Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

CIA Part 1 > 2-Independence, Objectivity, Proficiency, Care and Quality > Flashcards

2-Independence, Objectivity, Proficiency, Care and Quality Flashcards

(94 cards)

Start Studying
1
Q

How frequently must the chief audit executive confirm to the board the organizational independence of the internal audit activity?

A

At least annually.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The organizational independence of the internal audit activity is achieved when it reports (1) ______ to the board and (2) ______ to senior management.

A

Functionally

Administratively

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Independence is an attribute of ______.

A

The internal audit activity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Objectivity is an attribute of ______.

A

Individual internal auditors.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Define the objectivity of an internal auditor.

A

Objectivity refers to an internal auditor’s impartial and unbiased mindset, which is facilitated by avoiding conflicts of interest.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What can be used to describe the expectation and requirements for the objectivity of internal auditors?

A

An internal audit policy manual or handbook.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

The chief audit executive must establish (1) _____ and (2) _____ to assess the objectivity of individual internal auditors.

A

1-Policies

2-Procedures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Who is responsible for maintaining the objectivity of internal auditors?

A

The responsibility to maintain objectivity rests with the chief audit executive (CAE) and with internal auditors themselves.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Independence and objectivity may be impaired in _____ (1) or _____ (2).

A

1-Fact

2-Appearance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

List examples of impairments to organizational independence and individual objectivity.

A

Personal conflict of interest
Scope limitations
Restrictions on access to records, personnel, and properties
Resource limitations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Define scope limitation.

A

A scope limitation is a restriction placed on the internal audit activity that precludes the activity from accomplishing its objectives and plans.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How should the chief audit executive (CAE) respond when an impairment to independence and objectivity is discovered after an audit has been executed?

A

The CAE should discuss the impairment with operating and senior management, as well as the board.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Assurance engagements for functions over which the chief audit executive has responsibility must be overseen by _______________.

A

A party outside the internal audit activity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

May the internal audit activity provide assurance services where it had previously performed consulting services?

A

The internal audit activity may provide assurance services where it had previously performed consulting services, provided the nature of the consulting did not impair objectivity and provided individual objectivity is managed when assigning resources to the engagement.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

When may internal auditors provide assurance or consulting services relating to operations for which they had previous responsibilities without impairing objectivity?

A

Type of service When may internal auditors provide services (without impairment)?
Assurance 1 year after the previous responsibility
Consulting Any time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How should internal auditors respond when there are potential impairments to independence or objectivity relating to proposed consulting services?

A

Disclosure must be made to the engagement client prior to accepting the engagement.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Who is responsible for ensuring conformance with the Standards regarding internal auditor proficiency and due professional care?

A

The chief audit executive (CAE).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Who is responsible for performing engagements with proficiency and due professional care?

A

Every internal auditor.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Should each internal auditor individually be proficient in all necessary competencies of the internal audit activity?

A

No. The internal audit activity collectively, not each auditor individually, must be proficient in all necessary competencies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

List the 10 core competencies included in The IIA’s Global Internal Audit Competency Framework.

A 
1-Professional ethics
2-Internal audit management
3-International Professional Practices Framework (IPPF)
4-Governance, risk and control
5-Business acumen
6-Communication
7-Persuasion and collaboration
8-Critical thinking
9-Internal audit delivery
10-Improvement and innovation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Which aspects of the internal audit activity cannot be outsourced?

A

Oversight of and responsibility for the internal audit activity must not be outsourced.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Internal auditors must apply the care and skill expected of a __________ internal auditor.

A

Reasonably prudent and competent.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

List the areas that should be considered when internal auditors are exercising due professional care in assurance engagements.

A

Extent of work needed to achieve the engagement’s objectives
Relative complexity, materiality, or significance of matters to which assurance procedures are applied
Adequacy and effectiveness of governance, risk management, and control processes
Probability of significant errors, fraud, or noncompliance
Cost of assurance in relation to potential benefits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

List the areas that should be considered when internal auditors are exercising due professional care in consulting engagements.

A

Needs and expectations of clients, including the nature, timing, and communication of engagement results
Relative complexity and extent of work needed to achieve the engagement’s objectives
Cost of the consulting engagement in relation to potential benefits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
How many hours of continuing professional education (CPE) must certified internal auditors (CIAs) complete annually?
Types of CIAs Annual Hours Practicing CIA 40 hours (at least 2 hours of ethics training) Nonpracticing CIA 20 hours (at least 2 hours of ethics training)
26
The __________ must develop and maintain a quality assurance and improvement program that covers all aspects of the internal audit activity.
Chief audit executive.
27
List the five components of a Quality Assurance and Improvement Program (QAIP).
``` Internal assessments External assessments Communication of QAIP results Proper use of a conformance statement Disclosure of nonconformance ```
28
What are the two types of internal assessment in a Quality Assurance and Improvement Program (QAIP)?
Ongoing monitoring | Periodic self-assessments
29
What should be the frequency of external assessments in a Quality Assurance and Improvement Program (QAIP)?
At least once every five years.
30
When can a self-assessment be performed in lieu of a full external assessment in a Quality Assurance and Improvement Program (QAIP)?
When it is validated by a qualified, independent, competent, and professional external assessor
31
What are the four steps of the Deming Cycle?
Plan Do Check Act
32
Ongoing monitoring is generally focused on reviews conducted at the ______________ level.
Engagement.
33
What two aspects of external assessments must the chief audit executive (CAE) discuss with the board?
The form and frequency of external assessments The qualifications and independence of the external assessor or assessment team, including any potential conflict of interest
34
To whom must the chief audit executive communicate the results of the Quality Assurance and Improvement Program (QAIP)?
Senior management and the board
35
The results of the Quality Assurance and Improvement Program (QAIP) should include ___________.
The scope and frequency of both the internal and external assessments The qualifications and independence of the assessor(s) or assessment team, including potential conflicts of interest Conclusions of assessors Corrective action plans
36
How frequently must the results of (1) external assessments, (2) periodic internal assessments, and (3) ongoing monitoring be communicated?
Type of assessment Frequency External assessments Upon completion Periodic internal assessments Upon completion Ongoing monitoring At least annually
37
When nonconformance with the Code of Ethics or the Standards impacts the overall scope or operation of the internal audit activity, the chief audit executive must disclose the nonconformance and the impact to _______________.
Senior management and the board.
38
What are the 4 knowledge areas of the IIA's global Internal Audit Competency Framework
Professionalism Performance Environment Leadership and Communication
39
The three levels of competency within the IIA competency framework are:
General awareness Applied knowledge Expert
40
What are the specific competencies for professionalism?
``` Mission of internal auditing Internal audit charter Organizational independence Individual objectivity Ethical behaviour Due professional care Professional development ```
41
What are the specific competencies for Performance?
Organizational governance Fraud Risk management Internal control Engagement planning, including objectives and scope, risk assessment, work program and resources Engagement fieldwork, including information gathering, sampling, computer-assisted audit tools and techniques, data analytics, evidence, process mapping, analytical review, and documentation. Engagement outcomes, including communication quality, conclusions, recommendations, reporting, residual risk and risk acceptance, management action plan, and results montioring.
42
What are the specific competencies for environment?
Organization strategic planning and management Common business processes Social responsibility and sustainability Information technology, including data analytics, security and privacy, and IT control frameworks. Accounting and finance
43
What are the specific competencies for Leadership and Communication?
Internal audit strategic planning and management Audit plan and coordinating assurance efforts Quality assurance and improvement program.
44
What are the common elements in all QAIPs?
Cover all aspects of the internal audit activity Evaluate the conformance of the IAA with the Standards and the Code of Ethics Assess the efficiency and effectiveness of the IAA Identify opportunities for continuous improvement Involve the board in the oversight of the QAIP
45
Some stakeholders of the IAA may include:
``` The board of directors Senior management The external auditor Operational managers Customers Shareholders Oversight organizations, regulators, and government agencies ```
46
The two functions of the QAIP are:
Conclude the quality of the IAA | Generate recommendations for improvements within the IAA
47
The following will be evaluated as part of the QAIP:
Conformance with the Definition, Code of Ethics and Standards. Adequacy of Charter, Goals, Objectives, Policies and Procedures. Contribution to governance, risk management and control processes. Completeness of coverage Compliance with laws and regulations Risks affecting operation of IAA Effectiveness of continuous improvement Does IAA add value
48
QAIP must be implemented and applied at three levels:
Individual engagement level (self-assessment at audit by supervisor) Internal audit activity level (self-assessment by IAA or org level by CAE) The external perspective (assessment at least every 5 years)
49
Name two types of internal assessments
Ongoing monitoring | Periodic internal assessments
50
Results of the ongoing monitoring as a whole need to be reported to the board
At least annually.
51
The main objectives of periodic self-assessment are:
Identify quality of ongoing performance and opportunities for improvement To check and validate the QAIP
52
External assessments:
Must be conducted at least once every 5 years by a qualified independent assessor or assessment team from outside the organization.
53
What are the 10 Competencies in the Competency Framework?
``` Professional ethics Internal audit management IPPF Governance, risk and control Business acumen Communication Persuasion and collaboration Critical thinking Internal audit delivery Improvement and innovation ```
54
What are thethree levels of competence?
Proficiency: The ability to apply knowledge to situations likely to be encountered and deal with them appropriately without extensive recourse to technical research and assistance. Understanding: The ability to apply broad knowledge to situations likely to be encountered, recognize significant deviations, and carry out research necessary to arrive at reasonable solutions. Appreciation: The ability to recognize the existence of problems or potential problems and identify the additional research or assistance needed.
55
What areas should an internal auditor have proficiency in?
``` Proficiency in applying: Internal audit standards, Procedures, and Techniques in performing engagements ```
56
What should an internal auditor have an understanding of?
Management principles to recognize and evaluate the: Materiality, and Significance of deviations from good business practices
57
What areas should an internal auditor have an appreciation of?
``` Accounting Economics Commercial law Taxation Finance Quantitative methods Information technology Risk management Fraud ```
58
What specific knowledge shouldan internal auditor have?
Auditors must have knowledge: To identify the indicators of fraud, and Of key information technology risks and controls and available technology-based audit techniques.
59
What specific skills should an internal auditor have?
Dealing with people. Understanding human relations. Maintaining satisfactory relationships with engagement clients. Communicating (both in oral and written form) to clearly and effectively convey such matters as engagement objectives, evaluations, conclusions, and recommendations.
60
Who is responsible forproficiency and due professional care of the auditors?
The CAE has this responsibility.
61
When can the CAE engage external specialists?
If the IAA does not have the skills and competencies for an engagement, the CAE must either decline the engagement or go outside the IAA or organization to get those skills.
62
What must be considered and evaluated before the IAAuses an outside expert?
The independence and objectivity of the expert in respect to the engagement. The relevant professional certifications and/or membership in a professional organization. Experience and education in similar situations and the area in which they will be engaged. Reputation. Knowledge of the business and industry.
63
What is Due Professional Care?
Due professional care requires that internal auditors apply the skill and care expected of a reasonably prudent and competent internal auditor.
64
In Standard 1220, what must the internal auditor consider in exercising due professional care?
Extent of work needed to achieve the engagement’s objectives; Relative complexity, materiality, or significance of matters to which assurance procedures are applied; Adequacy and effectiveness of governance, risk management, and control processes; Probability of significant errors, fraud, or noncompliance; and Cost of assurance in relation to potential benefits
65
What does continuingprofessional education include?
Maintaining proficiency through continuing education. Staying informed about improvements and current developments in the internal audit standards, procedures, and techniques.
66
What does QAIP stand for?
Quality Assurance and Improvement Program
67
What are the two types ofinternal assessments in a QAIP?
Ongoing internal assessments of performance of the internal audit activity. Periodic internal assessments of the program through self-assessment or from an independent person within the organization who is familiar with the internal auditing program.
68
What are the two waysan external assessmentmay be done in a QAIP?
A full external assessment conducted by an external assessor or review team. An independent assessor or review team can conduct an independent validation of the internal self-assessment and the corresponding report that was completed by the internal audit activity.
69
To whom are the results ofthe QAIP communicated?
To senior management and the board of directors.
70
How often should internal assessments be performed?
Ongoing assessments are performed throughout the year and periodic assessments are performed as needed.
71
How often should external assessments be performed?
At least once every five years.
72
When may the phrase, “Conforms with the International Standards for the Professional Practice of Internal Auditing” be used?
It may be used only if it is supported by the results of the QAIP.
73
To whom must nonconformance with the Standards be disclosed?
To senior management and the board.
74
What are the 10 Competencies in the Competency Framework
``` Professional ethics Internal audit management IPPF Governance, risk and control Business acumen Communication Persuasion and collaboration Critical thinking Internal audit delivery Improvement and innovation ```
75
What are thethree levels of competence?
Proficiency: The ability to apply knowledge to situations likely to be encountered and deal with them appropriately without extensive recourse to technical research and assistance. Understanding: The ability to apply broad knowledge to situations likely to be encountered, recognize significant deviations, and carry out research necessary to arrive at reasonable solutions. Appreciation: The ability to recognize the existence of problems or potential problems and identify the additional research or assistance needed.
76
What areas should an internal auditor have proficiency in?
``` Proficiency in applying: Internal audit standards, Procedures, and Techniques In performing engagements ```
77
What should an internal auditor have an understanding of?
Management principles to recognize and evaluate the: Materiality, and Significance of deviations from good business practices
78
What areas should an internal auditor have an appreciation of?
``` Accounting Economics Commercial law Taxation Finance Quantitative methods Information technology Risk management Fraud ```
79
What specific knowledge shouldan internal auditor have?
Auditors must have knowledge: To identify the indicators of fraud, and Of key information technology risks and controls and available technology-based audit techniques.
80
What specific skills should an internal auditor have?
Dealing with people. Understanding human relations. Maintaining satisfactory relationships with engagement clients. Communicating (both in oral and written form) to clearly and effectively convey such matters as engagement objectives, evaluations, conclusions, and recommendations.
81
Who is responsible forproficiency and due professional care of the auditors?
The CAE has this responsibility.
82
When can the CAE engage external specialists?
If the IAA does not have the skills and competencies for an engagement, the CAE must either decline the engagement or go outside the IAA or organization to get those skills.
83
What must be consideredand evaluated before the IAAuses an outside expert?
The independence and objectivity of the expert in respect to the engagement. The relevant professional certifications and/or membership in a professional organization. Experience and education in similar situations and the area in which they will be engaged. Reputation. Knowledge of the business and industry.
84
What is Due Professional Care?
Due professional care requires that internal auditors apply the skill and care expected of a reasonably prudent and competent internal auditor.
85
In Standard 1220, what must the internal auditor consider in exercising due professional care?
Extent of work needed to achieve the engagement’s objectives; Relative complexity, materiality, or significance of matters to which assurance procedures are applied; Adequacy and effectiveness of governance, risk management, and control processes; Probability of significant errors, fraud, or noncompliance; and Cost of assurance in relation to potential benefits.
86
What does continuingprofessional education include?
Maintaining proficiency through continuing education. Staying informed about improvements and current developments in the internal audit standards, procedures, and techniques.
87
What does QAIP stand for?
Quality Assurance and Improvement Program
88
What are the two types ofinternal assessments in a QAIP?
Ongoing internal assessments of performance of the internal audit activity. Periodic internal assessments of the program through self-assessment or from an independent person within the organization who is familiar with the internal auditing program.
89
What are the two waysan external assessmentmay be done in a QAIP?
A full external assessment conducted by an external assessor or review team. An independent assessor or review team can conduct an independent validation of the internal self-assessment and the corresponding report that was completed by the internal audit activity.
90
To whom are the results ofthe QAIP communicated?
To senior management and the board of directors.
91
How often should internal assessments be performed?
Ongoing assessments are performed throughout the year and periodic assessments are performed as needed.
92
How often should external assessments be performed?
At least once every five years.
93
When may the phrase, “Conforms with the International Standards for the Professional Practice of Internal Auditing” be used?
It may be used only if it is supported by the results of the QAIP.
94
To whom must nonconformance with the Standards be disclosed?
To senior management and the board.

CIA Part 1 (4 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions