The primary reason that a bank would maintain a separate compliance function is to:

A.

Better manage perceived high risks.

B.

Strengthen controls over the bank's investments.

C.

Ensure the independence of line and senior management.

D.

Better respond to shareholder expectations.

An auditor plans to analyze customer satisfaction,including. (1) customer complaints
recorded by the customer service department during the last three months; (2)
merchandise returned in the last three months; and (3) responses to a survey of customers
who made purchases in the last three months.
Which of the following statements regarding this audit approach is correct?

A.

Although useful,such an analysis does not address any risk factors.

B.

The survey would not consider customers who did not make purchases in the last three months.

C.

Steps 1 and 2 of the analysis are not necessary or cost-effective if the customer survey is comprehensive.

D.

Analysis of three months' activity would not evaluate customer satisfaction.

Which of the following would not be a factor for senior management to consider when
determining the internal audit activity's role in an organization's risk management process?

A.

 The extent to which the internal audit activity is outsourced.

B.

 The maturity level of risk management practices in the organization.

C.

 The competency of the internal auditors in risk management.

D.

 The nature of the business and the environment in which the organization operates.

Which of the following internal control weaknesses would an auditor most likely detect
while reviewing a flowchart that depicts the purchasing function of an organization?

A.

Purchasing policies have not been updated.

B.

The organization is not taking advantage of quantity discounts available from its suppliers.

C.

Payments for goods received have not been authorized at the appropriate level.

D.

Payments to suppliers are made before goods are received.

Which of the following steps would not be included in a program of selecting and
developing human resources for an internal audit department?

A.

Scheduling periodic meetings with individual auditors,during which the chief audit
executive provides counsel regarding each auditor's performance and professional career development.

B.

Establishing an internal review team to assess the auditors' and audit department's
compliance with standards,level of audit effectiveness,and compliance with departmental policy.

C.

Developing specific job descriptions for audit staff,audit managers,and other auditing positions.

D.

Establishing in-house training programs and requiring continuing education for audit staff.

In order to exercise due professional care as defined in the International Professional
Practices Framework,an internal auditorshould:
I.Consider the probability of significant noncompliance in each audit engagement.
II.Perform assurance procedures with sufficient care to ensure that all risks are identified.
III.Weigh the cost of assurance against the benefits.

A.

I and IIonly

B.

I and IIIonly

C.

II and IIIonly

D.

I,II,and III.

Inadequate risk assessment would have the strongest negative impact in which of the
following phases of an audit engagement?

A.

Determining the scope.

B.

Reviewing internal controls.

C.

 Testing.

D.

 Evaluating findings.

Which of the following would provide the most reliable information on the risk associated
with an auditable activity?

A.

Event scenarios with regression analysis.

B.

Past audit findings and instances of management failures.
 

C.

Consequences and economic predictability of loss.

D.

Management assessment and corroboration by the internal audit activity.

Fraud is most frequently detected by:

A.

Following up on tips from employees or citizens.

B.

Following up on analytical review of high-risk areas.

C.

Performing periodic reconciliations over cash and other assets.

D.

Performing unannounced audits or reviews of programs or departments.

According to the International Professional Practices Framework,internal auditors should
possess which of the following competencies?
I.Proficiency in applying internal auditing standards,procedures,and techniques.
II.Proficiency in accounting principles and techniques.
III.An understanding of management principles.
IV.An understanding of the fundamentals of economics,commercial
law,taxation,finance,and quantitative methods.

A.

Ionly

B.

IIonly

C.

I and IIIonly

D.

I,III,and IVonly

In publicly held companies,management often requires the internal audit activity's
involvement with quarterly financial statements that are made public and used internally.
Which of the following is generally not a reason for such involvement?

A.

Management may be concerned about its reputation in the financial markets.

B.

Management may be concerned about potential penalties that could occur if quarterly
financial statements are misstated.

C.

The Standards state that internal auditors should be involved with reviewing quarterly
financial statements.

D.

Management may perceive that having quarterly financial information examined by the
internal auditors enhances its value for internal decision making.

During the planning phase of an audit of suspected overbilling on contracts for security
services,an auditor should perform all of the following except:

A.

Interviewing an official of the security services company to determine the cause of
recent increases in billings for services.

B.

Interviewing the manager who requested the audit engagement.

C.

  Obtaining a copy of the contract between the two organizations.

D.

Preparing an engagement program.