CIA-I : IIA Certified Internal Auditor Part 1 (Essentials of Internal Auditing CIA Part 1) Exam

CIA-I Dumps
CIA-I Braindumps
CIA-I Real Questions
CIA-I Practice Test
CIA-I Actual Questions


Financial
CIA-I
Certified Internal Auditor (CIA)
https://killexams.com/pass4sure/exam-detail/CIA-I
QUESTION: 225
To identify those components of a telecommunications system that present the greatest
risk, an internal auditor should first
A. Review the open systems interconnect network model.
B. Identify the network operating costs.
C. Determine the business purpose of the network.
D. Map the network software and hardware products into their respective layers.
Answer: C
QUESTION: 226
An auditor plans to analyze customer satisfaction, including (1) customer complaints
recorded by the customer service department during the last three months; (2)
merchandise returned in the last three months; and (3) responses to a survey of
customers who made purchases in the last three months. Which of the following
statements regarding this audit approach is correct?
A. Although useful, such an analysis does not address any risk factors.
B. The survey would not consider customers who did not make purchases in the last
three months.
C. Steps 1 and 2 of the analysis are not necessary or cost-effective if the customer
survey is comprehensive.
D. Analysis of three months' activity would not evaluate customer satisfaction.
Answer: B
QUESTION: 227
When internal auditors provide consulting services, the scope of the engagement is
primarily determined by
A. Internal auditing standards.
B. The audit engagement team.
C. The engagement client.
D. The internal audit activity's charter.
Answer: C
QUESTION: 228
An internal auditor is assigned to conduct an audit of security for a local area network
(LAN) in the finance department of the organization. Investment decisions, including
the use of hedging strategies and financial derivatives, use data and financial models
which run on the LAN. The LAN is also used to download data from the mainframe to
assist in decisions. Which of the following should be considered outside the scope of
this security audit engagement?
A. Investigation of the physical security over access to the components of the LAN.
B. The ability of the LAN application to identify data items at the field or record level
and implement user access security at that level.
C. Interviews with users to determine their assessment of the level of security in the
system and the vulnerability of the system to compromise.
D. The level of security of other LANs in the company which also utilize sensitive data.
Answer: D
QUESTION: 229
At the beginning of fieldwork in an audit of investments, an internal auditor noted that
the interest rate had declined significantly since the engagement work program was
created. The auditor should
A. Proceed with the existing program since this was the original scope of work that was
approved.
B. Modify the audit program and proceed with the engagement.
C. Consult with management to verify the interest rate change and proceed with the
engagement.
D. Determine the effect of the interest rate change and whether the program should be
modified.
Answer: D
QUESTION: 230
Which of the following measurements could an auditor use in an audit of the efficiency
of a motor vehicle inspection facility?
A. The total number of cars approved.
B. The ratio of cars rejected to total cars inspected.
C. The number of cars inspected per inspection agent.
D. The average amount of fees collected per cashier.
Answer: C
QUESTION: 231
A bakery chain has a statistical model that can be used to predict daily sales at
individual stores based on a direct relationship to the cost of ingredients used and an
inverse relationship to rainy days. What conditions would an auditor look for as an
indicator of employee theft of food from a specific store?
A. On a rainy day, total sales are greater than expected when compared to the cost of
ingredients used.
B. On a sunny day, total sales are less than expected when compared to the cost of
ingredients used.
C. Both total sales and cost of ingredients used are greater than expected.
D. Both total sales and cost of ingredients used are less than expected.
Answer: B
QUESTION: 232
Which of the following procedures would provide the best evidence of the effectiveness
of a credit-granting function?
A. Observe the process.
B. Review the trend in receivables write-offs.
C. Ask the credit manager about the effectiveness of the function.
D. Check for evidence of credit approval on a sample of customer orders.
Answer: B
QUESTION: 233
An organization has developed a large database that tracks employees, employee
benefits, payroll deductions, job classifications, and other similar information. In order
to test whether data currently within the automated system are correct, an auditor should
A. Use test data and determine whether all the data entered are captured correctly in the
updated database.
B. Select a sample of data to be entered for a few days and trace the data to the updated
database to determine the correctness of the updates.
C. Use generalized audit software to provide a printout of all employees with invalid job
descriptions. Investigate the causes of the problems.
D. Use generalized audit software to select a sample of employees from the database.
Verify the data fields.
Answer: D
QUESTION: 234
Senior management at a financial institution has received allegations of fraud at its
derivatives trading desk and has asked the internal audit activity to investigate and issue
a report concerning the allegations. The internal audit activity has not yet developed
sufficient proficiency regarding derivatives trading to conduct a thorough fraud
investigation in this area. Which of the following courses of action should the chief
audit executive (CAE) take to comply with the Standards?
A. Engage the former head of the institution's derivatives trading desk to perform the
investigation and submit a report with supporting documentation to the CAE.
B. Request that senior management allow a delay of the fraud investigation until the
internal audit activity's on-staff certified fraud examiner is able to obtain the appropriate
training regarding the analysis of derivatives trading.
C. Request that senior management exclude the internal audit activity from the
investigation completely and instead contract with an external certified fraud examiner
with derivatives experience to perform all aspects of the investigation and subsequent
reporting.
D. Contract with an external certified fraud examiner with derivatives experience to
perform the investigation and subsequent reporting, with the chief audit executive
approving the scope of the investigation and evaluating the adequacy of the work
performed.
Answer: D
QUESTION: 235
According to the International Professional Practices Framework, internal auditors
should possess which of the following competencies?
I. Proficiency in applying internal auditing standards, procedures, and techniques.
II. Proficiency in accounting principles and techniques.
III. An understanding of management principles.
IV. An understanding of the fundamentals of economics, commercial law, taxation,
finance, and quantitative methods.
A. I only.
B. II only.
C. I and III only.
D. I, III, and IV only.
Answer: D
QUESTION: 236
Which of the following are acceptable resources for a chief audit executive to use when
developing a staffing plan?
I. Co-sourcing arrangements.
II. Employees from other areas of the organization.
III. The organization's external auditors.
IV. The organization's audit committee members.
A. I only.
B. I and II only.
C. II and IV only.
D. I, II, and IV only.
Answer: B
QUESTION: 237
Which of the following would be a violation of the IIA Code of Ethics?
A. Reporting information that could be damaging to the organization, at the request of a
court of law.
B. Including an issue in the final audit report after management has resolved the issue.
C. Participating in an audit engagement for which the auditor does not have the
necessary experience or training.
D. Accepting a gift that is a commercial advertisement available to the public.
Answer: C
QUESTION: 238
Which of the following is not an appropriate objective for a quality assurance and
improvement program?
A. Continually monitor the internal audit activity's effectiveness.
B. Assure conformance with the Standards and Code of Ethics.
C. Perform an internal assessment at least once every five years.
D. Communicate the results of quality assessments to the board.
Answer: C
QUESTION: 239
According to the International Professional Practices Framework, which of the
following is true with respect to the different roles in the risk management process?
I. Boards have an oversight role.
II. Acceptance of residual risks can reside with the chief audit executive.
III. The board can delegate the operation of the risk management framework to the
management team.
IV. The internal audit activity's role can range from having no responsibilities to
managing and coordinating the process.
A. I only.
B. II and IV only.
C. I, III, and IV only.
D. I, II, III, and IV.
Answer: C
QUESTION: 240
Which of the following types of risk factors are used within risk models to establish the
priority of internal audit engagements?
I. Management competence.
II. Quality of internal controls.
III. Audit staff experience.
IV. Regulatory requirements.
A. II only.
B. I, II, and III only.
C. I, II, and IV only.
D. I, III, and IV only.
Answer: C
QUESTION: 241
Which of the following is not an appropriate type of coordination between the internal
audit activity and regulatory auditors?
A. Regulatory auditors share their perspective on risk management, control, and
governance with the internal auditors.
B. Internal auditors perform fieldwork at the direction of the regulatory auditors.
C. Internal auditors review copies of regulatory reports in planning related internal
engagements.
D. Regulatory and internal auditors exchange information about planned activities.
Answer: B
QUESTION: 242
An organization's accounts payable function improved its internal controls significantly
after it received an unsatisfactory audit report. When planning a follow-up audit of the
function, what level of detection risk should be expected if the audit and sampling
procedures used are unchanged from the prior audit?
A. Detection risk is lower because control risk is lower.
B. Detection risk is lower because control risk is higher.
C. Detection risk is higher because control risk is lower.
D. Detection risk is unchanged although control risk is lower.
Answer: D
QUESTION: 243
Which of the following is an appropriate role for the board in governance?
A. Preparing written organizational policies that relate to compliance with laws,
regulations, ethics, and conflicts of interest.
B. Ensuring that financial statements are understandable, transparent, and reliable.
C. Assisting the internal audit activity in performing annual reviews of governance.
D. Working with the organization's attorneys to develop a strategy regarding current
litigation, pending litigation, or regulatory proceedings governance.
Answer: B
QUESTION: 244
According to the International Professional Practices Framework, which of the
following are allowable activities for an internal auditor?
I. Advocating the establishment of a risk management function.
II. Identifying and evaluating significant risk exposures during audit engagements.
III. Developing a risk response for the organization if there is no chief risk officer.
IV. Benchmarking risk management activities with other organizations.
V. Documenting risk mitigation strategies and techniques.
A. IV and V only.
B. I, II, and III only.
C. I, II, IV, and V only.
D. II, III, IV, and V only.
Answer: C
QUESTION: 245
According to the International Professional Practices Framework, which of the
following should be stated in the internal audit charter?
I. Authorization for access to records.
II. The internal audit activity's position within the organization.
III. The relationship between the internal audit activity and the board.
IV. The scope of internal audit activities.
A. I and IV only.
B. II and III only.
C. I, II, and IV only.
D. I, II, III, and IV.
Answer: C
QUESTION: 246
Which of the following is not an appropriate role for internal auditors after a disaster
occurs?
A. Monitor the effectiveness of the recovery and control of operations.
B. Correct deficiencies of the entity's business continuity plan.
C. Recommend future improvements to the entity's business continuity plan.
D. Assist in the identification of lessons learned from the disaster and the recovery
operations.
Answer: B
QUESTION: 247
Which component is the foundation of the COSO internal control framework?
A. Risk assessment.
B. Control environment.
C. Control activities.
D. Monitoring.
Answer: B
QUESTION: 248
Which of the following best describes the underlying premise of the COSO enterprise
risk management framework?
A. Management should set objectives before assessing risk.
B. Every entity exists to provide value for its stakeholders.
C. Policies are established to ensure that risk responses are performed effectively.
D. Enterprise risk management can minimize the impact and likelihood of unanticipated
events.
Answer: B
QUESTION: 249
Which of the following is an example of sharing risk?
A. An organization redesigned a business process to change the risk pattern.
B. An organization outsourced a portion of its services to a third-party service provider.
C. An organization sold an unprofitable business unit to its competitor.
D. In order to spread total risk, an organization used multiple vendors for critical
materials.
Answer: B
QUESTION: 250
A records management system is an example of what type of control?
A. Preventive.
B. Detective.
C. Corrective.
D. Directive.
Answer: A
QUESTION: 251
Which of the following procedures is not a step that an auditor would perform when
planning an audit of an organization?
A. Obtaining detailed knowledge about the organization.
B. Obtaining a management representation letter.
C. Assessing the audit risk of the organization.
D. Having discussions with the organization's management team.
Answer: B
QUESTION: 252
Which of the following risk assessment tools would best facilitate the matching of
controls to risks?
A. Control matrix.
B. Internal control questionnaire.
C. Control flowchart.
D. Program evaluation and review technique (PERT) analysis.
Answer: A
QUESTION: 253
Which of the following factors should be considered when determining the staff
requirements for an audit engagement?
I. The internal audit activity's time constraints.
II. The nature and complexity of the area to be audited.
III. The period of time since the area was last audited.
IV. The auditors' preference to audit the area.
V. The results of a preliminary risk assessment of the activity under review.
A. I and IV only.
B. I, II, and V only.
C. II, III, and V only.
D. I, II, III, IV, and V.
Answer: B

User: Luciana***** I used a mix of books and my own experience to prepare for the cia-i exam, but it was the Killexams.com Questions and Answers and Exam Simulator that proved to be the most helpful. The questions were accurate and appeared on the actual exam, and I passed with a score of 89% one month ago. If someone tells you that the cia-i exam is difficult, believe them! But with the help of Killexams.com, you can pass with ease.

User: Svyatopo***** In the past, I never thought I would be able to pass the cia-i exam. However, after taking the cia-i practice test on Killexams.com, I realized that their online services and material are the best. I passed the exam on my first attempt, and when I told my friends about it, they also started using Killexams.com for their exam preparations. It was the best experience ever, and I am grateful for it.

User: Rodina***** I have to admit that selecting Killexams.com was one of the best decisions I made while preparing for the cia-i exam. Their practice questions and simulations are so well designed that individuals can raise their bar by the time they reach the last simulation exam. I appreciate their efforts and sincerely thank them for helping me pass the exam. Keep up the good work, Killexams.com!

User: Maiya***** Joining killexams.com was the best decision I made on my journey towards the CIA-I certification. I was excited to be able to pass the exam and be the first in my company with this qualification. Thanks to the materials on this website, I passed my CIA-I exam and made everyone proud. I highly recommend that any student who wants to experience the same feeling should give killexams.com a try.

User: Sima***** In short, the killexams.com Questions and Answers provided me with the necessary support to prepare for the cia-i exam, which helped me pass the test with flying colors. The answers were explained in simple language, making it easier for me to understand, memorize, and apply them during the exam. I highly recommend killexams.com to anyone preparing for an exam.

---