The chief risk officer (CRO) of a large manufacturing organization decided to facilitate a workshop for process managers and staff to identify opportunities for improving productivity and reducing defects. Which of the following is the most likely reason the CRO chose the workshop approach?

Production managers for a manufacturing company are authorized to prepare emergency purchase orders for raw materials. These manually prepared orders do not go through the purchasing department and do not require a receiving report. The managers forward the invoice and purchase order to the accounting department for payment. Which of the following internal controls would efficiently prevent abuse of this system?

After the team member who specialized in fraud investigations left the internal audit team, the chief audit executive decided to outsource fraud investigations to a third party service provider on an as needed basis. Which of the following is most likely to be a disadvantage of this outsourcing decision?

Which of the following is an advantage of an interim report?
I.An interim report provides timely feedback to the audit engagement client.
II.
An interim report provides a mechanism for communicating information on red flags promptly while they are being investigated.
III.
An interim report provides an opportunity for auditor follow-up of findings before the engagement is completed.
IV.
An interim report increases the probability that corrective action will be initiated more quickly.

While performing an audit of the human resources department, an internal auditor discovered unencrypted files containing the personal information of employees stored on a public shared drive. According to IIA guidance, which of the following actions by the auditor would be the most appropriate?