IIA-CIA-Part1 無料問題集「IIA Essentials of Internal Auditing」

（A）An evaluation of the current performance and compensation program.

（B）The performance of background investigations on all existing employees.

（C）The availability of fraud training to all employees.

（D）The availability of an employee whistleblower hotline

（A）The chief financial officer asks for the internal auditor's opinion regarding whether the new accounting pronouncements were properly and comprehensively adopted

（B）Senior management asks the internal audit activity to review compliance with customer data security regulations

（C）An internal auditor is assigned to assess whether a proposed new initiative to convert a customer service system would be cost effective.

（D）Bank internal auditors review an activity checklist to determine that the loan officer followed proper procedures.

（A）The internal audit activity should add value by implementing the recommendations on management's behalf.

（B）The internal audit activity, led by the CAE. should assume responsibility for risk management function.

（C）The CAE should determine which recommendations to implement based on the severity of the associated risks.

（D）The chief audit executive (CAE) must discuss this matter with senior management and the board

（A）A work program for the engagement is not required but may be developed

（B）The nature of consulting services does not have to be in the internal audit charter

（C）The internal audit activity must ensure management actions have been effectively implemented or risk accepted

（D）Risks identified from the engagement must be considered when evaluating the organization's risk management processes

（A）Serves third parties that need reliable financial information from audit engagements

（B）Responds to the needs and desires of senior management and the board, but remains independent of areas under review

（C）Is completely independent of senior management, the board and the area under review

（D）Ensures the organization complies with laws and regulations in the area under review

（A）Leadership.

（B）Documentation.

（C）Reporting.

（D）Analysis.

（A）Human resources employee handbook.

（B）Audit committee charter

（C）Internal audit charter.

（D）Internal audit manual.

（A）The eternal auditor reviewed the audit clients proposed procedures and standards of control and offered suggested improvements at the client's request.

（B）internal auditors accepted limited access to the audit client's systems and records m accordance with the scope of the engagement

（C）The internal auditor used his in-depth knowledge of systems development to assist the audit client m designing a new operational system with robust controls.

（D）The internal auditor performed nonaudit work for the audit client which was communicated to senior management and the board before the engagement was performed and restated in the audit report

（A）Support of good governance and controls.

（B）Provision of professional advisory and assurance services.

（C）Protection of tangible and intangible assets.

（D）Enhancement of organizational value.

（A）The nature of assurances provided to parties outside of the organization typically is not included in the charter.

（B）The chief audit executive must formally review the charter at least once a year

（C）The charter typically defines the internal audit activity's position within the organization.

（D）The nature of consulting services typically is not included in the charter.

（A）Developing professional succession plans.

（B）Acquiring memberships in professional organizations.

（C）Deploying self-assessments against a competency benchmark.

（D）Obtaining subscriptions to professional journals in their area of interest.

（A）Cost and benefit

（B）Impact and likelihood

（C）Inherent and residual risk

（D）Tolerance and appetite

（A）Determining if the objectives of QAIP are current

（B）Planning and supervising engagements

（C）Identifying opportunities for improvement m internal audit's processes and procedures

（D）Evaluating the quality of supervision

（A）Advise management regarding the event and provide recommendations.

（B）Determine the potential impact on the organization.

（C）Interview the employees who may be implicated in the fraud.

（D）Expand audit testing to determine whether fraud actually occurred.

（A）2 and 3 only

（B）1, 2 and 3

（C）1 and 2 only

（D）1 3 and 4

（A）Allow the audit manager to hire the contractor, but state that the individual is not allowed to work on IT security audits for one year.

（B）Not allow the audit manager to hire the contractor, as it would be a conflict of interest

（C）Allow the audit manager to hire the contractor and state that the individual is free to perform IT audits, including security.

（D）Not allow the audit manager to hire the contractor and ask the individual to apply again in one year.

（A）Risk management aids with the establishment of appropriate key performance indicators.

（B）Risk management ensures the ability to eliminate potential hazards to the organization.

（C）Risk management increases employees' commitment and belief in strategic goals.

（D）Risk management includes consideration of potential opportunities for the organization.