IIA-CHAL-QISA Free Practice Test

An accounts payable clerk has recently transferred into the internal audit activity and has been assigned to an engagement related to accounts payable processes for which he was previously responsible Which of the following is the best action for the new internal auditor to take?

1. A. If it is an assurance engagement, accept the assignment because direct knowledge of the existing accounts payable processes will provide depth and add more value
2. B. If it is a consulting engagement, decline the assignment and ask to be reassigned, because in a consulting engagement the auditor must not assess operations for areas in which they were previously responsible.
3. C. if it is a consulting engagement, accept the assignment because direct knowledge of the existing accounts payable processes will provide depth and add more value
4. D. If it is an assurance engagement, accept the assignment because the chief audit executive hadknowledge of the internal auditor's previous role when this engagement was assigned.

Correct Answer: B
✑ Conflict of Interest: For both assurance and consulting engagements, it is crucial to avoid conflicts of interest. An auditor assessing processes they were previously responsible for can compromise objectivity and independence.
✑ IIA Standards: The IIA's Code of Ethics and standards emphasize maintaining objectivity and avoiding conflicts of interest. This is particularly important in consulting engagements where the auditor's recommendations could be influenced by prior roles.
✑ Appropriate Action:
: IIA Standard 1130 - Impairment to Independence or Objectivity.

An internal auditor believes that the internal audit activity's independence is impaired Which of the following actions should the internal auditor take first?

1. A. Report the impairment to senior management
2. B. Discuss the impairment with the audit manager.
3. C. Ascertain the best approach to disclose the impairment.
4. D. Decide on the extent of impact of the impairment

Correct Answer: B
The board manages several key processes to ensure adequate governance within an organization, one of which is the development, approval, and execution of the strategic plan. This process is critical because it defines the organization's direction, goals, and the actions required to achieve these goals.
✑ Strategic Planning: The board plays a pivotal role in setting the organization's
strategic direction, which includes establishing long-term goals and defining the means to achieve them.
✑ Performance Measurement: While the board may establish and measure
performance objectives for the internal audit activity, this is part of a broader governance framework.
✑ Risk Management: The board also develops strategies to mitigate risks, ensuring
that the organization can achieve its objectives effectively.
Thus, the most comprehensive governance-related process managed by the board involves strategic planning

Which of the following is an example of a directive control?

1. A. Segregation of duties
2. B. Exception reports
3. C. Training programs,
4. D. Supervisory review.

Correct Answer: C
Directive controls are designed to encourage desired behavior or outcomes.
✑ Option A: Segregation of duties is a preventive control, not a directive control.
✑ Option B: Exception reports are detective controls.
✑ Option D: Supervisory review is also a preventive or detective control.
✑ Option C: Training programs are directive controls as they guide employees on the correct procedures and practices to follow.

In an assurance engagement focused on the adequacy of organizationwide risk management practices, which of the following best describes a primary area of interest for the engagement?

1. A. The effectiveness of process-level and transaction-level controls.
2. B. Conflicts of interest within the organizational structure of the senior management.
3. C. The alignment of management decisions with the level of risk the organization is willing to accept.
4. D. The actions of upper management in response to the internal audit acth/lty's reporting

Correct Answer: C
Understanding the Engagement Scope: The primary area of interest in an assurance engagement focused on the adequacy of organization-wide risk management practices is to ensure that risk management is effectively integrated into the organization's decision- making processes. This involves evaluating whether management decisions are aligned with the organization's risk appetite, which is the amount of risk the organization is willing to accept in pursuit of its objectives.
Key Considerations:
✑ Effectiveness of Risk Management Framework: Ensuring that the risk management framework is robust and effectively implemented across the organization.
✑ Risk Appetite Alignment: Assessing if the decisions made by management are within the boundaries set by the organization??s risk appetite statement.
✑ Strategic Objectives: Evaluating if the risk management practices support the achievement of the organization??s strategic objectives.
IIA Standards: According to the IIA's International Standards for the Professional Practice of Internal Auditing, internal auditors must evaluate the effectiveness and contribute to the improvement of risk management processes (Standard 2120 - Risk Management). References:
✑ The alignment of management decisions with the level of risk the organization is
willing to accept ensures that the organization does not take on more risk than it is prepared to handle, thereby protecting its assets and ensuring long-term sustainability.
✑ Effective risk management practices help in identifying, assessing, and mitigating
risks, which is crucial for the overall governance and operational effectiveness of the organization

Which of the following would be considered a violation of The IIA??s mandatory guidance on independence?

1. A. The chief audit executive (CAE) reports functionally to the board and administratively to the chief financial officer
2. B. The board seeks senior managements recommendation before approving the annual salary adjustment of the CAE.
3. C. The CAE confirms to the board, at least once every five years, the organizational independence of the internal audit act/vity.
4. D. The CAE updates the internal audit charter and presents it to the board for approval periodically, not on a specific timeline

Correct Answer: B
✑ Independence Requirement:The IIA's mandatory guidance emphasizes the importance of the CAE's independence to ensure unbiased internal audit activities.
✑ Conflict of Interest:Seeking senior management??s recommendation for the CAE??s salary adjustment can create a conflict of interest and potentially compromise the CAE??s independence.
✑ Best Practices:To maintain independence, the CAE??s compensation should be determined by the board without influence from senior management.
✑ Standard Compliance:According to the IIA's Attribute Standard 1110 – Organizational Independence, the CAE must report to a level within the organization that allows the internal audit activity to fulfill its responsibilities.
References:
✑ IIA Standard 1110 – Organizational Independence .