Internal Auditing Assurance & Advisory Services 4th Edition Urton L. Anderson, Michael J. Head, Sridhar Ramamoorti, Cris Riddle, Mark Salamasick, Paul J. Sobel - Solutions

Discover comprehensive solutions to the questions from the "Internal Auditing Assurance & Advisory Services 4th Edition" with our online answers key. Access step-by-step answers and solved problems with our detailed solution manual, available in solutions PDF format for easy reference. Dive into the test bank for a deeper understanding of chapter solutions, and explore the instructor manual for guided insights. This textbook is your go-to source for questions and answers, offering free download options to enhance your learning experience. Perfect for students and professionals seeking structured and thorough guidance.

Explain the steps that an organization may take to embed risk management into the business and the way people behave at work.
Prepare a presentation to the internal audit management team on the role of internal audit in the organization’s efforts to establish and validate business risk management.
Describe the concept of systems thinking and explain how this helps internal auditors adopt a defined approach to their work.
Explain how CRSA workshops may be designed and successfully delivered in an organization that is seeking to establish an effective risk management system.
Discuss the importance of facilitation skills in managing a CRSA workshop and describe some of the techniques for ensuring such workshops may be successfully facilitated to achieve their goals.
Consider the ways that audit may make use of the CRSA technique as an important component of audit field work and discuss why such an approach may prove beneficial.
Discuss the need for organizations to ensure the risk of fraud is properly managed and describe the various stages that may be considered when asked to investigate employee fraud.
Discuss the role of the information systems auditor and note some of the controls that may help ensure an information system (e.g. an application such as a payments system) is both reliable, efficient and protected.
Explain why compliance is an important corporate issue and describe how an organization may ensure procedures are adhered to by managers and staff.
Explain the value-for-money concept and describe the link between economy, efficiency and effectiveness.
Describe how a formal consulting investigation (which involves a major change programme)may be approached and discuss how this differs from assurance-based audit work.
Prepare a presentation to the internal audit management team on the various ways that the internal audit shop may be organized and discuss whether there is one best method of structuring the audit service.
Explain the importance of a carefully considered risk-based strategy for the internal auditing service and describe ways that this strategy may be developed and applied.
Describe the way in which suitable audit staff may be secured and applied to delivering the set audit strategy.
Discuss the pros and cons of formal appraisal schemes for internal audit staff and describe various ways that can be used to measure the performance of individual staff and the audit service in general.
Outline the types of problems that may interfere with the performance of the internal audit service and consider ways in which some of these problems may be addressed.
Explain why it is important to have an up-to-date audit manual and describe some of the items that may be addressed by the manual.
Describe the way action points from the audit strategy may be delegated and explain the measures that may be taken to ensure such delegation is properly controlled.
Describe how information systems may be employed to support the audit strategy and explain how audit staff time may be managed through effective information and reporting systems.
List the steps that may be taken to get a new internal audit shop up and running and discuss the issues that need to be considered when developing the new audit service for an organization.
Describe the steps that may be taken to ensure that internal audit services provided by an outside supplier are efficient, effective and provide added value to the organization.
Prepare a presentation to the internal audit management team on the measures that can be taken to arrive at the annual audit plan, which includes a view on the importance of taking on board corporate and business risk assessments (which have been carried out by the board and senior management).
Describe how the preliminary survey may be used to arrive at the terms of reference for an audit and discuss the different interpretations of the role of audit programmes.
Describe the importance of effective interviewing for the internal auditor and discuss the ways in which the auditor can ensure that such interviews have a good chance of success.
Explain the different ways that a system may be ascertained and recorded and describe the factors that should be considered in deciding whether a system’s flowchart should be prepared.
Consider and illustrate by the use of brief examples the two techniques of ICQ and ICES and describe their respective merits and disadvantages.
Explain the importance of audit testing and discuss all those issues that need to be considered when deciding on the types and depth of tests that are applied.
Explain the attributes of good audit evidence and describe the sources that may be used to gather suitable evidence to support the audit opinion and report.
Explain the concept of statistical sampling and consider the ways this technique may be applied to provide an enhanced audit product.
Describe the different types of reports that may be prepared by the internal auditor and discuss the factors that make for a well-received and effective audit report.
Describe the measures that can be taken by an internal auditor to help ensure the formal presentation of an audit report to a senior management team is successful.
Prepare a presentation to the internal audit management team covering the information that should be reported to the audit committee in the annual internal audit report.
Recommendations should be included in final audit communications to:a. Provide management with options for addressing audit observations.b. Ensure that problems are resolved in the manner suggested by the auditor.c. Minimize the amount of time required to correct audit observations.d. Guarantee
The process of evaluating and escalating observations during an assurance engagement can be relatively complex. It involves several steps and requires a number of professional judgments.a. What judgments must an internal audit team make during the observation evaluation and escalation process?b.
Review the engagement observation that follows and record the specific information that represents the recommendation and each of the following observation attributes: criteria, condition, cause, and effect.Audit Observation and Recommendation:Corporation X associates are required to abide by the
Reported internal audit observations emerge as a result of comparing “what should be” with “what is.” In determining “what should be” during an internal audit engagement, which of the following would be the least appropriate criterion against which to assess current controls?a. Industry
Must all observations identified by an internal audit team during an assurance engagement be acted upon by management? Explain. What are the implications for the internal audit function if management fails to respond appropriately to an observation warranting corrective action?
Consider the following facts.During its assessment of the accounts payable department, the internal audit function identified the following observations:■ Inadequate segregation of duties over certain information system access controls. Potential loss exposure of $45 million.■ Several instances
According to the International Professional Practices Framework(IPPF), an engagement final communication should include, at minimum, which of the following?I. Background information.II. Purpose of the engagement.III. Engagement scope.IV. Results of the engagement.V. Summaries.a. I, II, and III.b.
Consider the facts presented below. Using the Observation Evaluation and Escalation Process, assess the facts presented and determine the following:a. What observation(s) is (are) indicated?b. What COSO objective categories are affected?c. Classify the observation(s) as inadequately designed,
Audit report generation is a process that can be performed within the engagement project. This allows for all of the pertinent information that should be accumulated for reporting to occur. Once the audit report is generated, an editable deliverable can be managed and provided to the intended
Which of the following would not be considered a primary objective of a closing or exit conference?a. To resolve conflicts.b. To identify concerns for future audit engagements.c. To discuss the engagement observations and recommendations.d. To identify management’s actions and responses to the
Some internal auditors take the view that the internal audit profession should require that internal audit functions adopt a simple, yet sensible, grading or ranking of their engagement reports to better communicate their overall conclusions expressed in these reports. They propose that an overall
As indicated in the chapter, if an observation, or a group of observations, is assessed to be material, communication must be formal and include senior management, the organization's independent outside auditor, and the audit committee. Additionally, for publicly owned companies over a specified
During a review of purchasing operations, an internal auditor found that procedures in use did not agree with stated company procedures. However, audit tests revealed that the procedures used represented an increase in efficiency and a decrease in processing time, without a discernible decrease in
The audit committee chair has asked your boss, the CAE, to explore the possibility of giving an overall annual opinion each year on the organization’s state of internal controls. The CAE has done some preliminary research and designed the following potential form for such an opinion:To: Chair,
A formal engagement communication must:a. Provide an opportunity for the auditee to respond.b. Document the corrective actions required of senior management.c. Provide a formal means by which the independent outside auditor assesses potential reliance on the internal audit function.d. Report
Which of the following does the CAE need to consider when determining the extent of follow-up required?I. Significance of the reported observation.II. Past experience with the manager charged with the corrective action.III. Degree of effort and cost needed for the corrective action.IV. The
An excerpt from an internal audit observation indicates that travel advances exceeded prescribed maximum amounts. Company policy provides travel funds to authorized employees for travel. Advances are not to exceed 45 days of anticipated expenses. Company procedures do not require justification for
Internal audit reports can be structured to motivate management to correct deficiencies. Which of the following report-writing techniques is most likely to be effective?a. State the procedural inadequacies and resulting improprieties in specific terms.b. Recommend changes and state the punitive
The primary purpose of issuing an interim report during an internal audit is to:a. Provide auditee management the opportunity to act on certain observations immediately.b. Set the stage for the final report.c. Promptly inform auditee management and their supervisors of audit procedures performed to
Who has primary responsibility for providing information to the audit committee on the professional and organizational benefits of coordinating internal audit assurance and consulting activities with other assurance and consulting activities?a. The external auditor.b. The CAE.c. The CEO.d. Each
The primary reason for having written formal audit reports is to:a. Provide an opportunity for engagement client response.b. Document the corrective actions required of senior management.c. Provide a formal means by which the external auditor assesses potential reliance on the internal audit
A follow-up review found that a significant internal control weakness had not been corrected. The CAE discussed this matter with senior management and was informed of management’s willingness to accept the risk. The CAE should:a. Do nothing further because management is responsible for deciding
Which of the following statements best describes the internal audit function’s responsibility for follow-up activities related to a previous engagement?a. Internal auditors should determine if corrective action has been taken and is achieving the desired results or if management has assumed the
If an auditor’s preliminary evaluation of internal controls results in an observation that controls may be inadequate, the next step would be to:a. Expand audit work before the preparation of a final engagement communication.b. Prepare a flowchart depicting the internal control system.c. Note an
Why is an internal audit function well qualified to add value by providing insight through its consulting activities?
Which of the following would be a typical consulting engagement activity performed by the internal audit function?a. Testing compliance with accounts payable policies and procedures.b. Determining the scope of an engagement to test IT application controls.c. Reviewing and commenting on a draft of a
Explain how the internal audit function can maintain its independence while working with management to deploy improved risk management practices and improve the system of internal controls throughout the organization.
What are the differences between an assurance engagement and a consulting engagement?
Which of the following is not a required consideration regarding proficiency and due professional care when choosing to perform a consulting engagement?a. Availability of adequate skills and resources to conduct the engagement.b. Needs and expectations of the engagement customer.c. Cost of the
An internal audit function has agreed to conduct an advisory consulting engagement related to evaluating the efficiency of a process. During this engagement, an internal auditor identifies a control weakness that could be material to the company. Since a consulting engagement is between two
A large, international bank is considering outsourcing all facets of the human resources (HR) function, including recruiting, benefits, payroll, employee training and development, compensation, and information systems. Three potentially viable vendors have been identified. The internal audit
What are three types of consulting engagements the internal audit function can perform? Give an example of each.
Senior management of an organization has requested that the internal audit function help educate employees about internal control concepts. This work is an example of:a. An assurance engagement.b. A training consulting engagement.c. A facilitative consulting engagement.d. An advisory consulting
Describe a situation in which the internal auditor could be accused of having impaired objectivity while providing consulting services.
Emphasis in recent years has been placed on control testing to ensure controls are working effectively and efficiently, but emerging thought leadership indicates that the internal audit value proposition can best be accomplished through internal audit consulting services. The term "Trusted Advisor"
What is a blended engagement and when is it appropriate?
It would be appropriate for the internal audit function to perform which of the following:a. Design controls for a process.b. Develop a new whistleblower policy.c. Review a new IT application before implementation.d. Lead a process reengineering project.
Typically, an internal audit charter will determine the nature of services provided by an internal audit function. What are the benefits and drawbacks of developing a charter that does not expressly authorize the performance of consulting services?
What are the three ways potential consulting engagements are identified?
Which of the following is not likely to be a step during a consulting engagement?a. Understanding the objectives of a process.b. Assessing the risks in a process.c. Flowcharting the key steps in a process.d. Expressing a conclusion on the design adequacy and operating effectiveness of a process.
Why is it important for an internal audit function to assess the relevant risks before agreeing to conduct a consulting engagement? Consider risks to both the organization and the internal audit function in your answer.
How are consulting services addressed in the annual internal audit plan?
The chief operating officer (COO) has requested that the internal audit function advise her regarding a new incentive plan being developed for sales representatives. Which of the following tasks should the CAE decline with respect to providing advice to the COO?a. Researching and benchmarking
Can consulting engagements be structured to also provide assurance? Why or why not?
How does the internal audit function choose which consulting engagements to perform?
When conducting a consulting engagement to improve the efficiency of a production process, the internal audit team is faced with a scope limitation because several months of the production data has been lost or is incomplete. Faced with this scope limitation, the CAE should:a. Halt the consulting
For an organization going through an acquisition, would involvement by the internal audit function be considered an assurance or consulting activity? Explain your answer.
What are the three phases of an advisory consulting engagement?
The audit committee has requested that the internal audit function assist with the annual risk assessment process. What type of consulting engagement does this assistance represent?a. An assurance engagement.b. A training consulting engagement.c. A facilitative consulting engagement.d. An advisory
Describe the key steps an internal audit function should follow if asked to facilitate an enterprise risk assessment.
What steps are involved in:a. Planning an advisory consulting engagement?b. Performing an advisory consulting engagement?c. Communicating advisory consulting engagement outcomes?
A financial services organization is planning on staffing a complex consulting engagement that involves the consolidation of two large banking organizations, including changing many of the processes. Which of the following skills is the least important skill for auditors to possess in assisting in
Describe factors that might inhibit the internal audit function from becoming a trusted advisor. Include a discussion of what steps the internal audit function can take to reduce those inhibitors.
Why is it important to create and maintain robust working papers for a consulting engagement?
Internal auditors are working to become trusted advisors to management on risk management techniques. Which of the following would be the best way for internal audit to demonstrate they are truly a trusted advisor?a. Providing testing of key controls.b. Assisting management in developing procedures
Discuss what skills and training are most important for the internal audit function to be successful at consulting engagements.
How can the CAE educate management regarding the value of consulting services to the organization?
Which of the following areas of culture presents the greatest challenge for internal audit functions who want to become trusted advisors?a. Receiving approval to include consulting services in the internal audit charter.b. Educating all areas on the internal audit function’s role in performing
What capabilities must an internal audit function possess to provide value-adding consulting services?
Which of the following best describes internal audit workpapers for consulting engagements?a. Workpapers are not required for consulting engagements.b. Workpaper requirements for consulting engagements are similar to assurance engagements but typically have less documentation.c. Consulting
What specific skills are required of an internal auditor performing consulting engagements?
Which auditor will be the most successful in being perceived as a “Trusted Advisor”?a. One who audits using a checklist.b. One who best uses audit sampling techniques.c. One who ensures 100 percent compliance with all policies, procedures, and rules.d. One who collaborates with management to
What are some areas in which outside specialists may be needed to effectively perform consulting engagements? What are some examples of outside specialists who may be asked to assist in consulting engagements?
In which of the following scenarios do consulting services provided by the internal audit function prove to be most beneficial?a. An organization that is completely stable and has very little change.b. An organization that has frequent, significant change.c. An organization that wants to reduce the
What are some of the barriers to the internal audit function becoming a trusted advisor? What steps should the internal audit function take to best overcome those barriers?
What is the difference between a blended engagement and a consulting engagement?a. Blended engagements include components of both assurance and consulting services.b. Blended engagements take advantage of statistical sampling.c. A blended engagement always focuses on assurance services versus a
Why is it important for internal auditors to become “Trusted Advisors” on risk management techniques?
a. As stated in the chapter, all internal auditors need at least a baseline level of IT audit-related expertise.1. Identify six specific IT-related competencies (that is, knowledge and skills) that all entry-level internal auditors should possess.2. Discuss how a college student can begin to

Showing 500 - 600 of 1134

Internal Auditing Assurance & Advisory Services 4th Edition Urton L. Anderson, Michael J. Head, Sridhar Ramamoorti, Cris Riddle, Mark Salamasick, Paul J. Sobel - Solutions

Step by Step Answers