Which of the following skills is critical for assessing corporate social responsibility through a self-assessment?

An organization is testing a new IT system for digital data storage and security. The internal audit activity has been asked to evaluate the system in a consulting engagement. Although several internal auditors on staff are qualified to perform basic assessments of IT systems, none are familiar with the new system. Which of the following is a legitimate response to the prospective client?
1. Decline the engagement.
2. Proceed with the engagement, performing only those parts of the engagement that the internal auditors are qualified to perform.
3. Accept the engagement and develop the additional competencies in-house prior to the engagement's starting date.
4. Make arrangements to obtain assistance from a competent IT auditing expert.

A chief audit executive (CAE) is concerned that the internal audit activity is not receiving adequate training and continuing education. Which of the following approaches should the CAE take?

A subsidiary of the organization was preparing for an initial public offering (IPO). Af the request of the audit committee, the chief audit executive (CAE) and all senior audit staff were actively involved in the process by helping collect and validate financial data, conducting assessments, and participating in meetings with IPO advisors. Six months later, it became obvious that the IPO had to be canceled. Newly appointed audit committee members requested an assurance engagement that v/ould assess the IPO preparation process.
Which of the following would be the best course of action for the chief audit executive (CAE) to take?

A medical insurance provider uses an electronic claims-submission process and suspects that a number of physicians have submitted claims for treatments that were not performed. Which of the following control procedures would be most effective to detect this type of fraud?