IIA-CRMA Online Practice Questions and Answers

The internal audit supervisor is reviewing the workpapers prepared by the staff. According to the Standards, which of the following statements regarding workpaper supervision is not true?

A. Review notes of questions that arise during the review process must be retained.

B. Dating and initialing each workpaper provides evidence of review.

C. Workpaper review allows for staff training and development.

D. Workpapers may be amended during the review process.

The results of an internal audit activity's (IAA) quality assurance and improvement program are favorable and an external assessment was completed within the last five years. Which of the following statements may the IAA use to describe its work?

A. "Completed with the advance certification of the External Assessors Association for Auditing Review."

B. "Conforms with the International Standards for the Professional Practice of Internal Auditing."

C. "Certified 100% accuracy, per the International Standards of External Assessment."

D. "Compliant with all domestic and international legal statutes, and certified quality assured for ten years."

Which of the following are components of the COSO enterprise risk management framework?

1.

Objective setting.

2.

External environment.

3.

Data collection.

4.

Control activities.

A. 1 and 3 only

B. 1 and 4 only

C. 2 and 3 only

D. 2 and 4 only

Which of the following audit techniques is used to evaluate control design while also embodying auditing's analytical process?

A. A risk and control matrix.

B. A flowchart.

C. A walk-through.

D. A process narrative.

When internal auditors are preparing workpapers for the testing stage of an engagement, which of the following guidelines should be observed?

1.

Include copies of all client files that were reviewed for the audit.

2.

Avoid the use of professional, industry-appropriate jargon and technical terms.

3.

Indicate the original sources of all data and information used in the workpapers.

4.

Leave blank space for cross-references to be completed during the post-audit process.

A. 1 and 2 only

B. 1 and 4 only

C. 2 and 3 only

D. 3 and 4 only

An internal auditor wants to sample data to test an audit theory in a cost-effective way. Which of the following sampling strategies should she use?

A. Statistical sampling only

B. Nonstatistical sampling only

C. A combination of both statistical and nonstatistical sampling.

D. Neither approach to testing the audit theory would be cost effective.

According to The IIA's Code of Ethics, which of the following actions violates the principle of confidentiality?

A. Accepting a consulting request in the IT department without possessing the requisite experience.

B. Providing personal tax preparation services for a fee for several employees during the lunch hour.

C. Providing a friend with the marketing strategic plan, which she will use to prepare her university thesis.

D. Agreeing to reword an observation to avoid the client complaining directly to the auditor's supervisor.

An internal auditor who is carrying out an engagement to review controls related to corporate tax reporting must possess which of the following competencies?

1.

Proficiency in analyzing key IT risks and controls.

2.

The ability to recognize significant deviations from good business practices.

3.

Knowledge of key indicators of fraud in tax reporting.

4.

The ability to recognize the existence of problems related to tax accounting.

A. 1 and 4 only.

B. 3 and 4 only.

C. 2, 3, and 4 only.

D. 1,2, 3, and 4.

What should the internal auditor's role be in assessing the organization's ethical climate?

A. Perform ongoing surveys of the employees, customers, and partners of the organization to assess the organization's ethical climate. ^Evaluate the effectiveness of the organization's strategies and B.

B. Processes for achieving the desired level of legal and ethical compliance.

C. Maintain a whistleblower hotline to identify inappropriate or illegal activity within the organization.

D. Perform background checks of potential new employees before they are hired by the organization.

According to IIA guidance, which of the following should be formally documented in the internal audit charter?

A. The internal audit activity's responsibility for imposing risk management processes.

B. The internal audit activity's responsibility for the organization's governance framework.

C. The nature of consulting services provided by the internal audit activity.

D. The budgeting process for the internal audit activity.

A large trucking organization wants to reduce traffic accidents by improving its system of internal controls. Which of the following controls is correctly classified?

1.

Review of speeding violations to identify repetitive locations and drivers is an example of a preventive control.

2.

Defensive driver training is an example of a directive control.

3.

The installation of tracking devices in delivery vehicles is an example of a corrective control.

4.

Providing a vehicle driver handbook is an example of a detective control.

A. 1 and 2.

B. 1 and 4.

C. 2 and 3.

D. 3 and 4.

Faced with a complex, highly technical construction audit engagement, the chief audit executive (CAE) considered complementing the current internal audit resources by engaging the services of a civil engineer.

Which of the following should the CAE consider in determining whether the engineer possesses the necessary skills to perform the engagement?

1.

Professional certification, license, or other recognition of the engineer's competence in the relevant discipline.

2.

Experience of the engineer in the type of work being considered.

3.

Compensation or other incentives that the engineer may receive.

4.

The extent of other ongoing services that the engineer may be performing for the organization.

A. 1 and 4 only

B. 2 and 3 only

C. 3 and 4 only

D. 1, 2, and 4 only

Which of the following is an activity that an internal auditor must not perform?

A. Establish and provide continuing assurance on an anti-money laundering program for new hires.

B. Survey employees for their understanding of anti-money laundering practices.

C. Provide assurance for the effectiveness of anti-money laundering training.

D. Assess the risk of being fined for ineffective anti-money laundering practices.

To fill a critical vacancy, an internal auditor is assigned temporarily to a nonaudit role in the purchasing department, where she worked previously before joining the internal audit activity. According to IIA guidance, which of the following statements is true regarding these circumstances?

A. The chief audit executive (CAE) should review all work performed by the auditor during her temporary assignment to ensure no impairments.

B. The CAE may conduct audits in the purchasing department during the auditor's temporary assignment.

C. The auditor should obtain the CAE's approval as to the nature and scope of the duties she is permitted to perform during her temporary assignment.

D. Any work performed by the auditor during her temporary assignment must conform to the internal audit charter.

A new internal audit activity is creating its first charter. According to IIA guidance, which of the following objectives would be appropriate for inclusion in the charter?

A. Continuously monitor the organization's overall risk activities in relation to its risk appetite.

B. Evaluate the adequacy and effectiveness of the organization's governance activities.

C. Oversee the establishment and administration of an effective risk management program.

D. Assist management in implementing recommended control improvements.