CIA Practice Questions – 10 Questions – Set 2

Quiz Summary

0 of 10 Questions completed

Questions:

You have already completed the quiz before. Hence you can not start it again.

Quiz is loading…

You must sign in or sign up to start the quiz.

You must first complete the following:

Results

Quiz complete. Results are being recorded.

Results

0 of 10 Questions answered correctly

You have reached 0 of 0 point(s), (0)

Average score
Your score

Current
Review
Answered
Correct
Incorrect

Question 1 of 10

1. Question
An internal auditor’s role in producing assurance on risk reporting is best described by which of the following?
- Reporting on key organizational risks to Management.
- Testing whether key risk indicators were reported accurately and on time.
- Providing assurance to the board or audit committee on key risks in the organization.
- Testing whether key risk reports were sent to external auditors.
Correct

Incorrect
Question 2 of 10

2. Question
There are hard and soft types of controls in the COSO Internal Control framework. Which of the following illustrates characteristics of soft controls?
- Controls which can be moral, ethical or behavioral.
- Controls which are not formally defined in a policy or procedure.
- Controls performed by people.
- Controls which are generally objective in nature.
Correct

Incorrect
Question 3 of 10

3. Question
Which of the following safeguards could the internal audit activity put in place when asked to perform advisory engagements related to Enterprise Risk Management (ERM)?
- Make sure that internal auditors performing assurance engagements do not have access to the findings from the advisory engagements.
- Not accept to perform the advisory engagements related to ERM as the Chief Audit Executive is not able to acquire sufficient qualified staff to perform the engagement.
- Delay internal audit activity training opportunities to be able to meet the requirements related to the ERM engagement.
- Combine assurance engagements planned over ERM with the advisory engagements to save time.
Correct

Incorrect
Question 4 of 10

4. Question
Which of the following explains the difference between risk tolerance and risk appetite?
- Risk appetite depends on what the board or management see as acceptable, while risk tolerance shows the acceptable level of variation from an objective.
- Risk appetite expresses levels of risks that the board deems acceptable, while risk tolerance expresses levels of risks that management deems tolerable.
- Risk appetite is the amount of risk that an organization is comfortable taking, while risk tolerance is the degree of uncertainty that an organization is able to handle.
- Risk appetite comes from a strategic assessment of risks, while risk tolerance comes from a tactical analysis of risks.
Correct

Incorrect
Question 5 of 10

5. Question
Which of the following statements are correct?
- Positive assurance is an affirmation that controls are working within pre-defined parameters.
- Positive assurance denotes which processes are effective.
- Positive assurance must have a fully exhaustive audit of the scope area defined.
- Negative assurance must have a limited audit scope defined.
Correct

Incorrect
Question 6 of 10

6. Question
Which of the following are usually included in the internal audit charter?
- The internal audit risk inventory.
- The approval by the audit committee of the appointment of the Chief Audit Executive (CAE).
- A description of the reporting lines of the CAE.
- The internal audit plan and requirements over the internal audit planning process.
Correct

Incorrect
Question 7 of 10

7. Question
Which of the following is the most important in the relationship between the Audit Committee and the Chief Audit Executive (CAE)?
- The CAE must attend the Board and Shareholder meetings.
- Management is must be excluded from all Audit Committee meetings.
- There is a direct channel for the CAE to communicate with the Audit Committee.
- The CAE must be present at all Audit Committee meetings to allow unrestricted access.
Correct

Incorrect
Question 8 of 10

8. Question
A new Chief Audit Executive (CAE) in a company discovers that the organization does not have a risk management function. What would be the CAE’s most appropriate response according to the IIA’s International Professional Practices Framework?
- A fraud investigation should be planned following the 'prudence' principle to ensure that Management's decision to avoid having a risk management department was not because it wish to avoid any supervision of its fraudulent practices.
- As the responsibility for evaluating the management of risks is a responsibility of Management, it is not within the scope of an internal audit function's tasks.
- Internal audit should suggest ways to establish such a process.
- The CAE should decide whether to include the management of risks as part of the internal audit plan.
Correct

Incorrect
Question 9 of 10

9. Question
Which of the following is part of a quality assurance and improvement program, rather than as part of the responsibilities of the Chief Audit Executive (CAE)?
- The CAE gives access to internal audit working papers to the external auditors to enable them to assess the degree to which they can rely on the work of internal audit.
- A formal internal audit charter is established by Management to ensure the purpose, authority, and responsibility of internal audit.
- A performance appraisal of each internal auditor should be performed at least on an annual basis.
- The CAE must ensure the proper supervision of internal audit work throughout every audit engagement.
Correct

Incorrect
Question 10 of 10

10. Question
An internal auditor performing a consulting engagement notices that employees in the office are taking home office supplies such as pens, pencils or paper. The employees are not attempting to hide the materials that they are taking. There is no explicit policy on using the items for personal use. What would be the best course of action that the internal auditor can take in this situation?
- The internal auditor should document his observations in the report and recommend that the organization put in place a policy on the use of office supplies and communicate it to employees.
- The situation should be reported by the internal auditor as a fraudulent practice and further investigation should be recommended.
- As the losses are not considered a material risk, the internal auditor has no requirement to report the situation.
- Since the internal auditor was performing a consulting engagement and not an audit engagement, the internal auditor must refer the issue to the Chief Audit Executive so that they may plan an audit engagement over the issue.
Correct

Incorrect

The RGI Channel: Free Videos and CIA Questions

CIA Practice Questions – 10 Questions – Set 2

Quiz Summary

Information

Results

Results

Categories

1. Question

2. Question

3. Question

4. Question

5. Question

6. Question

7. Question

8. Question

9. Question

10. Question