IIA IIA-CIA-Part1 Exam Dumps

Question 6 of 299

A high-volume retailer of consumer goods has used point-of-sale data to record sales and update inventory records for several years. When price changes are scheduled, corporate headquarters downloads a price change file to a computer server system at each store. Each store's assistant manager is responsible for checking the server for downloads and running the program that updates the store's price file at the authorized price update time. In comparison with having headquarters initiate the price update centrally, this approach to price updating will most likely:

Decrease the risk that customers will be undercharged consistently for sales items.

Decrease the risk that item prices will sometimes be inaccurate.

Increase the risk that customers will be undercharged consistently for sales items.

Increase the risk that item prices will sometimes be inaccurate.

Correct Answer: D

When price changes are managed by each store's assistant manager rather than being centrally updated by headquarters, the risk that item prices will sometimes be inaccurate increases. This is due to the potential for human error in checking for downloads, running the program correctly, and ensuring the update occurs at the authorized time. Centralized updates minimize such risks by automating the process and reducing the reliance on multiple individuals to perform the task correctly.

Question 7 of 299

An internal auditor is reviewing a new automated human resources system. The system contains a table of pay rates which are matched to the employee job classifications. The best control to ensure that the table is updated correctly for only valid pay changes would be to:

Limit access to the data table to management and line supervisors who have the authority to determine pay rates.

Require a supervisor in the department, who does not have the ability to change the table, to compare the changes to a signed management authorization.

Ensure that adequate edit and reasonableness checks are built into the automated system.

Require that all pay changes be signed by the employee to verify that the change goes to a bona fide employee.

Correct Answer: B

The best control to ensure the table of pay rates is updated correctly for only valid pay changes would be to require a supervisor in the department, who does not have the ability to change the table, to compare the changes to a signed management authorization. This leverages the principle of segregation of duties, ensuring that the person verifying the updates cannot make unauthorized changes themselves. This approach provides a robust control by combining a manual supervisory check with proper authorization, reducing the risk of errors or fraud.

Question 8 of 299

According to the International Professional Practices Framework, internal auditors should possess which of the following competencies?

I. Proficiency in applying internal auditing standards, procedures, and techniques.

II. Proficiency in accounting principles and techniques.

III. An understanding of management principles.

IV. An understanding of the fundamentals of economics, commercial law, taxation, finance, and quantitative methods.

I only

II only

I and III only

I, III, and IV only

Correct Answer: D

Internal auditors, according to the International Professional Practices Framework, should possess proficiency in applying internal auditing standards, procedures, and techniques (I). They should also have an understanding of management principles (III) and an understanding of the fundamentals of economics, commercial law, taxation, finance, and quantitative methods (IV). While proficiency in accounting principles and techniques (II) is more specifically required for accountants, internal auditors should have a broader understanding across various domains. Therefore, the correct competencies align with options I, III, and IV.

Question 9 of 299

Which of the following is not an appropriate role for internal auditors after a disaster occurs?

Monitor the effectiveness of the recovery and control of operations.

Correct deficiencies of the entity's business continuity plan.

Recommend future improvements to the entity's business continuity plan.

Assist in the identification of lessons learned from the disaster and the recovery operations.

Correct Answer: B

Internal auditors should not correct deficiencies of the entity's business continuity plan after a disaster. This task is a management responsibility, as it involves making operational decisions and implementing changes to processes. Internal auditors are responsible for monitoring the effectiveness of recovery efforts, recommending future improvements, and assisting in identifying lessons learned, but they should not directly correct deficiencies.

Question 10 of 299

Which of the following lists the audit activities in the order in which they would generally be completed during a preliminary survey?

I. Write detailed audit procedures.

II. Identify client objectives, goals, and standards.

III. Identify risks and controls intended to prevent associated losses.

IV. Determine relevant engagement objectives.

II, I, IV, III.

II, III, IV, I.

III, IV, II, I.

II, IV, I, III.

Correct Answer: B

First, it is essential to identify client objectives, goals, and standards to understand the overall purpose and direction of the client's operations. Next, identifying risks and controls intended to prevent associated losses naturally follows, as it builds on the understanding of the client's objectives to determine what might prevent achieving these objectives. Following this, determining relevant engagement objectives is logical; it aligns the audit's goals with the client's objectives and identified risks. Lastly, writing detailed audit procedures comes after setting the engagement objectives to ensure the procedures are designed to meet these objectives and address the key risks identified.