An organization is beginning to implement an enterprise risk management program. One of the first steps is to develop a common risk language. Which of the following statements about a common risk language is true?
A. Management will be able to reduce inherent risk because they will have a better understanding of risk.
B. Internal auditors will be able to reduce their sample sizes because controls will be more consistent.
C. Stakeholders will have more assurance that the risks are assessed consistently.
D. Decision makers will understand that the likelihood of missing or ineffective controls will be reduced.
Which segregation of duties would best reduce the risk of payroll fraud?
A. Human resources personnel add employees, and payroll personnel process hours and enter employee bank account numbers. Paychecks are automatically deposited in the employee's bank account.
B. Human resources personnel add employees, payroll personnel process hours, and human resources personnel deliver paychecks to employees.
C. Human resources personnel add employees, review and submit payroll hours to the payroll department for processing, and deliver paychecks to employees.
D. Human resources personnel add employees and enter employee bank information. Payroll personnel process hours, and paychecks are automatically deposited in the employee's bank account.
A large trucking organization wants to reduce traffic accidents by improving its system of internal controls.
Which of the following controls is correctly classified?
1.
Review of speeding violations to identify repetitive locations and drivers is an example of a preventive control.
2.
Defensive driver training is an example of a directive control.
3.
The installation of tracking devices in delivery vehicles is an example of a corrective control.
4.
Providing a vehicle driver handbook is an example of a detective control.
A. 1 and 2.
B. 1 and 4.
C. 2 and 3.
D. 3 and 4.
Which two of the following are preventive controls in a check disbursement process?
1.
Daily reconciliation of the bank account used for check disbursements and prompt follow-up of unreconciled items.
2.
Segregation of the following duties: establishing new vendors, approving checks, and reconciling the bank account.
3.
An activity report detailing who accesses the check disbursement system and the nature of any action taken in the system.
4.
Evidence of strong access controls ensuring that authorized individuals have access only to the functions related to their responsibilities.
A. 1 and 3.
B. 1 and 4.
C. 2 and 3.
D. 2 and 4.
A credit card company detects potential errors in credit card numbers by checking whether all entered
numbers contain the correct amount of digits. This is an example of which of the following IT controls?
A. Logic test.
B. Check digits.
C. Data integrity tests.
D. Balancing control activities.
An internal audit team is performing an audit of workplace accident claims.
Which of the following actions by the audit team best demonstrates due professional care?
A. Having an occupational health officer on the engagement team.
B. Determining that the claims have been classified properly.
C. Placing reliance on medical reports from the injured worker's doctor.
D. Reviewing claims to ensure all accidents actually occurred in the workplace.
Which of the following actions should an internal auditor take to exercise due professional care?
1.
Consider the probability of significant noncompliance in each audit engagement.
2.
Weigh the cost of assurance against the benefits.
3.
Perform assurance procedures with sufficient care to ensure that all risks are identified.
A. 1 and 2 only
B. 1 and 3 only
C. 2 and 3 only
D. 1, 2, and 3
Which of the following is not one of the 10 core competencies identified in the IIA Competency Framework?
A. Governance, risk, and control.
B. Performance management.
C. Business acumen.
D. Internal audit delivery.
The chief audit executive (CAE) of a mid-sized pharmaceutical organization has operational responsibility for the regulatory compliance function. The audit committee requests an assessment of regulatory compliance. According to IIA guidance, which of the following is the CAE's best course of action?
A. Have a proficient internal audit staff member perform the assessment and disclose the impairment in the audit report and to the board.
B. Have a regulatory compliance staff member perform a self-assessment, to be reviewed by a proficient internal auditor.
C. Have a proficient internal audit staff member perform the audit and report the results of the assessment directly to senior management and the board.
D. Contract with a third-party entity or external auditor to complete the assessment and report the results to senior management and the board.
A chief audit executive (CAE) learns that the brother-in-law of a senior auditor who audits the procurement process was hired as the head of the procurement department six months prior. Which of the following is the most appropriate action for the CAE to take?
A. The CAE should not interfere because there is no evidence that a conflict of interest has occurred.
B. The CAE should remind the senior auditor of his obligation to be objective and impartial.
C. The CAE should change the senior auditor's assignment and take corrective action for the auditor's failure to disclose the conflict of interest.
D. The CAE should require the senior auditor to disclose the relationship in writing before continuing his responsibility for monitoring procurement.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your IIA-CIA-PART1 exam preparations and IIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.