An auditor receives anonymous information that fraud is occurring in the operation being audited, but no details are given as to the type of fraud or the individuals involved. There are several areas in which fraud could occur. The auditor should:
A. Identify the area that has the greatest volume of transactions and design a sampling plan for substantive testing.Which of the following best describes a risk that is deemed "unacceptable" to the organization?
A. A risk where likelihood and impact are high.In which of the following situations has an internal audit of obtained physical evidence?
A. An internal auditor made purchases from several of the organization's retail outlets to evaluate customer serviceWhich of the following is an advantage of nonstatistical sampling over statistical sampling?
A. Nonstatistical sampling provides more objective recommendations for management.Access control software on an organization's mainframe computer records detailed information concerning both successful and unsuccessful log-on attempts to applications. Which of the following audit tools would be best suited to review the access information that has been recorded?
A. Generalized audit software.Management is concerned with the organization's disposal of pollutants into city's water treatment facility. Which of the following types of engagements and objectives is most appropriate to address the concern?
A. An assurance engagement to determine the most economical facilitation of pollutant disposal.When starting an annually recurring assurance engagement on a process, the internal auditor considered that the process had only minor changes in the previous year. Therefore, the auditor decided to conduct the engagement by reperforming the tests Defined in the previous year's audit program. A few weeks later, an external authority detected that one of the recent process changes was noncompliant with national law, and the organization was heavily fined. What would have helped the auditor identity this noncompliance risk?
A. Updating last year's heat map.An internal auditor discovered that sales contracts with business clients were not stored in the electronic document management database. Instead, they were scanned and saved in a nonsystematic manner to server folders. Which of the following would be an appropriate consequence for the internal auditor to include in the documented observation?
A. The document management policy requires business client data to be stored in a specific management databaseAccording to the Standards, which of the following best describes the responsibility of the chief audit executive (CAE) for approving the final engagement report? The CAE is responsible for obtaining management approval before issuing the final report. The CAE has overall responsibility for the report but can delegate the review and approval of the report. The CAE is responsible for obtaining senior management's approval before releasing the final report. The CAE is responsible for approving to whom and how the final report will be disseminated.
A. 1 and 3 onlyWhich of the following would be the most helpful to a chief audit executive when developing a talent management strategy?
A. Gap analysisNowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your IIA-CIA-PART2 exam preparations and IIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.