An internal auditor notes that employees are able to download files from the internet. According to IIA guidance, which of the following strategies would best protect the organization from the risk of copyright infringement and licensing violations resulting from this practice?

A company has established its environmental audit activity as part of its legal department rather than part of its internal audit activity, which reports to the audit committee. The board has requested that the chief audit executive (CAE) provide an annual opinion on whether environmental risks are being properly addressed. In these circumstances, the CAE should recommend to the audit committee that the internal audit activity:

The chief audit executive (CAE) of a mid-sized pharmaceutical organization has operational responsibility for the regulatory compliance function. The audit committee requests an assessment of regulatory compliance.
According to IIA guidance, which of the following is the CAE's best course of action?

Which the following activities should be performed by the internal audit activity to facilitate an effective relationship with the audit committee?
1.Periodically report about the accounting standards followed by the organization.
2.Provide assurance to the audit committee that its charter,activities,and processes are appropriate.
3.Ensure that the role and activities of the internal audit activity are clearly understood and responsive to the needs of the audit committee.
4.Maintain open and effective communications with the audit committee.

When using a risk assessment model to develop audit plans, it is essential that the chief audit executive take into account the: