NO.1 Which of the following would be an appropriate improvement to controls over large

quantities of consumable material that are charged to expense when placed in bins which are

accessible to production workers?

A. Relocate bins to the inventory warehouse.

B. Require management to compare the cost of consumable items used to the budget.

C. Lock the bins during normal working hours.

D. None of the above actions are needed for items of minor cost and size.

Answer: B

NO.2 An internal auditor is assigned to conduct an audit of security for a local area network (LAN) in

the finance department of the organization. Investment decisions, including the use of hedging

strategies and financial derivatives, use data and financial models which run on the LAN. The LAN is

also used to download data from the mainframe to assist in decisions. Which of the following

should be considered outside the scope of this security audit engagement?

A. Investigation of the physical security over access to the components of the LAN.

B. The ability of the LAN application to identify data items at the field or record level and implement

user access security at that level.

C. Interviews with users to determine their assessment of the level of security in the system and the

vulnerability of the system to compromise.

D. The level of security of other LANs in the company which also utilize sensitive data.

Answer: D

NO.3 An organization's internal auditors are reviewing production costs at a gas-powered electrical

generating plant. They identify a serious problem with the accuracy of carbon dioxide emissions

reported to the environmental regulatory agency, due to computer errors. The auditors should

immediately report the concern to:

A. The regulatory agency.

B. Plant management.

C. A plant health and safety officer.

D. The risk management function.

Answer: B

NO.4 When assessing the risk associated with an activity, an internal auditor should:

A. Determine how the risk should best be managed.

B. Provide assurance on the management of the risk.

C. Modify the risk management process based on risk exposures.

D. Design controls to mitigate the identified risks.

Answer: B

NO.5 An audit of management's quality program includes testing the accuracy of the cost-of-quality

reports provided to management. Which of the following internal control objectives is the focus of

this testing?

A. To ensure compliance with policies, plans, procedures, laws, and regulations.

B. To ensure the accomplishment of established objectives and goals for operations or programs.

C. To ensure the reliability and integrity of information.

D. To ensure the economical and efficient use of resources.

Answer: C

NO.6 Which of the following would be most helpful to a governmental auditor searching for the

existence of multiple welfare claims that were filed under different names but used the same

address?

A. Tagging and tracing.

B. Generalized audit software.

C. Integrated test facility.

D. Spreadsheet analysis.

Answer: B

NO.7 Which of the following is a weakness that is inherent in the use of the test data method to

test internal controls in a computer-based accounting system?

A. The auditor must test many transactions with the same condition in order to achieve assurance

that the condition is being detected.

B. Conditions that were not specifically considered by the auditor may go untested.

C. The approach requires the creation of "dummy companies," possibly destroying or altering actual

company data in the process.

D. Inclusion of atypical data in the test data may cause errors to be noted on the exception report.

Answer: B

NO.8 Which of the following would be a red flag that indicates the possibility of inventory fraud?

I.The controller has assumed responsibility for approving all payments to certain vendors.

II.The controller has continuously delayed installation of a new accounts payable system, despite a

corporate directive to implement it.

III.Sales commissions are not consistent with the organization's increased levels of sales.

IV.Payments to certain vendors are supported by copies of receiving memos, rather than originals.

A. I and II only.

B. II and III only.

C. I, II, and IV only.

D. I, III, and IV only.

Answer: C