IIA-CIA-Part2 Exam Questions

Total 504 Questions

Last Updated Exam : 16-Dec-2024

Topic 1, Volume A

Which of the following would be a red flag that indicates the possibility of inventory fraud?
I. The controller has assumed responsibility for approving all payments to certain vendors.
II. The controller has continuously delayed installation of a new accounts payable system, despite
a corporate directive to implement it.
III. Sales commissions are not consistent with the organization's increased levels of sales.
IV. Payments to certain vendors are supported by copies of receiving memos, rather than
originals.


A.

I and II only


B.

 II and III only


C.

I, II, and IV only


D.

I, III, and IV only





C.
  

I, II, and IV only



During an operational audit of a chain of pizza delivery stores, an auditor determined that cold
pizzas were causing customer dissatisfaction. A review of oven calibration records for the last six
months revealed that adjustments were made on over 40 percent of the ovens. Based on this, the
auditor:


A.

Has enough evidence to conclude that improperly functioning ovens are the cause.


B.

Needs to conduct further inquiries and reviews to determine the impact of the oven variations
on the pizza temperature.


C.

Has enough evidence to recommend the replacement of some of the ovens.


D.

Must search for another cause since approximately 60 percent of the ovens did not require
adjustment.





B.
  

Needs to conduct further inquiries and reviews to determine the impact of the oven variations
on the pizza temperature.



When assessing the risk associated with an activity, an internal auditor should:


A.

Determine how the risk should best be managed.


B.

Provide assurance on the management of the risk.


C.

Modify the risk management process based on risk exposures.


D.

Design controls to mitigate the identified risks.





B.
  

Provide assurance on the management of the risk.



Which of the following procedures would provide the best evidence of the effectiveness of a creditgranting
function?


A.

Observe the process.


B.

Review the trend in receivables write-offs.


C.

Ask the credit manager about the effectiveness of the function.


D.

Check for evidence of credit approval on a sample of customer orders.





B.
  

Review the trend in receivables write-offs.



The most effective way for internal auditors to enhance the reliability of computerized financial and
operating information is by:


A.

Determining if controls over record keeping and reporting are adequate and effective.


B.

Reviewing data provided by information systems to test compliance with external requirements.


C.

Determining if information systems provide management with timely information.


D.

Determining if information systems provide complete information.





A.
  

Determining if controls over record keeping and reporting are adequate and effective.



Which of the following situations might allow an employee to steal checks sent to an organization
and subsequently cash them?


A.

Checks are not restrictively endorsed when received.


B.

Only one signature is required on the organization's checks.


C.

One employee handles both accounts receivable and purchase orders.


D.

One employee handles both cash deposits and accounts payable.





A.
  

Checks are not restrictively endorsed when received.



An internal auditor is assigned to conduct an audit of security for a local area network (LAN) in the
finance department of the organization. Investment decisions, including the use of hedging
strategies and financial derivatives, use data and financial models which run on the LAN. The LAN
is also used to download data from the mainframe to assist in decisions. Which of the following
should be considered outside the scope of this security audit engagement?


A.

 Investigation of the physical security over access to the components of the LAN.


B.

The ability of the LAN application to identify data items at the field or record level and
implement user access security at that level.


C.

. Interviews with users to determine their assessment of the level of security in the system and
the vulnerability of the system to compromise.


D.

The level of security of other LANs in the company which also utilize sensitive data.





D.
  

The level of security of other LANs in the company which also utilize sensitive data.



An audit of management's quality program includes testing the accuracy of the cost-of-quality
reports provided to management. Which of the following internal control objectives is the focus of
this testing?


A.

To ensure compliance with policies, plans, procedures, laws, and regulations.


B.

To ensure the accomplishment of established objectives and goals for operations or programs.


C.

To ensure the reliability and integrity of information.


D.

 To ensure the economical and efficient use of resources.





C.
  

To ensure the reliability and integrity of information.



When internal auditors provide consulting services, the scope of the engagement is primarily
determined by:


A.

 Internal auditing standards.


B.

The audit engagement team.


C.

The engagement client.


D.

The internal audit activity's charter.





C.
  

The engagement client.



A manufacturing process could create hazardous waste at several production stages, from raw
materials handling to finished goods storage. If the objective of a pollution prevention audit
engagement is to identify opportunities for minimizing waste, in what order should the following
opportunities be considered?
I. Recycling and reuse.
II. Elimination at the source.
III. Energy conservation.
IV. Recovery as a usable product Treatment.


A.

V, II, IV, I, III.


B.

IV, II, I, III, V.


C.

I, III, IV, II, V.


D.

III, IV, II, V, I.





B.
  

IV, II, I, III, V.