Questions and Answers of Internal Auditing Assurance

How many core competencies are included in The IIA’s Global Internal Auditor Competency Framework and for what general job levels are they recommended?
What are the three common ways individuals enter the internal audit profession?
Do most people who work in internal auditing spend their entire careers there? Explain.
What options does an individual have if he or she chooses to be a career internal auditor?
What are the circumstances that precipitated the need for internal audit-type activities?
A primary purpose of the Standards is to:a. Promote coordination of internal and external audit efforts.b. Establish a basis for evaluating internal audit performance.c. Develop consistency in
Why is it important for a profession, such as internal auditing, to promulgate standards?
What are the six components of the IPPF? Which components constitute mandatory guidance? Which components constitute recommended guidance?
Which of the following are “mandatory guidance” in The IIA’s IPPF?I. Implementation Guides.II. The Code of Ethics.III. The Definition of Internal Auditing.IV. The Standards.a. I, II, and IV.b.
According to the Standards, which of the following must the internal audit manager think about when considering appropriate due care while planning an assurance engagement?a. The opportunity to
Explain what is meant by the term “conflicts of interest.” How do conflicts of interest arise?
Which of the following types of IPPF guidance require(s) public exposure?I. A new Implementation Guide.II. A new standard.III. New Supplemental Guidance for auditing cybersecurity.IV. A new
What does “proficiency” mean? What does “due professional care” mean?
Which of the following are required of the internal audit function per the Standards?a. Evaluate the effectiveness of the audit committee annually.b. Issue an overall opinion on the adequacy of the
What is the purpose of the internal audit function’s quality assurance and improvement program?
Which of the following is a Core Principle for the Professional Practice of Internal Auditing?a. Maintain confidentiality.b. Promote an ethical culture in the internal audit profession.c. Develop
What are the seven main sections of the Performance Standards?
As indicated in the Standards, the internal audit function must be independent, and internal auditors must be objective in performing their work. As indicated in the chapter reading, independence and
“The IIA’s Code of Ethics,” and answer the following questions:a. Why is it important for the internal audit profession to have a code of ethics?b. How do the Code of Ethic’s Principles
Contrast the mission statement with the Definition of Internal Auditing. What, if anything, does the mission statement add?
An internal auditor provides income tax services during the tax season. For which of the following activities would the auditor most likely be considered in violation of The IIA’s Code of Ethics?a.
How does The IIA’s Code of Ethics differ from the Standards in governing the behavior and activities of internal auditors?
What is the purpose of The IIA’s Code of Ethics?
An internal auditor is auditing a division in which the division’s chief financial officer (CFO) is a close, personal friend. The auditor learns that the friend is to be replaced after a series of
Does including the CAE in a company’s stock option program violate either The IIA’s Code of Ethics or the Standards? Explain your answer.
Identify the four principles of the Code of Ethics. Why should internal auditors strive to comply with these principles?
The IIA’s Standards require internal auditors to exercise due professional care while conducting assurance engagements. Which of the following is not something an internal auditor is required to
The CAE for Sargon Products reports administratively to the CFO and functionally to the audit committee. The scope of the internal audit function assurance services includes financial, operational,
What is the purpose of The IIA’s Standards? Explain the difference between Attribute and Performance Standards.
In which of the following situations does the internal auditor potentially lack objectivity?a. A payroll accounting employee assists an internal auditor in verifying the physical inventory of small
Review IG 1000/Purpose, Authority, and Responsibility and answer the following questions.a. Why is it important for an internal audit function to have a charter?b. What information should an internal
Explain the difference between assurance and consulting services. Why does each type of service have its own Implementation Standards?
Which of the following is/are components of the Standards?I. Statements.II. Interpretations.III. Glossary.a. I only.b. I and II.c. I and III.d. I, II, and III.
You are part of a three-person internal audit function that was asked by your company’s CEO to conduct an audit of the internal controls over the company’s commodities trading and hedging
What is the definition of independence as it pertains to an internal audit function? What is the definition of objectivity as it pertains to individual internal auditors?
According to the Standards, how is the independence of the internal audit function achieved?a. Staffing and supervision.b. Organizational status and objectivity.c. Human relations and
Identify the Performance Standards that pertain specifically to:a. Engagement planning.b. Performing the engagement.c. Communicating results.
What is the relationship between Standards and the Implementation Guidance?
To determine what needs to be done regarding follow-up on an assurance engagement the internal audit staff just completed, one would consult:a. The Attribute Standards: Assurance Services
What is the role of Supplemental Guidance in the IPPF?
In addition to the Standards, some internal audit departments follow other standards in conducting their work, either because of regulatory requirements or by choice. When these other standards are
Which of the following would be a violation of The IIA’s Code of Ethics?a. An internal auditor was subpoenaed in a court case in which a joint venture partner claimed to have been defrauded by the
What are the responsibilities of The IIA’s Professional Practices and Professional Guidance Advisory Councils?
What is the role of the IPPF Oversight Council?
Why are there arrows flowing in both directions between the different elements of governance depicted in exhibit 3-2?Exhibit 3-2 DEPICTION OF KEY ELEMENTS OF A
What organizations, other than The IIA, promulgate guidance that is pertinent to internal auditors?
Which of the following is not an appropriate governance role for an organization’s board of directors?a. Evaluating and approving strategic objectives.b. Influencing the organization’s
Describe ways in which an organization’s business model may affect its approach to governance oversight. Provide examples that contrast publicly held companies from privately held companies.
Visit the website http://www.ecgi.org/codes/all_codes.php, which contains a list of governance codes from around the world. Review the governance regulations for Australia, South Africa, and the
What is the OECD’s definition of corporate governance?
Which of the following are typically governance responsibilities of senior management?I. Delegating its tolerance levels to risk managers.II. Monitoring day-to-day performance of specific risk
What is the difference between the two areas of governance depicted in exhibit 3-3?Exhibit 3-3 OVERVIEW OF GOVERNANCE GOVERNANCE "UMBRELLA" BOARD OF DIRECTORS STRATEGIC DIRECTION GOVERNANCE OVERSIGHT
Discuss why it is important, from a governance perspective, to have independent outside directors on a board of directors.
The IIA has different blogs on its website. One of these is a governance blog (https://iaonline.theiia.org/blogs/marks). Find this site on The IIA’s website and review the last three postings, as
ABC utility company sells electricity to residential customers and is a member of an industry association that provides guidance to electric utilities, lobbies on behalf of the industry, and
Given that directors typically do not interface directly with key stakeholders, how might a board of directors obtain an understanding of key stakeholder expectations? How might that process vary
What is The IIA’s definition of governance? How does this definition relate to the figure in exhibit 3-3?Exhibit 3-3 OVERVIEW OF GOVERNANCE GOVERNANCE "UMBRELLA" BOARD OF
Many organizations have multiple avenues for ensuring that they operate within their risk appetite. Organizations operating in a highly regulated environment in particular have a need to demonstrate
In exhibit 3-4, the internal audit function is included in the assurance box. In light of this assurance role, discuss the pros and cons of the chief audit executive (CAE) reporting to the board of
Who is responsible for establishing the strategic objectives of an organization?a. The board of directors.b. Senior management.c. Consensus among all levels of management.d. The board and senior
IT governance has become a “hot topic” in recent years. Using the governance framework shown in exhibit 3-4, customize each of the components to describe how they might specifically relate to
Who is ultimately responsible for identifying new or emerging key risk areas that should be covered by the organization’s governance process?a. The board of directors.b. Senior management.c. Risk
What are the three different types of stakeholders that the board must understand? Give examples of each type.
What types of outcomes might a board need to consider to understand stakeholders’ expectations?
The internal audit function should not:a. Assess the organization’s governance and risk management processes.b. Provide advice about how to improve the organization’s governance and risk
The General Auditor’s Office (GAO) of ABC jurisdiction issued a report on the XYZ Electric Cooperative, a large member-owned utility. This report reviewed the work of MNO Consulting. MNO found
Which of the following would not be considered a first line of defense in the Three Lines of Defense model?a. A divisional controller conducts a peer review of compliance with financial control
The CAE of PJS Company is working with senior management and the board to develop a combined assurance model and has asked you for advice. More specifically, he has asked you to respond to the
In governance, what are the key responsibilities of:a. The board of directors?b. Senior management?c. Risk owners?
What role does the internal audit function play in governance?
Which of the following would be considered a first line of defense in the Three Lines of Defense model?a. An accounts payable supervisor conducting a weekly review to ensure all payments were issued
Discuss how regulations help to improve governance. Explain how some regulations may have unintended consequences regarding governance.
In addition to the internal audit function, what other internal functions may provide independent assurance to the board or senior management?
Which of the following would be considered a second line of defense in the Three Lines of Defense model?a. An accounts payable supervisor conducting a weekly review to ensure all payments were issued
The King Code of Corporate Governance for South Africa is widely considered one of the most progressive governance codes in the world. Search the internet for the latest version (King IV), which
Companies in industries that are heavily regulated may be subject to audits by the regulator’s auditors. While not specifically covered in the Three Lines of Defense model, such auditors would most
What are the three lines of defense in the Three Lines of Defense model?
What is a combined assurance model? Why do some organizations use such models?
Which of the following is not a role of the internal audit function in best practice governance activities?a. Support the board in enterprise wide risk assessment.b. Ensure the timely implementation
What are some key U. S. regulations that have been written in response to adverse business events?
Which of the following statements regarding corporate governance is not correct?a. Corporate control mechanisms include internal and external mechanisms.b. The compensation scheme for management is
Which of the following represents the best governance structure? Operating Management a. Responsibility for risk b. Oversight role c. Responsibility for risk d. Oversight
What types of business events tend to drive new legislation and guidance?a. Economic downturns.b. Fraud or other corporate wrongdoing.c. Elections or other political changes.d. Economic growth.
Describe the difference between risk-taking philosophy, risk appetite, and acceptable variation in performance. Give examples of each.
COSO provides a variety of guidance relevant to the internal audit profession. The purpose of this case is to become more familiar with COSO and its guidance. Visit www.coso.org and answer the
How does COSO define risk? How does ISO define risk?
According to COSO ERM, which of the following is not an inherent challenge that arises as part of establishing strategy and business objectives?a. Ensuring culture is clearly articulated by the
Which of the following external events will most likely impact a defense contractor that relies on large government contracts for its success?a. Economic event.b. Natural environment event.c.
How does effective ERM help achieve strategy?
What are the five fundamental points embedded in the COSO and ISO definitions of risk?
In the United States, COSO published its Enterprise Risk Management – Aligning Risk with Strategy and Performance (COSO ERM, or ERM framework) in 2017. In 2004, COSO identified a need for a robust
Which of the following is not an example of a risk-sharing strategy?a. Outsourcing a noncore, high-risk area.b. Selling a nonstrategic business unit.c. Hedging against interest rate fluctuations.d.
Define inherent risk and residual risk. Which of the two types of risk should have a greater impact on the annual internal audit plan?
According to COSO, what are the fundamental concepts emphasized in its definition of enterprise risk management (ERM)?
An organization tracks a website hosting anonymous blogs about its industry. Recently, anonymous posts have focused on potential legislation that could have a dramatic effect on this industry. Which
The ISO 31000 risk management framework includes five components, the first of which is “mandate and commitment.” Explain what mandate and commitment means. Discuss why mandate and commitment is
How does COSO define mission, vision, and core values?
Which of the following risk management activities is out of sequence in terms of timing?a. Identify, assess, and prioritize risks.b. Develop risk responses/treatments.c. Determine key organizational
For an organization that has not implemented ERM, describe steps the internal audit function can take to initiate an ERM program without impairing the function’s independence and/or objectivity.
How does COSO define strategy and business objectives?

Showing 400 - 500 of 602