Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

CIA Part 1 > 1-Foundations Of Internal Auditing > Flashcards

1-Foundations Of Internal Auditing Flashcards

(67 cards)

Start Studying
1
Q

What are two types of guidance outlined by the International Professional Practices Framework (IPPF?)

A
  1. Mandatory Guidance

2. Recommended Guidance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the
Mission of Internal Audit?
(know word-for-word)

A

To enhance and protect organizational value

risk-based and objective
assurance,
advice, and
insight.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

List the two elements of the International Professional Practices Framework’s (IPPF’s) recommended guidance

A
  1. Implementation guidance
  2. Supplemental guidance
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the 4 elements of Mandatory Guidance?

A

1-Core Principles for the Professional Practice of Internal Auditing
2-Definition of Internal Auditing
3-Code of Ethics
4-International Standards for the Professional Practice of Internal Auditing (Standards)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the purposes of the Standards?

A

1-Guide adherence with the mandatory elements of the International Professional Practices Framework.
2-Provide a framework for performing and promoting a broad range of value-added internal auditing services.
3-Establish the basis for the evaluation of internal audit performance.
4-Foster improved organizational processes and operations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the Standards?

A

Guide adherence with mandatory elements of IPPF
Framework for performing and promoting value added IA services
Establish basis for evaluating performance
Foster improved organizational process and operations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the three types of Standards?

A

1-Attribute Standards- attributes for the org and individual IAs
2-Performance Standards- criteria to measure IA services against
3-Implementation Standards- requirements for assurance and consulting services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Internal auditing evaluates and improves which three processes?

A
  1. Governance processes
  2. Risk management processes
  3. Control processes
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the two types of Recommended Guidance?

A

1.Implementation Guidance
2.Supplementation Guidance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are Implementation Guides?

A

Implementation Guides assist internal auditors in applying the Standards.

IGs collectively address internal auditing’s approach, methodologies, and consideration, but do not detail processes or procedures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is Supplemental Guidance?

A

Supplemental Guidance provides detailed guidance for conducting internal audit activities. These include topical areas, sector-specific issues, as well as processes and procedures, tools and techniques, programs, step-by-step approaches, and examples of deliverables.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the definition of internal auditing? (know word-for-word)

A

independent, objective
assurance and consulting activity
add value and improve an organization’s operations
accomplish its objectives by bringing a
systematic, disciplined approach
evaluate and improve the effectiveness of
risk management, control, and governance processes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What writes the Internal Audit Charter and who approves it?

A

The charter should be written by (and periodically reviewed by) the CAE and approved by senior management and the board or audit committee.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are the seven sections in the Internal Audit Charter?

A

Purpose and Mission
Standards for the Professional Practice of Internal Auditing
Authority
Independence and Objectivity
Scope of Internal Audit Activities
Responsibility
Quality Assurance and Improvement Program

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the definition of assurance services?

A

Objective examination of evidence
Entity, operation, function, process, system or other
Nature and scope determined by internal auditor
Three parties involved: Process owner (OPI), internal auditor and the user of the process

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is the definition of consulting services?

A

“Advisory and related client services, the nature and scope of which are agreed upon with the client and which are intended to add value and improve an organization’s operations. Examples include counsel, advice, facilitation, process design and training.” (from the IIA Glossary)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What consulting services may internal auditors perform?

A

The Standards state that internal auditors can only perform consulting services specifically defined in the internal audit charter.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is the difference between assurance and consulting engagements?

A

In an assurance engagement, the auditor provides an assessment and states an opinion about whether or not something within the company is operating or performing correctly. The auditor should be objective in the investigation and independent in the decision.

In a consulting engagement, the auditor provides advice or makes a suggestion.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

The nature and scope of assurance services are determined by:

A

The internal auditor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

The nature and scope of consulting services are determined by:

A

Agreement between the internal auditor and engagement client.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

The ____defines the internal audit activity’s purpose, authority, and responsibility.

A

Internal audit charter

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Conformance with the Code and the Standards demonstrates:

A

Conformance with all mandatory elements of the IPPF.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

IF the Standards and other requirements are inconsistent, internal auditors (1)____conform with the Standards and (2)____conform with the other requirements if they are more restrictive.

A
  1. Must
  2. May
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

List the 10 Core Principles for the Professional Practice of Internal Auditing:

A
  1. Demonstrates integrity.
  2. Demonstrates competence and due professional care.
  3. Is objective and free from undue influence (independent)
  4. Aligns with the strategies, objectives and risks of the organization.
  5. Is appropriately positioned and adequately resourced.
  6. Demonstrates quality and continuous improvement.
  7. Communicates effectively.
  8. Provides risk-based assurance.
  9. Is insightful, proactive, and future-focused.
  10. Promotes organizational improvement.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
What are the four purposes of the Standards as described by the IIA?
1. Guide adherence with the mandatory elements of the International Professional Practices Framework. 2. Provide a framework for performing and promoting a broad range of value-added internal auditing services. 3. Establish the basis for the evaluation of internal audit performance. 4. Foster improved organizational processes and operations.
26
The purpose of the internal audit activity is to:
Provide independent, objective assurance and consulting services designed to add value and improve an organization's operations.
27
What is the Code of Ethics?
“The Code of Ethics states the principles and expectations governing the behavior of individuals and organizations in the conduct of internal auditing. It describes the minimum requirements for conduct, [sic] and behavioral expectations rather than specific activities.” (from the Code of Ethics)
28
What are the four principles in the Code of Ethics?
Integrity Objectivity Confidentiality Competency
29
What are the Rules of Conduct related to integrity?
Internal auditors: 1. 1. Shall perform their work with honesty, diligence, and responsibility. 1. 2. Shall observe the law and make disclosures expected by the law and the profession. 1. 3. Shall not knowingly be a party to any illegal activity, or engage in acts that are discreditable to the profession of internal auditing or to the organization. 1. 4. Shall respect and contribute to the legitimate and ethical objectives of the organization.
30
What are the Rules of Conduct related to objectivity?
Internal auditors: 2. 1. Shall not participate in any activity or relationship that may impair or be presumed to impair their unbiased assessment. This participation includes those activities or relationships that may be in conflict with the interests of the organization. 2. 2. Shall not accept anything that may impair or be presumed to impair their professional judgment. 2. 3. Shall disclose all material facts known to them that, if not disclosed, may distort the reporting of activities under review.
31
What are the Rules of Conduct related to confidentiality?
Internal auditors: 3. 1. Shall be prudent in the use and protection of information acquired in the course of their duties. 3. 2. Shall not use information for any personal gain or in any manner that would be contrary to the law or detrimental to the legitimate and ethical objectives of the organization.
32
What are the Rules of Conduct related to competency?
Internal auditors: 4. 1. Shall engage only in those services for which they have the necessary knowledge, skills, and experience. 4. 2. Shall perform internal auditing services in accordance with the International Standards for the Professional Practice of Internal Auditing. 4. 3. Shall continually improve their proficiency and the effectiveness and quality of their services.
33
What is independence?
“Independence is the freedom from conditions that threaten the ability of the internal audit activity to carry out internal audit responsibilities in an unbiased manner. To achieve the degree of independence necessary to effectively carry out the responsibilities of the internal audit activity, the chief audit executive has direct and unrestricted access to senior management and the board. This can be achieved through a dual-reporting relationship. Threats to independence must be managed at the individual auditor, engagement, functional, and organizational levels.” (from Standard 1100)
34
What is objectivity?
“Objectivity is an unbiased mental attitude that allows internal auditors to perform engagements in such a manner that they believe in their work product and that no quality compromises are made. Objectivity requires that internal auditors do not subordinate their judgment on audit matters to others. Threats to objectivity must be managed at the individual auditor, engagement, functional, and organizational levels.” (from Standard 1100)
35
What does organizational independence mean?
Organizational Independence means that the internal audit activity must not have any current or previous relationships with the departments that it audits. Organizational independence can be achieved through a properly designed Internal Audit Charter.
36
What are examples of functional reporting?
Approving the internal audit charter; Approving the risk based internal audit plan; Approving the internal audit budget and resource plan; Receiving communications from the chief audit executive on the internal audit activity’s performance relative to its plan and other matters; Approving decisions regarding the appointment and removal of the chief audit executive; Approving the remuneration of the chief audit executive; and Making appropriate inquiries of management and the chief audit executive to determine whether there are inappropriate scope or resource limitations. (from Standard 1110)
37
What are examples of administrative reporting?
Budgeting and management accounting. Human resource administration, including personnel evaluations and compensation. Internal communications and information flows. Administration of the internal audit activity’s policies and procedures. (from PA 1110-1)
38
Who does the CAE report to?
The CAE should report to an audit committee, or its equivalent, for any functional and engagement issues. For administrative issues, the CAE should report to the CEO (or a similar position).
39
What is individual objectivity?
“Internal auditors must have an impartial, unbiased attitude and avoid any conflict of interest.” (from Standard 1120)
40
What are common impairments?
A personal conflict of interest. A scope limitation, including a restriction of access to records, personnel, or properties. Resource limitation, which includes funding limitations. Situations where the auditor is assessing operations for which they were previously responsible. Assurance engagements for functions over which the CAE previously had responsibility. Consulting engagements in areas where assurance engagements are also performed.
41
What is a conflict of interest?
A situation in which an internal auditor, who is in a position of trust, has a competing professional or personal interest. Such competing interests can make it difficult to fulfill his or her duties impartially. A conflict of interest exists even if no unethical or improper act results. A conflict of interest can create an appearance of impropriety that can undermine confidence in the internal auditor, the internal audit activity, and the profession. A conflict of interest could impair an individual’s ability to perform his or her duties and responsibilities objectively. (from Standard 1120)
42
May auditors assess operations that they were previously responsible for?
Internal auditors must refrain from assessing specific operations for which they were previously responsible. Objectivity is presumed to be impaired if an auditor provides assurance services for an activity for which the auditor had responsibility within the previous year. (from PA 1130)
43
May auditors provide consulting for operations that they were previously responsible for?
Yes, internal auditors may provide consulting services relating to operations for which they had previous responsibilities.
44
What must be done if independence is impaired in fact or in appearance?
“The details of the impairment must be disclosed to appropriate parties.” (from Standard 1130)
45
What responsibilities does the CAE have to report independence and objectivity issues to the board?
1-The CAE will confirm at least annually to the board that the IAA is organizationally independent. The CAE will need to make certain that the IAA maintains its organizational independence at all times. 2-The CAE will disclose to the board any interference with the IAA determining the scope of work, performing the work, or communicating the results.
46
List the four elements of the International Professional Practices Framework’s (IPPF’s) mandatory guidance.
Core Principles Definition of Internal Auditing Code of Ethics The Standards
47
List and define the three different Standards under the International Professional Practices Framework’s (IPPF’s) mandatory guidance.
Attribute Standards: Govern the responsibilities, attitudes, and actions of internal activity and the people who serve as internal auditors Performance Standards: Govern the nature of internal auditing and provide quality criteria for evaluating the internal audit function’s performance Implementation Standards: Expand upon Attribute and Performance Standards to provide the requirements applicable to the services
48
Internal auditing evaluates and improves which three processes?
Governance processes Risk management processes Control processes
49
Define assurance services.
An objective examination of evidence for the purpose of providing an independent assessment on governance, risk management, and control processes for the organization.
50
Define consulting services.
Advisory activities intended to add value and improve an organization’s governance, risk management, and control processes without the internal auditor assuming management responsibility.
51
The nature and scope of assurance services are determined by
The internal auditor.
52
The nature and scope of consulting services are determined by
Agreement between the internal auditor and engagement client.
53
The ________ defines the internal audit activity’s purpose, authority, and responsibility.
Internal audit charter.
54
What are the four principles of The IIA’s Code of Ethics?
Integrity Objectivity Confidentiality Competency
55
The IIA’s Code of Ethics applies to both _____ (1) and _____ (2) that perform internal audit services.
1-Entities | 2-Individuals
56
What are the four rules of conduct relating to integrity?
Internal auditors 1-Shall perform their work with honesty, diligence, and responsibility 2-Shall observe the law and make disclosures expected by the law and the profession 3-Shall not knowingly be a party to any illegal activity, or engage in acts that are discreditable to the procession of internal auditing or to the organization 4-Shall respect and contribute to the legitimate and ethical objectives of the organization
57
What are the three rules of conduct relating to objectivity?
Internal auditors 1-Shall not participate in any activity or relationship that may impair or be presumed to impair their unbiased assessment. This participation includes those activities or relationships that may be in conflict with the interests of the organization. 2-Shall not accept anything that may impair or be presumed to impair their professional judgment. 3-Shall disclose all material facts known to them that, if not disclosed, may distort the reporting of activities under review.
58
What are the two rules of conduct relating to confidentiality?
Internal auditors 1-Shall be prudent in the use and protection of information acquired in the course of their duties. 2-Shall not use information for any personal gain or in any manner that would be contrary to the law or detrimental to the legitimate and ethical objectives of the organization.
59
What are the three rules of conduct relating to competency?
Internal auditors 1-Shall engage only in those services for which they have the necessary knowledge, skills, and experience. 2-Shall perform internal audit services in accordance with the International Standards for the Professional Practice of Internal Auditing. 3-Shall continually improve their proficiency and the effectiveness and quality of their services.
60
The ______ defines the scope of internal audit activities.
Internal audit charter.
61
Who is responsible for approving the internal audit charter?
The entity’s board of directors.
62
Who is responsible for retaining the internal audit charter?
The chief audit executive (CAE).
63
Which elements of the IPPF need to receive public exposure prior to becoming official.
``` The mandatory guidance from the IPPF: Core principles Definition Code of Ethics Standards ```
64
Name the 10 Core Principles for the Professional Practice of Internal Auditing
``` Demonstrates Integrity Demonstrates competence and due professional care Objective and Independent Aligns with strategies, objectives and risks of org Positioned and resources Quality and improvement (QAIP) Communicates effectively Risk based assurance Insight, proactive, future-focused Org improvement ```
65
What are the primary components of the Attribute Standards
Purpose, Authority and Responsibility (outlined in the charter and approved by the board) Independence and Objectivity Proficiency and Due Professional Care Quality Assurance and Improvement Program (does IIA conform to the Mandatory Guidance and add value to the org)
66
What are the primary components of the Performance Standards?
``` Managing the Internal Audit Activity Nature of Work Engagement Planning Performing the Engagement Communicating Results Monitoring Progress Resolution of Management's Acceptance of Risks ```
67
What are the 7 parts of the internal audit charter?
Purpose and Mission Standards for the Professional Practice of IA (from IPPF) Authority Independence and Objectivity Scope of the IAA Responsibility Quality Assurance and Improvement Program

CIA Part 1 (4 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions