IIA IIA-CIA-Part2 Übungsprüfungen
Zuletzt aktualisiert am 05.05.2025- Prüfungscode: IIA-CIA-Part2
- Prüfungsname: CIA Exam Part Two: Practice of Internal Auditing
- Zertifizierungsanbieter: IIA
- Zuletzt aktualisiert am: 05.05.2025
An internal auditor is examining the organization’s internal control processes.
Which of the following would the auditor do to test the reliability of a customer database1?
- A . Perform a site visit to see whether the organization’s servers are operational
- B . Interview end users to determine whether they understand how to use the database information
- C . Determine whether policies are in place on how to use the database information
- D . Review for indications of potential issues with the database information
According to HA guidance, the chief audit executive is directly responsible for which of the following?
- A . Maintaining a quality assurance program even in the absence of management support
- B . Periodically reviewing and approving the internal audit charier
- C . Providing opportunities for all staff auditors to satisfy their professional development requirements
- D . Establishing the objectives scope and plan for each engagement
During the fieldwork phase of an assurance engagement, the internal auditor decides that she wants to adjust the audit work program. Which of the following is the most appropriate next step for the auditor to take?
- A . Request additional information needed from management of the area under review.
- B . Obtain approval from the engagement supervisor
- C . Obtain the required resources, including IT. to complete the work
- D . Discuss the change in scope with management of the area under review.
Is the documentation easily accessible to an persons who need in to perform their job?
Which of the following is a drawback of testing methods like this?
- A . They ore kitted as they do not allow the auditor to test many controls.
- B . They do not highlight control gaps
- C . They are not useful for identifying areas on which the auditor should locus.
- D . They are limited as there is a risk that management may not answer fairly.
Is the documentation easily accessible to an persons who need in to perform their job?
Which of the following is a drawback of testing methods like this?
- A . They ore kitted as they do not allow the auditor to test many controls.
- B . They do not highlight control gaps
- C . They are not useful for identifying areas on which the auditor should locus.
- D . They are limited as there is a risk that management may not answer fairly.
Which of the following information is most appropriate for the chief audit executive to share when coordinating audit plans with other internal and external assurance providers?
- A . Objectives scope and timing at a high level to support coordination while adhering to confidentiality requirements
- B . The area and timing of the audit engagement to ensure confidentially and avoid conflict of interest.
- C . All plan information, including risk assessments, planned tests and past results to maximize the opportunity for coordination with internal and external providers.
- D . No information should be shared with internal and external provider as it could introduce bias into the engagement results.
Which of the following information is most appropriate for the chief audit executive to share when coordinating audit plans with other internal and external assurance providers?
- A . Objectives scope and timing at a high level to support coordination while adhering to confidentiality requirements
- B . The area and timing of the audit engagement to ensure confidentially and avoid conflict of interest.
- C . All plan information, including risk assessments, planned tests and past results to maximize the opportunity for coordination with internal and external providers.
- D . No information should be shared with internal and external provider as it could introduce bias into the engagement results.
Which of the following information is most appropriate for the chief audit executive to share when coordinating audit plans with other internal and external assurance providers?
- A . Objectives scope and timing at a high level to support coordination while adhering to confidentiality requirements
- B . The area and timing of the audit engagement to ensure confidentially and avoid conflict of interest.
- C . All plan information, including risk assessments, planned tests and past results to maximize the opportunity for coordination with internal and external providers.
- D . No information should be shared with internal and external provider as it could introduce bias into the engagement results.
An internal auditor wants to identity potential ghost employees in the organization’s payroll system.
The auditor extracts the following data
– Human resources data with employees‘ names addresses employment conditions and identification codes
– Payroll data
– Logs from entrance systems
With this data, which of the following types of ghost employees will the auditor be able to identify?
- A . Employees who are being paid more than then approved wages
- B . Employees who get paid although their employment has expired
- C . Employees who are related to one of the subcontractors
- D . Employees who are physically present at the workplace but who do not perform the specified job duties
An internal auditor wants to identity potential ghost employees in the organization’s payroll system.
The auditor extracts the following data
– Human resources data with employees‘ names addresses employment conditions and identification codes
– Payroll data
– Logs from entrance systems
With this data, which of the following types of ghost employees will the auditor be able to identify?
- A . Employees who are being paid more than then approved wages
- B . Employees who get paid although their employment has expired
- C . Employees who are related to one of the subcontractors
- D . Employees who are physically present at the workplace but who do not perform the specified job duties