Free Access IIA.IIA-CIA-Part1.v2023-02-01.q147 Practice Test (Page 9)

Question 36

Which of the following is a legitimate requirement for an internal audit activity's quality assurance and improvement program (QAIP)?

A.Quality assessments should be performed by individuals with sufficient knowledge of the internal audit practices

B.All quality assessments should be either conducted or validated by an independent assessment team

C.The results of the QAIP should be communicated to shareholders annually

D.External quality assessments should be conducted every seven years

Question 37

The internal audit activity audited an organization's risk management function multiple times, and the recommendations that were made remain unaddressed by the head of risk management. Which of the following would be the next step for the internal audit activity?

A.The CAE should determine which recommendations to implement based on the severity of the associated risks.

B.The internal audit activity, led by the CAE. should assume responsibility for risk management function.

C.The chief audit executive (CAE) must discuss this matter with senior management and the board

D.The internal audit activity should add value by implementing the recommendations on management's behalf.

Question 38

Which of the following statements relating to risk management is true?

A.Internal auditors are responsible for managing the risks of the organization

B.External auditors must be engaged to evaluate the potential for fraud and how the organization manages fraud risk

C.The high-level risk assessment performed during engagement planning is a detailed step-by-step analytical process

D.A lack of controls is acceptable if the risk is reduced to an acceptable level in some other way

Question 39

During an assurance engagement an internal auditor discovered that risk limits risk limit were set for a new market expansion project Management of the area under review was eager to comply and submitted a potential risk limit value for the auditor's review and approval. Which of the following would be an appropriate course of action for the auditor to take?

A.Develop risk limit calculation criteria and ask management of the area under review to resubmit the values.

B.Review the submission and if no further remarks exist approve the risk limits

C.Provide advice if needed and ask management of the area under review to forward to senior management and the board for approval

D.Avoid providing any advice or review until the audit report is issued

Question 40

Which of the following disclosures must the chief audit executive (CAE) include when communicating the results of the quality assurance and improvement program to senior management and the board?

A.Hours and sources of continuing professional education

B.Scope and frequency of both the internal and external assessments

C.Authority and responsibility of the internal audit activity

D.independence and objectivity impairments of the CAE

Other Version: 1002IIA.IIA-CIA-Part1.v2025-05-21.q605; 3357IIA.IIA-CIA-Part1.v2024-09-23.q699; 2039IIA.IIA-CIA-Part1.v2023-11-09.q158; 2714IIA.IIA-CIA-Part1.v2023-04-17.q104; 6489IIA.IIA-CIA-Part1.v2023-03-29.q231; 3617IIA.IIA-CIA-Part1.v2023-02-22.q207; 4130IIA.IIA-CIA-Part1.v2023-02-14.q152; 3773IIA.IIA-CIA-Part1.v2022-07-16.q118; 4681IIA.IIA-CIA-Part1.v2022-02-22.q141; 126IIA.Prepawayete.IIA-CIA-Part1.v2021-09-10.by.earl.163q.pdf

Latest Upload: 117Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 156TheSecOpsGroup.CNSP.v2025-09-08.q20; 207CFAInstitute.ESG-Investing.v2025-09-08.q173; 155PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 145Salesforce.Data-Architect.v2025-09-05.q216; 139Adobe.AD0-E605.v2025-09-05.q50; 182Nutanix.NCP-MCI-6.10.v2025-09-05.q55; 114Oracle.1z0-591.v2025-09-05.q104

Question 36

Question 37

Question 38

Question 39

Question 40

Download PDF File