1. In determining whether risk management processes are effective in an organization, Internal Audit assesses that all of the following are present except

-Organizational objectives support and align with the organization's mission

-Significant risks are identified and assessed

-The process is formally approved by the chief audit executive before implementation

-Appropriate risk responses are selected that align risks with the organization's risk appetite

2. Once an internal auditor is able to determine how a fraud took place, he/she should assess the facts to do all of the following except:

-Immediately report the fraud to the police or law enforcements

-Determine why the system of internal control did not prevent or detect the fraud

-Design suitable audit tests to help locate the existence of similar fraud in the future

-Advise other internal auditors within the company to be alert to this type of fraud

3. Both internal and external auditors certify that the financial statements present fairly, in all material respects, the financial position of the Company. True or False?

4. All publicly traded companies in the United States are legally mandated to follow COSO ERM framework in their risk assessment processes. True or False?

5. Receiving Stock Options by a Chief Audit Executive is specifically prohibited by IIA Code of Ethics. True or False?