Internal Auditing Test 1

Ace your homework & exams now with Quizwiz!

Which method of evaluating internal controls during the preliminary survey provides the internal auditor with the best visual grasp of a system and a means for analyzing complex operations?

A flowcharting approach

The purpose, authority, and responsibility of the internal audit activity are formally defined in

A formal, written charter

Which of the following actions could be constructed as a violation of The IIA's Code of Ethics?

Failing to report to management information that would be material to management's judgement

Under the COSO's ERM framework, which of the following most accurately describes risk management responsibilities?

In practice, management has primary responsibility

What action does The IIA's Code of Ethics suggest for an internal auditor in such a case?

Inform appropriate organizational officials

The most appropriate way for the CAE to deal with this problem is to

Inform the IIA's Board of Directors and take the personnel action required by organizational policy

According to The IIA Code of Ethics, which of the following are four principles relevant to the professional care that internal auditors should apply in their practice of internal auditing?

Integrity, objectivity, confidentiality, and competency

The initiation of the purchase of materials and supplies would be the responsibility of the

Inventory control department

Enterprise risk management

Involves the identification of events with negative impacts on organizational objectives

Which of the following describes a control weakness?

Purchasing procedures are well designed and are followed unless otherwise directed by the purchasing supervisor

Which of the following is a factor affecting risk?

Rapid growth New personnel New or revamped information systems All of the answers are correct

Which of the following is most likely to be considered an indication of possible fraud?

Rapid turnover of the organization's financial executives

If internal control is well designed, two tasks that should be performed by different persons are

Recording of cash receipts and preparation of bank reconciliations

Which of the following factors have generally NOT been associated with management fraud?

Regular comparison of actual results with budgets

If the committee meets and approves the grants before such issuance, the internal auditor should

Report the override of control to the board

In which of the following scenarios does the auditor most likely have organizational independence but lack objectivity?

Reports to the board but does not report fully about the reason for corrective action taken

In this case, the internal auditor should recommend

The initiation of a conflict-of-interest- policy

What is the responsibility of the internal auditor with respect to fraud?

The internal auditor should have sufficient knowledge to identify the indicators of fraud but is not expected to be an expert

This scope limitation, along with its potential effect, must be communicated to which one of the following?

The organization's board of directors

One payroll engagement objective is to determine whether segregation of duties is proper. Which of the following activities is incompatible?

Preparing attendance data and preparing the payroll

A primary purpose of establishing a code of conduct within a professional organization is to

Promote an ethical culture among professionals who serve others

Quality program assessments may be performed internally or externally. A distinguishing feature of an external assessment is its objective to

Provide independent assurance

The internal audit activity collectively must process or obtain certain competencies. Internal audit staff should be competent in

The use of the International Professional Practices Framework

Which of the following is a control deficiency in this situation?

There is no receiving function located at individual stores

The combination of responsibilities that would NOT be considered a violation of segregation of functional responsibilities is

Timekeeping and preparation of payroll journal entries

Which of the following best describes the purpose of the internal audit activity?

To add value and improve an organization's operations

An unexpected decrease in which of the following ratios could indicate that fictitious inventory has been recorded?

Total asset turnover

Which of the following statements is correct regarding corporate compensation systems and related bonuses?

1 A bonus system should be considered part of the control environment of an organization and should be considered in formulating a report on internal control 1 only

Assurance engagements must be performed with proficiency and due professional care. Accordingly, the Standard require internal auditors to

1 Consider the probability of significant noncompliance 3 Weigh the cost of assurance against the benefits 1 and 3 only

During a consulting engagement, an internal auditor should exercise due professional care by considering which of the following?

1 Needs and expectations of engagement clients 2 Relative complexity and extent of work needed 3 Cost of the consulting engagement 1, 2, and 3

The components of ERM should be present and function effectively. What does "present and functioning effectively" mean?

1 No material weaknesses exist 2 Risk is within the risk appetite Both 1 and 2

To reduce the risk associated with this process, an organization should employ which of the following procedures?

1 Require managerial approval for materials to be declared scrap or obsolete 1 only

If the internal audit activity of a nonpublic company does not have the skills to perform a particular task, an external service provider (ESP) could be brought in from

1 The organization's external audit firm 2 an external consulting firm 4 a college or university

Which of the following activities will most likely NOT adversely affect internal auditor's ethical behavior?

Accepting compensation from professional organizations for consulting work

An element of authority that must be included in the charter of the internal audit activity is

Access to records, personnel, and physical properties relevant to the performance of engagements

The purpose of the internal audit activity can be best described as

Adding value to the organization

The internal auditor's actions

Are not in violation of either The IIA's Code of Ethics or the Standards

The COSO model for internal control lists five specific areas encompassed by the control environment component. Which of the following are elements of the control environment?

Assignment of authority and responsibility Organizational structure Integrity and ethical values All of the answers are correct

Which of the following is NOT appropriate for inclusion in the internal audit charter?

Authorization of the board to approve the charter

Many organizations use electronic funds transfer to pay their suppliers instead of issuing checks. Regarding the risks associated with issuing checks, which of the following risk management techniques does this represent?

Avoiding

Number 7, "John's family observed that he was often argumentative...," is an example of a

Behavioral symptom

The primary reason that a bank would maintain a separate compliance function is to

Better manage perceived high risks

The interpretation related to quality assurance given by the Standards is that

External assessments can provide senior management and the board with independent assurance about the quality of the internal audit activity

Which of the following control models is fully incorporated into the broader integrated framework of enterprise risk management (ERM)?

COSO

If employee paychecks are distributed by hand to employees, which one of the following departments should be responsible for the safekeeping of unclaimed paychecks?

Cashier department

According to COSO, the use of ongoing and separate evaluations to identify and address changes in internal control effectiveness can best be accomplished in which of the following stages of the monitoring-for-change continuum?

Change identification

Which of the following members of an organization has ultimate ownership responsibility of the enterprise risk management, provides leadership and direction to senior managers, and monitors the entity's overall risk activities in relation to its risk appetite?

Chief executive officer

The reporting structure that is most likely to allow the internal audit activity to accomplish its responsibilities is to report administratively to the

Chief executive officer and functionally to the board of directors

The nature of the scope limitation needs to be

Communicated, preferably in writing, to the board

Under the IIA's Code of Ethics, an entity that provides internal auditing services is specifically required to

Comply with the International Standards for the Professional Practice of Internal Auditing

With regard to the exercise of due professional care, an internal auditor should

Consider the relative materiality or significance of matters to which assurance procedures are applied

The internal auditor's proper response is to

Consider the specific circumstances before deciding whether to disclose the reasons for the information request

Due professional care calls for

Consideration of the possibility of material irregularities during every engagement

Objectivity is most likely impaired by an internal auditor's

Continuation on an engagement at a division for which (s)he will soon be responsible as the result of a promotion

Which of the following statements best describes the relationship between planning and controlling?

Controlling cannot operate effectively without the tools provided by planning

One of the disadvantages of imposing this requirement is that the policy

Could limit the range of services that could be performed due to the internal audit activity's narrow expertise and backgrounds

Internal auditors should review the means of physically safeguarding assets from losses arising from

Exposure to the elements

Which of the following fraudulent entries is most likely to be made to conceal the theft of an asset?

Debit expenses and credit the asset

Which of the following actions should the chief audit executive take?

Decide whether to recommend an investigation

The diamond-shaped symbol is commonly used in flowcharting to show or represent a

Decision point, conditional testing, or branching

According to COSO, which of the following is the most effective method to transmit a message of ethical behavior throughout an organization?

Demonstrating appropriate behavior by example

Which of the following would NOT be an appropriate responsibility for an internal audit activity?

Designing and implementing appropriate controls

External assessment of an internal audit activity is NOT likely to evaluate

Detailed cost-benefit analysis of the internal audit activity

Which of the following would NOT be required as part of such an engagement?

Determine whether the chief financial officer is getting higher or lower rates of return on investments than are chief financial officers in comparable organizations

Reasonable assurance should be obtained as to each prospective internal auditor's qualifications and proficiency. Which of the following is the LEAST useful application of this principle?

Determining that all applicants have an accounting degree

Controls that are designed to provide management with assurance of the realization of specified minimum gross margins on sales are

Directive controls

The chief audit executive should

Engage an engineering consultant to perform the comparison

The reconciliation of the summary report to the day's material request forms by the parts room supervisor

Ensures the accuracy and completeness of data input

The internal auditors' responsibility regarding fraud includes all of the following EXCEPT

Ensuring that fraud will not occur

A major reason for establishing an internal audit activity is to

Evaluate and improve the effectiveness of control processes

The internal audit activity's responsibility for preventing fraud is to

Evaluate the system of internal control

An internal auditor must exercise due professional care in performing engagements. Due professional care includes

Evaluating established operating standards and determining whether those standards are adequate

Which of the following describes one of the responsibilities of the internal auditor for the deterrence of fraud in an organization?

Evaluating the adequacy of controls to prevent fraud

A key feature that distinguishes fraud from other types of crime or impropriety is that fraud always involves the

False representation or concealment of a material fact

As part of a total quality control program, a firm not only inspects finished goods but also monitors product returns and customer complaints. Which type of control best describes these efforts?

Feedback control

What type of control was involved?

Feedforward

An organization's policies and procedures are part of its overall system of internal controls. The control function performed by policies and procedures is

Feedforward control

Select the type of control provided when the internal audit activity conducts a systems development analysis.

Feedforward control

The CAE bears the responsibility to do which of the following?

Foster individual objectivity

In which of the following situations does the internal auditor potentially lack objectivity?

Four months after being transferred to the internal audit activity, a former purchasing assistant performs a review of internal controls over purchasing

Which of the following describes the chief audit executive's optimal reporting line to enhance the independence of the internal audit activity?

Functional reporting to the audit committee

The purposes of the Standards include all of the following EXCEPT

Guiding the ethical conduct of internal auditors

In documenting the procedures used by several interacting departments the internal auditor will most likely use a(n)

Horizontal (or systems) flowchart

The opportunity for control-raised problems including fraud has been increased in the stockroom because

Items for cycle count are selected by stockroom personnel

Which of the following represents the best statement of responsibilities for risk management?

Management- Responsibility for risk Internal Auditing- Advisory role Board- Oversight role

Within the COSO Internal Control - Integrated Framework, which of the following components is designed to ensure that internal controls continue to operate effectively?

Monitoring

Which of the following disclosures made by the internal auditor to the new organization would constitute a violation of The IIA's Code of Ethics?

None of the answers represent a violation of the Code.

Which of the following best describes the action prescribed by The IIA's Code of Ethics?

Not accept it if the gift is presumed to impair the internal auditor's judgement

In applying the Rules of Conduct set forth in The IIA's Code of Ethics, internal auditors are expected to

Not be unduly influenced by their own interests in forming judgements

An internal auditor noted that several shipments were not billed. To prevent recurrence of such non billing, the organization should

Numerically sequence and independently account for all controlling documents (such as packing slips and shipping orders) when sales journal entries are recorded

Which action is most appropriate?

Offer the candidate a position if other staff members possess sufficient knowledge in economics and information technology

Which of the following activities could affect the quality assurance review team's evaluation of the objectivity of the internal auditors?

One internal auditor told the review team that, during an engagement to review the payroll function, the payroll manager approached the auditor. The manager indicated the need for an accountant to prepare financial statements for the manager's part-time business. The internal auditor agreed to perform this work for a reduced fee during non-work hours.

Consequently, all internal auditors should be competent with regard to

Operating within the organization's framework for governance, risk management, and control

Number 2, "Randy was always handling the most urgent...," is an example of a(n)

Opportunity to commit

According to the International Professional Practices Framework, the independence of the internal audit activity is achieved through

Organizational status and objectivity

Which of the following are elements of the control environment?

Organizational structure Assignment of authority and responsibility Integrity and ethical values All of the answers are correct

A possible error that this system could allow is

Overpayment for partial deliveries

The chief audit executive (CAE) is best defined as the

Person responsible for the internal audit function

The most appropriate method to prevent fraud or theft during the frequent movement of trailers loaded with valuable metal scrap from the manufacturing plant to the organization's scrap yard about 10 miles away would be to

Require existing security guards to log the time of plant departure and scrap yard arrival. The elapsed time should be reviewed by a supervisor for fraud

Which of the following is a directive control?

Requiring all members of the internal audit activity to be CIAs

Which policy best promotes independence?

Requiring internal auditors to report to the chief audit executive any conflicts of interest or bias

According to The IIA's Code of Ethics, the principle of integrity requires internal auditors to do which of the following?

Respect and contribute to the legitimate and ethical objectives of the organization

Which one of the following is NOT included in the internal audit charter?

Risk assessment of the internal audit activity

Which of the following is the most accurate term for a process to identify, assess, manage, and control potential events or situations to provide reasonable assurance regarding the achievement of the organization's objectives?

Risk management

According to COSO, this decision represents which of the following responses to the risk?

Risk reduction

What is residual risk?

Risk that is not managed

Which of the following activities is outside the scope of internal auditing?

Safeguarding of assets

The CAE must

Seek permission from the audit committee to obtain appropriate support from an HSE professional

The proper organizational role of internal auditing is to

Serve as an independent, objective assurance and consulting activity that adds value to operations

Which of the following ensures that all inventory shipments are billed to customers?

Shipping documents are renumbered and are independently accounted for and matched with sales invoices

If the officer makes good on the promise, the internal auditor

Should still include the finding in the final engagement communication

Number 3, "Difficulties with personal financial problems," is an example of a(n)

Situational pressure

Controls provide assurance to management that desired actions will be accomplished when objectives are established in writing and

Standards are adopted, results are compared with the standards, and corrective actions are undertaken

A typical code of ethical conduct for financial managers or management accountants in an organization requires all of the following EXCEPT

Subjectivity in presenting information, preparing reports, and making analyses

In this situation, typical indicators of the suspected fraud include all of the following except

Submitting gasoline and repair bills that are higher than company average

In this circumstance, the employee should

Suggest that the engagement be performed by another member of the internal audit staff

Which of the following is an indicator of increased risk of fraud? The chief financial officer

Takes no vacations and has refused promotion to vice president of finance

Which action is NOT consistent with functional reporting?

The CAE should meet with the board, with management present, to reinforce the independence of the internal audit activity

Which of the following is NOT considered a scope limitation?

The board reviews the engagement work schedule for the year and deletes an engagement that the chief audit executive thought was important to conduct

The bonus may impair the CAE's objectivity if

The bonus is based on monetary amounts recovered or recommended future savings as a result of engagements

Assessing individual objectivity of internal auditors is the responsibility of

The chief audit executive

Ordinarily, those conducting internal quality program assessments report to

The chief audit executive

Which of the following control procedures provides the greatest assurance that all donations to a not-for-profit organization are immediately deposited in its account?

Use a lockbox to receive all donations

Which of the following areas could be viewed as an internal control weakness of the above organization?

Write-offs of delinquent accounts

Has a violation of The IIA's Code of Ethics occurred?

Yes. The internal auditor was not prudent in the use of information acquired in the course of his or her duties


Related study sets

Stats Quiz 9 Measure of Central Tendency

View Set