Operations Auditing

MIDTERM
Question 1
What are the objectives of benchmarking:
a. maintaining a competitive advantage in the appropriate market;
b. establishing current methods, best practice, and related trends;
c. ensuring the future survival of the organization;
d. maintaining an awareness of customer expectations (and being able to address them);
e. ensuring that the organization has the appropriate approach to quality issues.
Response: all are considered as objectives of benchmarking
Question 2
At this level of audit planning and activity, the internal auditor uses risk assessment where the auditor
may choose to apply risk assessment techniques to the potential universe of possible audit projects
as a means of setting relative priorities and thus determine those higher risk audit projects for
inclusion into the annual audit plan.
Response: Tactical or planning level
Question 3
Which of the following are the primary components in order to establish a performance
measurement? [Select three (3) from the choices to get 1 full point for this question.]
Response: goals/objectives
Response: key performance indicators
Response: standard level of measurement
Question 4
One of the advantages of subdividing the audit universe using the functional or departmental
approach is that the area under review is clearly bounded and the focus of the audit review is on the
specific area of interest. Therefore, the interrelationship in terms of functions and process interfaces
between the subject of the review with other departments or units will not be an important factor to be
considered so that audit results can be confined to the specific review required.
Response: False
Question 5
Self-assessment for controls within the department may be undertaken through the following
EXCEPT
Response: Guidance and directives from management
Question 6
What is the PRIMARY and ULTIMATE reason why there is a need for the measurement of
productivity and performance?
Response: to determine the responsiveness and compliance to the set goals and objectives whether
at the individual, unit or corporate level
Question 7
According to the Institute of Internal Auditors, “Proficiency” is described as internal auditors or the
audit team who must possess the following needed to perform their responsibilities either as an
individual or as a group.
Response: knowledge, skills, and other competencies
Question 8
How does the SAPG help the internal auditor? [Select the two (2) correct answers from the choices
below to get one (1) full point.]
Response: helps the internal auditor to consider their effectiveness, and dependent upon that
interpretation, record the nature and results of any audit testing applied,
Response: guides the internal auditor determining whether the situation needs to be reported to
management
Question 9
This term used in audit in general implies the preparation and retention within an organization for an
adequate period, in a reasonably accessible form, and in enough detail to satisfy the auditors, of
records which allow each detailed element of any transaction to be tracked from its source through
each intermediate stage to its final disposition (or dispositions); and vice versa.
Response: Audit trail
Question 10
The use of risk assessment is a major factor in identifying audit activities because, with audit
resources under pressure, it is important that auditing efforts are concentrated on the highly risky,
poorly controlled aspects where management action may be required.
Response: True
Question 11
What could be a secondary process that can be assigned to a function that involves handling and
monitoring of Accounts Receivable?
Response: All of the above
Question 12
All of the following are important uses of the performance measurement methods EXCEPT
Response: It cannot be used as a valid basis in investigations where management’s lack of response
to an adverse measurement.
Question 13
What is the role of the internal auditor in situations when behavioral reasons affect the operations
audit review?
Question 14
This approach (in subdividing the audit universe) of defining audit reviews is described as “Each unit
in the organizational structure is considered as a separate functional unit apart from the other units!”
Response: functional or departmental approach
Question 15
In both the management and audit assessment of matters of value for money, the usual approach is
to make comparisons with a range of options or possible solutions to the principal problem including
measurement methods which must be discussed and agreed upon with the management.
Response: False
Score: 0 out of 1 No
Question 16
Generally, internal audit activities will involve all of the following EXCEPT
Response: financial reporting
Question 17
What are the five (5) identified consequential processes involved in the transformation or conversion
of input to output? [Select five (5) correct answers from the choices to get two (2) full point for this
question.]
Response: planning
Response: organizing
Response: controlling
Response: leading
Response: staffing
Question 18
_____ _____ is a way that can be applied in evaluating business processes particularly in identifying
whether there is any initial potential for improvement, and then subsequently used to monitor that the
required levels of performance are maintained.
Response: measurement
Response: method
Question 19
What are the four (4) main considerations that affect efficiency? [Select the four (4) correct
considerations from among the choices to get two (2) full points.]
Response: quality of raw materials
Response: quality of labor
Response: design of the processes
Response: quality of technology
Question 20
The following are approaches that can be used by the internal auditor as a guide to establishing
levels of standards from which performance may be measured:
a. benchmarking against other organizations for indications as to whether we are
“economic enough”, “efficient enough” and “effective enough”
b. determining the competitive advantage of the business
c. comparing with other parts of our organization
d. measuring and interpreting trends over time
e. undertaking an environmental scanning through a SWOT analysis
f. aiming for continuous improvement
[Select four (4) correct answers to get two (2) full points]
Response: a, c, d and f only
Response: a, b, c and d only
Response: a, b, d and e only
Score: 0.25 out of 1
Question 21
What is this aspect of the broad definition of operations audit that refers to the assurance that
accounts properly reflect the financial facts as referenced to the conceptual framework of accounting
i.e. faithful representation (fair presentation), relevance, and understanding?
Response: Financial
Question 22
SAPG documents offer an ideal basis for control self-assessment where auditing is done in a self-
audit context where management, together with their staff, consider in quite a formalized through
participative way in identifying the risks of not achieving their objectives now and into the future, and
whether internal control is equal to the task of giving reasonable assurance of achievement of
objectives.
Response: The statement pertains to the importance of SAPG in undertaking the Control Self
Assessment.
Question 23
_____ is one of the E's of auditing that is measured by the ratio of actual outputs against planned
outputs (i.e. planned objectives).
Response: effectiveness
Question 24
_____ refers to one of the approaches to operational audit where internal auditors are looking for
opportunities for improvements (in business processes) and this can be indicated by a performance
measurement that pertains to the ratio between planned inputs and actual inputs in terms of unit
costs of a given quality.
Response: economy
Question 25
In the context of benchmarking, competitive advantage is best described as
Response: the ability and/or attributes of the business entity in ensuring that its position as a market
or industry leader is maintained
Question 26
The performance measurement methods to be used must always be based on
Response: accurate and reliable data and a proven method.
Question 27
"Control is likely to be weaker between sections or organizational units than within a functional unit
for BEHAVIORAL REASONS." These behavioral reasons are evident in the following situations
EXCEPT
Response: Loyalty is never an important factor because it can be compromised based on the
individual benefits that can be derived.
Question 28
What is the most appropriate key performance indicator to measure the efficiency of a machine or
equipment?
Response: number of machine(s) operated
Question 29
The business entity is not required to establish realistic measurement standards and methods
because internal controls are already in place and it is the responsibility of the internal auditor to
determine if there is compliance or non-compliance to such internal controls.
Response: False
Question 30
In order to ensure that goals and objectives are achieved either at the individual, unit, or corporate
level, the measurement standard must be set at the LEAST MINIMUM ACHIEVABLE result.
Response: False
Question 31
Which of the following best describes the general pattern by which a business process or a process,
in general, is designed and established?
Response: Establish goals, determine the steps or activities, identify the process owners and assign
the responsibilities and accountabilities..
Question 32
One of the following is NOT a description of a business process:
Response: A chain of unrelated activities but interfaces with other processes.
Question 33
This is one of the approaches in establishing levels of performance measurements by comparing
one’s own performance in a specific area with that applied by others in compatible circumstances or
similar situations.
Response: Benchmarking
Question 34
_____ is a suggested internal audit tool that can be utilized to determine the approach and degree or
scale of operations audit to be applied for each specific function, activity, or system specifically on the
interfaces across different operating segments or business units. (Either an acronym or spelled out
acronym will be accepted as correct answer. The answer must follow the correct order.)
Response: SAPG
Question 35
Audit findings should ONLY be provided in writing EXCLUSIVELY and in confidentiality to the HEAD
of the concerned unit being subjected to audit review.
Response: False
Question 36
In a business process approach of subdividing audit universe, the specific activities are identified to a
function that is performed by the
Response: internal auditor.
Question 37
This refers to a process, method, or tool by which a specific department(s) examines and identifies
factors to improve the existing internal controls and/or implements new internal controls to mitigate
risks associated with a process or function.
Response: Control self assessment
Question 38
What is the primary process if the function involves the handling of petty cash and expenses related
to it.
Response: Expenditure process
Question 39
What is the most appropriate key performance indicator for a sales agent?
Response: amount of sales generated
Question 40
_____ _____ refers to a group of representatives from specific groups or units within the organization
who are competent and trained to be group coordinators and who are tasked with ensuring that
cohesive workgroups are maintained between the related and inter-related units or departments of an
organization. This group is created to respond to one of the "behavioral reasons" for weaknesses in
compliance with internal controls specifically relating to interfaces.
Response: Linking
Response: Pin
Question 41
This term refers to the way the organization is structured in terms of unit levels of offices as well as
position titles.
Response: organizational chart
Question 42
The purpose of the SAPG is
Response: all of the above
Question 43
In the context of management, operations, in general, involve these three (3) important and primary
components that are also used as the main guidance for undertaking internal audit reviews? [Select
the three (3) correct answers to give 1 full point for this question.]
Response: input
Response: process
Response: output
Question 44
It is necessary to understand fully the existing processes, systems, and activities as a firm basis for
subsequent comparison with external points of reference (such as industry or professional standards
or even competition) in order to maximize the benefit from the benchmarking exercise.
Response: True
Question 45
The critical contents of the proposed SAPG are a number of issues related to the following that is
relevant to the specific system:
Response: Management and Audit Objectives
Question 46
A broad definition of operations audit is that it is an independent, objective assurance and consulting
activity designed to add value and improve an organization’s operations by helping it in accomplishing
the corporate as well as unit goals and objectives through a systematic, disciplined approach to
evaluate and improve the effectiveness of risk management, control, and governance processes.
Response: False
Question 47
Using the SAPG format, management and administration as a function would involve the following
business processes EXCEPT:
Response: None of the above
Question 48
Many opportunities for improvement lie at the points of ______________ between that part of the
business and other parts of the business and systems or departments where controls are critical with
which there needs to be effective coordination.
Response: audit findings
Question 49
It is described as “a series of ‘cradle to grave’ processes or cycles, where a CHAIN OF
INTERRELATED EVENTS or activities is plotted from the origin to the conclusion.”
Response: Business operations
Question 50
In internal auditing, this is the general term used in referring to the wide, vast, and broad spectrum of
processes, functions, and systems from which the subject of the audit engagement will be selected,
planned, and carried out.
Response: Audit universe
Question 51
The following are options that the Chief Audit Executive can take when the internal auditors lack the
required proficiency.
Question 52
The internal auditor uses the risk assessment of identifying audit activities at this LEVEL where the
risk linked to an evaluation of control effectiveness will direct the focus of the auditor’s attention on
aspects of the subject under review which are more deserving of his or her attention.
Response: Operational level (during audit project field work)
Question 1
_____ _____ Involves, in general, the review of the efficiency, effectiveness, and economy of the
different controls established for each step of the business process(es) that require interfaces within
and among the different segments/units across the organization. [The answer to this question
requires two (2) correctly spelled words and in proper order.]
Response: operations
Response: audit
Question 2
One of the following is not a description of a business process:
Response: A chain of unrelated activities but interfaces with other processes.
Question 3
This is one of the approaches in establishing levels of performance measurements by comparing
one’s own performance in a specific area with that applied by others in compatible circumstances or
similar situations.
Response: Benchmarking
Question 4
Audit findings should only be given exclusively and in confidentiality to the head of the concerned
unit being subjected to audit review.
Response: True
Question 5
All of the following are important uses of the performance measurement methods except
Response: It cannot be used as a valid basis in investigations where management’s lack of response
to an adverse measurement.
Question 6
Benchmarking is more commonly used to determine the business entity's competitive position in the
market or industry rather than enabling the company to take a view of the need for change or review
of their own organization’s approach to internal auditing in light of the survey data.
Response: False
Question 7
What are the three (3) important primary components of operations in the context of management?
[Select the three (3) correct answers to give 1 full point for this question.]
Response: input
Response: process
Response: output
Question 8
In order to ensure that goals and objectives are achieved, the measurement standard must be set at
the least minimum achievable result.
Response: false
Question 9
_____ is a suggested internal audit tool that can be utilized to determine the approach and degree or
scale of operations audit to be applied for each specific function, activity, or system specifically on the
interfaces across different operating segments or business units. (Either an acronym or spelled out
acronym will be accepted as correct answer. The answer must follow the correct order.)
Response: SAPG
Question 10
The broad definition of operations audit covers this aspect which involves the assurance that
accounts properly reflect the financial facts which are based on the conceptual framework of
accounting i.e. faithful representation (fair presentation), relevance, and understanding.
Response: Internal Control
Question 11
Which of the following are the limiting factors for undertaking a broad coverage of operations audit:
1. culture of the organization
2. ability of an enterprise to afford so broad an audit,
3. the difficulty of obtaining people who can do a broad type of audit,
4. lack of management guidance
5. the very practical consideration that individuals may not like to be reported upon
Response: 2, 3 and 5 only
Score: 1 out of 1 Yes
Question 12
_____ refers to one of the E's of auditing pertaining to the ratio between planned inputs and actual
inputs in terms of unit costs of a given quality.
Response: Economy
Question 13
This refers to the wide, vast, and broad spectrum of processes, functions, and systems from which
the subject of the audit engagement will be selected and planned.
Response: Business processes
Question 14
According to the Institute of Internal Auditors, “Proficiency” is described as internal auditors or the
audit team who must possess the following needed to perform their responsibilities either as an
individual or as a group.
Response: knowledge, skills, and other competencies
Question 15
In order to establish a performance measurement, the following are the primary considerations:
[Select three (3) from the choices to get 1 full point for this question.]
Response: cost of actual input in comparison with planned input
Response: ratio of actual input to actual output
Response: ration of actual output to planned output
Question 16
This person is responsible for all internal audit engagements, whether performed by or for the
internal audit activity, and all significant professional judgements made throughout the engagement.
Response: Chief Audit Executive
Question 17
What is the primary and ultimate reason why there is a need for the measurement of productivity and
performance?
Response: to establish a more meaningful and realistic goals and objectives
Question 18
There are four (4) main considerations that affect efficiency. [Select the four (4) correct
considerations from among the choices to get two (2) full points.]
Response: quality of raw materials
Response: quality of labor
Response: design of the processes
Response: quality of technology
Question 19
In strategic management, the measurement of performance in relation to the three (3) E's is called
_____.
Response: Auditing
Question 20
One indicator that can be used by the internal auditor or internal audit team to determine that there is
compliance or non-compliance to set standards and/or internal controls is
Response: score cards or performance measurements
Question 21
_____ _____ _____ auditing refers to the benefit that arises when the internal audit activity provides
an objective and relevant assurance and contributes to the effectiveness and efficiency of
governance, risk management, and control processes. (The 3 words required to answer this question
must be in stated in the correct order.)
Response: Value
Response: for
Response: Money
Question 22
Adopting suitable means to ensure that the audit responsibility is met means designing policies and
procedures to
[Select three (3) correct answers from the choices to get one (1) full point for this question.]
Response: minimize the risk that internal auditors or others performing work for the internal audit
activity make professional judgements or take other actions that are inconsistent with the CAE’s
professional judgement such that the engagement is impacted adversely.
Response: resolve differences in professional judgement between the CAE and internal audit staff
over significant issues relating to the engagement.
Response: referral of the issue to those individuals in the organization having responsibility over
ethical matters
Question 23
The following factors are important considerations to ensure continuity DURING the process of
converting or transforming the input to output EXCEPT
Response: communications are open
Question 24
What is best description of competitive advantage from the following?
Response: Refers to the ability and/or attributes of the business entity in maintaining its position as a
market or industry leader
Question 25
Generally, internal audit activities will involve all of the following except
Response: establishment of management and audit objectives
Question 26
How should a business process or a process in general be set-up?
Response: Identify the process owners, require the process owners to define the activities being
undertaken and establish the goals.
Question 27
What is that activity that the internal auditor or the internal audit team may undertake to determine
the reasons for any finding specifically on non-compliance to internal controls from which
recommendations will be expected by management?
Response: audit findings
Question 28
A broad definition of operations audit is that it is an independent, objective assurance and consulting
activity designed to add value and improve an organization’s operations by helping it in accomplishing
the corporate as well as unit goals and objectives through a systematic, disciplined approach to
evaluate and improve the effectiveness of risk management, control, and governance processes.
Response: False
Question 29
What is the most appropriate key performance indicator to measure the efficiency of a machine or
equipment?
Response: electrical consumption per machine
Question 30
This term refers to the way the organization is structured in terms of unit levels of offices as well as
position titles.
Response: organizational chart
Question 31
What could be a secondary process that can be assigned to a function that involves handling and
monitoring of Accounts Receivable?
Question 32
Including in the audit team a technical expert from within the business organization is a violation of
internal audit procedures.
Response: False
Question 33
What is the primary process if the function involves the handling of petty cash and expenses related
to it.
Response: Expenditure process
Question 34
What are the five (5) identified consequential processes involved in the transformation or conversion
of input to output? [Select five (5) correct answers from the choices to get one (1) full point for this
question.]
Response: planning
Response: organizing
Response: controlling
Response: leading
Response: staffing
Question 35
This term refers to the different standards that have been set up within and across functions,
processes and/or units of the organization and that must be complied with and from which
measurement will be undertaken to establish a level of assurance that goals and objectives are
achieved.
Response: management objectives
Question 36
Efficiency is measured by deriving the ratio of the usable _____ to the actual _____ input into the
conversion process.
Response: output
Response: resources
Question 37
_____ is one of the E's of auditing that is measured by the ratio of actual outputs against planned
outputs (i.e. planned objectives).
Response: Effectiveness
Question 38
What is the most appropriate key performance indicator for a sales agent?
Response: number of customers visited
Question 39
_____ is one of the E's of auditing that relates to the conversion process of turning the actual inputs
available into actual outputs.
Response: efficiency
Question 40
What is the primary business process that is consistent with the main function involving the handling
of General Ledger and Management Accounts?
Response: Financial reporting process
Question 41
The business entity does not need to establish realistic measurement standards and methods
because internal controls are already in place and it is the responsibility of the internal auditor to
determine if there is compliance or non-compliance to such internal controls.
Response: False
Question 42
The performance measurement methods to be used must always be based on
Response: accurate and reliable data and a proven method.
Question 43
What are the objectives of benchmarking:
a. maintaining a competitive advantage in the appropriate market;
b. establishing current methods, best practice, and related trends;
c. ensuring the future survival of the organization;
d. maintaining an awareness of customer expectations (and being able to address them);
e. ensuring that the organization has the appropriate approach to quality issues.
Response: all are considered as objectives of benchmarking
Question 44
The following are options that the Chief Audit Executive can take when the internal auditors lack the
required proficiency.
Response: The chief audit executive may suspend or initially decline the consulting engagement or
obtain competent advice and assistance if the internal auditors lack the knowledge, skills, or other
competencies needed to perform all or part of the engagement.
Question 45
How can you establish reasonable levels of targets or planned goals?
Response: all of the above
Question 46
The most applicable key performance indicator that may be used to measure the performance of an
aircon technician is
Response: number of customers served per day
Question 47
In order to fully benefit from the benchmarking exercise, it is necessary to understand fully the
existing processes, systems, and activities as a firm basis for subsequent comparison with external
points of reference (such as industry or professional standards).
Response: False
Question 48
_____ is another E in auditing that refers to the avoidance of discrimination and unfairness;
acceptance and promotion of diversity.
Response: Equity
FINAL EXAM
Question 1
Which of the following would not increase the risks of material misstatement at the overall financial
statement level?
Correct answer: effective oversight by the board of directors
Question 2
Match the performance measures with the corresponding key performance indicator.
Response: Economy Performance Measures => Cleaning costs per hour worked
Response: Efficiency Performance Measures => Accidents at work per 1000 personnel
Response: Effectiveness Performance Measures => Ratio of customer complaints to sales
Question 3
The purpose of s. 302 and s. 404 compliance work is to assess the reliability of ﬁnancial and other
information that is published.
Correct answer: True
Question 4
Evaluate: If the staff is poorly trained, incompetent, poorly motivated, or poorly supervised, it will be
likely that the ratio of usable outputs to the actual resources input into the conversion process will be
unsatisfactory.
This situation is an illustration of what "E" _____ that will have to be established by the internal
auditor in his/her audit of the business process.
Response: efficiency
Question 5
The difference between compliance testing and substantive testing is that
Correct answer: Compliance testing checks for the presence of controls while substantive testing
checks the integrity of contents.
Question 6
_____ refers to an "E" that responds to one of the objectives of auditing business processes that can
be best considered in terms of the ratio between what we planned to spend on each unit of resource
of a given quality, and what we actually spent.
Response: Economy
Question 7
As referenced on Standard 2120.A1 on Risk Management and Standard 2130.A1 on Control, the
internal audit activity must evaluate these aspects based on the:
a. Reliability and integrity of financial and operational information
b. Effectiveness and efficiency of operations
c. Safeguarding of assets
d. Compliance with laws, regulations, and contracts.
.Correct answer: all from a to d
Question 8
The following are some of the hallmarks of a sound business process EXCEPT:
.Correct answer: none of the above
Question 9
One of the control objectives is to ensure that management conveys the message that integrity,
ethical values
and commitment to competence cannot be compromised, and that employees
receive and understand that message.
.Correct answer: True
Question 10
What primary aspects of the organizational objectives cover the application of internal controls as
defined in accounting and auditing? (This question requires 3 correct answers to get 1 full point)
Response: operational effectiveness and efficiency
Response: reliable financial reporting
Response: compliance with laws, regulations and policies
Question 11
CSA may also be an effective approach to follow to review the quality of control in highly technical
areas of the business that the internal audit activity lacks the competence to understand adequately.
Question 12
"The interaction of the input of data from a source system (outside of the department) is processed in
some way so that some form of enhanced or amended data is then generated as an output for the
next department to process as input until the activities reached its final phase or end of the line." This
scenario illustrates or describes simply
Correct answer: a business process
Question 13
The driving objectives of JIT are to eliminate wasteful or non-value-added activities, and by doing so
achieve improvements such as (This question requires 4 correct answers to get a full 1 point)
Response: increased quality
Response: improved productivity
Response: reduced costs
Response: reduced working- progress stock levels
Question 14
“Internal auditors must possess the knowledge, skills, and other competencies needed to perform
their individual responsibilities. The internal audit activity collectively must possess or
obtain the knowledge, skills, and other competencies needed to perform its responsibilities.”
The above describes one of the internal auditor's qualifications which is
Correct answer: Proficiency
Question 15
Business process re-engineering is a strategically driven program of change that DOES NOT affect
the organization's structure.
Correct answer: False
Question 16
Fraud is an unintentional, act for gain with concealment.
Question 17
The key factor in deciding whether consulting services are compatible with the assurance role is to
determine whether the internal auditor is assuming any management responsibility.
Question 18
When approaching the review of operational areas of the organization, it is not required that the
auditor has an accurate appreciation of the related key issues as these have to be resolved by the
management which is beyond the internal auditor's scope of work.
Question 19
Risk management has limitations. When an organization's risk management policies are
underdeveloped and lack the history to make accurate evaluations, the risk management strategy is
said to be
Correct answer: immature
Question 20
TQM is normally a strategically driven programme of change which concurrently affects the
organization’s structure, human resources, systems and processes.
Question 21
Evaluate the following and identify to which specific aspect of the organization do these general
features pertain to?
• the extent to which subordinates are doing similar jobs;
• the extent to which subordinates need to be monitored and helped;
• the degree to which the supervisory task is streamlined by techniques such as IT-based
reporting by exception;
• the extent to which the manager has fundamental work to complete which does not
involve supervising others;
• the extent to which the manager invests time reporting upwards;
• the extent to which the manager expends time liaising with collateral associates within
the business;
• the extent to which the manager has a communication role external to the business such
as with the media and customers;
• the degrees of personal assistance the manager has in performing his or her duties.
Correct answer: span of control
Question 22
The scope of operational auditing covers the audit of the operating units that includes
a. financial and administrative controls
b. governance processes
c. internal control and risk management
d. business process reengineering
Correct answer: all of the above
Question 23
The results of the control self assessment process can be used by internal audit once the head of the
internal auditing unit is satisﬁed that the quality of the control self assessment work means that it can
be relied upon.
Question 24
_____ _____ _____ is a MANAGEMENT PHILOSOPHY embracing all the activities involving
satisfaction through which the needs and expectations of the customer, the community, and the
objectives of the organization are satisfied.
Correct answer: Total, Quality, Management
Question 25
The CSA process should be forward-looking; recognizing and accepting the need to improve control
processes as a FAILING factor, rather than negative reactions to past oversights.
Question 26
________ risk represents the auditor's assessment of the susceptibility of an assertion to material
misstatement, before considering the effectiveness of the client's internal controls.
Correct answer: Inherent
Question 27
The control Procedure "credit sales approved by credit department" is directed toward which
assertion?
Correct answer: Valuation/Accuracy
Question 28
What is the step in the risk management process where after identifying the specific type of risk, the
company then determines the odds of them occurring, as well as their consequences in order to
further understand each specific instance of risk, and how it could influence the company's projects
and objectives?
Correct answer: risk analysis
Question 29
This is one of the reasons for weaknesses in internal controls which is behavioral in nature. The
workgroup that someone belongs to is usually important to that individual where the staff tends to
identify with their immediate workgroup more strongly than they identify with other groups or with the
organization as a whole.
Correct answer: Intra-group loyalty
Question 30
The difference between the JIT and the traditional manufacturing system is that the JIT
manufacturing system
Correct answer: considers the required quality criteria are met at the conclusion of each discrete
production stage of the assembly line
Question 31
Smith, CPA has requested permission to communicate with the predecessor auditor in order to
review certain workpapers for high risk accounts for a new audit client. The new audit client's refusal
to allow this communication to occur would impact Rodgers decision concerning:
.Correct answer: the desirability of accepting the prospective engagement.
Question 32
This is one of Herzberg’s bipolar analysis where a factor that affects job satisfaction has something
to do with the surroundings of the job (such as good working conditions, pleasant colleagues to work
with, easy travel to work, etc.)
Correct answer: hygiene factor
Question 33
Evaluate the following questions and determine what particular process of the organization or
business entity do the answers to these questions be responsive to?
1. What can go wrong considering both the workplace as a whole and individual work?
2. How will it affect the organization considering the probability of the event and whether it will have a
large or small impact?
3. What can be done and the steps that can be taken to prevent the loss or to recover the loss should
it occur?
4. If something happens, how will the organization pay for it?
Correct answer: Risk Management Strategies
Question 34
Evaluate the questions below and identify to which control objectives do the answers to these
questions correspond to?
1. Have the organization’s objectives been mapped to the organization’s mission statement, and is
there a close fit?
2. Is the mission, and are the objectives, of the organization clearly communicated from the top
downwards, and is there commitment at all levels to deliver on both?
3. Is there a formal process of risk management (identification, assessment and response)?
.Correct answer: Risk Management Process
Question 35
These refer to the different factors or elements that organizations are likely to have in place so as to,
among other things, assess the achievement of their objectives and goals, assess their progress, and
compare relative performance (for example, over time).
Correct answer: Key performance measures
Question 36
Who needs to demonstrate commitment to the CSA process and encourage line management to
buy-in to the fact that internal controls can support the achievement of corporate goals?
Correct answer: Senior Management
Question 37
Evaluate the functions of the internal auditor below and identify which specific type of internal audit
function do these pertain to?
1. Making available to management tools and techniques used by internal auditing to analyze risks
and controls;
2. Being a champion for introducing risk management into the organization, leveraging its expertise in
risk management and control, and its overall knowledge of the organization
3. Providing advice, facilitating workshops, coaching the organization on risk and control, and
promoting the development of a common language, framework, and understanding
4. Acting as the central point for coordinating, monitoring, and reporting on risks
5. Supporting managers as they work to identify the best way to mitigate a risk
.Correct answer: Consulting services
Question 38
Which of the following is not a role of internal audit
Correct answer: Report the results of their assurance review to lower level management
Question 39
_____ can be defined simply as a comparison of one’s own performance in a specific area with that
applied by others in compatible circumstances. As a technique, it is founded on the premise that there
may be viable alternative ways or best practices of performing a process and fulfilling a requirement.
Response: benchmarking
Question 40
The more major the change within a business, the greater the risk to effective internal control.
Question 41
Business operations often include elements that are highly technical and which are essential if
operational objectives are to be achieved. Where there is an inadequate balance between the
technical complexity of the operation to be audited and the available, relevant technical competence
of the in-house internal auditors, a number of options are available to the chief audit executive such
as:
a. to decline to include the operation within the future audit plan
b. to approach the engagement with a limited scope so as to skirt round the challenging technical
aspects of the operation
c. to adjust the competencies of the internal audit function so that all the principal technical disciplines
which are core to the operations of the business are represented within the audit team.
d. to outsource temporarily the technical expertise to work alongside in-house internal auditors so as
to build their competence to perform audits in particular technical areas
Correct answer: a, b, c and d
Question 42
According to Standards 1210.A1 and 1210.C110, the management must decline the consulting
engagement or obtain competent advice and assistance if the internal auditors lack the knowledge,
skills, or other competencies needed to perform all or part of the engagement.”
Question 43
One of the primary functions of the internal audit is to provide objective and independent _____ that
corporate goals and objectives are achieved effectively, efficiently, and economically through
governance, internal control, and risk management processes among others.
Correct answer: assurance
Question 44
The Institute of Internal Auditors describes this term where the business entity benefits from the
internal auditing engagement by improving opportunities to achieve organizational objectives,
identifying operational improvement, and/or reducing risk exposure through both assurance and
consulting services. This also refers to a style of operational auditing that makes extensive use of key
performance indicators to explore the cost of achieving standards of efficiency and effectiveness and
whether these costs represent good value
Correct answer: Value for money auditing
Question 45
It is a way of managing to improve the effectiveness, flexibility and competitiveness of a business as
a whole.
Correct answer: Total Quality Management
Question 46
The dimension of a risk that pertains to the extent (size or materiality and significance) of the risk is
called
Correct answer: inherent risk
Question 47
The principal objective(s) of benchmarking include(s):
a. maintaining a competitive advantage in the appropriate market
b. establishing current methods, best practices, and related trends
c. ensuring the future survival of the organization
d. maintaining an awareness of customer expectations (and being able to
address them)
e. ensuring that the organization has the appropriate approach to quality issues
Correct answer: all of the enumerations
Question 48
Evaluate the questions enumerated below and determine to which process do these control
objectives applied to?
1. Does the evidence indicate that the organization has high ethical standards?
2, Are ethical standards and values consistent across the organization?
3 Are ethical policies and codes of conduct complete, appropriate, and applied?
Correct answer: Governance Process
Question 49
Control can be effective if the controls that are in place are being applied effectively.
Question 50
The SEC encouraged companies to examine and select a framework that may be useful in their own
circumstances.
Question 51
. In a review of the internal environment, we may classify fraud such as management fraud,
employee fraud, outside fraud, collusive fraud.
Question 52
Auditors should only adopt the prevailing measurement criteria established by management in terms
of performance measurements so that common and compatible language are used when
communicating results and points of concern.
Question 53
This refers to the different areas across the operational units of the organization as well as functions
that can be further broken down into constituent systems or activities to form as the potential source
of audit projects..
Correct answer: Audit universe
Question 54
This refers to a tool that is suggested in handling operational audits. It is a practical method of
documenting all the elements of an operational audit review in a form that resembles the traditional
internal control questionnaire (ICQ)
Correct answer: Standard Audit Programme Guides (SAPGs)
Question 55
Why are audit objectives important to be established at the very onset during the planning stage of
the audit engagement? (Select 3 correct answers to get a full point for this question.)
Correct answer: They specify the particular focus that the auditors will have during the audit
engagement. ,
These will potentially add value in assisting management to achieve one or more of their objectives. ,
To ensure that no time should be expended during the audit engagement on issues which are
immaterial to the achievement of management’s objectives.
Question 56
Director fee supplements may be paid for belonging to the audit committee and for chairing it, but no
consulting fees or performance-related remuneration is permitted.
Question 57
This refers to the interrelationship of one process, function, activity, or a component of a system in an
automated environment, with another process, function, activity, or a system in an integrated
operation whether direct or indirect which normally is interlocking or interrelated in nature. More often,
this is where the weakness(es) of internal control is discovered during audit reviews.
Correct answer: interfaces or interaction
Question 58
Questions the auditor should ask management and staff in regard to errors are EXCEPT one:
Correct answer: What do management and staff do if they find an error?
Question 1
In the context of a business operation, risk is a reality that will always happen.
Question 2
This step in the risk management process refers to the specific identification of the threat that may
negatively influence a specific company process or project or the business operations in general.
Correct answer: Risk identification
Question 3
Risk management, in general, involves the following primary functions: (Requires 3 correct answers
to get 1 full point.)
Response: identifying threats
Response: controlling threats
Response: assessing threats
Question 4
Threats, or risks, could stem from a wide variety of sources as follows except
Correct answer: none of the above
Question 5
In the context of internal control, an intentional, malicious, and/or deceitful act for personal gain may
be committed by
.Correct answer: all of the above
Question 6
This is an approach in risk management where the risk management strategy is designed to deflect
as many threats as possible in order to avoid the costly and disruptive consequences of a damaging
event.
Correct answer: Risk avoidance
Question 7
It is another risk management tool used in documenting risks, and actions to manage each risk.
Correct answer: Risk registry
Question 8
_____ refers to the process by which the stewardship of authorities, their responsibilities, and
accountabilities in decision making as well as ensuring that people (employees) & their respective
functions are managed and applicable laws, rules & regulations are complied with towards the
achievement of corporate goals and objectives.
.Correct answer: Governance
Question 9
Who should be primarily responsible for ensuring that the whole internal control system of the
company is established?
.Correct answer: Top Management
Question 10
Risk management is a fundamental element of corporate governance.
Question 11
This governance strategy refers to the complex of formal and informal institutions, mechanisms,
relationships, and processes between and among states, markets, citizens, and organizations, both
inter- and non-governmental, through which collective interests on the global plane are articulated,
right and obligations are established, and differences are mediated.
Correct answer: Global governance
Question 12
The following are important elements of an internal control program that may be adopted by the audit
committee to ensure that internal controls are effective EXCEPT
Correct answer: Ensure that internal controls have been established and all critical areas that need it
must be specifically identified
Question 13
It is a risk evaluation tool used as an inter-industry safety standard where “probability” and “severity”
of a safety risk is quantified as to the scope of a real or hypothetical safety scenario.
Correct answer: Risk matrix
Question 14
The lower level unit staff (front liners) must not participate in the preparation of the internal control
system of the business entity because they may contribute controls that will circumvent compliance
through fraud.
.Correct answer: False
Question 15
This step in the risk management strategy process refers to following up on both the risks and the
overall plan to continuously track new and existing risks while the overall risk management process
should also be reviewed and updated accordingly.
Correct answer: Risk monitoring
Question 16
The following are the reasons why there is a need for business process reengineering EXCEPT
increasing cost burdens squeezing profit margins;
•;
• inefficient usage of resources possibly linked to funding limitations;
• poor productivity and efficiency levels when compared to industry norms;
• the need to maintain or improve customer loyalty
Correct answer: All of the above are reasons for undertaking business process reenginnering.
Question 17
_____ _____ refers to the process by which the management ensures that every activity, function,
and/or process in the operations of the company are designed with the corresponding checks, guides,
or standards that must be complied with to ensure the achievement of the corporate goals and
objectives efficiently, effectively and economically.
Correct answer: Internal, Control
Question 18
This step in the risk management process refers to identifying the circumstances, events, or
elements of the business operations or systems from which a threat or uncertainty may emanate
from.
.Correct answer: Establish the context
Question 19
_____ _____ refers to the foundation from which all of the factors and components of internal
controls must be based, identified, and consequently established therefore giving the business entity
a structured internal control system.
.Correct answer: Control, Environment
Question 20
This step in the risk management strategy process refers to the decision to be made by the
management on whether the risk is acceptable and whether the company is willing to take it on based
on its risk appetite.
Correct answer: Risk assessment and evaluation
Question 21
_____ _____ refers to the process by which the strategies are formulated to ensure that any
identified threats or uncertainties are managed to prevent, mitigate if not eliminate the negative
impact to the operations and financial aspect of the business entity.
Response: risk
Response: management
Question 22
_____ refers to an intentional, malicious, and/or deceitful act for gain with concealment by the one
committing the act.
Correct answer: Fraud
Question 23
_____ and _____ are expected when an internal auditor is providing an assurance that risk
management strategies are efficient and effective in mitigating the negative effects of risks.
Correct answer: Independence, Objectivity
Question 24
Match the governance model with the correct description. Each correct match is equivalent to 1
point.
Response: Advisory Board => The board is usually composed of industry luminaries who are able to
provide highly professional skills and a vast network of connections. The organization benefits
massively from their skills and connections, leveraging them to boost credibility, fundraising, and
advertising.
Response: Cooperative Board => The board is one where all members make consensual decisions
as equals. A democratic governance model, only acting on decisions that have passed proper voting
procedures and requiring every member to be committed to the organization’s mission.
Response: Management Team => This governance model attempts to replicate the different function
units in the organization through the creation of committees, each responsible for HR, fundraising,
event planning, marketing, any area that needs overseeing.
Response: Policy Board => The board and CEO in this model will work together as a team, applying
both of their whole attention to each task with the CEO on top
Question 25
This is an approach in risk management where the consequences of risk are distributed among
several of the project's participants or business departments or with a third party, such as a vendor or
business partner.
Correct answer: Risk sharing
Question 26
One of the high-risk techniques in drawing up a strategic plan is business process reengineering
because the aim is to achieve high levels of improvement in a short timescale when the driving
factors that necessitate such undertaking are highly imminent or existing such as technological
changes or the introduction of new laws, regulations or policies.
Question 27
This is a governance strategy that involves communications information between the business and
the management where regulations that govern the protection of confidential information, financial
accountability, data retention, disaster recovery, etc. are mandated to be complied with.
Correct answer: Information technology governance
Question 28
The key factor in deciding whether consulting services are compatible with the assurance role is to
determine whether the internal auditor is assuming any management responsibility.
Question 29
Risk management _____ were established to provide guidance for internal or external risk audit, and
it allows organizations to compare their risk management practices with the internationally recognized
benchmarks designed to help organizations identify specific threats, assess unique vulnerabilities to
determine their risk, identify ways to reduce these risks and then implement risk reduction efforts
according to organizational strategy.
Response: standards
Question 30
This step in the risk management strategy process refers to the assessment of the highest-ranked
risks and develop a plan to alleviate them using specific risk controls in the event the risk comes to
fruition.
Correct answer: Risk mitigation
Question 31
This governance strategy refers to the processes by which businesses interact with other
businesses, customers, and other stakeholders outlining the appropriateness of interactions and
relationships for how the corporate governing board and management control the interested parties,
employees, and other stakeholders connected with the corporation.
Correct answer: Corporate governance
Question 32
What are the two (2) main roles of the internal audit in risk management? (Requires 2 correct
answers to get 1 full point)
Response: independent and objective assurance
Response: consulting
Question 33
Risk management standards have been developed for the following purposes except:
.Correct answer: to guide business entities in eliminating any risks that will result in negative impacts
to the operational and financial aspects of the company.
\Question 34
_____ is the power to influence or direct people's behavior or the course of events towards the
achievement of a specific intention, objective or purpose.
Correct answer: Control
Question 35
One of the control objectives of the risk management process is that corporate goals and objectives
must support, synchronized or aligned with the organizational or corporate _____.
Correct answer: mission
Question 36
What primary aspects of the organizational objectives cover the application of internal controls as
defined in accounting and auditing? (Requires 3 correct answers to get 1 full point)
Response: operational effectiveness and efficiency
Response: reliable financial reporting
Response: compliance with laws, regulations and policies
Question 37
This step in the risk management process refers to the determination of the odds of these threats
occurring, as well as their consequences where the goal is to further understand each specific
instance of risk, and how it could influence the company's projects and objectives.
Correct answer: Risk analysis

Operations Auditing

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Operations Auditing

Uploaded by

Copyright:

Available Formats

MIDTERM

You might also like