IIA IIA-CIA-Part1 Übungsprüfungen
Zuletzt aktualisiert am 05.06.2025- Prüfungscode: IIA-CIA-Part1
- Prüfungsname: CIA Exam Part One: Essentials of Internal Auditing
- Zertifizierungsanbieter: IIA
- Zuletzt aktualisiert am: 05.06.2025
Which of the following statements is true regarding how the scope of a consulting engagement should be established?
- A . The engagement client should be able to determine the scope to be applied to the engagement
- B . The internal auditor should establish a scope that does not impair her objectivity
- C . Any attempts by the engagement client to limit the scope should be considered a scope limitation
- D . The scope should include reviewing the effectiveness of the internal control environment
Recently an organization’s internal audit activity discovered ghost employees who receive payments Senior management decides to strengthen the internal control measures to address this.
Which of the following is considered an effective control to mitigate payments to ghost employees?
- A . Staff transfers are reviewed by the recruiting manager and approved by the head of human resources
- B . New staff requisition forms are authorized by operational management and acknowledged by the head of human resources
- C . Staff salary payments and accounting records are approved by the head of accounting and acknowledged by the head of human resources
- D . The staff salary payment list is reviewed by the head of payroll and endorsed by the head of human resources
Which of the following statements is most likely to be true regarding a consulting engagement involving an organization’s new payroll system?
- A . The internal auditor and engagement client established an understanding that the scope would include the new payroll system project.
- B . The payroll system engagement was scheduled as a result of internal audit’s risk-based annual planning process.
- C . The internal auditor concluded that the engagement objectives would include assessing the effectiveness of the payroll process controls.
- D . The internal auditor acknowledged the engagement client’s satisfactory performance in the final engagement results that were communicated to senior management and the board.
According to IIA guidance, which of the following threats to objectivity is described as familiarity‘?
- A . An internal auditor is a close friend or relative of the manager or an employee of the audit client
- B . An internal auditor has a long-term business relationship with the audit client.
- C . An internal auditor has an economic stake in the performance of the organization
- D . An internal auditor is exposed to or perceived to be exposed to pressures from external parties
In which of the following ways can a whistleblower hotline serve as a prevent
- A . active control? 3
- B . Third parties who operate the hotline ensure anonymity for whistle blowers. D Whistleblower tips help discover wrongdoings and violations of the code of conduct.
Potential perpetrators of fraud know that their actions can be reported easily. - C . Better investigation protocols are triggered by the whistleblower hotline.
Management decided to post the organization’s newly established code of conduct on its website.
This decision is primarily intended to mitigate which of the following risks?
- A . Accountability risk.
- B . Communication risk.
- C . Knowledge risk.
- D . Cultural risk.
Which of the following scenarios would most likely impair the independence of an internal audit activity?
- A . A relative of an internal audit team member works m a department being reviewed
- B . The internal audit budget is reduced by management requiring the removal of all lT-related engagements from the audit plan
- C . An audit manager removes a finding from the draft report due to disagreements with the chief financial officer
- D . The operating effectiveness of a control is reported as ’satisfactory." because no concerns were identified during planning
Senior management has decided to adopt the key principles approach of the ISO 31000 risk management framework.
According to IIA guidance, which of the following principles is most appropriate when implementing the risk management process in a dynamic agency?
- A . Everyone in the agency has a primary responsibility for identifying and managing risks as part of the risk management process.
- B . The risk management process, while evaluating risk, should develop a mechanism to rank the relative importance of each risk.
- C . The risk management process should be regularly reviewed and respond to changes in the environment, to remain relevant.
- D . The risk management process should use a formal technique to consider the consequence and likelihood of each risk.
An internal auditor notes that inventory counts are conducted on Mondays only and that all documentation is on paper as there are no computers in the underground warehouses. Also she notices that the person responsible for receiving the goods is the same one who distributes materials and spare parts Finally, she sees that spare parts are written off and taken by the heads of mining units to different underground locations to wait for their turn to be installed.
Which of the described findings requires more consideration from a fraud risk perspective?
- A . The job responsibilities of the warehouse employee compromise segregation of duties
- B . Spare parts are written off before their actual usage and installation
- C . Warehouse management is conducted on paper and requires further investigation
- D . The inventory counts take place on specific days of the week for no apparent reason
Which of the following is an appropriate role for the internal audit activity?
- A . Ensuring the organization’s key risks are managed through appropriate controls.
- B . Assisting the organization in maintaining effective controls.
- C . Implementing new controls to promote continuous improvement.
- D . Validating control assessments performed by the external auditor.