder is this industry association?
a. Directly involved in the operation of the company.
b. Interested in the success of the company.
c. Influences the company.
d. Not a stakeholder.
Internal audit activities may involve which of the following?
a. Assurance services.
b. Consulting services.
c. Both assurance and consulting services.
d. Neither assurance nor consulting services.
Risk management processes most likely are not
A. Quantitative or subjective
B. Embedded in business units or centralized
C. Formalized even in small organizations
D. Formal or informal.
Which of the following would constitute a violation of the Code of Ethics?
a. Discussing your organization's data processing control system at a trade
convention.
b. Purchasing stock in a target after overhearing an organization executive discussing
a possible acquisition.
c. Deleting sensitive information from a report at the request of senior management.
d. Investigating executive expense reports based on rumors of padding.
In a broad sense, society benefits from internal auditing because internal auditing:
a. Enforces corporate compliance with the standards of public policy
b. Promotes the efficient and effective use of resources.
c. Evaluates financial data against professional standards
d. Reviews systems established to ensure compliance with corporate policy.
Under what circumstances would an internal auditor be required to forfeit the CIA
designation?
a. Upon leaving the internal auditing profession.
b. After action by The IIA's International Ethics Committee
c. When found by the IIA's Board of Directors to be in violation of the Code of Ethics.
d. Upon commission of a felony or other action resulting in serious criminal charges.
According to the Standards, internal auditors should possess the knowledge, skills,
and
,discipline essential to the performance of internal auditing. This means that all
internal auditors should be proficient in applying:
a. Internal auditing standards
b.Quantitative methods
c.Management principles
d.Structured systems analysis
The proper organizational role of internal auditing is to
a. Perform studies to assist in the attainment of more efficient operations.
b. Assist the external auditor in order to reduce external audit fees.
c. Serve as the investigative arm of the board.
d. Serve as an independent, objective assurance and consulting activity that adds value
to operations.
Which of the following activities would NOT be presumed to impair the independence
of an internal auditor?
1. Recommending standards of control for a new computer application
ensure that proper controls are installed.
2. Drafting procedures for running a new computer application to ensure
that proper controls are installed.
3. Performing reviews of procedures for a new computer application before it is
installed.
a. I only
b. II only
c. III only
d. I and III only
As used by the internal auditing profession, the Standards refers to all of the
following except:
a. Criteria by which the operations of an internal audit department are evaluated
and measured. b. Criteria which dictate the minimum level of ethical actions to be taken
by internal auditors.
c. Statements intended to represent the practice of internal auditing as it should be.
d. Criteria that are applicable to all types of internal audit departments.
According to the Standards, an internal auditor's role with respect to operating
objectives and goals includes:
a. Approving the operating objectives or goals to be met.
b. Determining whether underlying assumptions are appropriate.
c. Developing and implementing control procedures.
d. Accomplishing desired operating program results.
Assurance, Insight, and Objectivity comprise:
a. The mission of internal auditing.
b. The three lines of defense model.
c. The objectives of internal auditing.
,d. The value proposition
Who is responsible for establishing the strategic objectives of an organization?
a. The board of directors
b. Senior management
c. Consensus among all levels of management
d. The board and senior management jointly.
The purpose of governmental effectiveness or program results auditing is to
determine if desired results of a program are being achieved. The first step in
conducting such an audit should be to:
a. Evaluate the system used to measure results.
b. Determine the time frame to be audited.
c. Collect quantifiable data on the program's success or failure.
d. Identify the legislative intent of the program being audited
According to the Standards, who is responsible for coordinating internal and
external audit efforts?
A. Chief audit executive
B. External auditors
C. Audit committee of the board of directors
D. Chief financial officer.
Which of the following are required of the internal audit function per the Standards?
A. Evaluate annually the effectiveness of the audit committee.
B. Issue annually an overall opinion on the adequacy of the organization's
system of internal controls.
C. Obtain an annual representation from management acknowledging management's
responsibility for the design and implementation of internal controls to prevent
illegal acts.
D. Assess whether the information technology governance of the organization
sustains and supports the organization's strategies and objectives.
According to the Standards, the independence of internal auditors is achieved
through:
a. Staffing and supervision
b. Continuing education and due professional care
c. Human relations and communications
d. Organizational status and objectivity
The board's expectations of the internal audit activity regarding the risk
management process is:
a. Noted in the work programs for formal consulting engagements.
b. Included in the business continuity plan
c. Codified in the charters of the internal audit activity and the board.
, d. Reviewed by the internal auditors immediately following a disaster.
The role of internal auditing in enterprise-wide risk management (ERM) most
likely includes a. Providing consulting services when the organization's risk
maturity is low.
b. Determining risk appetite.
c. Operating the risk management framework.
d. Making decisions on risk responses.
Which of the following is most likely an internal audit role in a less structured
governance process?
a. Designing specific governance processes.
b. Playing a consulting role in optimizing governance practices and
structure. c. Providing advice about basic risks to the organization.
d. Evaluating the effectiveness of specific governance processes.
Which of the following are elements included in the control environment?
a. Organizational structure, management philosophy, and planning.
b. Integrity and ethical values, assignment of authority and human resource policies.
c. Competence of personnel, backup facilities, laws, and regulations.
d. Risk assessment, assignment of responsibility, and human resource practices.
The policies and procedures helping to ensure that management directives are
executed and actions are taken to address risks to achievement of objectives
describes
a. Risk assessments.
b. Control
environments. c.
Control activities.
d. Monitoring.
Which of the following threatens the independence of an internal auditor who had
participated in the initial establishment of a risk management process?
a. Developing assessments and reports on the risk management
process. b. Managing the identified risks
c. Evaluating the adequacy and effectiveness of management's risk processes
d. Recommending controls to address the risks identified
Which of the following members of an organization has ultimate ownership
responsibility of the ERM, provides leadership and direction to senior managers,
and monitors the entity's overall risk activities in relation to its risk appetite?
a. Chief Risk Officer
b. Chief Executive Officer
c. Internal auditors
d. Chief Financial Officer
All of the following are primary objectives of the overall management process
except:
