Which of the following risk management activities is most appropriate for an internal auditor to undertake?

• A.Review the management of key risks.
• B.Impose risk management processes.
• C.Implement risk responses on management's behalf.
• D.Coordinate risk management activities.

Comment: *

Name: *

Email: *

Verification: *

Management is developing and implementing a risk and control framework for use throughout the organization. Which of the following elements should be included in the organization's control framework?
1. Appropriate levels of authority and responsibility.
2. Supervision of staff and appropriate review of work.
3. The seniority of management in the organization.
4. The ability to trace each transaction to an accountable and responsible individual.

• A.1,2, and 3.
• B.1.2, and 4.
• C.2, 3, and 4.
• D.1.3, and 4.

Comment: *

Name: *

Email: *

Verification: *

After being terminated due to downsizing, an internal auditor finds a different job with an organization in the same industry. Which of the following actions would violate the IIA Code of Ethics?

• A.In the first week at the new organization, the auditor discovers a high fraud risk surrounding the organization's database and suggests that the information technology department implement a new password system to prevent fraudulent actions before they occur.
• B.At the new organization, the auditor is asked to develop forms to implement probability-proportional-to-size sampling. Although unsure of how to perform this type of sampling, the auditor proceeds without asking for assistance.
• C.In preparing for an audit at the previous organization, the auditor had conducted a great deal of research on the Internet at home to identify best practices for the management of a treasury function. The auditor has retained much of the research and uses it to conduct an audit of the new employer's treasury function.
• D.To determine audit priorities in the new job, the auditor uses the audit risk approach that the auditor's previous employer used, without receiving permission to do so.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is most likely to function as a directive control?

• A.Insurance claims.
• B.Cycle counts.
• C.Security dogs.
• D.Alert employees.

Comment: *

Name: *

Email: *

Verification: *

An internal auditor uses a predefined macro provided in a popular spreadsheet application to verify the present value of the organization's investments. Which of the following is the most appropriate course of action regarding the auditor's use of this functionality?

• A.The auditor should accept the calculations generated by the function, as any further work or documentation would be inefficient.
• B.The auditor should tabulate the results in the spreadsheet to ensure the macro has generated the correct results for all calculations.
• C.The auditor should review the programming of the macro before its use to ensure that it is appropriate for the required calculations.
• D.The auditor should perform a manual recalculation of several results to validate and document the results.

Comment: *

Name: *

Email: *

Verification: *