[Free] Download New Updated (October 2016) IIA IIA-CIA-Part2 Real Exam 331-340

Ensurepass

QUESTION 331

A payroll clerk enters payroll transactions into the general ledger. The staff accountant reconciles the payroll ledgers. The payroll manager issues the manual payroll checks. The checks are maintained in a locked cabinet. The chief financial officer secures the keys to the cabinet. The payroll clerk distributes the manual checks. The payroll manager reconciles the bank statements monthly. Which of the following audit steps best addresses the risk of fraud in the payroll process?

 

A.

Examine whether the payroll manager approves the reconciliations of ledgers.

B.

Determine whether an approved list of voided checks exists.

C.

Determine whether the cabinet keys are secured properly.

D.

Vouch a sample of items on bank reconciliations to supporting documentation.

 

Correct Answer: D

 

 

QUESTION 332

Which two of the following considerations must an internal auditor take into account while planning an audit of an accounting system/application that has been in use for the last five years?

 

1. The level and manner of linkages between the business’ mission, objectives, and structure and the accounting system/application.

 

2. Presence or absence of computerized and manual controls that address risks.

 

3. Identification of risks at the application level, e.g. availability and security of the system.

 

4. Testing of the system/application for bugs and errors.

 

A.

1 and 3 only

B.

2 and 3 only

C.

2 and 4 only

D.

3 and 4 only

 

Correct Answer: B

 

 

QUESTION 333

When establishing the internal audit activity’s annual plan, which of the following would be the best source of potential audit engagement topics?

 

A.

The organization’s budget.

B.

Operations involving cash transactions.

C.

Recent changes in management objectives.

D.

Risk factors utilized in the organization’s risk models.

 

Correct Answer: C

 

 

 

 

QUESTION 334

According to the Standards, which of the following control strategies would be the most effective in helping to prevent fraud?

 

A.

Have employees annually sign a code of conduct requiring that they report any known violations.

B.

Implement a whistleblower hotline where individuals can make anonymous phone calls to report fraudulent activities.

C.

Provide periodic fraud awareness training to employees and test their understanding of the training through online surveys.

D.

Conduct routine employee surveys to solicit their knowledge of fraud and unethical behavior within the organization.

 

Correct Answer: C

 

 

QUESTION 335

According to the International Professional Practices Framework, the responsibility for establishing and maintaining a system to monitor the disposition of results communicated to management falls upon:

 

A.

Compliance officer.

B.

Chief audit executive.

C.

Senior management.

D.

Risk manager.

 

Correct Answer: B

 

 

QUESTION 336

If the chief audit executive believes that senior management has accepted a level of residual risk that is unacceptable to the organization, they should:

 

A.

Accept the decision of senior management as they are ultimately responsible for risk management.

B.

Report the concern directly to the board.

C.

Discuss the concern with management and if not resolved, escalate it to the board.

D.

Disclose the issue in the audit report when auditing the area where the risk was identified.

 

Correct Answer: C

 

 

QUESTION 337

An internal auditor has been asked to participate in an advisory capacity to assist a committee in redesigning the organization’s current financial reports to provide better information to management and the board. Which of the following actions on the part of the auditor would provide the greatest value to this project?

 

A.

The internal auditor has a set of generic report templates from a former project and presents them to the group because they worked so well for the previous employer.

B.

The internal auditor interviews each stakeholder and documents the requirements and preferences of each and creates a report template that meets as many of the requirements and preferences as possible.

C.

The internal auditor gathers the stakeholder group and holds a brainstorming session where they generate report requirements and preferences and then rank them in order of importance.

D.

The internal auditor undertakes a project to gather report templates and formats from other organizations in the same line of business and presents them all to the group for review.

 

Correct Answer: C

 

 

QUESTION 338

The chief audit executive (CAE) decided that based on management’s oral response, the action taken on an audit observation for a minor improvement in the client’s process is sufficient and no further follow-up is necessary. Which of the following would be the best statement regarding the action of the CAE?

 

A.

The CAE action is not acceptable, as a follow-up audit is needed to ensure that action is really taken by management.

B.

The CAE action is not acceptable, as follow-up on the issue is critical until a written response is obtained from management.

C.

The CAE action is acceptable as long as the follow-up is sufficient when weighed against the relative importance of the recommendation.

D.

The CAE action is acceptable as long as the issue has been escalated to the board to get their position on the issue.

 

Correct Answer: C

 

 

QUESTION 339

While developing a risk based audit plan, which of the following sources of information would provide the least value to the chief audit executive?

 

A.

Results from the organization’s business process management program.

B.

User acceptance testing of the organization’s enterprise resource planning application.

C.

Risk assessments conducted by the board.

D.

Key business strategies adopted by the organization in the strategic plan.

 

Correct Answer: B

 

 

QUESTION 340

The chief audit executive (CAE) notes that management has adopted the option of not taking action on an audit issue involving a sizeable risk which has been accepted in the past. Which would be an appropriate action by the CAE?

 

A.

Close the issue by noting that follow-up will be completed as part of the next engagement.

B.

Discuss the matter with management to determine a resolution.

C.

Accept management’s decision as the same risk has been accepted in the past.

D.

Report the situation to the board for immediate resolution.

 

Correct Answer: B

 

Free VCE & PDF File for IIA IIA-CIA-Part2 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP

This entry was posted in IIA-CIA-Part2 Actual Test (October 2016) and tagged , , , , , , , . Bookmark the permalink.