QUESTION 1ITEM: 1-3-A7-69

Question 1 of 100
0 correct
1 incorrect

RATIONALE

The steps in the process described in the

question can be illustrated by the following
flowchart:

For more information, refer to Part 1, Section III, Chapter

A, Topic 7.

The internal auditor completes the working

papers for an audit and sends the
document to a reviewer. The reviewer
reads the working papers and decides
whether or not to store them online as is or
send them back to the auditor with notes.

Which of the flowchart symbols below

would be necessary and sufficient to
describe the process?

I.

II.

III.

IV.
I and II only
II and III only
I, II, and IV only
I, III, and IV only
QUESTION 2

ITEM: 1-3-A6-59

RATIONALE

The only way to have measured reliability (stated in terms of confidence intervals) is to
use a statistical sample.

For more information, refer to Part 1, Section III, Chapter A, Topic 6.

An important difference between a statistical and a judgmental sample is that with a

statistical sample

 no judgment is required because everything is computed according to a formula.

 population estimates with measurable reliability can be made.

 a smaller sample can be used.

 more accurate results are obtained.

QUESTION 3ITEM: 1-2-D3-29

In practice, providing assurance on risk management processes differs from risk-based internal auditing with the following
exception.

Adding value

Focusing on vulnerability in a risk assessment rather than probability

Better understanding of the organization risk profile

Addressing strategic risk

RATIONALE

Assurance on risk management processes and risk-based internal auditing both strive to add value. While risk will always remain a
key driver for internal audit, proving assurance around risk management processes looks for new ways to add value such as the
areas noted here. Risk-based auditing encompasses the other three options while providing assurance on risk management
processes does not.

For more information, refer to Part 1, Section II, Chapter C, Topic 3.

QUESTION 4ITEM: 1-2-D1-4

Management has implemented internal control activities and determined the organization is operating within the risk
appetite established by executive management and the board. The portion of risk that remains is

inherent risk.

controllable risk.

residual risk.

pervasive risk.

RATIONALE

Residual risk is the portion of inherent risk that remains after mitigating controllable risk. Pervasive risk is the type of risk found
throughout the environment. Inherent risk (also called absolute risk) is the risk derived from the environment without the mitigating
effects of internal controls.

For more information, refer to Part 1, Section II, Chapter C, Topic 1.

QUESTION 5ITEM: 1-1-C6-53

The chief audit executive (CAE) is considering different methods of providing training in personal communication skills for the entire
internal audit staff. Which of the following methodologies would be the most effective means of delivering such training?

Computer-based training in human relations skills

Individual coaching by a professional communications specialist

A lecture course on communications delivered by a motivational speaker

Self-study booklets explaining communication theory

RATIONALE
The most effective training methodology would be the coaching sessions, which offer the greatest opportunity to develop
communication skills through structured practice. (The CAE would also have to factor cost and efficiency into the decision as well as
the effectiveness of the methodology.)

For more information, refer to Part 1, Section I, Chapter C, Topic 6.