IIA IIA-IAP Übungsprüfungen
Zuletzt aktualisiert am 24.04.2025- Prüfungscode: IIA-IAP
- Prüfungsname: Internal Audit Practitioner
- Zertifizierungsanbieter: IIA
- Zuletzt aktualisiert am: 24.04.2025
During a procurement process consulting engagement, the internal auditors reviewed contracts for the hospital’s supply of medicine.
Which of the following would the internal auditors most likely recommend to improve the effectiveness of the procurement process?
- A . The procurement process should begin with clearly specified needs.
- B . The procurement process must be comprehensively documented.
- C . Only qualified procurement professionals should manage the procurement process.
Which of the following is the best audit procedure to determine whether all of a bank’s loans are backed by sufficient collateral, properly aged as to current payments, and properly categorized as current or noncurrent?
- A . Use generalized audit software to read the total loan file, age the file by last payment due, and select a statistical sample stratified by the current and aged population. Examine each loan selected for proper collateralization and aging.
- B . Select a block sample of all loans in excess of a specified dollar limit and determine whether they are current and properly categorized. For each loan approved, verify aging and categorization.
- C . Select a discovery sample of all loan applications to determine whether each application contains a statement of collateral.
Which of the following best describes the difference between inherent risk and residual risk?
- A . Inherent risk is the level of risk before the risk assessment process, residual risk is the level of risk remaining after completing the risk assessment process.
- B . Inherent risk is the level of risk the organization is willing to accept, residual risk is the level of risk deemed unacceptable by the organization.
- C . Inherent risk is the level of risk in the absence of any targeted actions or controls to alter its severity, residual risk is the risk remaining after implementing corrective actions.
An internal auditor wants to use computerized audit tools and techniques.
Which of the following is a common obstacle that the auditor is likely to face?
- A . Difficulty obtaining access privileges to relevant and reliable data.
- B . A lack of specialist IT skills needed to use the tools.
- C . Difficulty getting the requisite IT personnel to conduct the tests.
An internal auditor is planning a business continuity audit engagement at a remote manufacturing plant. During planning interviews, the plant manager stated that the local Environmental, Health, and Safety (EHS) Department, which reports to the plant manager, had completed a similar review six months ago. The EHS review did not find any significant weaknesses.
How should the internal auditor consider the EHS review results in the current audit engagement planning?
- A . Ignore the EHS review results, as the department is not a reliable source of information due to its lack of objectivity and independence.
- B . Recommend canceling the audit engagement, as it would be a duplication of effort to revisit the same process already reviewed by EHS.
- C . Evaluate the objectivity and competency of the EHS reviewers and their work to determine whether their review results may be relied upon.
According to IIA guidance, which of the following is the primary criterion that should determine the extent of supervision required for an audit engagement?
- A . The number of hours approved by the board for that engagement.
- B . The proficiency of the internal auditors and the complexity of the engagement.
- C . Whether the engagement involves possible violations of laws and governmental regulations.
Which of the following is an example of a detective control?
- A . Segregation of duties.
- B . Reconciliations.
- C . Required authorizations.
Which of the following best ensures that the internal audit activity is free from undue interference from management?
- A . Audit policies and procedures that are comprehensive and well-documented, in accordance with the Standards.
- B . A board audit committee that is composed of competent, independent members.
- C . An audit charter that defines the chief audit executive’s functional reporting relationship with the board.
Which of the following actions could the chief audit executive take to most directly support the requirement that internal auditors maintain proficiency?
- A . Develop a risk-based internal audit plan
- B . Provide training and mentoring opportunities
- C . Obtain approval of the internal audit activity’s purpose, authority, and responsibility
Which of the following activities would compromise the independence of the internal audit activity and therefore should not be performed by an internal auditor?
- A . Championing the establishment of organization-wide risk management.
- B . Setting the organization’s risk appetite.
- C . Coordinating risk management activities.