The chief audit executive (CAE) decided that based on management's oral response, the action taken on an audit observation for a minor improvement in the client's process is sufficient and no further follow-up is
necessary. Which of the following would be the best statement regarding the action of the CAE?
A. The CAE action is not acceptable, as a follow-up audit is needed to ensure that action is really taken by management.
B. The CAE action is not acceptable, as follow-up on the issue is critical until a written response is obtained from management.
C. The CAE action is acceptable as long as the follow-up is sufficient when weighed against the relative importance of the recommendation.
D. The CAE action is acceptable as long as the issue has been escalated to the board to get their position on the issue.
The chief audit executive (CAE) notes that management has adopted the option of not taking action on an audit issue involving a sizeable risk which has been accepted in the past. Which would be an appropriate action by the CAE?
A. Close the issue by noting that follow-up will be completed as part of the next engagement.
B. Discuss the matter with management to determine a resolution.
C. Accept management's decision as the same risk has been accepted in the past.
D. Report the situation to the board for immediate resolution.
Which of the following would be a legitimate action for the internal auditor to take when monitoring audit engagement results?
1.
Disregard a certain risk because management and the board accepted the risk in the past.
2.
Abdicate the responsibility for a particular risk because it is not part of the audit plan.
3.
Obtain agreement from senior management that unresolved audit issues will be reported to the board. Request corrective action from management in writing.
A. 1 and 3 only
B. 2 and 3 only
C. 3 and 4 only
D. 1, 2, and 4 only
Which of the following statements is not true about the oversight and review of working papers by the chief audit executive (CAE)?
A. The CAE has ultimate responsibility for reviewing working papers and remains accountable for the achievement of objectives and the quality of work.
B. The need for CAE review depends on the proficiency and experience of the internal auditor and the complexity of the task.
C. The CAE is responsible for all significant professional judgments made during the audit process and should therefore personally review working papers to ensure conclusions were professionally arrived at.
D. The CAE, although having overall responsibility for reviewing work completed, can delegate such task to appropriately experienced internal audit staff.
According to the Standards, which of the following should be the basis for scheduling follow-up of engagement recommendations?
A. The follow-up manual procedures.
B. The internal audit charter.
C. The agreement made between internal auditors and management.
D. The risks and exposures involved.
Controls are implemented to:
A. Eliminate risk and reduce the potential for loss.
B. Mitigate risk and eliminate the potential for loss.
C. Mitigate risk and reduce the potential for loss.
D. Eliminate risk and eliminate potential for loss.
Which of the following controls in a computerized consumer loan system of a major bank would be the least effective in detecting a fraudulent loan?
A. All log-in accounts become inaccessible after three incorrect password attempts.
B. Loan approvals over a pre-determined limit must have management approval.
C. Customer information is matched to payment data prior to funds disbursement.
D. System controls prevent supervisors from delegating their approval authority during vacation periods.
According to the International Professional Practices Framework, the responsibility for establishing and maintaining a system to monitor the disposition of results communicated to management falls upon:
A. Compliance officer.
B. Chief audit executive.
C. Senior management.
D. Risk manager.
Which of the following should be included in the scope of an audit of a third-party contractor?
1.
Budgets and financial forecasts for the project.
2.
Contractor's information and control systems.
3.
Contractor's financial position.
4.
Progress of the project and costs incurred.
A. 1 and 4 only
B. 1, 2, and 3 only
C. 2, 3, and 4 only
D. 1, 2, 3, and 4
Which of the following tasks is typically performed in the analysis phase of a benchmarking consulting engagement?
A. Identifying business capabilities.
B. Developing data collection tools.
C. Determining benchmarked process attributes.
D. Determining sample size.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your IIA-CIA-PART2 exam preparations and IIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.