Upgrade to remove ads
Chapter 9: Managing the Internal Audit Function
Terms in this set (8)
1. Per IIA Standards, internal audit functions must establish:
a. Internal quality assurance and improvement program assessments.
b. External quality assurance and improvement program assessments.
c. Both internal and external quality assurance and improvement program assessments.
d. Neither internal nor external quality assurance and improvement program assessments.
1. C is the best answer. Standard 1300: Quality Assurance and Improvement Program states that "the chief audit executive must develop and maintain a quality assurance and improvement program that covers all aspects of the internal audit activity." Standard 1310: Requirements of the Quality Assurance and Improvement Program, Standard 1311: Internal Assessments, and Standard 1312: External Assessments detail the specific requirements for IIA Standard 1300 by specifying that internal audit functions must establish both internal assessment and external assessment procedures.
2. Senior management has requested that the internal audit function perform an operational review of the telephone marketing operations of a major division and recommend procedures and policies for improving management control over the operation. The internal audit function should: a. Accept the audit engagement because independence would not be impaired. b. Accept the engagement, but indicate to management that recommending controls would impair audit independence so that management knows that future audits of the area would be impaired. c. Not accept the engagement because internal audit functions are presumed to have expertise on accounting controls, not marketing controls. d. Not accept the engagement because recommending controls would impair future objectivity of the department regarding this client.
2. A is the best answer. This engagement would not impair the function's independence. Making recommendations on the design or enhancement of internal control activities is a responsibility of the internal audit function. It is management's responsibility to implement and own controls.
3. Who is ultimately responsible for determining that the objectives for an internal audit engagement have been met?
a. The individual internal audit staff member.
b. The CAE.
c. The audit committee.
d. The internal audit engagement supervisor.
3. B is the best answer. The CAE is ultimately responsible for determining whether the objectives of an internal audit engagement have been successfully achieved. The CAE is pivotal to a successful internal audit function. As explained by the interpretation to Standard 2000: Managing the Internal Audit Activity, the CAE is responsible for properly managing the internal audit activity so that:
• "The results of the internal audit activity's work achieve the purpose and responsibility included in the internal audit charter;
• The internal audit activity conforms with the Definition of Internal Auditing and the Standards; and
• The individuals who are part of the internal audit activity demonstrate conformance with the Code of Ethics and the Standards.
4. Which of the following is the best reason for the CAE to consider the organization's strategic plan in developing the annual internal audit plan?
a. To emphasize the importance of the internal audit function to the organization.
b. To make recommendations to improve the strategic plan.
c. To ensure that the internal audit plan supports the overall business objectives.
d. To provide assurance that the strategic plan is consistent with the organization's values.
4. C is the best answer. Even though the other choices have merit, the primary reason for the internal audit function to consider the organization's strategic plan when developing the annual audit plan is to ensure that internal audit efforts align with and support the overall business objectives of the organization.
5. The Standards requires policies and procedures to guide the internal audit staff. Which of the following statements is false with respect to this requirement?
a. A small internal audit function may be managed informally through close supervision and written memos.
b. Formal administrative and technical audit manuals may not be needed by all internal audit functions.
c. The CAE should establish the function's policies and procedures. d. All internal audit functions should have a detailed policies and procedures manual.
5. D is the best answer. It is important for the internal audit function to establish policies and procedures to guide the internal audit staff. However, substance is much more important than form. As a result, it is not necessary for these policies and procedures to be codified into a formal manual, but it is important for them to be established and effectively communicated to the staff in a way that is consistent with the size and complexity of the internal audit function.
6. When conducting a consulting engagement to improve the efficiency and quality of a production process, the audit team is faced with a scope limitation because several months of the production data have been lost or are incomplete. Faced with this scope limitation, the CAE should:
a. Resign from the consulting engagement and conduct an audit to determine why several months of data are not available.
b. Discuss the problem with the customer and together evaluate whether the engagement should be continued.
c. Increase the frequency of auditing the activity in question.
d. Communicate the potential effects of the scope limitation to the audit committee.
6. B is the best answer. When planning and performing a consulting engagement, the scope and engagement objectives are defined and agreed upon with the customer. As a result, the CAE should discuss the scope limitation with the customer and together evaluate whether the engagement should continue. For an assurance engagement, the scope limitation would need to be evaluated for impact on the internal audit function's ability to achieve the defined engagement objective. If it is concluded that the problem makes the assurance engagement objectives unachievable, the engagement should be terminated and the scope limitation should be communicated to both management and the audit committee.
7. Which of the following is not a responsibility of the CAE?
a. To communicate the internal audit function's plans and resource requirements to senior management and the board for review and approval.
b. To oversee the establishment, administration, and assessment of the organization's system of internal controls and risk management processes.
c. To follow up on whether appropriate management actions have been taken on significant issues cited in internal audit reports.
d. To establish a risk-based plan to accomplish the objectives of the internal audit function consistent with the organization's goals.
7. B is the best answer. All are responsibilities of the CAE as defined by the Standards except for overseeing the establishment, administration, and assessment of the organization's system of internal controls and risk management processes, which is management's responsibility.
8. The Standards requires the CAE to share information and coordinate activities with other internal and external providers of assurance services. With regard to the independent outside auditor, which of the following would not be an appropriate way for the CAE to meet this requirement?
a. Holding a meeting between the CAE and the independent outside audit firm's partner to discuss the upcoming audit of the financial statements.
b. Providing the independent outside auditor with access to the working papers for an audit of third-party contractors.
c. Requiring the independent outside auditor to have the CAE's approval of their annual audit plan for conducting the financial statement audit.
d. Requesting that the internal audit function receive a copy of the independent outside auditor's management letter.
8. C is the best answer. It is appropriate for the CAE to request a copy of the external audit plan for conducting the financial statement audit to assist in planning the annual internal audit plan, but it is not appropriate for the CAE to approve the external audit plan. That could impair the independence and objectivity of the independent outside auditor's work.
THIS SET IS OFTEN IN FOLDERS WITH...
Chapter 12: Introduction to the Engagement Process
Chapter 11: Audit Sampling
Chapter 1: Introduction to Internal Auditing
YOU MIGHT ALSO LIKE...
Chapter 9 Internal Audit Homework
Internal Auditing Chapter 9
Internal Audit EXAM 1 - CIA 1 & 2 Q's
Internal Audit Ch. 9
OTHER SETS BY THIS CREATOR
Chapter 10: Audit Evidence and Working Papers
Chapter 13: Conducting the Assurance Engagement
Chapter 14: Communicating Assurance Engagement Out…