Examice

Exam IIA-CIA-Part1 All QuestionsBrowse all questions from this exam

Question 296

The board asked the chief audit executive (CAE) to assume responsibility for a newly formed risk management function while retaining responsibility for the internal audit activity. The new function is comprised of both risk and compliance activities. How should next year's internal audit of the risk management function be performed?

It should be performed by a competent assurance provider external to the internal audit activity.

It should be performed by a qualified audit team in the internal audit activity and overseen by the most senior auditor other than the CAE.

It should be conducted by a team of internal auditors under the supervision of risk and compliance managers.

It should be performed by a team of the most experienced internal auditors, without oversight or direct involvement from the CAE.

Correct Answer: A

The chief audit executive (CAE) assuming responsibility for both the internal audit activity and the newly formed risk management function creates a conflict of interest. To ensure independence and objectivity, next year's internal audit of the risk management function should be performed by a competent assurance provider external to the internal audit activity. This will help maintain the integrity of the audit process.

Discussion

ElvooOption: A

Why not A?