IIA IIA-CIA-Part1 Exam Questions

Question 6 of 731

According to the Standards, the organizational status of the internal audit activity:

Must be sufficient to permit the accomplishment of its audit responsibilities.

Is best when the reporting relationship is direct to the board of directors.

Requires the board's annual approval of the audit schedules, plans, and budgets.

Is guaranteed when the charter specifically defines its independence.

Correct Answer: A

The organizational status of the internal audit activity must be sufficient to permit the accomplishment of its audit responsibilities. This is a fundamental principle to ensure the internal audit activity has the necessary authority and access to fulfill its role effectively.

Question 7 of 731

A high-volume retailer of consumer goods has used point-of-sale data to record sales and update inventory records for several years. When price changes are scheduled, corporate headquarters downloads a price change file to a computer server system at each store. Each store's assistant manager is responsible for checking the server for downloads and running the program that updates the store's price file at the authorized price update time. In comparison with having headquarters initiate the price update centrally, this approach to price updating will most likely:

Decrease the risk that customers will be undercharged consistently for sales items.

Decrease the risk that item prices will sometimes be inaccurate.

Increase the risk that customers will be undercharged consistently for sales items.

Increase the risk that item prices will sometimes be inaccurate.

Correct Answer: D

When price changes are managed by each store's assistant manager rather than being centrally updated by headquarters, the risk that item prices will sometimes be inaccurate increases. This is due to the potential for human error in checking for downloads, running the program correctly, and ensuring the update occurs at the authorized time. Centralized updates minimize such risks by automating the process and reducing the reliance on multiple individuals to perform the task correctly.

Question 8 of 731

An internal auditor is reviewing a new automated human resources system. The system contains a table of pay rates which are matched to the employee job classifications. The best control to ensure that the table is updated correctly for only valid pay changes would be to:

Limit access to the data table to management and line supervisors who have the authority to determine pay rates.

Require a supervisor in the department, who does not have the ability to change the table, to compare the changes to a signed management authorization.

Ensure that adequate edit and reasonableness checks are built into the automated system.

Require that all pay changes be signed by the employee to verify that the change goes to a bona fide employee.

Correct Answer: B

The best control to ensure the table of pay rates is updated correctly for only valid pay changes would be to require a supervisor in the department, who does not have the ability to change the table, to compare the changes to a signed management authorization. This leverages the principle of segregation of duties, ensuring that the person verifying the updates cannot make unauthorized changes themselves. This approach provides a robust control by combining a manual supervisory check with proper authorization, reducing the risk of errors or fraud.

Question 9 of 731

According to the International Professional Practices Framework, internal auditors should possess which of the following competencies?
I. Proficiency in applying internal auditing standards, procedures, and techniques.
II. Proficiency in accounting principles and techniques.
III. An understanding of management principles.
IV. An understanding of the fundamentals of economics, commercial law, taxation, finance, and quantitative methods.

I only

II only

I and III only

I, III, and IV only

Correct Answer: D

Internal auditors, according to the International Professional Practices Framework, should possess proficiency in applying internal auditing standards, procedures, and techniques (I). They should also have an understanding of management principles (III) and an understanding of the fundamentals of economics, commercial law, taxation, finance, and quantitative methods (IV). While proficiency in accounting principles and techniques (II) is more specifically required for accountants, internal auditors should have a broader understanding across various domains. Therefore, the correct competencies align with options I, III, and IV.

Question 10 of 731

Which of the following is not an appropriate role for internal auditors after a disaster occurs?

Monitor the effectiveness of the recovery and control of operations.

Correct deficiencies of the entity's business continuity plan.

Recommend future improvements to the entity's business continuity plan.

Assist in the identification of lessons learned from the disaster and the recovery operations.

Correct Answer: B

Internal auditors should not correct deficiencies of the entity's business continuity plan after a disaster. This task is a management responsibility, as it involves making operational decisions and implementing changes to processes. Internal auditors are responsible for monitoring the effectiveness of recovery efforts, recommending future improvements, and assisting in identifying lessons learned, but they should not directly correct deficiencies.