Examination Proper

To support supplier account balances, what is the most reliable evidence to be obtained by
the auditor?
Reviewing the vendor statements obtained from the accounts payable clerk.
Obtaining confirmations of balances from the suppliers.
Performing analytical account analysis.
Interviewing the accounts payable manager to determine the internal controls maintained over accounts
payable processing

The auditor’s risk assessment procedures should always include the following, except:
Inquiries of management and of others within the entity
Analytical procedures
Substantive test procedures and tests of controls
Observation and inspection
None of the above.

Some of these questions may be ask pertaining ethics: Q1:Should organizations conduct
animal testing for their products?; Q2:If a failure to meet a regulation is unlikely to result in
discovery, fines, or penalties, should the organization avoid compliance or comply based on
its internal guidelines for adhering to prevailing laws and regulations?; Q3:Should
organizations engage in extreme tax avoidance strategies, or should they pay what is
considered reasonable given stakeholder expectations and the pursuit of an image as being a
good corporate citizen?
Q1 and Q3 only
Q2 and Q3 only
Q1 and Q2 only
Q1, Q2, and Q3

Conflicts of interest are one of the biggest threats to objectivity, so internal auditors must be
careful to balance maintaining healthy professional and social relationships with others in the
organization without becoming too cozy with them
Consulting
Objectivity
Independence
Assurance

An entity’s risk assessment process includes how management:

Identifies risk - YES; • Assesses significance and likelihood of occurrence of these identified risks - YES;
Decides upon actions to manage these risks - YES
Identifies risk - YES; • Assesses significance and likelihood of occurrence of these identified risks - YES;
Decides upon actions to manage these risks - NO
Identifies risk - NO; • Assesses significance and likelihood of occurrence of these identified risks - YES;
Decides upon actions to manage these risks - YES
Identifies risk - YES; • Assesses significance and likelihood of occurrence of these identified risks - NO;
Decides upon actions to manage these risks - NO
None of the above.

The auditor’s risk assessment procedures:

By themselves, do not provide sufficient appropriate audit evidence on which to base the audit opinion
Should not consider information obtained from the auditor’s previous experience with entity
Are designed to detect material misstatement at the assertion level of classes of transactions, account
balances and disclosures
Are designed to test the effectiveness of the entity’s controls
None of the above.

Requests for purchases beyond those initially budgeted must be approved by the marketing
manager. This procedure: I. Should provide for the most efficient allocation of scarce
organizational resources. II. Is a detective control procedure. III. Is unnecessary because each
product manager is evaluated on profit generated. *
I only.
III only.
II and III only.
I, II, and III

One of the factors affecting the control environment is management philosophy and
operating style. This factor most likely would have a significant influence on an entity’s
control environment when:
Management is dominated by one individual.
Accurate management job descriptions delineate specific duties.
The audit committee actively oversees the financial reporting process.
The internal auditor reports directly to management.
None of the above.

During an audit, an internal auditor may provide direct assistance to an independent CPA in:
Obtaining understanding of internal control - NO; Performing of test of controls - NO; Performing
substantive tests - NO
Obtaining understanding of internal control - YES; Performing of test of controls - NO; Performing
substantive tests - NO
Obtaining understanding of internal control - YES; Performing of test of controls - YES; Performing
substantive tests - NO
Obtaining understanding of internal control - YES; Performing of test of controls - YES; Performing
substantive tests - YES
None of the above.

Internal audit should not be under the control of those they audit.
Consulting
Objectivity
Assurance
Independence

Which of the following are considered Operational threats?

Knowledge Transfer
System implementation
Outsourcing arrangement
Customer and vendor relation
Employee turnover
System development
Cycle time
Reliable supply of water

Discussions with operating executives.

Review of trade publications.
Review of correspondence the entity has conducted with governmental agencies.
Discussions conducted with the external auditors in coordinating engagement efforts.

Jane Simpson works for Shadow Corporation and is paid $30 per hour. She typically works 28
hours per week but always reports that she works 32 hours per week so that she can receive
additional wages from the company. Which of the following internal control activities is most
likely to prevent this type of theft?
The company’s payroll program is tested each month with test data to ensure that it operates properly.
A separate paymaster delivers the checks each pay period to Jane Simpson after verifying her identity.
The supervisor for Jane Simpson must review her time sheet each period and indicate approval.
Any paychecks that are printed but not picked up must be turned over to an independent group for
subsequent handling.
None of the above.

During the performance of risk assessment procedures, Andoy, CPA, noted a change in
accounting principle has been effected by the client. In this case, Andoy should plan to
evaluate the change to satisfy himself that:
The newly adopted principle is a generally accepted accounting principle.
The method of accounting for the effects of the change is in conformity with generally accepted
accounting principles.
Management’s justification for the change is reasonable.
All of the above.
None of the above.

Internal auditors should posses the following skills:

Ethical
Observant
Influence
Respectful
Team player

The information system consists of the following:

Infrastructure (physical and hardware components) - YES; Software - YES; People - NO; Procedures and
inputs - NO
Infrastructure (physical and hardware components) - YES; Software - YES; People - YES; Procedures and
inputs - YES
Infrastructure (physical and hardware components) - NO; Software - YES; People - NO; Procedures and
inputs - YES
Infrastructure (physical and hardware components) - NO; Software - YES; People - NO; Procedures and
inputs - NO
None of the above.

Ethics is the study of moral values and the principles of conduct governing an individual or a
group. what is the internal auditor’s responsibility for reporting fraud includes
Notifying management of fraud when the internal auditor has exhaustively reviewed all the data related
to the fraud.
Notifying management if fraud has been established to a reasonable certainty.
Providing a draft of the report only to senior management.
Issuing a written report at the conclusion of the investigation and not sooner.

III, IV, II, I.

IV, I, II, III.
II, IV, I, III.
IV, III, I, II.

S1: Operational audits often incorporate into their scope of work, the 6 Es play a key role in
the success or failure of the organization. S2: The 6 Es are effectiveness, efficiency, ethics,
equity, and ecology.
Both statements are correct
Both statement are incorrect
Only S1 is incorrect
Only S1 is correct

Which of the following is an appropriate statement of an audit engagement objective? *

To observe the physical inventory count.
To determine whether inventory stocks are sufficient to meet projected sales.
To search for the existence of obsolete inventory by computing inventory turnover by product line.
To include information about stockouts in the engagement final communication.

What type of information was received when an internal auditor receives a letter in response
to an inquiry? *
Physical
testimonial
documentary
analytical

A flowchart of process activities and controls may provide:

Information on where fraud could occur.
Information on the extent of a past fraud.
An indication of where fraud has occurred in a process.
No information related to fraud prevention.

S1: Communities power is to employ local residents ensure local development. S2: Activist
groups are interested in monitoring company action for ethical and legal behavior
Both statements are correct
Only S1 is incorrect
Both statement are incorrect
Only S1 is correct

Internal and not sufficient.

External and sufficient.
Both external and internal and sufficient.
Both external and internal and not sufficient.

One of the components of internal control that an independent auditor must come to
understand about each audit client is “information and communication.” What is meant by
this term?
The ability of the management of the company to communicate its priorities to the appropriate staff
levels within the organization.
The ability of the accounting system to generate reliable information and convey it in a timely manner to
those parties within the organization that needs it.
The ability of employees in a company to warn the independent auditor of fraudulent actions within the
organization.
The ability of the internal auditor to communicate information about the various systems to people
within the organization at an appropriate level of authority.
None of the above.

The following are examples of key actions that manifest equity except:
Clearly state the job requirements, what is required and what is desirable
Explain the impact of work experience in the selection process
Provide clear performance evaluation criteria
Do not publicize hiring and promotions actions

To obtain an understanding of the entity and its environment, including its internal control,
the auditor should perform each of the following risk assessment procedures except:
Inquiries of management and others within the entity.
Sampling for variables.
Observation and inspection.
Analytical procedures.
None of the above.

A photograph of the client's workplace is a form of what kind of information? *

Physical
testimonial
documentary
analytical

S1: Financial and operational auditors are increasingly expanding their focus and
incorporating IT applications and general IT topics in their reviews. S2: Integrated auditing
refers to the simultaneous inclusion of business and IT subject review, whereas traditional
auditors would assess IT risk and IT auditors would perform a review of financial controls
Both statements are correct
Only S1 is incorrect
Both statement are incorrect
Only S1 is correct

the following are advantages iof sending an internal control questionnaire prior to an audit
engagement except?
The engagement client can use the questionnaire for self-evaluation prior to the auditor's visit.
The questionnaire will help the engagement client understand the scope of the engagement.
Preparing the questionnaire will help the auditor plan the scope of the engagement and organize the
information to be gathered
The engagement client will respond only to the questions asked, without volunteering additional
information.

Which of the following are considered Technological threats?

Employee turnover
Customer and vendor relation
Outsourcing arrangement
Cycle time
System implementation
System development
Knowledge Transfer
Reliable supply of water

Risk assessment involves considering threats to the organization’s objectives in the areas of:
Marketing, financial reporting and compliance.
Operations, financial reporting and compliance with laws and regulations.
Financial reporting, performance and marketing.
Compliance with laws and regulations, operations and performance.
None of the above.

Audit procedures may be classified as risk assessment procedures and further audit
procedures. Which of the following best describes risk assessment procedures?
These procedures test the operating effectiveness of controls in preventing, or detecting and correcting,
material misstatements at the assertion level.
These procedures are used detect material misstatements at the assertion level.
These are procedures for obtaining an understanding of the entity and its environment, including its
internal control, to assess the risks of material misstatement at the financial statement and assertion
levels.
These procedures include tests of details of classes of transactions, account balances, and disclosures and
analytical procedures.
None of the above.

An entity’s internal control system contains manual elements and often contains automated
elements. Manual elements in internal control may be less reliable than automated elements
because:
Manual control elements can be more easily bypassed, ignored, or overridden and they also more prone
to simple errors and mistakes
Manual control elements facilitate the additional analysis of information
Consistency of application of manual control elements can always be assumed
Manual control elements include reliance on systems or programs that are inaccurately processing data,
processing inaccurate date, or both
None of the above.

When do we say that a working paper is complete?

Complies with the internal audit activity’s format requirements.
Contains all of the attributes of an observation.
Is clear, concise, and accurate.
Satisfies the engagement objective for which it is developed.

Toshiba, Inc. maintains a staff of three full-time internal auditors who report directly to the
controller. In planning to use the internal auditors to provide assistance in performing the
audit, the independent auditor most likely will:
Place limited reliance on the work performed by the internal auditors.
Decrease the extent of the tests of controls needed to support the assessed level of detection risk.
Increase the extent of the procedures needed to reduce control risk to an acceptable level.
Avoid using the work performed by the internal controls.
None of the above.

Risk assessment for financial reporting is management’s process for identifying, analyzing,
and responding to risks relevant to the preparation of financial statements in conformity
with:
Generally Accepted Accounting Standards
Generally Accepted Auditing Standards
PCAOB Auditing Standards
Generally Accepted Accounting Principles
None of the above.

During an assessment of the risk associated with sales contracts and related commissions,
which of the following factors would most likely result in an expansion of the engagement
scope? *
An increase in product sales, along with an increase in commissions.
An increase in sales returns, along with an increase in commissions.
A decrease in sales commissions, along with a decrease in product sales.
A decrease in sales returns, along with an increase in product sales.

Which of the following components of an entity’s internal control includes development and
use of training policies that communicate prospective roles and responsibilities to
employees?
Monitoring of controls
Control activities
Information and communication
Control environment
None of the above.

S1: The Institute of Internal Auditors (IIA), which is the governing body of internal auditors
worldwide, provides guidance for management on what should be done, how it should be
done, and why. S2: Adhering to the International Standards for the Professional Practice of
Internal Auditing (Standards) is voluntary, while following the guidance provided in the
Practice Advisories and Practice Guides is highly recommended and encouraged.
Only S1 is correct
Both statement are incorrect
Both statements are correct
Only S1 is incorrect
Company can reduce their costs by limiting their water usage, lowering their consumption of
electricity and generating electricity themselves
Effectiveness
Efficiency
Ecology
Equity
Excellence
Ethics

The primary stakeholders are:

Business Support Group
Suppliers
Employees
Creditors
Media
Investors
General Public
Communities
Customers
Activist Group
Government

It is the level where internal audit provides overall assurance on governance, risk
management and control, contributes the development of the organization’s management
and supports professional bodies.
Level 1: Initial
Level 3: Integrated
Level 2: Infrastructure
Level 4: Managed
Level 5: Optimizing

S1: A better approach to assessing economy is consider the entire value of the item, which
includes warranties, replacement and expected useful life. S2: Companies should focus on the
assessment of value when defining allowable purchase.
Only S1 is correct
Both statement are incorrect
Only S1 is incorrect
Both statements are correct

Internal control should be designed to provide reasonable assurance that:

Management’s planning, organizing, and directing processes are properly evaluated
Management’s plans have not been circumvented by employee collusion
Material errors or fraud will be prevented, or detected and corrected within a timely period by employees
in the course of performing their assigned duties
The internal auditing department’s guidance and oversight of management’s performance is
accomplished economically and efficiently
None of the above.

S1: Ethics is the study of moral value and principles of conduct governing an individual or a
group. S2: Being and acting ethical refers to abiding by well-founded standards of right and
wrong that prescribe what individuals should do.
Both statements are correct
Only S1 is incorrect
Only S1 is correct
Both statement are incorrect

For which of the following judgments may an independent auditor share responsibility with
an entity’s internal auditor who is assessed to be both competent and objective?
Assessment of inherent risk - YES; Assessment of control risk - YES
Assessment of inherent risk - YES; Assessment of control risk - NO
Assessment of inherent risk - NO; Assessment of control risk - YES
Assessment of inherent risk - NO; Assessment of control risk - NO
None of the above.

Which of the following is not a responsibility that should be assigned to a company's internal
audit department?
Evaluating internal control
Approving disbursements
Reporting on effectiveness of operating segments
Investigating potential merger candidates
None of the above.

The lack of ________ is a problem whether it is in fact or in appearance.

Ethics
Equity
Efficiency
Excellence
Effectiveness
Ecology

In connection with the examination of financial statements by an independent auditor, the

client suggests that members of the internal audit staff be utilized to minimize audit costs.
Which of the following tasks could most appropriately be delegated to the internal audit
staff?
Selection of accounts receivable for confirmation, based upon the internal auditor’s judgment as to how
many accounts and which accounts will provide sufficient coverage.
Preparation of schedules for negative accounts receivable responses.
Evaluation of the internal control for accounts receivable and sales.
Determination of the adequacy of the allowance for doubtful accounts.
None of the above.