1. Home
  2. IIA
  3. IIA-CIA-PART2

IIA IIA-CIA-PART2 Online Practice Questions and Exam Preparation

IIA-CIA-PART2 Exam Details

  • Exam Code
    :IIA-CIA-PART2
  • Exam Name
    :Certified Internal Auditor - Part 2, Conducting the Internal Audit Engagement
  • Certification
    :IIA Certifications
  • Vendor
    :IIA
  • Total Questions
    :1078 Q&As
  • Last Updated
    :May 31, 2026

IIA IIA-CIA-PART2 Online Questions & Answers

  • Question 671:

    Besides a chief audit executive's professional experience, what determines the frequency and approach to assessing residual risk?

    A. The frequency of executing the internal audit engagements.
    B. The frequency of changes in the organization's environment.
    C. The expectations set by the board and senior management.
    D. The expectations set by operating management and senior management.

  • Question 672:

    During a review of data privacy an internal auditor is tasked with testing management's identification and prioritization of critical data collected by the organization. Which of the following steps would accomplish this objective?

    A. interview management to determine what types of data are collected and maintained
    B. Trace data from storage to the collection sources to determine how critical data is collected and organized
    C. Review a sample of data to determine whether the risk classification is reasonable
    D. Document and test a data inventory and classification program by determining the data classification levels and framework

  • Question 673:

    An auditor evaluating excessive product rejection rates should investigate:

    I. Communication between sales and production departments on sales returns.

    II. Volume of product sales year-to-date in comparison to prior year-to-date.

    III. Changes in credit ratings of customers versus sales to those customers.

    IV.

    Detailed product scrap accounts and accumulations.

    A. I and III only
    B. I and IV only
    C. II, III, and IV only
    D. I, II, III, and IV.

  • Question 674:

    During an entity-level controls assessment, internal auditors deploy an internal control questionnaire to test the controls. Which of the following is a major drawback of this testing method?

    A. Information obtained by this method can be repudiated.
    B. Information obtained by this method is difficult to quantify.
    C. It is an inefficient method of gathering evidence.
    D. Limited information can be gathered with this method.

  • Question 675:

    An internal auditor compares real-time gasoline production data to corresponding final gasoline production reports and finds minor but consistent daily discrepancies. If the auditor is concerned about theft, which of the following next steps is most consistent with IIA guidance?

    A. Reconcile online data and the final production reports to gasoline sales reports.
    B. Contact security personnel as evidence suggests gasoline is being stolen from production premises.
    C. Confront the production manager and ask her to explain the differences between real-time and reported data.
    D. Review the processes used to collect the production data and to compile the final production reports.

  • Question 676:

    The audit committee has asked the chief audit executive (CAE) to conduct an ad hoc forensic investigation of the purchasing department within a month, due to the significance and urgency of a recently discovered risk. The internal audit activity currently has no available staff with relevant experience or qualifications.

    Which of the following is the CAE's best option for fulfilling the internal audit activity's responsibilities in this case?

    A. Outsource the investigation to independent professional consultants
    B. Select certain internal auditors and remove them from their current assignments so that they can begin a forensic investigation course
    C. Recruit additional internal auditors possessing relevant qualification and experience
    D. Decline the engagement at this time

  • Question 677:

    According to the International Professional Practices Framework, which of the following is correct regarding conducting and reporting follow-up activities by the internal audit activity (IAA)?

    A. Due to management changes, the IAA is advised by management that no further work will be done. Further follow-up work is not required as management has accepted the related risk.
    B. A newly appointed auditor immediately proceeds to conduct follow-up testing based on previous work performed for the engagement and then reports the results to the chief audit executive (CAE).
    C. Management has stopped implementing several key recommendations citing a growing disagreement with their effectiveness. The auditor communicates the situation to the CAE who then escalates the matter to senior management.
    D. In situations where the identified risk may have a significant impact to the business and senior management has accepted the risk, it is not necessary for the internal audit activity to perform further follow-up.

  • Question 678:

    In which of the following cases is it appropriate for an audit report to not contain management's response either within the report or as an attachment?

    A. Management's response to an audit report is generally not a requirement.
    B. Internal controls were found to be properly designed and operating effectively although operations are deemed inefficient.
    C. There was insufficient time to obtain management's response during the draft reporting process.
    D. An internal audit report contains no observations.

  • Question 679:

    When assessing the risk associated with an activity, an internal auditor should:

    A. Determine how the risk should best be managed.
    B. Provide assurance on the management of the risk.
    C. Modify the risk management process based on risk exposures.
    D. Design controls to mitigate the identified risks.

  • Question 680:

    In addition to the internal auditor, which of the following parties should be present at an exit or closing conference?

    1.Audit committee members.

    2.The external auditor.

    3.The management responsible for the areas covered by the engagement.

    4.The chief executive officer.

    A. 2 only
    B. 3 only
    C. 3 and 4 only
    D. 1, 3, and 4 only

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your IIA-CIA-PART2 exam preparations and IIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.