Oa Quiz
Oa Quiz
Oa Quiz
1. The IIA Code of Ethics is based on all but which of the following ethical principles?
A. Integrity
B. Independence
C. Competency
D. Confidentiality
B. management.
C. both A and B.
D. neither A nor B.
3. Which of the following is not one of the broad categories of operational audits?
A. Functional audits.
B. Organizational audits.
4. Which of the following is not a similarity between external and internal auditors?
6. Auditing standards external auditors to use the internal auditors for direct assistance on the audit.
A. discourage
B. prohibit
C. encourage
D. permit
A. CPA firms
B. Internal auditors
C. Govemment auditors.
8. The professional organization which is responsible for providing guidance for internal auditors is the:
A. ACPACI
В. ПА.
C. PICPA.
D. AIA.
9. Which of the following is not one of the three phases in an operational audit?
A. Planning.
10. An audit designed to evaluate the efficiency and effectiveness of organization, or some part of an
organization would not be called a(n):
A. performance audit.
B. management audit.
C. operational audit.
D. compliance audit.
11. Which of the following is not one of the major differences between financial and operational
auditing?
A. The financial audit is oriented to the past, but an operational audit concerns performance for the
future.
B. The financial audit report is distributed to many readers, but the operational audit report goes to a
few managers.
C. Financial audits deal with the information on the financial statements, but operational audits are
concerned with the information in the ledgers.
D. Financial audits are limited to matters that directly affect the financial statements, but operational
audits cover any aspect d efficiency and effectiveness.
12. Before an operational audit for effectiveness can be performed, there must be
13. Which of the following statements regarding types of operational audits is false?
C. The emphasis in an organizational audit is on how efficiently and effectively functions interact.
14. The two most important qualities for an operational auditor are:
15. Which of the following is not a difference between operational auditing and financial auditing?
B. Operational audit reports are usually of a restricted distribution while financial audit reports are
widely distributed.
C. Operational audits often cover non-financial issues while financial audits do not.
17. Which of the following can affect the independence of operational auditors?
Responsibilities
Reporting Structure
A. Yes
No
No
B. No
C. No
Yes
D. Yes
Yes
18. Which is not a purpose of an economy and efficiency audit?
A. Whether the entity is acquiring, protecting, and using resources economically and efficiently.
C. Whether the entity has complied with laws and regulations concerning matters of economy and
efficiency.
19. A(n) functions interact. audit emphasizes how efficiently and effectively
A. operational
B. compliance
C. financial
D. organizational
20. Which of the following is not a purpose of a program audit as performed by government auditors?
A. Determination of the extent to which the desired results established by the legislature are being
achieved.
D. Determination as to whether the entity has complied with laws and regulations applicable to the
program.
21. What distinguishes internal control evaluation and testing for financial and operational auditing?
C. Both A and B.
D. Neither A nог В.
Operating departments
A. Yes
B. No
C. Yes
D. No
a. No
b. Yes
c. No
d. Yes
23. External financial statement auditors must obtain evidence regarding what attributes of an internal
audit department if the extermal auditors intend to rely on the internal auditor's work?
Yes
Competence
Yes
No
No
Yes
ABC
D.
No
Yes
No
24. The following are the similarities between internal and external auditors except
A. Both must be competent as auditors and remain objective in performing their work and reporting
their results.
B. Both follow a similar methodology in performing their audits, including planning and performing tests
of controls and substantive tests.
C. Both functions serve the needs of the management.
D. Both consider risk and materiality in deciding the extent of their tests and evaluating results. However,
their decisions about materiality and risks may differ because external users may have different needs
than management or the board.
25. Below are the criteria which the external auditors typically consider internal auditors effective if they
meet the following except:
C. Have performed relevant audit tests of the internal controls and financial statements.
26. Operational auditing is the review of an organization for efficiency and effectiveness. Which of the
following statements are true?
A. Effectiveness refers to the degree to which the organization's objectives and goals are accomplished.
B. Efficiency refers to the degree to which costs are reduced without reducing effectiveness.
Statement II. Communication skills are also essente oplet only s relates to fellow auditors, but also
process owners and operators Statement III. Adding value and being perceived as trusted advisors to
Their organizations are perhaps the highest aspirations of interna auditors around the world.
audits. Statement II. Current professional auditing standards require external auditors to use internal
auditors for direct assistance on external audits.
A. Statement I only.
D. Statement II only.
Statement I. Operational audits may be performed by internal auditors and government auditors, but
not by external auditors.
Statement II. To help them remain independent of the operations they audit, internal auditors should
report directly to the controller.
C. Statement I only.
D. Statement II only.
Statement I. Internal auditors should have the authority to require Implementation of suggestions for
improvement.
Statement II. One disadvantage of functional auditing is the failure to evaluate interrelated functions.
B. Statement I only.
C. Statement II only.
Case Analysis
FTW Corporation sells computer peripherals and related devices, such as printers, ink, flash drives and
cables. FTW has a staff of three purchasing agents, each of whom oversees a specific set of inventory
items.
Each purchasing agent uses his/her discretion in making decisions about when to order inventory, how
much inventory to order and which vendor to purchase from. When ordered inventory arrives at FTW,
one of two receiving clerks matches the items, quantities, and vendors against a copy of the purchase
order, then either stocks the merchandise on the shelves or puts it in the storeroom. FTW's accountant
receives a copy of the invoice from the vendor, as well as an e-mail from one of the receiving clerks
indicating that merchandise has been received. The e-mail also includes the relevant purchase order
number. The accountant files the invoice by date in a filing cabinet; once a week, the accountant
removes invoices from the filing cabinet and pays them by check. To cut down on clutter in the office,
the accountant shreds the vendor invoice after the check has been paid by the bank. The accountant also
completes a bank reconciliation within two weeks of receiving the bank statement in the mail.
Requirements:
2. Integrate the concept of 7 E's of Operations Audit, as applicable to identify potential problems in the
case.
3. As an internal auditor, what are the skills and qualities you need to have an effective audit and to
resolve the problems encountered?
4. Based on your proposed recommendations, as an internal auditor, how will you become a trusted
advisor and an effective consultant?
CHAPTER 3
1. This identifies what the internal audit function will review based on available resources and the needs
and priorities of the organization.
A. Audit Checklist
B. Audit Plan
C. Operations Manual
D. Audit Manual
2 factors are conditions and other variables that in their present, or absence, as the case may be, either
exacerbate or diminish the underlying risk.
A. Risk
B. Audit
C. Operations
D. Planning
A. Observation
B. Workpapers
C. Flowcharts
5. A review of how an organization's management and its operating procedures are functioning with
respect to their effectiveness and efficiency in meeting stated objectives.
A. Internal Audit
B. Operational Audit
C. Cash Audit
D. External Audit
6. The auditor faces a risk that the audit will not detect mater misstatements in the financial statements.
In regard to minimizing the risk, the auditor primarily relies on:
A. Substantive procedures
B. Tests of controls
C. Internal control
D. Statistical analysis
7. Which of the following is least likely to be included in an auditor's inquiry of management while
obtaining information to identify the risks of material misstatement due to fraud?
b. Does it have knowledge of fraud or suspect fraud? C. Does it have programs to mitigate fraud risks?
D. Has it reported to the audit committee the nature of the company's internal control?
8. The primary purpose of the internal auditors' evaluation of internal control is to:
A. Determine if management has planned and implemented activities needed to attain goals and
objectives
D. Determine if employees have incompatible duties that have compromised the control environment.
9. The internal auditing department provides information about control and quality of performance to:
A. Audit objectives
C Preliminary survey
D. Audit program
11. Interviewing operating personnel, identifying he objectives of the auditee, identifying standards used
to evaluate performance, and assessing the risk inherent in the auditee's operations are activities
typically performed in which phase of an internal audit?
A. The fieldwork phase
12. Which of the following best describes the scope of internal auditing as it has developed to date?
A. Internal auditing involves appraising the economy and efficiency with which resources are employed.
B. Internal auditing involves evaluating compliance with policies plans, procedures, laws, and regulations.
C. Internal auditing has evolved to verifying the existence of assets and reviewing the means of
safeguarding assets.
D. Internal auditing has evolved to more of an operational orientation from a financial orientation.
13. Which of the following statements best describes why the profession of certified public accountants
has deemed it essential to promulgate a code of professional conduct and to establish a mechanism for
enforcing observation of the code?
B. A prerequisite to success is the establishment of an ethical code that stresses primarily the
professional's responsibility to clients and colleagues.
C. A requirement of most state laws calls for the profession to establish a code of ethics.
D. An essential means of self-protection for the profession is the establishment of flexible ethical
standards by the professions.
14. A primary purpose for establishing a code of conduct within a professional organization is to:
A. Reduce the likelihood that members of the profession will be sued for substandard work
b. Ensure that all members of the profession perform at approximately the same level of competence
D. Require members of the profession to exhibit loyalty in all matters pertaining to the affairs of their
organization.
15. Corporate governance is a process by which the owners and creditors of an organization.
A. Exert control.
B. Require accountability.
C. Exert control and require accountability.
A. shareholders
B. audit committee
C. management
18. All of the following groups have responsibility for ensuring proper corporate governance except:
A. stockholders
B. board of directors
C. regulatory agencies
20, Companies with good governance generally have the following characteristic(s):
reporting seriously.
21.S1. Operational risk, as opposed to efficiency, is the risk of loss resulting from inadequate internal
processes, people, and systems or from external events.
S2. FS audit is concerned on to see that the credit control has been strictly followed white med on to
seedit is concerned on to study the credit control while operationing better measures as necessary.
A. Statement I only.
D. Statement II only.
22. After assessment of risk maturity, periodic audit planning is done which results to the production of:
A. Audit report
B. Planning report
C. Audit plan
D. Risk register
52. The scope of internal auditing should encompass the examination of the adequacy and effectiveness
of the organization's system of internal control and the quality of performance in carrying out assigned
responsibilities.
A. Statement I only.
D. Statement II only.
24. The following are planning considerations in operations audit except
C. Prepare a Draft Annual Audit Plan based upon the results of the ris assessment process.
25. Who is responsible for reviewing and approving the final engagement communication before its
issuance?
Case Analysis
Bes Corporation has an internal audit department operating out of the corporate headquarters. Various
types of audit assignments are performed by the department for the eight divisions of the company. The
following Endings resuited from recent audits of Bes Corporation's Bhiee Division:
1. One of the departments in the division appeared to have an excessive turnover rate. Upon
investigation, the personnel department seemed to be unable to find enough workers with the specified
skills for this department. Some workers are trained on the job. The departmental supervisor is held
accountable for labour efficiency variances but does not have qualified staff or sufficient time to train the
workers properly. The supervisor holds individual workers responsible for meeting predetermined
standards from the day they report to work. This has resulted in a rapid turnover of workers who are
trainable but not yet able to meet standards.
2. The internal audit department recently participated in a computer feasibility study for this division. It
advised and concurred on the purchase and installation of a specific computer system. Although the
system is up and operating, the results are less than desirable. The software and hardware meet the
specifications of the feasibility study, but there are several functions unique to this division that the
system has been unable to accomplish. Linking of files has been a problem. For example, several vendors
have been paid for materials not meeting company specifications. A revision of the existing software is
probably not possible, and a permanent solution probably requires replacing the existing computer
system with a new one.
3. One of the products manufactured by this division was reces redesigned to eliminate a potential
safety defect. This defect was discovered after several users were injured. At present, there are no
pending lawsuits because none of the injured parties has identified a defect in tsuits because none of of
the injury. There is insufactor Information to deteurt as weause the defect was a contributing factor.
The director of internal auditing and assistant controller is in charge of the internal audit department
and reports to the controller in corporate headquarters. Copies of internal audit reports are sent
routinely to Bes board of directors.
Requirements:
1. What are the procedures to be done in terms of fieldwork stage of an internal auditor as a response to
audit finding number 1 (excessive turnover)?
2. What are your possible recommendations as an internal auditor as a response to audit finding number
1 (excessive turnover)?
3. Based on the case, are there any objectivity problems with Bes Corporation? Explain.
4. What if the internal audit department is part of the corporation controllership function, and copies of
the internal audit reports am sent to the board of directors, evaluate the appropriateness of the location
of the internal audit department within Bes' organizationa structure.
5. Who are those within Bes should receive the reports of the intermal audit department?
CHAPTER 4
1. Which of the following is not one of the three primary objectives of effective internal control?
Commitment to Competence
No
Detection
Organizational Structure
No
Yes
Risk
Yes
Yes
No
Yes
Yes
No
No
Yes
3. which of the following statements concerning the relevance of various types of controls to a financial
statement audit is correct?
B. Controls over safeguarding of assets and liabilities are of primary importance, while controls over the
reliability of financial reporting may also be relevant
C Controls over the reliability of financial reporting are ordinarily most directly relevant to a financial
statement audit, but other controls may also be relevant.
D. An auditor may ordinarily ignore a consideration of controls when a substantive audit approach is
taken.
4. An auditor should consider two key issues when obtaining an understanding of a client's internal
controls. These issues are
5. Authorizations can be either general or specific. Which of the following is not an example of a general
authorization?
6. An auditor should obtain sufficient knowledge of an entity's information system, including the related
business processes relevant to financial reporting, to understand the
7. Which of the following controls most likely would provide reasonable assurarice that all credit sales
transactions of an
A. The accounting department supervisor controls the mailing of entity are recorded? monthly
statements to customers and investigates any differences reported by customers.
C. The billing department supervisor matches prenumbered shipping documents with entries in the sales
journal.
D. The billing department supervisor sends copies of approved sales orders to the credit department for
comparison to authorized credit limits and current customer account balances.
A. Segregation of Duties
B. Accounting Records
C. Supervision
D. Independent Verification
9. Physical control used to capture the economic essence of transactions and provide an audit trail of
economic events refers to
A. Segregation of Duties
B. Accounting Records
C. Supervision
D. Access Control
10. Auditors assessing the integrity of the organization's management and using investigative agencies to
report on the backgrounds of key managers is one of the five components of the COSO framework.
A. Control environment
C. Monitoring
B. Risk assessment
11. The authorization of a transaction to ensure that all material transactions processed by the
information system are valid and in accordance with management's objectives is one of the five
components of the COSO Framework,
A Control environment
B. Control activities
C. Monitoring
12. The classes of transactions that are material to the financial statements and how those transactions
are initiated is one of the five components of the COSO framework.
A. Control environment
8. Risk assessment
C. Control activities
B. Risk assessment
C. Monitoring
14. Physical control used to ensure that only authorized personnel have access to the firm's assets refers
to
A. Segregation of Duties
C. Access control
B. Accounting Records
D. Independent Verification
15. Every system of internal control has limitations on its effectiveness These include
A. The concept that the company should establish and maintain a system of internal control.
D. B and C only.
16. In the COSO enterprise risk management framework, organization's overall tone relates most closely
to:
A. Internal environment
B. Objective setting
C. Event identification
D. Monitoring
17. Miguel and Rafaela were developing a risk management plan for the company following the COSO
framework. One of the company's is to have sufficient cash available for operations; that goal had be
difficult to achieve due to risk, Miquel and Rafaela recommended their company inves cash in short-term
securities that could be liquidated quickly seasonal fluctuations easily, Which element of the COSO
framework is most related to he recommendation? in sales. To reduce
A. Internal environment
B. Monitoring
C. Control activities
D. Risk response
18. In a conversation about risk management, Miguel and Rafaela produced a ranked list of their
company's risk exposures. The ranked ast is most closely related to which element of the COSO
framework?
8. Rak assessment
C. Risk response
D. Monitoring
19. COSO has published integrated frameworks for both internal control and for enterprise risk
management. Which of the following statements about the frameworks is most true?
A. The internal control framework is more useful than the enterprise risk management framework.
B. The enterprise risk management framework is more useful than the internal control framework.
20. Which of the following best pairs an element of the COSO enterprise risk management framework
with an example of that element?
process, they could collect data related to: the average length of time between an order for a fixed asset
and its delivery,
AT only
B. II only
Both I and II
D. Neither 1 nor 11
Case Analyses
Case 1 - (Risk Assessment) You are the Chief Executive Officer of a large USA multinational company
operating in the energy sector. Your company has operations in 23 different countries, some of which are
developing economies, and it has raised debt finance, as well as equity finance, in 17 these countries.
You are aware that there have been protests from environmental lobby groups in several areas regarding
oil pipelines. There have also been demonstrations about the impact of operations on local
communities.
Your company has an internal audit committee, an audit committee, and a reasonably well-developed
system of internal control loosely structured around the Turnbull Report's recommendations. However,
the board has decided that perhaps it should form a new committee, a 'risk committee which will deal
with risk management and internal control specifically.
Requirement:
Accordingly, the board has asked you to prepare a memo which summarizel the main risks facing the
business at present, and the relative importance of these risks to the business, to highlight where the
primary exposures are likely to be.
Case 2 - (Control Environment) Raiza Motors Company, a diversified Ausnufacturer, has five divisions that
operate throughout Singapore and Australia. Raiza Motors has historically allowed its divisions to
operate witronomously. Corporate intervention be allowed its divisionsned results of directo obtained.
Corporate managemencurred only when plant the board policy of hiring competent people. The
company has a code of conduct but policy of irs and audit committee are ment has high integrity, but
this has there is little monitoring of compliance by employees. Management is f conservative in terms of
accounting principles and practices, but emolover compensation packages depend highly on
performance. Raiza Moton Company does not have an internal audit department, and it relies on you
firm to review the controls in each division.
Don Gisean is the gearray of sager of the Fabricator Division. The Fabricator Division produces a variety
of standardized parts for small appliances, Gisean has been the general manager for the last seven years,
and each year he has seen able to improve the profitability of the division. He is compensated based
largely on the division's profitability. Much of the improvement in profitability has come through
aggressive cost cutting, including a substantial reduction in control activities over inventory.
During the last year, a new competitor has entered Fabricator's markets and has offered substantial price
reductions in order to grab market share. Gisean has responded to the competitor's actions by matching
the price cuts in the hope of maintaining market share. Gisean is very concerned because he cannot see
any other areas where costs can be reduced so that the division's growth and profitability can be
maintained. If profitability is not maintained, his salary and bonus will be reduced.
Gisean has decided that one way to make the division more profitable is to manipulate inventory
because it represents a large amount of the division's balance sheet. He also knows that controls over
inventory are weak. He views this inventory manipulation as a short-run solution to the profit decline
due to the competitor's price cutting. Gisean is certain that once the competitor stops cutting prices or
goes bankrupt, the misstatements in nventory can be corrected with little impact on the bottomline.
Requirements:
b. What environment. Motors Company's control environment have led to and facilitated Gisean's
manipulation of inventory?
Case 3- (Control Activities) A company's accountant was able to approve Tayment of invoices and write
company checks to a family member, with whom the accountant would split the proceeds. The
accountant covered up the theft with journal entries in the accounting information system.
Requirement:
Don Gisean is the gearray of sager of the Fabricator Division. The Fabricator Division produces a variety
of standardized parts for small appliances, Gisean has been the general manager for the last seven years,
and each year he has seen able to improve the profitability of the division. He is compensated based
largely on the division's profitability. Much of the improvement in profitability has come through
aggressive cost cutting, including a substantial reduction in control activities over inventory.
During the last year, a new competitor has entered Fabricator's markets and has offered substantial price
reductions in order to grab market share. Gisean has responded to the competitor's actions by matching
the price cuts in the hope of maintaining market share. Gisean is very concerned because he cannot see
any other areas where costs can be reduced so that the division's growth and profitability can be
maintained. If profitability is not maintained, his salary and bonus will be reduced.
Gisean has decided that one way to make the division more profitable is to manipulate inventory
because it represents a large amount of the division's balance sheet. He also knows that controls over
inventory are weak. He views this inventory manipulation as a short-run solution to the profit decline
due to the competitor's price cutting. Gisean is certain that once the competitor stops cutting prices or
goes bankrupt, the misstatements in nventory can be corrected with little impact on the bottomline.
Requirements:
b. What environment. Motors Company's control environment have led to and facilitated Gisean's
manipulation of inventory?
Case 3- (Control Activities) A company's accountant was able to approve Tayment of invoices and write
company checks to a family member, with whom the accountant would split the proceeds. The
accountant covered up the theft with journal entries in the accounting information system.
Requirement:
Case 4- (Internal Controls and Risk Management) Payswell Company small manufacturer, has been in
business for 10 years Sem management is thinking about outsourcing the company's payroll process
Requirements:
b. What are the key risks that threaten the achievement of those objectives?
2. Determine whether those controls are designed adequately att operating effectively?