IIA-CRMA-ADV 無料問題集「IIA Certification in Risk Management Assurance」

（A）Supporting managers to identify ways to mitigate risks.

（B）Providing assurance that risks are evaluated correctly.

（C）Evaluating risk management processes.

（D）Recommending accountability for risk management.

（A）When an internal auditor continues with an audit engagement, despite the audit client's claims that the work performed is unnecessary and redundant he fails to demonstrate competency.

（B）When an internal auditor limits the scope of the audit engagement after learning that management is hiding relevant information, he demonstrates integrity.

（C）When an internal auditor releases required information to a regulator, resulting in a significant loss through fines and penalties for the organization, he fails to add value.

（D）When an internal auditor disagrees with the treatment received by workers in the organization's foreign subsidiary and alters the audit program to highlight the issue, he fails to demonstrate objectivity.

（A）If an organization does not have a mature privacy framework, the internal audit activity should assist in developing and implementing an appropriate privacy framework.

（B）The internal audit activity should have appropriate knowledge and competence to conduct an asses
.......framework.

（C）Because the audit committee is ultimately responsible for ensuring that appropriate control processes are in place to mitigate risks associated with personal information, the internal audit activity is C. required to conduct privacy assessments.

（D）The internal audit activity may delegate to nonaudit IT specialists the responsibility of determining whether personal information has been secured adequately and data protection controls are sufficient.

（A）2, 3, and 4

（B）2 and 3 only

（C）1, 2, and 3

（D）1 and 4

（A）After determining that the cash function internal controls were strong, the audit report assured senior management that fraud was not present.

（B）The auditor tested samples of transactions to test the cash function's process flows.

（C）The audit report included a well-supported recommendation for a reduction in staff even though such a reduction might adversely impact morale.

（D）The auditor discovered an instance of potential fraud and reported it immediately to management, but did not alert authorities outside the organization.

（A）A detailed audit plan or program for the year.

（B）The job specifications and descriptions of the internal audit staff.

（C）The IAA's right to have unrestricted access to functions, records, personnel, and physical property.

（D）The purpose of the IAA.

（A）According to policy, the internal auditor must obtain approval from the CFO prior to requesting information for internal audit purposes.

（B）An internal auditor, who was an accounts receivable intern for the organization three years prior, performs an audit of the accounts receivable cycle.

（C）An internal auditor reports both functionally and administratively to the chief financial officer (CFO).

（D）An internal auditor performs an audit in a department that is led by the auditor's close friend.

（A）The scope and cost of the QAIP. frequency of internal and external assessments, and conclusions of the assessor.

（B）The scope and frequency of internal and external assessments as well as the qualifications and independence of the assessor.

（C）The number and types of people involved in the assessment, costs, and duration of the QAIP

（D）The scope, findings, risks, recommendations, and agreed-upon improvement actions.

（A）The board approves the annual performance evaluation of the chief audit executive.

（B）The internal auditor reviews the physical access to merchandise during an inventory count.

（C）The audit manager refrains from assigning an auditor who was a former payroll clerk to conduct a payroll audit.

（D）The audit manager conducts an internal quality assessment of the internal audit activity's adherence to the Standards.

（A）When planning assurance and consulting engagements, internal auditors must consider the strategies and objectives of the activity being reviewed.

（B）Both assurance and consulting services generally involve the internal auditor, the area under review, senior management, and the board.

（C）Internal auditors must not provide assurance or consulting services for an activity for which they had responsibility within the previous year.

（D）Internal auditors determine the engagement objectives, scope, and work program for both assurance and consulting services.

（A）Establish and provide continuing assurance on an anti-money laundering program for new hires.

（B）Survey employees for their understanding of anti-money laundering practices.

（C）Assess the risk of being fined for ineffective anti-money laundering practices.

（D）Provide assurance for the effectiveness of anti-money laundering training.

（A）3 and 4.

（B）1 and 2.

（C）1 and 3.

（D）2 and 3.

（A）The CAE utilizes an external third party to make an objective recommendation after each working paper review.

（B）The CAE prepares a memorandum discussing the results of the working paper review.

（C）The CAE initials and dates every working paper after it has been reviewed.

（D）The CAE completes an engagement working paper checklist.