IIA-CIA-Part2 Exam Dumps - Practice of Internal Auditing

The most critical situation for the chief audit executive (CAE) to report to the board is the disagreement with the business unit manager's initial decision to accept a particular risk, which was only addressed after discussion with senior management. This situation is critical because it involves a risk that was initially accepted without proper mitigation, which could have significant implications for the organization. Reporting this to the board ensures that they are aware of potential disagreements regarding risk acceptance and management's approach to risk mitigation.

References:

IIA Standards: 2060 - Reporting to Senior Management and the Board

IIA Practice Guide: Reporting to the Board and Senior Management

When using benchmarking to test the employee turnover rate, the internal auditor should compare the organization's turnover rate to the published turnover rates of peer organizations. This method provides a relevant standard or point of reference to evaluate the organization's performance relative to similar entities. By using external benchmarks, the auditor can identify whether the turnover rate is above or below industry norms, which helps in assessing the effectiveness of the organization's HR practices.

References:

The Institute of Internal Auditors (IIA) Practice Guide: Internal Audit and Organizational Performance

IIA Standard 1220 - Due Professional Care

While aligning organizational activities to internal audit activities and measuring according to approved IAA performance measures is important, it adds the least direct value to achieving the IAA's objectives compared to the other strategies. Establishing periodic reviews, using engagement results to guide future activities, and ensuring the format and frequency of IAA reporting align with the organization's governance structure are all more directly impactful strategies. References: = IIA Standard 1300 - Quality Assurance and Improvement Program and IIA Standard 1320 - Reporting on the Quality Assurance and Improvement Program.

Step-by-Step Detailed Explanation:

A. Determine whether the purchasing department complies with policy by examining a random selection of purchase orders:Correct. Reviewing a random sample of purchase orders is a standard procedure for evaluating compliance with purchasing policies, such as approval requirements, vendor selection, and adherence to budget constraints.

B. Evaluate whether purchasing requests are properly approved by authorized staff by obtaining independent verification from the vendors:Vendor verification is not typically used to evaluate internal approvals as this information is available within the organization’s records.

C. Ascertain whether material receipts are recorded on a timely basis by reviewing physical inventory stock counts:Physical inventory reviews focus on inventory management and reconciliation, not specifically on the timeliness of receipts.

D. Determine whether prices charged for goods received are correct by reviewing the appropriate accounts payable record by vendor:While reviewing accounts payable records helps verify the accuracy of pricing, it does not directly evaluate the purchasing department’s adherence to procedures.

CIA Exam Syllabus Reference:

Domain V: Performing Internal Audit Services – Audit Engagement Objectives and Procedures.

When preparing an internal control questionnaire for the procurement department, referencing relevant procurement laws or regulations ensures that the questions are aligned with the legal and regulatory requirements governing procurement activities. This approach helps to ensure that the questionnaire addresses all necessary compliance issues and identifies potential gaps in the organization's procurement processes that could lead to non-compliance.References:

The Institute of Internal Auditors (IIA) - Standards for the Professional Practice of Internal Auditing, Standard 2201 - Planning Considerations

Ensuring that risks to the timely completion of the engagement are assessed should be performed first during engagement supervision activities. This initial step is crucial as it sets the foundation for the entire audit process. By identifying and assessing risks early, the audit supervisor can develop appropriate plans and strategies to mitigate these risks, ensuring that the engagement stays on track and is completed within the allocated time frame. Addressing this aspect first helps in prioritizing tasks, allocating resources effectively, and managing any potential obstacles that might delay the audit process.

References:

The Institute of Internal Auditors (IIA) Standards

Internal Audit Engagement Planning and Risk Assessment Procedures

The most appropriate course of action for the CAE is to evaluate the robustness and feasibility of the management's action plan to address the identified weaknesses. The CAE should monitor the implementation progress, key dates, and deliverables to ensure that corrective actions are on track and will effectively mitigate the risks within the stipulated timeline. References: = IIA Standard 2500 - Monitoring Progress.

The chief audit executive (CAE) has the responsibility to provide assurance and insight on risk management processes. In a meeting with senior management to discuss significant risks, the CAE should focus on evaluating whether the risks accepted by senior management align with the organization’s risk appetite and are within acceptable levels. The CAE should ensure that the risk management practices are adequate and that senior management is aware of any risks that might exceed the organization's tolerance levels. This approach is aligned with the role of internal audit in providing independent and objective evaluations.

References:

Institute of Internal Auditors (IIA) Standards: Performance Standards 2120: Risk Management

IIA Practice Guide: Assessing the Risk Management Process