1. Home
  2. IIA
  3. IIA-CIA-PART2

IIA IIA-CIA-PART2 Online Practice Questions and Exam Preparation

IIA-CIA-PART2 Exam Details

  • Exam Code
    :IIA-CIA-PART2
  • Exam Name
    :Certified Internal Auditor - Part 2, Conducting the Internal Audit Engagement
  • Certification
    :IIA Certifications
  • Vendor
    :IIA
  • Total Questions
    :1078 Q&As
  • Last Updated
    :May 31, 2026

IIA IIA-CIA-PART2 Online Questions & Answers

  • Question 311:

    An internal audit manager is planning a contract compliance audit. Which of the following should be done prior to developing the audit work program?

    A. Select a sample of invoices for substantive testing.
    B. Review the contract for evidence of authorization.
    C. Document underlying reasons for noncompliance.
    D. Assess the inherent risk of paying duplicate invoices.

  • Question 312:

    An internal auditor discovered that a new employee was granted inappropriate access to the payroll system Apparently the IT specialist had made a mistake and granted access to the wrong new employee. Which of the following management actions would be most effective to prevent a similar issue from occurring again?

    A. Remove the new employee's excessive access rights and request that he report any future access error.
    B. Perform a complete review of all users who have access to the payroll system lo determine whether there are additional employees who were granted inappropriate access.
    C. Review the system activity log of the employee to determine whether he used the inappropriate access to conduct any unauthorized activities in the payroll system.
    D. Provide coaching to the IT specialist and introduce a secondary control to ensure system access is granted in accordance with the approved access request.

  • Question 313:

    According to an internal audit observation, the organization's rules of record management require all contracts to be registered and stored in a specific electronic system. One subsidiary has thousands of client contracts on paper, which are

    kept in the office because there are not enough assistants to scan the contracts into the system.

    Which of the following components should be added to this observation?

    A. Criteria.
    B. Cause.
    C. Effect.
    D. Condition.

  • Question 314:

    According to IIA guidance, which of the following statements about analytical procedures is true?

    A. Analytical procedures compare information against expectations.
    B. Analytical procedures begin after the engagement's planning phase.
    C. Analytical procedures provide internal auditors with explainable results.
    D. Analytical procedures are computer-assisted audit techniques.

  • Question 315:

    An internal auditor has been asked to join a project team to help design controls in a software application to address specific risks that have been identified by the team. Which of the following actions is most appropriate for the internal auditor to perform?

    A. Facilitate a control assessment to ensure all application risks were appropriately identified
    B. Advise the project team on how to develop effective controls
    C. Direct the project team to implement the appropriate controls within the software application
    D. Provide assurance that the design of the controls will mitigate the identified application risks

  • Question 316:

    Which of the following is least likely to help ensure that risk is considered in a work program?

    A. Risks are discussed with audit client.
    B. All available information from the risk-based plan is used.
    C. Client efforts to affect risk management are considered.
    D. Prior risk assessments are considered.

  • Question 317:

    A chief audit executive (CAE) reviews the supervision of an internal audit engagement. Which of the following would most likely assure the CAE that the engagement had adequate supervision?

    A. The engagement supervisor has an open door policy for audit team members to discuss concerns.
    B. The supervisor reviews weekly progress reports from the audit team members.
    C. The supervisor reviews and initials internal audit workpapers for the engagement.
    D. The supervisor meets periodically with management in the reviewed area to get feedback during the engagement.

  • Question 318:

    With which of the following would the internal audit activity discuss findings, conclusions and recommendations prior to issuance of internal audit report?

    1.Business unit management.

    2.Chief audit executive.

    3.Audit committee.

    4.Chief executive officer.

    A. 1 and 2 only
    B. 1 and 3 only
    C. 2 and 3 only
    D. 1, 2, 3, and 4

  • Question 319:

    Which of the following are key characteristics of enterprise risk management?

    1.It considers risk in the formulation of strategy.

    2.It applies risk management in some units of an entity.

    3.It takes a portfolio view of risks throughout the enterprise.

    4.It restricts the organization's ability to seize opportunities inherent in future events.

    A. 2 and 3 only
    B. 1 and 3 only
    C. 2 and 4 only
    D. 1 and 4 only

  • Question 320:

    A large retail organization, which sells most of its products online, experiences a computer hacking incident. The chief IT officer immediately investigates the incident and concludes that the attempt was not successful. The chief audit

    executive (CAE) learns of the attack in a casual conversation with an IT auditor.

    Which of the following actions should the CAE take?

    1.Meet with the chief IT officer to discuss the report and control improvements that will be implemented as a result of the security breach, if any.

    2.Immediately inform the chair of the audit committee of the security breach, because thus far only the chief IT officer is aware of the incident.

    3.Meet with the IT auditor to develop an appropriate audit program to review the organization's Internet-based sales process and key controls.

    4.Include the incident in the next quarterly report to the audit committee.

    A. 1 and 2
    B. 1 and 3
    C. 2 and 4
    D. 3 and 4

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your IIA-CIA-PART2 exam preparations and IIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.