A staff auditor, nearly finished with an audit engagement, discovers that the director of marketing has a gambling habit. The gambling issue is not directly related to the existing engagement and there is pressure to complete the current engagement. The auditor notes the problem and forwards the information to the chief audit executive but performs no further follow-up. The auditor's actions woulD.
I.
Be in violation of the IIA Code of Ethics for withholding meaningful information.
II.
Be in violation of the Standards because the auditor did not properly follow up on a red flag that might indicate the existence of fraud.
III.
Not be in violation of either the IIA Code of Ethics or Standards.

In which of the following cases is it appropriate for an audit report to not contain management's response either within the report or as an attachment?

According to IIA guidance, which of the following statements are true regarding the internal audit plan?
1.The audit plan is based on an assessment of risks to the organization.
2.The audit plan is designed to determine the effectiveness of the organization's risk management process.
3.The audit plan is developed by senior management of the organization.
4.The audit plan is aligned with the organization's goals.

The most effective method of reporting engagement results to management and stimulating action is to:

A large investment organization hired a chief risk officer (CRO) to be responsible for the organization's risk management processes. Which of the following people should prioritize risks to be used for the audit plan?