
Download the Latest IIA-CRMA Dumps - 2021 IIA-CRMA Exam Questions
Latest IIA IIA-CRMA Certification Practice Test Questions
NEW QUESTION 27
Which of the following factors should be considered when determining the appropriate combination of manual techniques and computer-assisted audit techniques (CAATs) to be used during an audit?
1. Acceptance of CAATs findings by entity management.
2. Computer knowledge and expertise of the auditor.
3. Time constraints.
4. Level of audit risk.
- A. 1 and 4
- B. 2 and 3 only
- C. 2, 3, and 4
- D. 1, 2, and 3
Answer: C
NEW QUESTION 28
An assurance mapping exercise helps an organization do which of the following?
1. Provide assurance to stakeholders that risks are managed and reported, and regulatory and legal obligations are met.
2. Fulfill best practices in the industry.
3. Identify and address any gaps in the risk management process.
4. Identify fraud.
- A. 1 and 3.
- B. 2 and 3.
- C. 3 and 4.
- D. 1 and 4.
Answer: A
NEW QUESTION 29
In which of the following scenarios would the chief audit executive (CAE) be required to decline the assignment?
- A. There is no available expertise on the internal audit team to perform a consulting engagement.
- B. There is no expertise within the internal audit team for detecting and investigating fraud.
- C. The CAE would need to procure external services to deliver the internal audit assurance program.
- D. There is no expertise within the internal audit team for auditing an IT engagement.
Answer: B
NEW QUESTION 30
Which of the following scenarios best illustrates a rationalization as the root cause of potential fraud?
- A. The organization is slowly phasing out three mature products that produce the highest commissions for the sales staff.
- B. The controller at a nationwide manufacturing company recently opted to no longer require two-week mandatory vacations for accounting staff.
- C. Managers who have been with the organization for several decades become aware that newly hired, younger managers are being moved more quickly into senior positions.
- D. Security cameras that monitor cash handling at the register are not functioning.
Answer: B
NEW QUESTION 31
Who is responsible for setting the risk appetite?
- A. Chief risk officer.
- B. External auditors.
- C. Operations management.
- D. Board of directors.
Answer: D
NEW QUESTION 32
Which of the following is an activity that an internal auditor must not perform?
- A. Provide assurance for the effectiveness of anti-money laundering training.
- B. Survey employees for their understanding of anti-money laundering practices.
- C. Establish and provide continuing assurance on an anti-money laundering program for new hires.
- D. Assess the risk of being fined for ineffective anti-money laundering practices.
Answer: C
NEW QUESTION 33
During an audit engagement, the internal auditor discussed a risk mitigation recommendation with the manager of the area under review. The manager disagreed with the risk assessment and recommendation. The two failed to come up with an alternative solution, and the auditor decided to proceed with including the original recommendation in the engagement report. Which of the following is especially important in dealing with this type of situation?
- A. Soft skills in communication, negotiation, and collaboration.
- B. Technical skills in the area under review.
- C. Professional qualifications and certification in internal auditing.
- D. Confidentiality and independence.
Answer: A
NEW QUESTION 34
During an audit, the client questions the internal audit activity's authority to perform procedures over fraud allegations. According to HA guidance, which of the following would provide the most relevant support to respond to the client's concerns?
- A. Definition of Internal Auditing.
- B. MA Standards.
- C. The IIA's Code of Ethics.
- D. Internal audit charter.
Answer: D
NEW QUESTION 35
Which of the following is the best way to detect fraud?
- A. Activate a whistleblower hotline.
- B. Implement process controls.
- C. Conduct anti-fraud training.
- D. Perform background investigations.
Answer: A
NEW QUESTION 36
Which of the following control activities is the most effective to ensure users' levels of access are appropriate for their current roles?
- A. Standardized user access profiles are developed and the appropriate access profiles are automatically assigned to new or transferred employees.
- B. System administrator rights are assigned to one user in each department who can update user access of terminated or transferred employees immediately.
- C. Department managers are required to perform periodic user access reviews of relevant systems and applications.
- D. The human resources department generates a monthly list of terminated and transferred employees and requests IT to update the user access as required.
Answer: C
NEW QUESTION 37
A credit card company detects potential errors in credit card numbers by checking whether all entered numbers contain the correct amount of digits. This is an example of which of the following IT controls?
- A. Logic test.
- B. Check digits.
- C. Balancing control activities.
- D. Data integrity tests.
Answer: A
NEW QUESTION 38
The chief audit executive (CAE) is planning to conduct an internal assessment of the internal audit activity (IAA). Part of this assessment will include benchmarking. According to IIA guidance, which of the following qualitative metrics would be appropriate for the CAE to use?
1. Average client customer satisfaction score for a given year.
2. Client survey comments on how to improve the IAA.
3. Auditor interviews once an audit has been completed.
4. Percentage of audits completed within 90 days.
- A. 1 and 3.
- B. 2 and 3.
- C. 1 and 2.
- D. 3 and 4.
Answer: B
NEW QUESTION 39
During the course of an audit, an internal auditor discovers that a valuable employee in the research department has been patenting new developments in the employee's name that are unrelated to the basic business of the organization.
The organization does not have a policy addressing this specific issue, but does have a general policy that all important new discoveries by employees are the property of the organization.
Division management views the employee's actions as extra incentive to retain the employee.
A decision to include the employee's action in the engagement final communication would be:
1. A violation of the IIA Code of Ethics.
2. A violation of the reporting requirements in the Standards.
3. Justified and necessary, according to the IIA Code of Ethics and Standards.
- A. 1 only
- B. 2 only
- C. 3 only
- D. 1 and 2 only
Answer: C
NEW QUESTION 40
Upon joining the internal audit activity, each new auditor receives a copy of the audit handbook. Which of the following handbook policies has the greatest risk of compromising audit objectivity?
- A. Internal auditors should have direct and unrestricted access to personnel and information throughout the organization and the governing board.
- B. Internal auditors should obtain 80 hours of continuing professional education every two years, 20 of which should be audit-related, and the remainder may be operations-related.
- C. Internal auditors should undergo annual performance appraisals conducted by the chief audit executive, who reports administratively to the chief financial officer.
- D. Internal auditors should rotate to other areas of the organization for nonaudit assignments to gain an understanding of the organization's operations.
Answer: D
NEW QUESTION 41
Which of the following would not be considered part of preliminary survey of an engagement area?
- A. Sampling scope.
- B. Analytical reviews.
- C. Functional walk through test.
- D. Interviews with individuals affected by the entity.
Answer: A
NEW QUESTION 42
A fraud investigation was completed by management, and a proven fraud was communicated to relevant authorities. According to MA guidance, which of the following roles would be most appropriate for the internal audit activity to undertake after the investigation?
- A. Conduct lessons learned sessions to ascertain how the fraud occurred and which controls failed.
- B. Determine why The fraud was not detected earlier and design controls to strengthen early detection.
- C. Plan employee sessions and team building strategies for the organization to improve awareness of fraud among employees.
- D. Review the investigation and implement any improvements to the process.
Answer: A
NEW QUESTION 43
Which of the following activities is most likely to require a fraud specialist to supplement the knowledge and skills of the internal audit activity?
- A. Interrogating a suspected fraudster.
- B. Planning an engagement of the area in which fraud is suspected.
- C. Completing a process review to improve controls to prevent fraud.
- D. Employing audit tests to detect fraud.
Answer: D
NEW QUESTION 44
Which of the following is a preventive control?
- A. Reviewing expense accounts for irregularities.
- B. Creating an audit trail.
- C. Reconciling purchase orders with approvals.
- D. Placing controls on physical access to inventory.
Answer: D
NEW QUESTION 45
An organization is beginning to implement an enterprise risk management program. One of the first steps is to develop a common risk language. Which of the following statements about a common risk language is true?
- A. Decision makers will understand that the likelihood of missing or ineffective controls will be reduced.
- B. Stakeholders will have more assurance that the risks are assessed consistently.
- C. Internal auditors will be able to reduce their sample sizes because controls will be more consistent.
- D. Management will be able to reduce inherent risk because they will have a better understanding of risk.
Answer: B
NEW QUESTION 46
Which of the following actions would be characterized as a preventive control to safeguard inventory from the risk of theft?
1. Locking doors and physically securing inventory items.
2. Independently observing the receipt of materials.
3. Conducting monthly inventory counts.
4. Requiring the use of employee ID badges at all times.
- A. 1 and 3.
- B. 1 and 4.
- C. 2 and 4.
- D. 2 and 3.
Answer: B
NEW QUESTION 47
A large trucking organization wants to reduce traffic accidents by improving its system of internal controls.
Which of the following controls is correctly classified?
1. Review of speeding violations to identify repetitive locations and drivers is an example of a preventive control.
2. Defensive driver training is an example of a directive control.
3. The installation of tracking devices in delivery vehicles is an example of a corrective control.
4. Providing a vehicle driver handbook is an example of a detective control.
- A. 2 and 3.
- B. 3 and 4.
- C. 1 and 2.
- D. 1 and 4.
Answer: C
NEW QUESTION 48
A large sales organization maintains a system of internal control according to the COSO model and has updated its code of conduct. This change relates to which component of the COSO framework?
- A. Control activities.
- B. Information and communication.
- C. Control environment.
- D. Commitment.
Answer: C
NEW QUESTION 49
Forty-five percent of an organization's customer payments are submitted online. Eight percent of online payments are rejected. Executive management decides to outsource its online payment services to a contractor that will assume 75 percent of the total value of rejected payments. The organization estimates $1.25 million customer payments due during the contract period.
Which of the following represents the organization's residual risk for online customer payments due?
- A. $11, 250
- B. $33, 750
- C. $25, 000
- D. $45, 000
Answer: A
NEW QUESTION 50
......
IIA IIA-CRMA Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
Verified IIA-CRMA Dumps Q&As - 1 Year Free & Quickly Updates: https://www.validbraindumps.com/IIA-CRMA-exam-prep.html
Get 2021 Updated Free IIA IIA-CRMA Exam Questions & Answer: https://drive.google.com/open?id=1Ngr-dFI8PXKmp__YEJvZIwpLyVK4MFdV