IIA-CIA-Part1 Exam Practice Test Instant Access

Question 1

Which of the following circumstances would most likely be considered a potential red flag for fraud by the internal audit activity?

AThe monthly payroll reports are not vetted to ensure terminated employees have been removed from the payroll system.

BThe volume of nonroutine journal entries has steadily increased over time.

CThe database of approved suppliers has not been reviewed in the last year.

DThe recent employee survey indicates that some employees remain unaware of the organization's whistleblower hotline.

Answer : B

An increase in nonroutine journal entries is a classic red flag for potential fraud, as such entries may be used to adjust financials inappropriately. IIA guidance identifies unusual patterns in financial transactions as significant indicators of potential fraud risks.

Question 2

During a payroll audit, a staff internal auditor suspects that signatures on some of the documents being sampled for examination are not authentic. Which of the following actions should the auditor take before proceeding with the examination?

ASuggest to the payroll manager that the suspicious documents should be sent to the organization's security department for forensic review.

BKeep the suspicious documents in the workpaper file until the end of the engagement, and then discuss the suspicions with the payroll manager.

CDiscuss the suspicious documents with payroll staff to seek their views on the authenticity of the signatures.

DReview the suspicious documents with the chief audit executive and seek advice concerning further examination.

Answer : D

The best course of action is for the internal auditor to consult with the chief audit executive (CAE) regarding the suspicious documents. This step aligns with IIA standards, which advise consulting senior audit leaders in cases of potential fraud to ensure proper investigation and avoid alerting those who might be involved.

Question 3

According to IIA guidance, which of the following statements is true of assurance services provided by the internal audit activity?

AInternal auditors cannot assess an operation for which they were responsible within the previous year.

BManagement of the area under review must agree with the engagement objectives, scope, and techniques.

CThe engagement results will vary in form and content depending upon the needs and wishes of the engagement client.

DThe only parties involved in the engagement are the internal auditor and management of the area under review.

Answer : A

IIA standards require that internal auditors avoid engagements in areas where they recently held operational responsibility, typically within a one-year period, to maintain independence and objectivity.

Question 4

An internal auditor is reviewing employee travel expenses from the previous six months for fraud. Which of the following tests would best detect instances where personal travel has been claimed?

AVerifying whether claims have been properly authorized for payment.

BVerifying whether claims are properly supported by invoices or other documents.

CConfirming that all claims are within the limits of the organization's travel policy.

DReconciling claims against business trip requests that were approved by supervisors.

Answer : D

Reconciling claims with business trip requests approved by supervisors is effective in detecting unauthorized or personal travel claims, as it ensures travel expenses align with actual business needs, per IIA guidelines on fraud detection and control validation.

Question 5

Which of the following statements is true regarding external quality assessments?

AThey can be performed by self-assessment with independent external validation, but they must be performed every three years.

BWhen a new chief audit executive (CAE) is appointed, an external quality assessment should be undertaken during the CAE's first year of office.

CAn external quality assessment must be conducted at least once every five years by a qualified, independent assessor or assessment team.

DAn external assessment by a qualified professional from outside of the organization can be performed in place of an internal assessment.

Answer : C

IIA standards require that external quality assessments be conducted at least once every five years by an independent assessor. This ensures adherence to quality standards and strengthens the objectivity of the internal audit function.

Question 6

Which of the following is an example of computer forensic auditing?

ATesting compliance with policies that define acceptable computer use.

BAssessing controls over allocation of IT assets in a specific location.

CRecovering deleted communications and emails.

DLogging targeted cybersecurity events on the organization's network.

Answer : C

Computer forensic auditing is the process of collecting and analyzing digital evidence from electronic devices, such as computers, mobile phones, or tablets2.The purpose of computer forensic auditing is to investigate and resolve cases involving cybercrime, fraud, or other illegal or unethical activities3.One of the examples of computer forensic auditing is recovering deleted communications and emails, which can help to reveal the identity, motive, or modus operandi of the perpetrators or suspects4.

1: Forensic Audit Guide - Definition, Steps, Reasons3, p.22: What Is Computer Forensics?Types, Techniques, and Careers2, p.13: What Is a Forensic Audit, How Does It Work, and What Prompts It?5, p.14: IT Audit & Digital Forensics: How to use an IT audit to prepare for a computer forensics investigation6, p. 1

Question 7

Which of the following would the internal audit activity do first if fraud is suspected during an audit engagement?

AInterview the employees who may be implicated in the fraud.