Free Cheat-test Samples and Demo Questions Download
Adobe exams Adobe
Apple exams Apple
Avaya exams Avaya
Check Point exams Check Point
Cisco exams Cisco
Citrix exams Citrix
CIW exams CIW
CompTIA exams CompTIA
EC-Council exams EC-Council
EMC exams EMC
Exin exams Exin
Fortinet exams Fortinet
Hitachi exams Hitachi
HP exams HP
IBM exams IBM
Isaca exams Isaca
ISC exams ISC
Juniper exams Juniper
LPI exams LPI
McAfee exams McAfee
Microsoft exams Microsoft
Oracle exams Oracle
PMI exams PMI
Riverbed exams Riverbed
SNIA exams SAP
Sun exams SAS
Symantec exams Symantec
VMware exams VMware
All certification exams

IIA IIA-CIA-Part1 Exam -

Free IIA-CIA-Part1 Sample Questions:

Q: 1
A quantitative risk assessment model has all of the following advantages except:
A. Accommodating a large number of risk factors in the assessment.
B. Providing documentation for the chief audit executive, who must defend the long-range audit plan.
C. Providing a systematic method of applying weightings to risks and priorities.
D. Removing the need for judgment on the part of the chief audit executive.
Answer: D

Q: 2
Continuing Professional Education (CPE) hours for Certified Internal Auditors may be achieved by:
A. Attending audit staff meetings.
B. Verifying that all completed audit tests are fully documented.
C. Publishing an article on the company's internal audit department.
D. Obtaining experience on the job.
Answer: C

Q: 3
In a manufacturing company, which department would be the internal audit activity's most reliable source of information on the controls over minimizing defective goods?
A. Manufacturing.
B. Quality control.
C. Research and development.
D. Inventory management.
Answer: B

Q: 4
Internal auditors who are concerned with potential risks due to the mishandling of records or transactions should take into consideration:
A. The type and nature of the activities to be examined.
B. Whether employees in key positions of trust are bonded.
C. The history of losses suffered by the company.
D. The results of prior risk assessments.
Answer: A

Q: 5
Which of the following is true with respect to the risk assessment process?
A. The ethical climate should not be included since this factor cannot be measured quantitatively.
B. More than one risk factor may have to be used to ensure that the risk assessment is comprehensive.
C. Each risk factor should be given equal weighting in order to reduce the opportunity for bias.
D. The risk assessment process should be conducted at least every three years.
Answer: B

Q: 6
Which of the following lists these audit steps in the correct chronological order?
Create the engagement work program.
Conduct the exit conference.
Perform fieldwork.
Schedule the audit engagement.
Issue a summary report of audit findings.
A. I, IV, III, II, V.
B. I, IV, II, III, V.
C. IV, I, III, II, V.
D. IV, III, I, V, II.
Answer: C

Q: 7
Which of the following would have the least impact (either positive or negative) on an assessment of a department's control environment?
A. The department managed long-term investments, including investment in derivatives and other financial instruments, to maximize return.
B. The department manager sets a tone of honesty and integrity in all business dealings and this tone is emulated by department personnel.
C. Many department functions were duplicated or verified by other department employees as part of the department's normal procedures.
D. Audit tests designed to verify compliance with control procedures detected a general failure to follow standard procedures for transaction authorization.
Answer: A

Q: 8
To ensure that due professional care has been taken during an audit engagement, an internal auditor should always:
A. Ensure that all financial information related to the engagement is included in the audit plan and examined for irregularities.
B. Document all audit tests completely.
C. Consider the possibility of noncompliance or irregularities at all times during an engagement.
D. Notify the audit committee of any noncompliance or irregularity discovered during an engagement.
Answer: C

Q: 9
When using a risk assessment model to develop audit plans, it is essential that the chief audit executive take into account the:
A. Results of the last audit.
B. Planned visits by the external auditors during the upcoming year.
C. Recent or expected changes in management direction and objectives.
D. Dates of future board meetings.
Answer: C

Q: 10
A bank uses a risk analysis matrix to quantify the relative risk of auditable entities. The analysis involves rating auditable entities on risk factors using a scale of 1 to 10, with 10 representing the greatest risk. A partial list of risk factors and the ratings given to three of the bank's departments is provided below:
Risk Factor
Control structure
Nature of assets in department
Dollar value of assets
Complexity of transactions
Which of the following statements regarding risk in the departments is true?
A. As compared to departments A and C, department B has a stronger control system to compensate for the greater complexity of the department's transactions and dollar value of its assets.
B. The internal audit activity should schedule audits of department B more often than audits of department C because of the relative control strength of department C as compared to department B.
C. The nature of department A's control structure may be justified by the nature of the department's assets and the complexity of its transactions.
D. The relative ranking of the departments in order of their risk, from greatest to least risk, is: A; C; B.
Answer: C

Q: 11
An internal quality assessment of the internal audit activity should provide the chief audit executive with:
A. Recommendations for improvement.
B. Objectives for internal audit engagements.
C. Confirmation of action on past audit recommendations.
D. Appraisals of internal audit staff performance.
Answer: A

Q: 12
In the annual audit of the financial statements of a company with high inherent risk and a very strong control system, the external auditor may be able to allow detection risk to rise because:
A. Audit risk has been reduced.
B. Control risk has been assessed at a lower level.
C. The company's operations are very susceptible to misstatements.
D. Whenever inherent risk is high, control risk is disregarded.
Answer: B

Q: 13
An organization receives the most value from an internal audit activity's enterprise-wide risk assessment when the auditor:
A. Focuses primarily on enterprise-level risks.
B. Considers activities at all levels of the organization.
C. Reviews special projects and new initiatives.
D. Validates supporting financial and operational data.
Answer: B

Q: 14
An organization's external auditor has prepared a list of risks and issues and has recommended to senior management that the internal audit activity focus on these items. Senior management has forwarded the list to the chief audit executive (CAE). The CAE should:
A. Incorporate the external auditor's requirements into the internal audit plan.
B. Ignore the external auditor's requirements because they are outside of the internal audit activity's planned scope of work.
C. Consider the issues raised by the external auditor for possible inclusion in the planned scope of work.
D. Report the risks and issues to the audit committee for possible future attention.
Answer: C

Q: 15
The audit committee has asked the chief audit executive (CAE) to assist in the selection of a new external audit firm. Which of the following is an appropriate action by the CAE?
A. The CAE and two managers from the audit staff review the bids and select one firm to meet with the audit committee for the committee's approval.
B. The CAE develops a formal set of criteria for the audit committee to use in selecting the external auditor.
C. The CAE, chief financial officer, and controller review the bids, interview two firms, and recommend one of the two firms to the audit committee for its approval.
D. The CAE declines to participate in the process because providing this assistance would result in compromising the internal audit activity's objectivity.
Answer: B

Q: 16
An internal audit activity's work schedule should always provide sufficient information to the audit committee to enable it to determine whether the proposed engagements:
A. Support the organization's objectives.
B. Include sufficient fraud awareness.
C. Will likely result in the detection of any major risk exposures.
D. Are likely to detect control deficiencies.
Answer: A

Q: 17
The chief audit executive for an organization has just completed a risk assessment process, identified the areas with the highest risk, and assigned an audit priority to each. Which of the following statements is true and consistent with the International Professional Practices Framework?
Items should be ranked in the order of quantifiable dollar exposure to the organization.
The audit priorities should be in order of major control deficiencies.
The risk assessment, though quantified, is the result of professional judgments about both exposures and probability of occurrences.
A. I only.
B. III only.
C. II and III only.
D. I, II, and III.
Answer: B

Q: 18
What role, if any, should the internal audit activity have in the process of following up on observations and recommendations made by the external auditors?
A. The internal audit activity should have no role in this process in order to ensure independence.
B. The internal audit activity should become involved only if the chief audit executive has sufficient evidence that the follow-up is not occurring.
C. The internal audit activity should review the adequacy and effectiveness of management's follow-up actions.
D. The internal audit activity should become involved only if specifically requested by management or the board of directors.
Answer: C

Q: 19
A company has entered into a $20,000,000 fixed-price contract with a general contractor for the construction of a new retail outlet. For this contract, which of the following would represent the greatest risk?
A. Excessive labor charged to the project.
B. Poor physical protection of materials and equipment.
C. Failure to complete the project within budget.
D. Substitution of inferior materials.
Answer: D

Q: 20
In selecting an instructional strategy for developing internal audit staff, a chief audit executive should first review the:
A. Department's budget constraints.
B. Internal auditors' personal development needs.
C. Content of potential training courses.
D. Organization's objectives.
Answer: D

© 2014, All Rights Reserved