Internal Auditor III
1.
Internal auditing is primarily designed to:
A. Detect all fraud
B. Add value and improve operations
C. Prepare financial statements
D. Approve budgets
Answer: B (mcqs.club)
2.
The internal auditor mainly reports functionally to:
A. Finance manager
B. Audit committee/Board
C. Shareholders
D. Customers
Answer: B (Wikipedia)
3.
Which is the third line of defense?
A. Operational management
B. Compliance department
C. Internal audit
D. External suppliers
Answer: C (Wikipedia)
4.
Risk-based internal auditing focuses mainly on:
A. Payroll processing
B. High-risk areas
C. Petty cash only
D. Fixed assets only
Answer: B (Wikipedia)
5.
Internal auditors should maintain:
A. Independence and objectivity
B. Ownership of operations
C. Shareholding interests
D. Marketing responsibilities
Answer: A (Wikipedia)
6.
Which is NOT a role of internal audit?
A. Evaluating controls
B. Advising management
C. Managing daily operations
D. Assessing risk management
Answer: C (Quizlet)
7.
The “5 Cs” of audit findings include all EXCEPT:
A. Cause
B. Criteria
C. Capital
D. Consequence
Answer: C (Wikipedia)
8.
Audit evidence should be:
A. Biased
B. Irrelevant
C. Sufficient and appropriate
D. Secretive
Answer: C
9.
The audit charter is approved by:
A. Junior auditors
B. Audit committee
C. Customers
D. Suppliers
Answer: B
10.
Fraud investigation is an example of:
A. Assurance service
B. Consulting assignment
C. Marketing function
D. Procurement activity
Answer: B (mcqs.club)
11.
Which activity threatens auditor independence?
A. Reviewing controls
B. Giving recommendations
C. Performing operational duties
D. Reporting findings
Answer: C
12.
Internal control objectives include:
A. Reliability of reporting
B. Compliance with laws
C. Operational efficiency
D. All of the above
Answer: D
13.
Who owns risk in an organization?
A. Internal auditors
B. External auditors
C. Management
D. Customers
Answer: C
14.
The chief audit executive (CAE) should report administratively to:
A. HR manager
B. Senior management
C. Vendor
D. Receptionist
Answer: B
15.
An auditor’s objectivity is impaired when:
A. Performing assurance work
B. Auditing own previous work
C. Reporting findings
D. Using audit software
Answer: B
16.
Which document defines authority and responsibility of internal audit?
A. Audit charter
B. Balance sheet
C. Risk register
D. Budget report
Answer: A
17.
Residual risk means:
A. Risk before controls
B. Risk after controls
C. Fraud risk only
D. Audit risk only
Answer: B
18.
Inherent risk refers to:
A. Risk eliminated completely
B. Risk before controls
C. Residual fraud
D. IT failure only
Answer: B
19.
Which is a preventive control?
A. Reconciliation
B. Segregation of duties
C. Internal audit review
D. Exception report
Answer: B
20.
Which is a detective control?
A. Password policy
B. Authorization
C. Bank reconciliation
D. Employee training
Answer: C
21.
The purpose of audit planning is to:
A. Eliminate all risks
B. Focus on important areas
C. Replace management
D. Approve transactions
Answer: B
22.
Which is NOT part of governance?
A. Accountability
B. Transparency
C. Operational ownership by auditors
D. Ethical leadership
Answer: C
23.
Internal audit recommendations should be:
A. Punitive
B. Constructive
C. Personal
D. Emotional
Answer: B
24.
Sampling is used because:
A. Auditing all items is always impossible
B. Auditors dislike detailed work
C. Controls are weak
D. Fraud is guaranteed
Answer: A
25.
A risk heat map helps:
A. Destroy records
B. Prioritize risks
C. Prepare payroll
D. Approve leave
Answer: B (Reddit)
26.
Which is an IT general control?
A. Edit checks
B. Access security
C. Invoice approval
D. Budget variance
Answer: B
27.
The audit universe refers to:
A. Entire economy
B. All auditable areas
C. External stakeholders
D. Shareholders only
Answer: B
28.
An engagement letter normally includes:
A. Audit objectives and scope
B. Employee salaries
C. Customer addresses
D. Supplier discounts
Answer: A
29.
Control self-assessment involves:
A. Employees evaluating controls
B. Auditors ignoring controls
C. External audit only
D. Financial forecasting
Answer: A
30.
Which is NOT an attribute of good audit reports?
A. Clear
B. Timely
C. Misleading
D. Accurate
Answer: C (Reddit)
31.
An auditor should exercise:
A. Professional skepticism
B. Personal bias
C. Favoritism
D. Political influence
Answer: A
32.
Which control reduces fraud opportunity?
A. Shared passwords
B. Segregation of duties
C. Missing approvals
D. Poor supervision
Answer: B
33.
Compliance auditing focuses on:
A. Market prices
B. Laws and regulations
C. Product quality only
D. Advertising
Answer: B
34.
Operational auditing evaluates:
A. Profit distribution
B. Efficiency and effectiveness
C. Stock market prices
D. Tax rates only
Answer: B
35.
Which is NOT a fraud triangle element?
A. Pressure
B. Opportunity
C. Rationalization
D. Insurance
Answer: D
36.
Benchmarking means:
A. Comparing performance with best practices
B. Hiding weaknesses
C. Ignoring competitors
D. Eliminating controls
Answer: A
37.
Who is responsible for internal controls?
A. Internal audit only
B. External audit only
C. Management
D. Customers
Answer: C
38.
An auditor discovers a material fraud. First action?
A. Ignore it
B. Communicate appropriately
C. Publish on social media
D. Destroy evidence
Answer: B
39.
Which software assists auditors in data analysis?
A. CAATs
B. Antivirus only
C. Payroll systems
D. Web browsers
Answer: A
40.
The audit committee enhances:
A. Auditor independence
B. Operational bias
C. Fraud opportunities
D. Political pressure
Answer: A
41.
Which is an example of consulting service?
A. Giving control advice
B. Approving transactions
C. Managing payroll
D. Hiring employees
Answer: A
42.
A walkthrough helps auditors:
A. Understand processes
B. Increase taxes
C. Replace management
D. Eliminate controls
Answer: A
43.
Key risk indicators are used to:
A. Monitor risk exposure
B. Approve salaries
C. Reduce inventory
D. Advertise products
Answer: A
44.
Which is NOT an internal audit standard?
A. Integrity
B. Confidentiality
C. Negligence
D. Competency
Answer: C
45.
The scope of internal audit is:
A. Narrow only
B. Limited to finance
C. Broad organization-wide
D. External only
Answer: C (Wikipedia)
46.
An audit program contains:
A. Audit procedures
B. Customer complaints
C. Tax invoices
D. Marketing plans
Answer: A
47.
Which best defines governance?
A. Daily cash counting
B. System directing and controlling organizations
C. Advertising process
D. Inventory ordering
Answer: B
48.
Control risk is:
A. Risk controls fail
B. Fraud certainty
C. Audit completion
D. Market volatility only
Answer: A
49.
An auditor should avoid:
A. Conflict of interest
B. Risk assessment
C. Documentation
D. Communication
Answer: A
50.
Which is an example of corrective control?
A. Fire extinguisher refill after use
B. Password restriction
C. CCTV monitoring
D. Approval signatures
Answer: A
Internal auditing is primarily designed to:
A. Detect all fraud
B. Add value and improve operations
C. Prepare financial statements
D. Approve budgets
Answer: B (mcqs.club)
2.
The internal auditor mainly reports functionally to:
A. Finance manager
B. Audit committee/Board
C. Shareholders
D. Customers
Answer: B (Wikipedia)
3.
Which is the third line of defense?
A. Operational management
B. Compliance department
C. Internal audit
D. External suppliers
Answer: C (Wikipedia)
4.
Risk-based internal auditing focuses mainly on:
A. Payroll processing
B. High-risk areas
C. Petty cash only
D. Fixed assets only
Answer: B (Wikipedia)
5.
Internal auditors should maintain:
A. Independence and objectivity
B. Ownership of operations
C. Shareholding interests
D. Marketing responsibilities
Answer: A (Wikipedia)
6.
Which is NOT a role of internal audit?
A. Evaluating controls
B. Advising management
C. Managing daily operations
D. Assessing risk management
Answer: C (Quizlet)
7.
The “5 Cs” of audit findings include all EXCEPT:
A. Cause
B. Criteria
C. Capital
D. Consequence
Answer: C (Wikipedia)
8.
Audit evidence should be:
A. Biased
B. Irrelevant
C. Sufficient and appropriate
D. Secretive
Answer: C
9.
The audit charter is approved by:
A. Junior auditors
B. Audit committee
C. Customers
D. Suppliers
Answer: B
10.
Fraud investigation is an example of:
A. Assurance service
B. Consulting assignment
C. Marketing function
D. Procurement activity
Answer: B (mcqs.club)
11.
Which activity threatens auditor independence?
A. Reviewing controls
B. Giving recommendations
C. Performing operational duties
D. Reporting findings
Answer: C
12.
Internal control objectives include:
A. Reliability of reporting
B. Compliance with laws
C. Operational efficiency
D. All of the above
Answer: D
13.
Who owns risk in an organization?
A. Internal auditors
B. External auditors
C. Management
D. Customers
Answer: C
14.
The chief audit executive (CAE) should report administratively to:
A. HR manager
B. Senior management
C. Vendor
D. Receptionist
Answer: B
15.
An auditor’s objectivity is impaired when:
A. Performing assurance work
B. Auditing own previous work
C. Reporting findings
D. Using audit software
Answer: B
16.
Which document defines authority and responsibility of internal audit?
A. Audit charter
B. Balance sheet
C. Risk register
D. Budget report
Answer: A
17.
Residual risk means:
A. Risk before controls
B. Risk after controls
C. Fraud risk only
D. Audit risk only
Answer: B
18.
Inherent risk refers to:
A. Risk eliminated completely
B. Risk before controls
C. Residual fraud
D. IT failure only
Answer: B
19.
Which is a preventive control?
A. Reconciliation
B. Segregation of duties
C. Internal audit review
D. Exception report
Answer: B
20.
Which is a detective control?
A. Password policy
B. Authorization
C. Bank reconciliation
D. Employee training
Answer: C
21.
The purpose of audit planning is to:
A. Eliminate all risks
B. Focus on important areas
C. Replace management
D. Approve transactions
Answer: B
22.
Which is NOT part of governance?
A. Accountability
B. Transparency
C. Operational ownership by auditors
D. Ethical leadership
Answer: C
23.
Internal audit recommendations should be:
A. Punitive
B. Constructive
C. Personal
D. Emotional
Answer: B
24.
Sampling is used because:
A. Auditing all items is always impossible
B. Auditors dislike detailed work
C. Controls are weak
D. Fraud is guaranteed
Answer: A
25.
A risk heat map helps:
A. Destroy records
B. Prioritize risks
C. Prepare payroll
D. Approve leave
Answer: B (Reddit)
26.
Which is an IT general control?
A. Edit checks
B. Access security
C. Invoice approval
D. Budget variance
Answer: B
27.
The audit universe refers to:
A. Entire economy
B. All auditable areas
C. External stakeholders
D. Shareholders only
Answer: B
28.
An engagement letter normally includes:
A. Audit objectives and scope
B. Employee salaries
C. Customer addresses
D. Supplier discounts
Answer: A
29.
Control self-assessment involves:
A. Employees evaluating controls
B. Auditors ignoring controls
C. External audit only
D. Financial forecasting
Answer: A
30.
Which is NOT an attribute of good audit reports?
A. Clear
B. Timely
C. Misleading
D. Accurate
Answer: C (Reddit)
31.
An auditor should exercise:
A. Professional skepticism
B. Personal bias
C. Favoritism
D. Political influence
Answer: A
32.
Which control reduces fraud opportunity?
A. Shared passwords
B. Segregation of duties
C. Missing approvals
D. Poor supervision
Answer: B
33.
Compliance auditing focuses on:
A. Market prices
B. Laws and regulations
C. Product quality only
D. Advertising
Answer: B
34.
Operational auditing evaluates:
A. Profit distribution
B. Efficiency and effectiveness
C. Stock market prices
D. Tax rates only
Answer: B
35.
Which is NOT a fraud triangle element?
A. Pressure
B. Opportunity
C. Rationalization
D. Insurance
Answer: D
36.
Benchmarking means:
A. Comparing performance with best practices
B. Hiding weaknesses
C. Ignoring competitors
D. Eliminating controls
Answer: A
37.
Who is responsible for internal controls?
A. Internal audit only
B. External audit only
C. Management
D. Customers
Answer: C
38.
An auditor discovers a material fraud. First action?
A. Ignore it
B. Communicate appropriately
C. Publish on social media
D. Destroy evidence
Answer: B
39.
Which software assists auditors in data analysis?
A. CAATs
B. Antivirus only
C. Payroll systems
D. Web browsers
Answer: A
40.
The audit committee enhances:
A. Auditor independence
B. Operational bias
C. Fraud opportunities
D. Political pressure
Answer: A
41.
Which is an example of consulting service?
A. Giving control advice
B. Approving transactions
C. Managing payroll
D. Hiring employees
Answer: A
42.
A walkthrough helps auditors:
A. Understand processes
B. Increase taxes
C. Replace management
D. Eliminate controls
Answer: A
43.
Key risk indicators are used to:
A. Monitor risk exposure
B. Approve salaries
C. Reduce inventory
D. Advertise products
Answer: A
44.
Which is NOT an internal audit standard?
A. Integrity
B. Confidentiality
C. Negligence
D. Competency
Answer: C
45.
The scope of internal audit is:
A. Narrow only
B. Limited to finance
C. Broad organization-wide
D. External only
Answer: C (Wikipedia)
46.
An audit program contains:
A. Audit procedures
B. Customer complaints
C. Tax invoices
D. Marketing plans
Answer: A
47.
Which best defines governance?
A. Daily cash counting
B. System directing and controlling organizations
C. Advertising process
D. Inventory ordering
Answer: B
48.
Control risk is:
A. Risk controls fail
B. Fraud certainty
C. Audit completion
D. Market volatility only
Answer: A
49.
An auditor should avoid:
A. Conflict of interest
B. Risk assessment
C. Documentation
D. Communication
Answer: A
50.
Which is an example of corrective control?
A. Fire extinguisher refill after use
B. Password restriction
C. CCTV monitoring
D. Approval signatures
Answer: A
50.
Which is an example of a corrective control?
A. Password policy
B. Segregation of duties
C. Backup restoration after system failure
D. CCTV monitoring
Answer: C
51.
Internal audit primarily supports:
A. Product marketing
B. Governance and risk management
C. Inventory purchasing
D. Tax collection
Answer: B
52.
Audit evidence can be obtained through:
A. Observation
B. Inquiry
C. Inspection
D. All of the above
Answer: D
53.
The COSO framework is mainly associated with:
A. Marketing strategies
B. Internal control systems
C. Customer relations
D. Tax administration
Answer: B
54.
A surprise cash count is classified as:
A. Preventive control
B. Detective control
C. Corrective control
D. Compensating control
Answer: B
55.
Audit working papers are owned by:
A. The client
B. External regulators
C. Internal audit activity
D. Shareholders
Answer: C
56.
Continuous auditing relies heavily on:
A. Manual records only
B. Technology and automation
C. External vendors
D. Tax systems
Answer: B
57.
Cybersecurity audits mainly assess:
A. Physical inventory
B. Information security controls
C. Marketing plans
D. Loan approvals
Answer: B
58.
Audit risk consists of:
A. Detection risk only
B. Inherent risk only
C. Control risk only
D. Inherent, control, and detection risk
Answer: D
59.
Detection risk can be reduced by:
A. Weak controls
B. Better audit procedures
C. Ignoring findings
D. Reducing documentation
Answer: B
60.
KPI stands for:
A. Key Performance Indicator
B. Known Process Index
C. Key Policy Instruction
D. Knowledge Program Integration
Answer: A
61.
Segregation of duties helps prevent:
A. Employee motivation
B. Fraud and errors
C. Taxation issues
D. Advertising costs
Answer: B
62.
Whistleblowing mechanisms encourage:
A. Fraud concealment
B. Ethical reporting
C. Revenue reduction
D. Budget expansion
Answer: B
63.
Risk appetite is usually approved by the:
A. Internal auditor
B. Board of directors
C. Customers
D. Suppliers
Answer: B
64.
Internal auditors must protect:
A. Gossip
B. Confidential information
C. Public rumors
D. Personal opinions
Answer: B
65.
Audit follow-up ensures that:
A. Recommendations are implemented
B. Employees are promoted
C. Taxes are reduced
D. Budgets increase
Answer: A
66.
Root cause analysis identifies:
A. Symptoms only
B. Underlying problems
C. Audit fees
D. Customer complaints
Answer: B
67.
An assurance engagement provides:
A. Independent assessment
B. Product warranties
C. Legal representation
D. Customer feedback
Answer: A
68.
Compliance risk arises from failure to comply with:
A. Employee wishes
B. Laws and regulations
C. Advertising campaigns
D. Sales targets
Answer: B
69.
Financial audits focus primarily on:
A. Employee welfare
B. Financial statements and records
C. Product quality
D. Customer loyalty
Answer: B
70.
Operational risk includes:
A. Process failures
B. Currency appreciation
C. Shareholder voting
D. Tax refunds
Answer: A
71.
An audit checklist mainly improves:
A. Creativity
B. Consistency in auditing
C. Employee turnover
D. Marketing efficiency
Answer: B
72.
Fraud risk assessment helps auditors to:
A. Ignore fraud
B. Prioritize high-risk areas
C. Reduce salaries
D. Avoid reporting
Answer: B
73.
Internal auditors should possess:
A. Professional competence
B. Political influence
C. Sales skills only
D. Legal ownership
Answer: A
74.
Data analytics in auditing improves:
A. Audit efficiency and insight
B. Product packaging
C. Fuel consumption
D. Tax evasion
Answer: A
75.
Governance promotes:
A. Accountability and transparency
B. Fraud and secrecy
C. Operational confusion
D. Political favoritism
Answer: A
76.
Audit sampling may be:
A. Statistical or non-statistical
B. Oral only
C. Illegal
D. Manual only
Answer: A
77.
A risk register contains:
A. Marketing plans
B. Risks and mitigation measures
C. Employee leave forms
D. Customer invoices
Answer: B
78.
Materiality affects:
A. Audit scope and testing
B. Product branding
C. Hiring policies
D. Office design
Answer: A
79.
A strong ethical culture reduces:
A. Productivity
B. Fraud risk
C. Employee attendance
D. Revenue
Answer: B
80.
Due professional care requires auditors to act with:
A. Negligence
B. Reasonable skill and diligence
C. Personal interest
D. Political influence
Answer: B
81.
Internal auditors should have unrestricted access to:
A. Confidential audit-related information
B. Customer secrets only
C. Personal employee accounts
D. Political records
Answer: A
82.
Audit findings should normally include:
A. Recommendations
B. Rumors
C. Personal criticism
D. Advertisements
Answer: A
83.
Good audit recommendations should address:
A. Symptoms only
B. Root causes
C. Personal conflicts
D. Market prices
Answer: B
84.
A firewall is an example of:
A. Detective control
B. Corrective control
C. Preventive IT control
D. Manual control
Answer: C
85.
Business continuity planning focuses on:
A. Employee vacations
B. Maintaining operations during disruptions
C. Product advertising
D. Tax filing
Answer: B
86.
Disaster recovery planning mainly concerns:
A. IT systems restoration
B. Sales growth
C. Marketing campaigns
D. Recruitment
Answer: A
87.
Audit independence increases:
A. Auditor bias
B. Credibility of audit work
C. Product sales
D. Tax liabilities
Answer: B
88.
Audit planning should be based on:
A. Employee opinions
B. Risk assessment
C. Personal interests
D. Random selection only
Answer: B
89.
Weak internal controls increase:
A. Risk exposure
B. Product demand
C. Market share
D. Office efficiency
Answer: A
90.
Monitoring controls helps ensure:
A. Control effectiveness
B. Product promotion
C. Political stability
D. Customer discounts
Answer: A
91.
A code of conduct promotes:
A. Ethical behavior
B. Fraudulent activities
C. Operational delays
D. Customer complaints
Answer: A
92.
Internal auditors evaluate:
A. Risk management processes
B. Political campaigns
C. Product branding
D. Weather forecasts
Answer: A
93.
Corporate governance includes:
A. Board oversight
B. Daily stock counting only
C. Product packaging
D. Payroll processing only
Answer: A
94.
Audit reports should be:
A. Delayed
B. Clear and timely
C. Emotional
D. Misleading
Answer: B
95.
Consulting services should not impair auditor:
A. Objectivity
B. Salary
C. Vacation time
D. Promotion opportunities
Answer: A
96.
Quality assurance reviews help improve:
A. Audit function performance
B. Fuel prices
C. Tax rates
D. Marketing costs
Answer: A
97.
Internal and external auditors may coordinate to:
A. Duplicate all work
B. Improve audit efficiency
C. Eliminate controls
D. Hide fraud
Answer: B
98.
Risk mitigation aims to reduce:
A. Risk likelihood or impact
B. Employee salaries
C. Product quality
D. Customer support
Answer: A
99.
Audit conclusions must be supported by:
A. Rumors
B. Sufficient evidence
C. Personal opinions
D. Assumptions only
Answer: B
100.
The ultimate objective of internal auditing is:
A. Punishing employees
B. Adding value to the organization
C. Increasing taxes
D. Eliminating management
Answer: B
101.
Which control ensures transactions are approved before processing?
A. Detective control
B. Authorization control
C. Corrective control
D. Compensating control
Answer: B
102.
An audit trail helps auditors to:
A. Hide fraud
B. Trace transactions
C. Reduce salaries
D. Market products
Answer: B
103.
Which document outlines audit procedures and objectives?
A. Audit program
B. Invoice
C. Payroll register
D. Bank statement
Answer: A
104.
A conflict of interest occurs when:
A. An auditor remains independent
B. Personal interests affect professional judgment
C. Policies are followed
D. Risks are mitigated
Answer: B
105.
Which is an example of physical control?
A. CCTV surveillance
B. Password encryption
C. Data analytics
D. Risk assessment
Answer: A
106.
Control activities are designed to:
A. Increase uncertainty
B. Manage risks effectively
C. Reduce governance
D. Ignore compliance
Answer: B
107.
Internal audit standards are issued by:
A. IIA
B. IMF
C. WTO
D. WHO
Answer: A
108.
Which audit type evaluates environmental impact and compliance?
A. Financial audit
B. Environmental audit
C. Payroll audit
D. Tax audit
Answer: B
109.
A red flag in auditing indicates:
A. Strong control environment
B. Potential fraud or irregularity
C. Excellent governance
D. Increased profits
Answer: B
110.
Which is NOT part of the COSO framework?
A. Control environment
B. Risk assessment
C. Monitoring
D. Product advertising
Answer: D
111.
The purpose of segregation of duties is to:
A. Increase workload
B. Prevent one person from controlling all aspects of a transaction
C. Reduce salaries
D. Promote favoritism
Answer: B
112.
Which audit evidence is considered most reliable?
A. Oral statements
B. External written confirmation
C. Internal rumors
D. Anonymous messages
Answer: B
113.
An auditor reviewing inventory counts is using:
A. Observation
B. Recalculation
C. Inquiry
D. Confirmation
Answer: A
114.
The tone at the top refers to:
A. Office decorations
B. Ethical attitude of senior management
C. Marketing culture
D. Customer behavior
Answer: B
115.
Which risk remains after management action?
A. Inherent risk
B. Residual risk
C. Detection risk
D. Market risk
Answer: B
116.
A compensating control is used when:
A. Primary control is absent or weak
B. Fraud is encouraged
C. Audit is canceled
D. Systems are removed
Answer: A
117.
An auditor should document work performed to:
A. Increase paperwork only
B. Support audit conclusions
C. Delay reporting
D. Avoid accountability
Answer: B
118.
Which is an example of compliance testing?
A. Checking whether approvals were obtained
B. Forecasting sales
C. Calculating depreciation only
D. Reviewing advertisements
Answer: A
119.
A control deficiency means:
A. Strong governance
B. Weakness in control design or operation
C. Excellent compliance
D. Improved efficiency
Answer: B
120.
Which communication skill is essential for auditors?
A. Aggressive speaking
B. Clear reporting
C. Political influence
D. Emotional argument
Answer: B
121.
An audit recommendation should be:
A. Practical and achievable
B. Emotional
C. Punitive only
D. Confidential forever
Answer: A
122.
The purpose of fraud prevention controls is to:
A. Detect errors only
B. Reduce opportunities for fraud
C. Increase operational costs
D. Avoid accountability
Answer: B
123.
Which of the following is an example of governance risk?
A. Weak board oversight
B. Strong ethical culture
C. Proper approvals
D. Effective controls
Answer: A
124.
Data integrity means:
A. Data is accurate and complete
B. Data is hidden
C. Data is duplicated
D. Data is outdated
Answer: A
125.
Which audit procedure involves verifying mathematical accuracy?
A. Observation
B. Reperformance
C. Recalculation
D. Inquiry
Answer: C
126.
An internal auditor should disclose:
A. Confidential passwords
B. Material facts affecting objectivity
C. Employee secrets publicly
D. Audit fees only
Answer: B
127.
Which committee usually oversees internal audit activities?
A. Marketing committee
B. Audit committee
C. Procurement committee
D. Welfare committee
Answer: B
128.
The primary purpose of monitoring controls is to:
A. Eliminate all risk
B. Ensure controls continue operating effectively
C. Replace management
D. Increase profits only
Answer: B
129.
Which is an example of an application control?
A. Access badge
B. Input validation check
C. Security guard
D. Fire alarm
Answer: B
130.
An auditor’s independence is strengthened when reporting directly to the:
A. Operations manager
B. Audit committee
C. Cashier
D. Procurement officer
Answer: B
131.
Which of the following best describes accountability?
A. Avoiding responsibility
B. Being answerable for actions
C. Ignoring controls
D. Delegating blame
Answer: B
132.
An auditor discovers duplicate payments. This may indicate:
A. Strong controls
B. Weak payment controls
C. Effective governance
D. Proper reconciliation
Answer: B
133.
Risk assessment should be performed:
A. Once only
B. Continuously
C. Every 10 years
D. Only after fraud occurs
Answer: B
134.
Which document formally communicates audit results?
A. Audit report
B. Purchase order
C. Timesheet
D. Sales receipt
Answer: A
135.
A strong control environment depends heavily on:
A. Ethical leadership
B. Advertising budget
C. Office furniture
D. Customer numbers
Answer: A
136.
Which of the following is a preventive IT control?
A. Antivirus software
B. Incident report
C. Error log review
D. Reconciliation
Answer: A
137.
The objective of risk management is to:
A. Eliminate all uncertainty
B. Manage risks within acceptable levels
C. Ignore opportunities
D. Prevent all business activity
Answer: B
138.
An auditor testing payroll may check for:
A. Ghost employees
B. Product defects
C. Marketing costs
D. Weather changes
Answer: A
139.
Which principle requires auditors to avoid bias?
A. Confidentiality
B. Objectivity
C. Profitability
D. Marketing ethics
Answer: B
140.
Which audit technique compares current data with prior periods?
A. Observation
B. Analytical review
C. Confirmation
D. Inquiry
Answer: B
141.
A risk-based audit plan prioritizes:
A. Low-risk areas only
B. Areas with greatest risk exposure
C. Random activities only
D. Employee preferences
Answer: B
142.
Which is an example of detective IT control?
A. Intrusion detection system
B. Password creation
C. Encryption
D. Firewall installation
Answer: A
143.
An auditor should maintain professional skepticism by:
A. Trusting everything automatically
B. Critically assessing evidence
C. Ignoring inconsistencies
D. Avoiding documentation
Answer: B
144.
Which is a key objective of corporate governance?
A. Reduce accountability
B. Protect stakeholder interests
C. Increase secrecy
D. Eliminate reporting
Answer: B
145.
The audit committee should mainly consist of:
A. Independent members
B. Junior employees
C. Customers
D. Suppliers
Answer: A
146.
Which type of fraud involves misuse of company assets?
A. Corruption
B. Asset misappropriation
C. Financial reporting fraud
D. Tax compliance
Answer: B
147.
An auditor uses confirmation to verify:
A. External account balances
B. Employee attendance
C. Office supplies
D. Internal gossip
Answer: A
148.
Which is an example of operational inefficiency?
A. Delayed processing time
B. Effective workflow
C. Proper authorization
D. Accurate reporting
Answer: A
149.
Internal audit adds value by:
A. Improving processes and controls
B. Replacing management
C. Avoiding governance
D. Ignoring risks
Answer: A
150.
The success of an internal audit function depends largely on:
A. Independence, competence, and management support
B. Advertising budget
C. Office location
D. Employee uniforms
Answer: A
Which control ensures transactions are approved before processing?
A. Detective control
B. Authorization control
C. Corrective control
D. Compensating control
Answer: B
102.
An audit trail helps auditors to:
A. Hide fraud
B. Trace transactions
C. Reduce salaries
D. Market products
Answer: B
103.
Which document outlines audit procedures and objectives?
A. Audit program
B. Invoice
C. Payroll register
D. Bank statement
Answer: A
104.
A conflict of interest occurs when:
A. An auditor remains independent
B. Personal interests affect professional judgment
C. Policies are followed
D. Risks are mitigated
Answer: B
105.
Which is an example of physical control?
A. CCTV surveillance
B. Password encryption
C. Data analytics
D. Risk assessment
Answer: A
106.
Control activities are designed to:
A. Increase uncertainty
B. Manage risks effectively
C. Reduce governance
D. Ignore compliance
Answer: B
107.
Internal audit standards are issued by:
A. IIA
B. IMF
C. WTO
D. WHO
Answer: A
108.
Which audit type evaluates environmental impact and compliance?
A. Financial audit
B. Environmental audit
C. Payroll audit
D. Tax audit
Answer: B
109.
A red flag in auditing indicates:
A. Strong control environment
B. Potential fraud or irregularity
C. Excellent governance
D. Increased profits
Answer: B
110.
Which is NOT part of the COSO framework?
A. Control environment
B. Risk assessment
C. Monitoring
D. Product advertising
Answer: D
111.
The purpose of segregation of duties is to:
A. Increase workload
B. Prevent one person from controlling all aspects of a transaction
C. Reduce salaries
D. Promote favoritism
Answer: B
112.
Which audit evidence is considered most reliable?
A. Oral statements
B. External written confirmation
C. Internal rumors
D. Anonymous messages
Answer: B
113.
An auditor reviewing inventory counts is using:
A. Observation
B. Recalculation
C. Inquiry
D. Confirmation
Answer: A
114.
The tone at the top refers to:
A. Office decorations
B. Ethical attitude of senior management
C. Marketing culture
D. Customer behavior
Answer: B
115.
Which risk remains after management action?
A. Inherent risk
B. Residual risk
C. Detection risk
D. Market risk
Answer: B
116.
A compensating control is used when:
A. Primary control is absent or weak
B. Fraud is encouraged
C. Audit is canceled
D. Systems are removed
Answer: A
117.
An auditor should document work performed to:
A. Increase paperwork only
B. Support audit conclusions
C. Delay reporting
D. Avoid accountability
Answer: B
118.
Which is an example of compliance testing?
A. Checking whether approvals were obtained
B. Forecasting sales
C. Calculating depreciation only
D. Reviewing advertisements
Answer: A
119.
A control deficiency means:
A. Strong governance
B. Weakness in control design or operation
C. Excellent compliance
D. Improved efficiency
Answer: B
120.
Which communication skill is essential for auditors?
A. Aggressive speaking
B. Clear reporting
C. Political influence
D. Emotional argument
Answer: B
121.
An audit recommendation should be:
A. Practical and achievable
B. Emotional
C. Punitive only
D. Confidential forever
Answer: A
122.
The purpose of fraud prevention controls is to:
A. Detect errors only
B. Reduce opportunities for fraud
C. Increase operational costs
D. Avoid accountability
Answer: B
123.
Which of the following is an example of governance risk?
A. Weak board oversight
B. Strong ethical culture
C. Proper approvals
D. Effective controls
Answer: A
124.
Data integrity means:
A. Data is accurate and complete
B. Data is hidden
C. Data is duplicated
D. Data is outdated
Answer: A
125.
Which audit procedure involves verifying mathematical accuracy?
A. Observation
B. Reperformance
C. Recalculation
D. Inquiry
Answer: C
126.
An internal auditor should disclose:
A. Confidential passwords
B. Material facts affecting objectivity
C. Employee secrets publicly
D. Audit fees only
Answer: B
127.
Which committee usually oversees internal audit activities?
A. Marketing committee
B. Audit committee
C. Procurement committee
D. Welfare committee
Answer: B
128.
The primary purpose of monitoring controls is to:
A. Eliminate all risk
B. Ensure controls continue operating effectively
C. Replace management
D. Increase profits only
Answer: B
129.
Which is an example of an application control?
A. Access badge
B. Input validation check
C. Security guard
D. Fire alarm
Answer: B
130.
An auditor’s independence is strengthened when reporting directly to the:
A. Operations manager
B. Audit committee
C. Cashier
D. Procurement officer
Answer: B
131.
Which of the following best describes accountability?
A. Avoiding responsibility
B. Being answerable for actions
C. Ignoring controls
D. Delegating blame
Answer: B
132.
An auditor discovers duplicate payments. This may indicate:
A. Strong controls
B. Weak payment controls
C. Effective governance
D. Proper reconciliation
Answer: B
133.
Risk assessment should be performed:
A. Once only
B. Continuously
C. Every 10 years
D. Only after fraud occurs
Answer: B
134.
Which document formally communicates audit results?
A. Audit report
B. Purchase order
C. Timesheet
D. Sales receipt
Answer: A
135.
A strong control environment depends heavily on:
A. Ethical leadership
B. Advertising budget
C. Office furniture
D. Customer numbers
Answer: A
136.
Which of the following is a preventive IT control?
A. Antivirus software
B. Incident report
C. Error log review
D. Reconciliation
Answer: A
137.
The objective of risk management is to:
A. Eliminate all uncertainty
B. Manage risks within acceptable levels
C. Ignore opportunities
D. Prevent all business activity
Answer: B
138.
An auditor testing payroll may check for:
A. Ghost employees
B. Product defects
C. Marketing costs
D. Weather changes
Answer: A
139.
Which principle requires auditors to avoid bias?
A. Confidentiality
B. Objectivity
C. Profitability
D. Marketing ethics
Answer: B
140.
Which audit technique compares current data with prior periods?
A. Observation
B. Analytical review
C. Confirmation
D. Inquiry
Answer: B
141.
A risk-based audit plan prioritizes:
A. Low-risk areas only
B. Areas with greatest risk exposure
C. Random activities only
D. Employee preferences
Answer: B
142.
Which is an example of detective IT control?
A. Intrusion detection system
B. Password creation
C. Encryption
D. Firewall installation
Answer: A
143.
An auditor should maintain professional skepticism by:
A. Trusting everything automatically
B. Critically assessing evidence
C. Ignoring inconsistencies
D. Avoiding documentation
Answer: B
144.
Which is a key objective of corporate governance?
A. Reduce accountability
B. Protect stakeholder interests
C. Increase secrecy
D. Eliminate reporting
Answer: B
145.
The audit committee should mainly consist of:
A. Independent members
B. Junior employees
C. Customers
D. Suppliers
Answer: A
146.
Which type of fraud involves misuse of company assets?
A. Corruption
B. Asset misappropriation
C. Financial reporting fraud
D. Tax compliance
Answer: B
147.
An auditor uses confirmation to verify:
A. External account balances
B. Employee attendance
C. Office supplies
D. Internal gossip
Answer: A
148.
Which is an example of operational inefficiency?
A. Delayed processing time
B. Effective workflow
C. Proper authorization
D. Accurate reporting
Answer: A
149.
Internal audit adds value by:
A. Improving processes and controls
B. Replacing management
C. Avoiding governance
D. Ignoring risks
Answer: A
150.
The success of an internal audit function depends largely on:
A. Independence, competence, and management support
B. Advertising budget
C. Office location
D. Employee uniforms
Answer: A
151.
Which of the following best describes internal control?
A. A system to guarantee profit
B. A process designed to provide reasonable assurance
C. A policy for marketing only
D. A method for tax reduction
Answer: B
152.
An internal auditor should avoid auditing activities where they previously:
A. Trained employees
B. Had operational responsibility
C. Reviewed policies
D. Conducted interviews
Answer: B
153.
Which type of audit focuses on economy, efficiency, and effectiveness?
A. Financial audit
B. Compliance audit
C. Performance audit
D. Tax audit
Answer: C
154.
An organization’s risk appetite refers to:
A. Its willingness to accept risk
B. Its marketing strategy
C. Employee satisfaction
D. Tax obligations
Answer: A
155.
Which of the following is a manual control?
A. Automated edit check
B. Supervisor approval signature
C. Firewall protection
D. Encryption software
Answer: B
156.
What is the primary purpose of an audit charter?
A. Increase profits
B. Define authority and responsibility of internal audit
C. Recruit employees
D. Prepare tax returns
Answer: B
157.
Which audit evidence is least reliable?
A. External confirmations
B. Auditor observation
C. Original documents
D. Verbal explanations without support
Answer: D
158.
Which fraud scheme involves bribery?
A. Asset misappropriation
B. Corruption
C. Financial reporting fraud
D. Payroll fraud
Answer: B
159.
An effective control environment is established mainly by:
A. Junior staff
B. Senior management and the board
C. Customers
D. Suppliers
Answer: B
160.
Which is an example of preventive physical control?
A. Locked warehouse doors
B. Bank reconciliation
C. Audit trail review
D. Variance analysis
Answer: A
161.
The main objective of audit documentation is to:
A. Increase paperwork
B. Support findings and conclusions
C. Delay reporting
D. Reduce accountability
Answer: B
162.
Which audit procedure compares recorded amounts with expectations?
A. Confirmation
B. Observation
C. Analytical procedure
D. Reperformance
Answer: C
163.
A control gap means:
A. Effective monitoring
B. Missing or inadequate controls
C. Strong governance
D. High profitability
Answer: B
164.
Which of the following is an output control?
A. Exception report
B. Password policy
C. Access card
D. CCTV camera
Answer: A
165.
Internal auditors should report suspected fraud to:
A. Social media
B. Appropriate management or authority
C. Competitors
D. Customers
Answer: B
166.
An audit engagement usually begins with:
A. Final report
B. Planning phase
C. Corrective action
D. Exit meeting
Answer: B
167.
Which is a key benefit of automation in auditing?
A. Increased manual work
B. Faster analysis of large data sets
C. Elimination of all risks
D. Reduced audit quality
Answer: B
168.
The purpose of reconciliation is to:
A. Identify and resolve differences
B. Increase sales
C. Recruit staff
D. Reduce inventory
Answer: A
169.
Which is NOT a characteristic of useful audit information?
A. Relevant
B. Reliable
C. Timely
D. Misleading
Answer: D
170.
An auditor evaluates “tone at the top” to assess:
A. Physical security
B. Ethical culture
C. IT infrastructure
D. Marketing plans
Answer: B
171.
Which of the following is an example of strategic risk?
A. System password failure
B. Poor business expansion decisions
C. Missing invoices
D. Unauthorized access
Answer: B
172.
Internal audit recommendations should ideally be:
A. Cost-effective
B. Impossible to implement
C. Punitive
D. Delayed indefinitely
Answer: A
173.
Which audit activity provides assurance on risk management?
A. Independent evaluation
B. Daily operations
C. Product sales
D. Advertising campaigns
Answer: A
174.
A detective control aims to:
A. Prevent occurrence
B. Discover events after occurrence
C. Eliminate all risks
D. Increase uncertainty
Answer: B
175.
An auditor reviewing user access rights is auditing:
A. Physical controls
B. IT access controls
C. Marketing controls
D. Environmental controls
Answer: B
176.
Which of the following strengthens auditor objectivity?
A. Personal relationships with staff
B. Independent reporting structure
C. Financial interest in the company
D. Operational responsibility
Answer: B
177.
A key purpose of governance is to:
A. Reduce transparency
B. Direct and control the organization
C. Eliminate management
D. Avoid accountability
Answer: B
178.
Which audit procedure involves obtaining written responses from third parties?
A. Recalculation
B. Observation
C. Confirmation
D. Inquiry
Answer: C
179.
An auditor reviewing compliance with procurement procedures is performing a:
A. Compliance audit
B. Financial forecast
C. Marketing review
D. Product evaluation
Answer: A
180.
Which is an example of residual risk?
A. Risk before controls
B. Risk eliminated completely
C. Risk remaining after controls
D. Fraud detected by auditors
Answer: C
181.
Internal audit should add value by improving:
A. Processes and governance
B. Employee gossip
C. Political influence
D. Market monopoly
Answer: A
182.
A strong internal control system reduces the likelihood of:
A. Operational efficiency
B. Fraud and error
C. Employee performance
D. Customer satisfaction
Answer: B
183.
An auditor’s final opinion should be based on:
A. Assumptions only
B. Sufficient and appropriate evidence
C. Employee opinions
D. Personal interests
Answer: B
184.
What is the purpose of an exit meeting?
A. Hire employees
B. Discuss audit findings and recommendations
C. Approve salaries
D. Reduce taxes
Answer: B
185.
Which type of control corrects identified errors?
A. Preventive control
B. Detective control
C. Corrective control
D. Directive control
Answer: C
186.
Which of the following is an example of compliance risk?
A. Violation of legal requirements
B. Strong governance
C. Effective controls
D. High profits
Answer: A
187.
An auditor performing inventory observation aims to verify:
A. Physical existence of inventory
B. Product pricing
C. Advertising strategy
D. Tax compliance only
Answer: A
188.
A key element of fraud prevention is:
A. Weak supervision
B. Strong internal controls
C. Lack of documentation
D. Shared passwords
Answer: B
189.
The audit committee primarily supports:
A. Auditor independence
B. Product sales
C. Payroll processing
D. Marketing activities
Answer: A
190.
Which is an example of an input control?
A. Edit check validation
B. Audit report
C. Backup restoration
D. Financial statement review
Answer: A
191.
Professional skepticism requires auditors to:
A. Accept information without question
B. Critically evaluate evidence
C. Ignore inconsistencies
D. Depend only on management
Answer: B
192.
Which audit technique identifies unusual trends or relationships?
A. Inquiry
B. Observation
C. Analytical review
D. Confirmation
Answer: C
193.
A well-designed risk management process helps organizations to:
A. Avoid all uncertainty
B. Achieve objectives effectively
C. Eliminate governance
D. Ignore compliance requirements
Answer: B
194.
An internal auditor should maintain confidentiality unless:
A. Disclosure is legally or professionally required
B. Friends request information
C. Employees ask casually
D. Social media demands it
Answer: A
195.
Which of the following is a governance responsibility?
A. Oversight of organizational strategy
B. Daily transaction processing
C. Inventory counting only
D. Payroll entry
Answer: A
196.
Which control helps ensure data entered is complete and accurate?
A. Input validation control
B. Marketing review
C. Physical inspection only
D. External audit report
Answer: A
197.
Internal audit effectiveness is improved through:
A. Continuous training and quality reviews
B. Ignoring standards
C. Limiting communication
D. Avoiding technology
Answer: A
198.
Which is an example of financial reporting fraud?
A. Falsifying revenue figures
B. Delayed procurement
C. Weak passwords
D. Inventory shortage
Answer: A
199.
An organization with poor segregation of duties faces increased:
A. Fraud risk
B. Customer satisfaction
C. Governance quality
D. Audit efficiency
Answer: A
200.
The overall mission of internal auditing is to:
A. Add value and improve organizational operations
B. Replace management functions
C. Eliminate all risks completely
D. Increase operational costs
Answer: A
Which of the following best describes internal control?
A. A system to guarantee profit
B. A process designed to provide reasonable assurance
C. A policy for marketing only
D. A method for tax reduction
Answer: B
152.
An internal auditor should avoid auditing activities where they previously:
A. Trained employees
B. Had operational responsibility
C. Reviewed policies
D. Conducted interviews
Answer: B
153.
Which type of audit focuses on economy, efficiency, and effectiveness?
A. Financial audit
B. Compliance audit
C. Performance audit
D. Tax audit
Answer: C
154.
An organization’s risk appetite refers to:
A. Its willingness to accept risk
B. Its marketing strategy
C. Employee satisfaction
D. Tax obligations
Answer: A
155.
Which of the following is a manual control?
A. Automated edit check
B. Supervisor approval signature
C. Firewall protection
D. Encryption software
Answer: B
156.
What is the primary purpose of an audit charter?
A. Increase profits
B. Define authority and responsibility of internal audit
C. Recruit employees
D. Prepare tax returns
Answer: B
157.
Which audit evidence is least reliable?
A. External confirmations
B. Auditor observation
C. Original documents
D. Verbal explanations without support
Answer: D
158.
Which fraud scheme involves bribery?
A. Asset misappropriation
B. Corruption
C. Financial reporting fraud
D. Payroll fraud
Answer: B
159.
An effective control environment is established mainly by:
A. Junior staff
B. Senior management and the board
C. Customers
D. Suppliers
Answer: B
160.
Which is an example of preventive physical control?
A. Locked warehouse doors
B. Bank reconciliation
C. Audit trail review
D. Variance analysis
Answer: A
161.
The main objective of audit documentation is to:
A. Increase paperwork
B. Support findings and conclusions
C. Delay reporting
D. Reduce accountability
Answer: B
162.
Which audit procedure compares recorded amounts with expectations?
A. Confirmation
B. Observation
C. Analytical procedure
D. Reperformance
Answer: C
163.
A control gap means:
A. Effective monitoring
B. Missing or inadequate controls
C. Strong governance
D. High profitability
Answer: B
164.
Which of the following is an output control?
A. Exception report
B. Password policy
C. Access card
D. CCTV camera
Answer: A
165.
Internal auditors should report suspected fraud to:
A. Social media
B. Appropriate management or authority
C. Competitors
D. Customers
Answer: B
166.
An audit engagement usually begins with:
A. Final report
B. Planning phase
C. Corrective action
D. Exit meeting
Answer: B
167.
Which is a key benefit of automation in auditing?
A. Increased manual work
B. Faster analysis of large data sets
C. Elimination of all risks
D. Reduced audit quality
Answer: B
168.
The purpose of reconciliation is to:
A. Identify and resolve differences
B. Increase sales
C. Recruit staff
D. Reduce inventory
Answer: A
169.
Which is NOT a characteristic of useful audit information?
A. Relevant
B. Reliable
C. Timely
D. Misleading
Answer: D
170.
An auditor evaluates “tone at the top” to assess:
A. Physical security
B. Ethical culture
C. IT infrastructure
D. Marketing plans
Answer: B
171.
Which of the following is an example of strategic risk?
A. System password failure
B. Poor business expansion decisions
C. Missing invoices
D. Unauthorized access
Answer: B
172.
Internal audit recommendations should ideally be:
A. Cost-effective
B. Impossible to implement
C. Punitive
D. Delayed indefinitely
Answer: A
173.
Which audit activity provides assurance on risk management?
A. Independent evaluation
B. Daily operations
C. Product sales
D. Advertising campaigns
Answer: A
174.
A detective control aims to:
A. Prevent occurrence
B. Discover events after occurrence
C. Eliminate all risks
D. Increase uncertainty
Answer: B
175.
An auditor reviewing user access rights is auditing:
A. Physical controls
B. IT access controls
C. Marketing controls
D. Environmental controls
Answer: B
176.
Which of the following strengthens auditor objectivity?
A. Personal relationships with staff
B. Independent reporting structure
C. Financial interest in the company
D. Operational responsibility
Answer: B
177.
A key purpose of governance is to:
A. Reduce transparency
B. Direct and control the organization
C. Eliminate management
D. Avoid accountability
Answer: B
178.
Which audit procedure involves obtaining written responses from third parties?
A. Recalculation
B. Observation
C. Confirmation
D. Inquiry
Answer: C
179.
An auditor reviewing compliance with procurement procedures is performing a:
A. Compliance audit
B. Financial forecast
C. Marketing review
D. Product evaluation
Answer: A
180.
Which is an example of residual risk?
A. Risk before controls
B. Risk eliminated completely
C. Risk remaining after controls
D. Fraud detected by auditors
Answer: C
181.
Internal audit should add value by improving:
A. Processes and governance
B. Employee gossip
C. Political influence
D. Market monopoly
Answer: A
182.
A strong internal control system reduces the likelihood of:
A. Operational efficiency
B. Fraud and error
C. Employee performance
D. Customer satisfaction
Answer: B
183.
An auditor’s final opinion should be based on:
A. Assumptions only
B. Sufficient and appropriate evidence
C. Employee opinions
D. Personal interests
Answer: B
184.
What is the purpose of an exit meeting?
A. Hire employees
B. Discuss audit findings and recommendations
C. Approve salaries
D. Reduce taxes
Answer: B
185.
Which type of control corrects identified errors?
A. Preventive control
B. Detective control
C. Corrective control
D. Directive control
Answer: C
186.
Which of the following is an example of compliance risk?
A. Violation of legal requirements
B. Strong governance
C. Effective controls
D. High profits
Answer: A
187.
An auditor performing inventory observation aims to verify:
A. Physical existence of inventory
B. Product pricing
C. Advertising strategy
D. Tax compliance only
Answer: A
188.
A key element of fraud prevention is:
A. Weak supervision
B. Strong internal controls
C. Lack of documentation
D. Shared passwords
Answer: B
189.
The audit committee primarily supports:
A. Auditor independence
B. Product sales
C. Payroll processing
D. Marketing activities
Answer: A
190.
Which is an example of an input control?
A. Edit check validation
B. Audit report
C. Backup restoration
D. Financial statement review
Answer: A
191.
Professional skepticism requires auditors to:
A. Accept information without question
B. Critically evaluate evidence
C. Ignore inconsistencies
D. Depend only on management
Answer: B
192.
Which audit technique identifies unusual trends or relationships?
A. Inquiry
B. Observation
C. Analytical review
D. Confirmation
Answer: C
193.
A well-designed risk management process helps organizations to:
A. Avoid all uncertainty
B. Achieve objectives effectively
C. Eliminate governance
D. Ignore compliance requirements
Answer: B
194.
An internal auditor should maintain confidentiality unless:
A. Disclosure is legally or professionally required
B. Friends request information
C. Employees ask casually
D. Social media demands it
Answer: A
195.
Which of the following is a governance responsibility?
A. Oversight of organizational strategy
B. Daily transaction processing
C. Inventory counting only
D. Payroll entry
Answer: A
196.
Which control helps ensure data entered is complete and accurate?
A. Input validation control
B. Marketing review
C. Physical inspection only
D. External audit report
Answer: A
197.
Internal audit effectiveness is improved through:
A. Continuous training and quality reviews
B. Ignoring standards
C. Limiting communication
D. Avoiding technology
Answer: A
198.
Which is an example of financial reporting fraud?
A. Falsifying revenue figures
B. Delayed procurement
C. Weak passwords
D. Inventory shortage
Answer: A
199.
An organization with poor segregation of duties faces increased:
A. Fraud risk
B. Customer satisfaction
C. Governance quality
D. Audit efficiency
Answer: A
200.
The overall mission of internal auditing is to:
A. Add value and improve organizational operations
B. Replace management functions
C. Eliminate all risks completely
D. Increase operational costs
Answer: A
