An internal auditor is reviewing employee travel data to identify opportunities to cut costs while ensuring adequate participation at conferences to support the organization's mission. Which of the following pieces of evidence would be sufficient for completing this task?

A. A log from the last year that includes dates of travel, conference titles, and conference objectives, all of which correspond with employee names and costs per trip.

B. A log that includes titles of conferences that all employees were invited to attend in the last year, along with the dates of those conferences and average costs per traveler.

C. A log of conferences titles, dates of travel for each employee, and a detailed summary of conference objectives and how they relate to the organization's mission needs.

D. A log of employee travel requests, which include the title of each conference, the conference objectives, anticipated dates of travel, and estimated costs.

According to IIA guidance, which of the following statements regarding the internal audit charter is true?

A. Senior management should approve the charter before it is submitted to the board.

B. The charter should describe the purpose and authority of the internal audit activity, consistent with the Standards.

C. The charter should define the consulting services that the internal audit activity is permitted to perform.

D. The CEO periodically should assess whether the terms of the charter continue to be adequate.

Which of the following is true regarding the use of a formal risk management framework?

1.

It facilitates a methodical approach to risk mitigation.

2.

It defines and standardizes the terminology used in risk communication.

3.

It establishes the risk tolerance levels to be accommodated in the strategy.

4.

It facilitates the alignment of risk mitigation strategies with management priorities.

A. 1.2, and 3.

B. 1,2, and 4.

C. 1.3, and 4.

D. 2. 3, and 4.

Which of the following would be the most important consideration by the internal audit activity when selecting employees to perform an internal quality assessment?

A. Their understanding of auditing standards.

B. Previous experience working with the internal audit activity.

C. Their reporting line within the organization.

D. The nature of their regular duties and responsibilities.

Which of the following is an example of a risk management avoidance response?

A. Exiting a marketplace.

B. Recalling a product.

C. Obtaining product insurance.

D. Outsourcing production.

According to The IIA's Code of Ethics, which of the following is true?

A. Confidentiality requires that auditors disclose all material facts known to them.

B. Integrity requires that auditors perform internal audit services in accordance with the Standards.

C. Objectivity requires that auditors perform their work with honesty, diligence, and responsibility.

D. Confidentiality requires that auditors be prudent in the use and protection of client information.

Faced with a complex, highly technical construction audit engagement, the chief audit executive (CAE) considered complementing the current internal audit resources by engaging the services of a civil engineer.

Which of the following should the CAE consider in determining whether the engineer possesses the necessary skills to perform the engagement?

1.

Professional certification, license, or other recognition of the engineer's competence in the relevant discipline.

2.

Experience of the engineer in the type of work being considered.

3.

Compensation or other incentives that the engineer may receive.

4.

The extent of other ongoing services that the engineer may be performing for the organization.

A. 1 and 4 only

B. 2 and 3 only

C. 3 and 4 only

D. 1, 2, and 4 only

Which of the following best describes the misdirection of payments on accounts receivable to an employee's bank account?

A. Fraud open on the books.

B. Fraud hidden on the books.

C. Fraud off the books.

D. Fraud on the balance sheet.

Which of the following best describes the details that must be included in the quality assurance and improvement program (QAIP) report to senior management and the board?

A. The scope and frequency of internal and external assessments as well as the qualifications and independence of the assessor.

B. The scope and cost of the QAIP. frequency of internal and external assessments, and conclusions of the assessor.

C. The scope, findings, risks, recommendations, and agreed-upon improvement actions.

D. The number and types of people involved in the assessment, costs, and duration of the QAIP

Which of the following actions should the audit committee take to promote organizational independence for the internal audit activity?

A. Delegate final approval of the risk-based internal audit plan to the chief audit executive (CAE).

B. Approve the annual budget and resource plan for the internal audit activity.

C. Assist the CAE with hiring objective and competent internal audit staff.

D. Encourage the CAE to communicate and coordinate with the external auditor.