Dependable IIA-CRMA-ADV Exam Dumps to Become IIA Certified [Q93-Q112]

Dependable IIA-CRMA-ADV Exam Dumps to Become IIA Certified

Get Ready with IIA-CRMA-ADV Exam Dumps (2023)

NEW QUESTION # 93
A staff auditor, nearly finished with an audit engagement, discovers that the director of marketing has a gambling habit. The gambling issue is not directly related to the existing engagement, and there is pressure to complete the current engagement. The auditor notes the problem and forwards the information to the chief audit executive, but performs no further follow-up.
Which of the following statements is true about the auditor's actions?

• A. They are in violation of neither the IIA Code of Ethics nor the Standards.
• B. They are in violation of the IIA Code of Ethics because the auditor withheld meaningful information.
• C. They are not in violation of the Standards but are in violation of the IIA Code of Ethics.
• D. They are in violation of the Standards because the auditor did not properly follow up on a red flag that might indicate the existence of fraud.

Answer: A

NEW QUESTION # 94
An IT contractor applied for an internal audit position at a bank. The contractor worked for the bank's IT security manager two years ago. If the audit manager interviewed the contractor and wants to extend a job offer, which of the following actions should the chief audit executive pursue?

• A. Not allow the audit manager to hire the contractor, as it would be a conflict of interest.
• B. Allow the audit manager to hire the contractor, but state that the individual is not allowed to work on IT security audits for one year.
• C. Not allow the audit manager to hire the contractor and ask the individual to apply again in one year.
• D. Allow the audit manager to hire the contractor and state that the individual is free to perform IT audits, including security.

Answer: D

NEW QUESTION # 95
An organization invests its savings in a volatile stock with the potential for high gains rather than a mutual fund with a lower expected return and lower volatility. This best describes which of the following risk concepts?

• A. Risk identification.
• B. Risk capacity.
• C. Risk tolerance.
• D. Risk appetite.

Answer: C

NEW QUESTION # 96
Which of the following is an example of a risk avoidance strategy?

• A. Limiting access to an organization's data center.
• B. Hedging against exchange rate variations.
• C. Selling a nonstrategic business unit.
• D. Outsourcing a high-risk activity.

Answer: C

NEW QUESTION # 97
Which of the following is the most significant disadvantage of using checklists to evaluate internal controls?

• A. They serve as a reminder of what controls should exist in a process.
• B. They require yes/no responses to specific questions, not open-ended responses.
• C. They do not capture all controls that may exist.
• D. They are useful in assessing risk.

Answer: C

NEW QUESTION # 98
Which of the following would not be a red flag for fraud?

• A. New employees occasionally fail to meet established project deadlines due to staffing shortages.
• B. A weak control environment has been accepted by management to encourage creativity.
• C. Several recent, large expenditures to a new vendor have not been documented.
• D. A manager has bragged about multiple extravagant vacations taken within the last year, which are excessive relative to the manager's salary.

Answer: A

NEW QUESTION # 99
Which of the following statements is true regarding assurance services provided to clients outside of the organization?

• A. The nature of assurance services for outside clients should be defined in the internal audit charter.
• B. Assurance services for outside clients must be approved on a case-by-case basis by the board of directors.
• C. Assurance services for outside clients are not covered under the internal audit charter.
• D. The nature of assurance services for outside clients is the same as for internal clients.

Answer: A

NEW QUESTION # 100
Why is it important for the chief audit executive to periodically review the audit charter and present the results to senior management and the board?

• A. So that the individual objectivity of the internal audit staff can be more clearly established.
• B. So that there is assurance of the internal audit staff's proficiency to complete audit activities.
• C. Because management requires the review to measure effectiveness of the internal audit activity.
• D. Because changes in the organization may impair the internal audit activity's ability to meet its objectives.

Answer: D

NEW QUESTION # 101
Which of the following is the most common way that occupational fraud is detected?

• A. Key controls.
• B. External audits.
• C. Whistleblower hotline.
• D. Internal audits.

Answer: C

NEW QUESTION # 102
When an internal auditor applies due professional care to perform an assurance engagement, which of the following must she consider?
1. Findings of the last audit engagement performed.
2. Probability of significant errors, irregularities, or noncompliance.
3. Extent of work needed to achieve engagement objectives.
4. Cost of the engagement versus the potential benefits.

• A. 1, 2, 3, and 4
• B. 2 and 3 only
• C. 2, 3, and 4 only
• D. 1 and 4 only

Answer: C

NEW QUESTION # 103
An organization is facing a financial downturn and needs to impose major budget reductions to all departments. According to MA guidance, which of the following actions is most appropriate for the board to take to evaluate the potential impact on the internal audit activity?

• A. Ask the chief audit executive to determine whether budgetary limitations impede the ability of the internal audit activity to execute its responsibilities.
• B. Ask The human resources department to determine how the annual compensation and salary of the audit staff could be adjusted to achieve savings.
• C. Ask appropriate stakeholders for their opinion on the potential impacts of reducing the scope of the internal audit plan.
• D. Ask management to determine which internal audit engagements are lower risk and could be considered for removal from the annual audit plan.

Answer: A

NEW QUESTION # 104
According to IIA guidance, which of the following statements is true?

• A. Control process risks are found at multiple layers of the IT environment.
• B. IT risks and related controls are operational and best identified using a bottom-up approach.
• C. The overall focus of the framework is on significant controls in all critical IT applications.
• D. Risks in IT processes are best mitigated by individual controls.

Answer: A

NEW QUESTION # 105
Given the highly technical and legal nature of privacy issues, which of the following statements best describes the internal audit activity's responsibility with regard to assessing an organization's privacy framework?

• A. Because the audit committee is ultimately responsible for ensuring that appropriate control processes are in place to mitigate risks associated with personal information, the internal audit activity is C. required to conduct privacy assessments.
• B. The internal audit activity may delegate to nonaudit IT specialists the responsibility of determining whether personal information has been secured adequately and data protection controls are sufficient.
• C. If an organization does not have a mature privacy framework, the internal audit activity should assist in developing and implementing an appropriate privacy framework.
• D. The internal audit activity should have appropriate knowledge and competence to conduct an asses
  .......framework.

Answer: D

NEW QUESTION # 106
An organization has implemented a new automated payroll system that contains a table of pay rates that are matched to employee job classifications. Which control should an internal auditor suggest in order to ensure that the table is updated correctly, and is used only for valid pay changes?

• A. Require a manager, who is independent of the system and who cannot change the table, to authorize and sign-off on any employee pay changes.
• B. Restrict data-table access from management and line supervisors who have the authority to determine pay rates.
• C. Require a supervisor in the department, who has the ability to change the table, to compare the changes to a signed management authorization.
• D. Ensure that adequate edit and reasonableness checks are built into the automated system.

Answer: A

NEW QUESTION # 107
An internal auditor would like to identify the involvement of various organizational units in handling employee travel reimbursement claims. Which of the following methods would be most effective and efficient in completing this task?

• A. Interviewing.
• B. Distributing questionnaires.
• C. Process mapping.
• D. Monitoring.

Answer: C

NEW QUESTION # 108
Which of the following decisions made during the testing phase of a compliance audit requires the most judgment by an internal auditor?

• A. Which sampling methodology to select for testing.
• B. Which fields to examine on each invoice.
• C. What level of noncompliance is acceptable.
• D. Whether an individual expenditure is allowable.

Answer: C

NEW QUESTION # 109
Which of the following must be in existence as a precondition to developing an effective system of internal controls?

• A. A risk assessment process.
• B. A strategic objective-setting process.
• C. A monitoring process.
• D. An information and communication process.

Answer: A

NEW QUESTION # 110
Which of the following is a preventive control?

• A. Creating an audit trail.
• B. Placing controls on physical access to inventory.
• C. Reviewing expense accounts for irregularities.
• D. Reconciling purchase orders with approvals.

Answer: B

NEW QUESTION # 111
In which of the following functions would fraud be most likely to occur?

• A. Collecting payments on accounts.
• B. Maintaining custody of inventory records.
• C. Approving changes to employee records.
• D. Preparing customer statements.

Answer: A

NEW QUESTION # 112
......

Download Exam IIA-CRMA-ADV Practice Test Questions with 100% Verified Answers: https://vcetorrent.passreview.com/IIA-CRMA-ADV-exam-questions.html