Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. IIA
  5. CIA

IIA CIA Exam
Certified Internal Auditor Exam (Page 16 )

Updated On: 9-Feb-2026
Page 16 of 342
PDF with 1702 Questions

According to the International Professional Practices Framework, which of the following would be considered a scope limitation?

I). Divisional management indicates that since the division is in the process of converting a major computer system, the information systems portion of the planned audit will have to be postponed until next year.
II). The audit committee reviews the audit plan for the year and deletes an audit that the director thought was important to conduct.
III). The sales manager indicates that certain customers cannot be contacted because the
organization is in the process of negotiating a long-term contract with them.

  1. I only.
  2. II only.
  3. I and III only.
  4. II and III only.

Answer(s): C



While researching a topic during a telecommunications audit, an auditor identified a security vulnerability with the entity's revenue accounting system. The accounting system is outside the scope of the current audit engagement. The auditor should

  1. Disregard the security vulnerability and address it during the audit of the revenue accounting system.
  2. Include the revenue accounting system in the scope of the current audit engagement and address the vulnerability in the report.
  3. Alert management to the identified security vulnerability.
  4. Develop a solution to the security vulnerability and then inform management.

Answer(s): C



Which statement most accurately describes how criteria are established for use by internal auditors in determining whether goals and objectives have been accomplished?

  1. Management is responsible for establishing the criteria.
  2. Internal auditors should use professional standards or government regulations to establish the criteria.
  3. The industry in which a company operates establishes criteria for each member company through benchmarks and best practices for that industry.
  4. Appropriate accounting or auditing standards, including international standards, should be used as the criteria.

Answer(s): A



If an engagement client's operating standards are vague and thus subject to interpretation, the auditor should

  1. Seek agreement with the client as to the standards to be used to measure operating performance.
  2. Determine best practices in the area and use them as the standard.
  3. Interpret the standards in their strictest sense because standards are otherwise only minimum measures of acceptance.
  4. Omit any comments on standards and the client's performance in relationship to those standards, because such an analysis would be meaningless.

Answer(s): A



Which of the following does not describe a skill or knowledge necessary to supervise a particular audit engagement?

  1. The ability to review and analyze an engagement program to determine if the proposed audit procedures will result in evidence relevant to the engagement objectives.
  2. The ability to use risk assessment and other judgmental processes to develop an engagement plan and schedule for the department, and present the plan to the audit committee.
  3. The ability to assure that an engagement final communication is supported and accurate relative to the evidence documented in the engagement working papers.
  4. The ability to determine that staff auditors have completed the audit procedures and that engagement objectives have been met.

Answer(s): B






Post your Comments and Discuss IIA CIA exam prep with other Community members:

Join the CIA Discussion