image


IIA-CIA-Part1 Dumps

IIA-CIA-Part1 Braindumps

IIA-CIA-Part1 Real Questions IIA-CIA-Part1 Practice Test

IIA-CIA-Part1 Actual Questions


IIA


IIA-CIA-Part1


Certified Internal Auditor - Part 1, The Internal

Audit Activitys Role in Governance, Risk, and Control


https://killexams.com/pass4sure/exam-detail/IIA-CIA-Part1


Question: 555


During a payroll audit of a large organization, an auditor noted that the assistant personnel director is responsible for many aspects of the computerized payroll system, including adding new employees in the system; entering direct-deposit information for employees; approving and entering all payroll changes; and providing training for system users. After discussions with the director of personnel, the auditor concluded that the director was not comfortable dealing with information technology issues and felt obliged to support all actions taken by the assistant director. The auditor should:

  1. Continue to follow the engagement program because the engagement scope and objectives have already been discussed with management.

  2. Review the engagement program to ensure testing of direct deposits to employee bank accounts is adequately covered.

  3. Recommend to the chief audit executive that a fraud investigation be started.

  4. Test a sample of payroll changes to ensure that they were approved by the assistant director before being processed.


Answer: B


Question: 556


Which of the following is an example of sharing risk?

  1. An organization redesigned a business process to change the risk pattern.

  2. An organization outsourced a portion of its services to a third-party service provider.

  3. An organization sold an unprofitable business unit to its competitor.

  4. In order to spread total risk, an organization used multiple vendors for critical materials.


Answer: B


Question: 557


Which of the following components influences the risk consciousness of an organization’s people and is the basis for all other components of enterprise risk management?

  1. Objective setting.

  2. Information and Communication.

  3. Risk Assessment.

  4. Internal Environment.


Answer: D


rale answer.


Question: 558

When internal auditors perform consulting services that add value and improve an organization’s operations, these services:

  1. Impair the internal auditors’ objectivity with respect to an assurance service involving the same engagement client.

  2. Would preclude the achievement of assurance from the consulting engagement.

  3. Should be consistent with the internal audit activity’s empowerment reflected in the charter.

  4. Impose no responsibility to communicate information other than to the engagement client.


Answer: C


Question: 559


A manufacturing firm uses hazardous materials in the production of its products. An audit of the firm’s processes related to hazardous materials should include.

  1. Recommending an environmental management system as part of policies and procedures.

    II.Verifying the existence of tracking records for these materials from creation to destruction.

    1. Using consultants to avoid self-incrimination of the firm in the event illegalities were detected in an environmental audit.

    2. Evaluating the cost provided for in an environmental liability accrual account.

  2. II only

  3. III and IV only

  4. I, II, and IV only

  5. I, III, and IV only


Answer: C appropriate. Question: 560

An organization’s accounts payable function improved its internal controls significantly after it received an unsatisfactory audit report.

When planning a follow-up audit of the function, what level of detection risk should be expected if the audit and sampling procedures used are unchanged from the prior audit?

  1. Detection risk is lower because control risk is lower.

  2. Detection risk is lower because control risk is higher.

  3. Detection risk is higher because control risk is lower.

  4. Detection risk is unchanged although control risk is lower.


Answer: D


Question: 561


Which of the following risk assessment tools would best facilitate the matching of controls to risks?

  1. Control matrix.

  2. Internal control questionnaire.

  3. Control flowchart.

  4. Program evaluation and review technique (PERT) analysis.


Answer: A

Question: 562


Which of the following statements regarding segregation of duties is true?

  1. When evaluating an organization’s policy on segregation of duties, employee competence does not need to be considered.

  2. An organizational chart provides an accurate definition of segregation of duties.

  3. A restrictive segregation-of-duties policy can help improve an organization’s communication.

  4. Policies on segregation of duties in information systems must recognize the difference between logical and physical access to assets.


Answer: D exact answer. Question: 563

An auditor plans to analyze customer satisfaction, including. (1) customer complaints recorded by the customer service department during the last three months; (2) merchandise returned in the last three months; and (3) responses to a survey of customers who made purchases in the last three months.

Which of the following statements regarding this audit approach is correct?

  1. Although useful, such an analysis does not address any risk factors.

  2. The survey would not consider customers who did not make purchases in the last three months.

  3. Steps 1 and 2 of the analysis are not necessary or cost-effective if the customer survey is comprehensive.

  4. Analysis of three months’ activity would not evaluate customer satisfaction.


Answer: B


Question: 564


Which of the following would not be a factor for senior management to consider when determining the internal audit activity’s role in an organization’s risk management process?

  1. The extent to which the internal audit activity is outsourced.

  2. The maturity level of risk management practices in the organization.

  3. The competency of the internal auditors in risk management.

  4. The nature of the business and the environment in which the organization operates.


Answer: A


Question: 565


Which of the following best describes the underlying premise of the COSO enterprise risk management framework?

  1. Management should set objectives before assessing risk.

  2. Every entity exists to provide value for its stakeholders.

  3. Policies are established to ensure that risk responses are performed effectively.

  4. Enterprise risk management can minimize the impact and likelihood of unanticipated events.


Answer: B


image

6$03/( 48(67,216


7KHVH TXHVWLRQV DUH IRU GHPR SXUSRVH RQO\ )XOO YHUVLRQ LV XS WR GDWH DQG FRQWDLQV DFWXDO TXHVWLRQV DQG DQVZHUV


.LOOH[DPV FRP LV DQ RQOLQH SODWIRUP WKDW RIIHUV D ZLGH UDQJH RI VHUYLFHV UHODWHG WR FHUWLILFDWLRQ H[DP SUHSDUDWLRQ 7KH SODWIRUP SURYLGHV DFWXDO TXHVWLRQV H[DP GXPSV DQG SUDFWLFH WHVWV WR KHOS LQGLYLGXDOV SUHSDUH IRU YDULRXV FHUWLILFDWLRQ H[DPV ZLWK FRQILGHQFH +HUH DUH VRPH NH\ IHDWXUHV DQG VHUYLFHV RIIHUHG E\ .LOOH[DPV FRP


$FWXDO ([DP 4XHVWLRQV .LOOH[DPV FRP SURYLGHV DFWXDO H[DP TXHVWLRQV WKDW DUH H[SHULHQFHG LQ WHVW FHQWHUV 7KHVH TXHVWLRQV DUH XSGDWHG UHJXODUO\ WR HQVXUH WKH\ DUH XS WR GDWH DQG UHOHYDQW WR WKH ODWHVW H[DP V\OODEXV %\ VWXG\LQJ WKHVH DFWXDO TXHVWLRQV FDQGLGDWHV FDQ IDPLOLDUL]H WKHPVHOYHV ZLWK WKH FRQWHQW DQG IRUPDW RI WKH UHDO H[DP


([DP 'XPSV .LOOH[DPV FRP RIIHUV H[DP GXPSV LQ 3') IRUPDW 7KHVH GXPSV FRQWDLQ D FRPSUHKHQVLYH FROOHFWLRQ RI TXHVWLRQV DQG DQVZHUV WKDW FRYHU WKH H[DP WRSLFV %\ XVLQJ WKHVH GXPSV FDQGLGDWHV FDQ HQKDQFH WKHLU NQRZOHGJH DQG LPSURYH WKHLU FKDQFHV RI VXFFHVV LQ WKH FHUWLILFDWLRQ H[DP


3UDFWLFH 7HVWV .LOOH[DPV FRP SURYLGHV SUDFWLFH WHVWV WKURXJK WKHLU GHVNWRS 9&( H[DP VLPXODWRU DQG RQOLQH WHVW HQJLQH 7KHVH SUDFWLFH WHVWV VLPXODWH WKH UHDO H[DP HQYLURQPHQW DQG KHOS FDQGLGDWHV DVVHVV WKHLU UHDGLQHVV IRU WKH DFWXDO H[DP 7KH SUDFWLFH WHVWV FRYHU D ZLGH UDQJH RI TXHVWLRQV DQG HQDEOH FDQGLGDWHV WR LGHQWLI\ WKHLU VWUHQJWKV DQG ZHDNQHVVHV


*XDUDQWHHG 6XFFHVV .LOOH[DPV FRP RIIHUV D VXFFHVV JXDUDQWHH ZLWK WKHLU H[DP GXPSV 7KH\ FODLP WKDW E\ XVLQJ WKHLU PDWHULDOV FDQGLGDWHV ZLOO SDVV WKHLU H[DPV RQ WKH ILUVW DWWHPSW RU WKH\ ZLOO UHIXQG WKH SXUFKDVH SULFH 7KLV JXDUDQWHH SURYLGHV DVVXUDQFH DQG FRQILGHQFH WR LQGLYLGXDOV SUHSDULQJ IRU FHUWLILFDWLRQ H[DPV


8SGDWHG &RQWHQW .LOOH[DPV FRP UHJXODUO\ XSGDWHV LWV TXHVWLRQ EDQN DQG H[DP GXPSV WR HQVXUH WKDW WKH\ DUH FXUUHQW DQG UHIOHFW WKH ODWHVW FKDQJHV LQ WKH H[DP V\OODEXV 7KLV KHOSV FDQGLGDWHV VWD\ XS WR GDWH ZLWK WKH H[DP FRQWHQW DQG LQFUHDVHV WKHLU FKDQFHV RI VXFFHVV


7HFKQLFDO 6XSSRUW .LOOH[DPV FRP SURYLGHV IUHH [ WHFKQLFDO VXSSRUW WR DVVLVW FDQGLGDWHV ZLWK DQ\ TXHULHV RU LVVXHV WKH\ PD\ HQFRXQWHU ZKLOH XVLQJ WKHLU VHUYLFHV 7KHLU FHUWLILHG H[SHUWV DUH DYDLODEOH WR SURYLGH JXLGDQFH DQG KHOS FDQGLGDWHV WKURXJKRXW WKHLU H[DP SUHSDUDWLRQ MRXUQH\


'PS .PSF FYBNT WJTJU IUUQT LJMMFYBNT DPN WFOEPST FYBN MJTU

.LOO \RXU H[DP DW )LUVW $WWHPSW *XDUDQWHHG