INTERNAL AUDITING

QUIZ

The purposes of the Standards include all of the following except

A. Establishing the basis for the measurement of internal audit performance.
B. Guiding the ethical conduct of internal auditors.
C. Stating basic principles that represent the practice of internal auditing as it should be.
D. Fostering improved organizational processes and operations.

The proper organizational role of internal auditing is to

A. Assist the external auditor in order to reduce external audit fees.
B. Perform studies to assist in the attainment of more efficient operations.
C. Serve as the investigative arm of the board.
D. Serve as an independent, objective assurance and consulting activity that adds value to operations.

One of the purposes of the International Standards for the Professional Practice of Internal Auditing as stated in the
Introduction to the current version of the Standards is to
A. Encourage the professionalization of internal auditing.
B. Establish the independence of the internal audit activity and emphasize the objectivity of internal auditing.
C. Encourage external auditors to make more extensive use of the work of internal auditors.
D. Establish the basis for evaluating internal auditing performance.

Internal audit activities may involve which of the following?

A. Assurance services.
B. Consulting services.
C. Both assurance and consulting services.
D. Neither assurance nor consulting services.

Which Standards apply to organizations and individuals performing specific types of internal auditing services?
A. Performance Standards.
B. Attribute Standards.
C. Implementation Standards.
D. All of the above Standards.

The Standards consist of three types of standards. Which standards apply to the characteristics of organizations and parties
providing internal auditing services?
A. Implementation Standards.
B. Performance Standards.
C. Attribute Standards.
D. Independence Standards.

The work of the internal audit activity includes evaluating and contributing to the improvement of risk management systems.
Risk is
I. The negative effect of events certain to occur
II. Measured in terms of impact
III. Measured in terms of likelihood
A. I only.
B. I and II only.
C. II and III only.

A major reason for establishing an internal audit activity is to

A. Relieve overburdened management of the responsibility for establishing effective controls.
B. Safeguard resources entrusted to the organization.
C. Ensure the reliability and integrity of financial and operational information.
D. Evaluate and improve the effectiveness of control processes.

The most accurate term for the procedures used by the representatives of the organization’s stakeholders to provide oversight
of processes administered by management is
A. Governance.
B. Control.
C. Risk management.
D. Monitoring.

A chief audit executive has reviewed credentials, checked references, and interviewed a candidate for a staff position. The
CAE
concludes that the candidate has a thorough understanding of internal auditing techniques, accounting, and finance.
However,
the candidate has limited knowledge of economics and information technology. Which action is most appropriate?
A. Reject the candidate because of the lack of knowledge required by the Standards.
B. Offer the candidate a position despite lack of knowledge in certain essential areas.
C. Encourage the candidate to obtain additional training in economics and information technology and then reapply.
Offer the candidate a position if other staff members possess sufficient knowledge in economics and information
technology.

If the internal audit activity of a non-public company does not have the skills to perform a particular task, an outside service
provider could be brought in from
I. The organization’s external audit firm
II. An outside consulting firm
III. The engagement client
IV. A college or university
A. I, II.
B. II, IV.
C. I, II, III.
D. I, II, IV.

Internal auditors should have an understanding with respect to which discipline?

A. Internal auditing procedures and techniques.
B. Accounting principles and techniques.
C. Management principles.
D. Marketing techniques.

In exercising due professional care, an internal auditor should consider which of the following?
I. The relative complexity, materiality, or significance of matters to which assurance procedures are applied.
II. The extent of assurance procedures necessary to ensure that all significant risks will be identified.
III. The probability of significant errors, irregularities, or noncompliance.
A. I and II.
B. II and III.
C. I and III.
D. I, II, and III.

An internal auditor observes that a receivables clerk has physical access to and control of cash receipts. The auditor worked
with the clerk several years before and has a high level of trust in the individual. Accordingly, the auditor notes in the
engagement working papers that controls over receipts are adequate. Has the auditor exercised due professional care?
A. Yes, reasonable care has been taken.
B. No, irregularities were not noted.
C. No, alertness to conditions most likely indicative of irregularities was not shown.
D. Yes, the engagement working papers were annotated.

An internal auditor fails to discover an employee fraud during an assurance engagement. The nondiscovery is most likely to
suggest a violation of the Standards if it was the result of a
A. Failure to perform a detailed review of all transactions in the area.
B. Determination that any possible fraud in the area would not involve a material amount.
C. Determination that the cost of extending procedures in the area would exceed the potential benefits.
D. Presumption that the internal controls in the area were adequate and effective.

Which of the following best describes the purpose of the internal audit activity?
A. To add value and improve an organization’s operations.
B. To assist management with the design and implementation of risk management and control systems.
C. To examine and evaluate an organization’s accounting system as a service to management.
D. To monitor the organization’s internal control system for the external auditors.

The function of internal auditing, as related to communicating results, is to

A. Ensure compliance with reporting procedures.
B. Review the expenditure items and match each item with the expenses incurred.
C. Determine whether any employees are expending funds without authorization.
D. Identify inadequate controls that increase the likelihood of unauthorized expenditures.

Which of the following is responsible for developing and maintaining a quality assurance and improvement program that
covers all aspects of the internal audit activity and continuously monitors its effectiveness?
A. Senior management.
B. Chief audit executive.
C. The Board of Directors.
D. Audit committee.

Freedom from conditions that threaten objectivity or the appearance of objectivity is

A. Control.
B. Compliance.
C. Independence.
D. Avoidance of conflicts of interest.

Internal auditors should possess the knowledge, skills, and other competencies essential to the performance of their
individual
responsibilities. Consequently, all internal auditors should be proficient in applying
A. Internal auditing standards.
B. Quantitative methods.
C. Management principles.
D. Structured systems analysis.

An element of authority that should be included in the charter of the internal audit activity is
A. Identification of the organizational units where engagements are to be performed.
B. Identification of the types of disclosures that should be made to the audit committee.
C. Access to records, personnel, and physical properties relevant to the performance of engagements.
D. Access to the external auditor’s engagement records.

The authority of the internal audit activity is limited to that granted by

A. The board and the controller.
B. Senior management and the Standards.
C. Management and the board.
D. The audit committee and the chief financial officer.

A charter is being drafted for a newly formed internal audit activity. Which of the following best describes the appropriate
organizational status that should be incorporated into the charter?
A. The chief audit executive should report to the chief executive officer but have access to the board of directors.
B. The chief audit executive should be a member of the audit committee of the board of directors.
C. The chief audit executive should be a staff officer reporting to the chief financial officer.
D. The chief audit executive should report to an administrative vice president.

The reporting relationship within the organization’s management structure that facilitates the day-to-day operations of the
internal audit function is referred to as which of the following?
A. Administrative reporting.
B. Financial reporting.
C. Management reporting.
D. Functional reporting.

Independence permits internal auditors to render impartial and unbiased judgments. The best way to achieve independence is
through
A. Individual knowledge and skills.
B. Organizational status and objectivity.
C. Supervision within the organization.
D. Organizational knowledge and skills.

The administrative reporting line of the CAE should be to

A. The audit committee.
B. Line management.
C. Board of directors.
D. CEO or equivalent.

An internal auditor has recently received an offer from the manager of the marketing department of a weekend’s free use of
his
beachfront condominium. No engagement is currently being conducted in the marketing department, and none is scheduled.
The internal auditor
A. Should reject the offer and report it to the appropriate supervisor.
B. May accept the offer because its value is immaterial.
C. May accept the offer because no engagement is being conducted or planned.
D. May accept the offer if approved by the appropriate supervisor.

Independence is most likely impaired by an internal auditor’s

A. Continuation on an engagement at a division for which (s)he will soon be responsible as the result of a promotion.
B. Reduction of the scope of an engagement due to budget restrictions.
C. Participation on a task force that recommends standards for control of a new distribution system.
D. Review of a purchasing agent’s contract drafts prior to their execution.

When faced with an imposed scope limitation, the chief audit executive should
A. Refuse to perform the engagement until the scope limitation is removed.
B. Communicate the potential effects of the scope limitation to the audit committee of the board of directors.
C. Increase the frequency of engagements concerning the activity in question.
D. Assign more experienced personnel to the engagement.

Which of the following activities is not presumed to impair the objectivity of an internal auditor?
I. Recommending standards of control for a new information system application
II. Drafting procedures for running a new computer application to ensure that proper controls are installed
III. Performing reviews of procedures for a new computer application before it is installed
A. I only.
B. II only.
C. III only.
D. I and III.