Which type of objectives can best be described as broad goals that promote the effective and efficient use of resources?

• A.Compliance objectives.
• B.Reporting objectives.
• C.Strategic objectives.
• D.Operational objectives.

Comment: *

Name: *

Email: *

Verification: *

According to IIA guidance, which of the following statements is true regarding the reporting of results from an external quality assessment of the internal audit activity?

• A.The requirements for reporting quality assessment results are the same for external assessments and self-assessments with independent external validation.
• B.The external assessment results are communicated upon completion to senior management and the board, but action plans for recommended improvements do not have to be reported.
• C.The results of self-assessments with independent external validation are shared with the board upon completion, and monitoring of recommended improvements must be reported monthly.
• D.The external assessment results are reported upon completion in confidence directly to the board, and senior management is advised only of the recommendations and improvement action plans.

Comment: *

Name: *

Email: *

Verification: *

According to IIA guidance, which of the following roles would be appropriate for an internal auditor regarding fraud risk?
1. Identification.
2. Mitigation.
3. Remediation.
4. Reduction.

• A.1, 3, and 4 only.
• B.1,2, 3, and 4.
• C.1 and 4 only.
• D.1 only. |

Comment: *

Name: *

Email: *

Verification: *

An organization decides to take no action on one of its financial risks because the cost of implementing the control outweighs the value of the asset being protected. Which of the following best describes this risk strategy?

• A.Risk avoidance.
• B.Risk-benefit analysis.
• C.Risk sharing.
• D.Risk acceptance.

Comment: *

Name: *

Email: *

Verification: *

A multinational organization has asked the internal audit activity to assist in setting up the organization's risk management system. The chief audit executive (CAE) agrees to take on the engagement as a consultant.
Which of the following tasks is appropriate for the CAE to undertake?

• A.Determine the number of significant risks for management to report to the board.
• B.Establish the degree of risk appetite for management to accept.
• C.Coordinate and facilitate risk workshops for management to attend.
• D.Set risk indicators and mitigation plans for management to implement.

Comment: *

Name: *

Email: *

Verification: *