SU 3 - Proficiency & Due Professional Care

Question 1

The level of proficiency needed to perform the internal audit activity.

Answer 1

Skills

Question 2

The knowledge, skills, and other competencies required of internal auditors to effectively carry out their professional responsibilities.

Answer 2

Proficiency

Question 3

The collective knowledge, skills, abilities, and personal attributes that can lead to exceptional performance.

Answer 3

Competencies

Question 4

Comprehending the objectives and scope of the engagement, as well as the competencies that will be required to execute the audit work and any policies and procedures specific to the internal audit activity and the organization.

Answer 4

Due professional care

Question 5

The body of information necessary to perform the internal audit activity.

Answer 5

Knowledge

Question 6

The means by which members of a profession maintain, improve, and broaden the knowledge, skills, and competence required in their professional lives.

Answer 6

Continues professional development

Question 7

The systematic measurement of characteristics such as education and experience that results in recognition of an individual as one who meets the suggested knowledge and other minimum requirements for a position or a profession.

Answer 7

Certification

Question 8

One of the most important staffing responsibilities a chief audit executive (CAE) may handle alone or share with human resources is the development of retention strategies. Which would be the most appropriate and effective retention strategy among those listed?

a) Develop a single career path for all internal auditors, with the same deadlines for reaching each stage, from new auditor to staff auditor to auditor-in-charge and audit manager.

b) Develop, with each internal auditor, a schedule of training opportunities based upon the goals of the auditor and the objectives of the internal audit activity.

c) Provide internal auditors with bonuses based upon cost savings they achieve for the organization through their audit recommendations.

d) Ensure that each annual and post-audit review for auditors is predominantly positive.

Answer 8

b) Develop, with each internal auditor, a schedule of training opportunities based upon the goals of the auditor and the objectives of the internal audit activity.

Rationale
Training should generally challenge an auditor to acquire new competencies that fit with his or her goals and the objectives of the audit activity. This is implied in Implementation Guide 1230, which gives suggested activities to enjoin the CAE to attend to the professional development needs of the staff, including achievement of appropriate certifications. One-size-fits-all approaches to retention are likely to be inappropriate for some talented individuals, and not all internal auditors will have the same desire to advance through all career path stages. Compensation based upon cost savings rather than more-inclusive measures of performance may tempt internal auditors to adopt too narrow a focus in their audit practice. The CAE should include any relevant positive evaluations in a review, but not all reviews can appropriately be predominantly positive.

Question 9

A chief audit executive (CAE) for a manufacturing company with 21 international facilities has developed a rotational audit plan to conduct seven assurance audits per year over a three-year cycle to provide adequate audit coverage for these facilities. Do the CAE’s actions demonstrate appropriate due professional care?

a) Yes, the CAE has the appropriate audit resources to provide such coverage.

b) Yes, the CAE has a solid rationale for selecting the timing of the audits.

c) No, performing rotational audits without regard to the risks or importance of the department is not in line with due professional care.

d) No, the CAE must obtain approval from the audit committee for the rotational audit plan.

Answer 9

c) No, performing rotational audits without regard to the risks or importance of the department is not in line with due professional care.

Rationale
An example of not exercising appropriate due professional care is performing rotational internal audits of each department in an organization without regard to the risks or importance of the department.

Question 10

When assessing an internal auditor’s critical thinking skills, what should be the CAE’s primary consideration?

a) Whether the auditor made appropriate connections between the organization’s strategies and its external environment.

b) Whether the auditor reached sound conclusions based on disciplined thinking that is clear, rational, objective, open-minded, and informed by evidence.

c) Whether the auditor’s written, oral, and non-verbal communications were impactful.

d) Whether the auditor successfully helped management improve governance, risk management, and compliance.

Answer 10

b) Whether the auditor reached sound conclusions based on disciplined thinking that is clear, rational, objective, open-minded, and informed by evidence.

Rationale
Critical thinking competency is required to reach sound conclusions based on disciplined thinking that is clear, rational, objective, open-minded, and informed by evidence. Improvement and innovation competencies are required to help management improve governance, risk management, and compliance. Communication competency is required for impactful written, oral, and non-verbal communications. Business acumen competency is required to make appropriate connections between the organization’s strategies and its external environments.

Question 11

A large manufacturing company with declining profits has placed a spending freeze on all external training. The audit department has 12 auditors at various levels of proficiency. What would be the best next step the chief audit executive (CAE) should take to provide staff training?

a) Have the auditors look for free training on the Internet, and allow them to take the training on company time.

b) Mandate that the individual auditors train each other in their off hours.

c) Take no action, since the resources are not available.

d) Discuss the matter with human resources, executive management, and/or the audit committee to identify possible alternatives.

Answer 11

d) Discuss the matter with human resources, executive management, and/or the audit committee to identify possible alternatives.

Rationale
Implementation Guide 1230, “Continuing Professional Development,” states, “The individual internal auditor is responsible for conforming to Standard 1230. This includes continuing their education to enhance and maintain their proficiency. Internal auditors need to stay informed about improvements and current developments in internal audit standards, procedures, and techniques, including The IIA’s International Professional Practices Framework (IPPF) guidance.”

Question 12

Which would best be performed by an internal auditor with continuing professional education in accounting?

a) Looking for processing efficiencies for transactions placed in suspense accounts.

b) Determining the reasonableness of segregation of duties.

c) Assessing lease provisions.

d) Providing advice on accounting transactions.

Answer 12

a) Looking for processing efficiencies for transactions placed in suspense accounts.

Rationale
As internal audit functions strive to move up the maturity ladder, they must acquire or develop internal auditors with more advanced specialist accounting knowledge to leverage their skills to go beyond basic accounting; an example is looking for processing efficiencies for transactions placed in suspense accounts. Assessing lease provisions, determining the reasonableness of segregation of duties, and providing advice on accounting practices are examples of skills requiring the baseline knowledge of basic accounting principles expected of all internal auditors.

Question 13

The most important reason for the chief audit executive to ensure that the internal audit department has adequate and sufficient resources is to

a) ensure that the function is adequately protected from outsourcing.

b) establish credibility with the audit committee and management.

c) demonstrate sufficient capability to meet the audit plan requirements.

d) fulfill the need for effective succession planning.

Answer 13

c) demonstrate sufficient capability to meet the audit plan requirements.

Rationale
Standard 2030 requires that internal audit resources be appropriate, sufficient, and effectively deployed to achieve the approved plan. As noted in interpretation of the standard, “Appropriate refers to the mix of knowledge, skills, and other competencies needed to perform the plan. Sufficient refers to the quantity of resources needed to accomplish the plan. Resources are effectively deployed when they are used in a way that optimizes the achievement of the approved plan.”

Question 14

How should the IIA Global Internal Audit Competency Framework be used if it is to form a foundation that is equally useful to practitioners, line managers, HR professionals, trainers, and others?

a) Referred to properly as the ISO certification standard that it is

b) Considered as an industry-specific best practice

c) Treated in policy as a mandatory requirement

d) Considered as a guide

Answer 14

d) Considered as a guide

Rationale
Given the diversity of professional practice globally, there are practical difficulties in devising a framework that can be regarded as both fully comprehensive and universally applicable. As such, this framework should be used as a guide.

Question 15

Internal auditors must be alert to the significant risks that might affect objectives, operations, or resources. What is the best first step an auditor would take to achieve this?

a) Read prior internal and external audit reports in order to gain an understanding of the risks associated with the operation.

b) Perform the necessary research on the nature of the operations to gain an understanding of the risks.

c) Perform necessary interviews with operating management to gain an understanding of the operations.

d) Review the organization’s policies and procedures on the audit.

Answer 15

b) Perform the necessary research on the nature of the operations to gain an understanding of the risks.

Rationale
Performing the necessary research on the nature of the operations to gain an understanding of the significant risks that might affect objectives, operations, or resources would enable the internal auditor to put the other choices into context prior to doing them, which is consistent with Performance Standard 2200, “Engagement Planning,” and the “Engagement Planning: Establishing Objectives and Scope” Practice Guide.

Question 16

Which of the following would an internal auditor need to know first to be in line with due professional care principles for consulting engagements?

a) The organizational objectives for the consulting engagement

b) When to perform an engagement without supervision

c) The IIA’s Standards

d) How to provide objective comments about the proposed process or activity

Answer 16

c) The IIA’s Standards

Rationale
A working knowledge of The IIA’s Standards is needed before any consulting or assurance activity should be started.

Question 17

Which of statements is true regarding due professional care?

a) Internal auditors are expected to be reasonably prudent.

b) Internal auditors are expected to provide qualified assurance that irregularities exist.

c) Internal auditors are expected to be infallible.

d) Internal auditors are expected to provide absolute assurance that noncompliance exists.

Answer 17

a) Internal auditors are expected to be reasonably prudent.

Rationale
Internal auditors must apply the care and skill expected of a reasonably prudent and competent internal auditor. Due professional care does not imply infallibility. Internal auditors are not expected to give absolute or qualified assurance that noncompliance or irregularities do not exist.

Question 18

Which statement best describes the internal auditor’s responsibilities for fraud?

a) Internal auditors are required to evaluate the risk of fraud when performing financial engagements, and are expected to have specialized fraud training.

b) Internal auditors are required to evaluate the risk of fraud as a standard practice and are expected to have specialized fraud training.

c) Internal auditors are required to evaluate the risk of fraud as a standard practice and are not expected to have specialized fraud training.

d) Internal auditors are required to evaluate the risk of fraud when performing financial engagements, and are not expected to have the specialized fraud training.

Answer 18

c) Internal auditors are required to evaluate the risk of fraud as a standard practice and are not expected to have specialized fraud training.

Rationale
Internal auditors are expected to have sufficient knowledge to evaluate the risk of fraud and the manner in which it is managed in the organization, but are not expected to have the expertise of a person whose primary responsibility is detecting and investigating fraud. This applies to all types of engagements, not just financial engagements. Because fraud expertise is not expected, there is no expectation for all internal auditors to have continuing professional education in fraud.

Question 19

Under the International Professional Practices Framework (IPPF), who is required to obtain at least 40 hours annually of continuing professional education (CPE) to maintain certification?

a) Only staff members who are Certified Internal Auditors (CIAs)

b) All members of the internal audit department, regardless of whether they have the CIA designation

c) All employees with any certification

d) Reasonable training is mandated, not 40 hours.

Answer 19

a) Only staff members who are Certified Internal Auditors (CIAs)

Rationale
CIAs are required to obtain at least 40 hours annually of CPE to meet the requirements for maintaining certification. All internal auditors are required by the IPPF to obtain CPE; however, there are no specific requirements.

Question 20

An entry-level internal auditor just started working in a large internal audit department. What would be the best next step to acclimate to the profession?

a) Obtain a mentor.

b) Network with other internal auditors at a more-senior level.

c) Get occupational assignments.

d) Participate in research projects.

Answer 20

a) Obtain a mentor.

Rationale
Any topics that enhance an auditor’s proficiency contribute to employee development. This may include specialized training in business processes, audit techniques, interpersonal skills, communication skills, and related topics. Having a mentor would be the best way listed to acclimate to the profession to obtain guidance.

Question 21

Who is responsible for ensuring that a member of the internal audit department conforms with Standard 1230, “Continuing Professional Development”?

a) The individual internal auditor

b) Human resources

c) The audit committee

d) The chief audit executive

Answer 21

a) The individual internal auditor

Rationale
Implementation Guide 1230 states, “The individual internal auditor is responsible for conforming with Standard 1230. This includes continuing their education to enhance and maintain their proficiency.”

Question 22

Which best describes professionalism?

a) Competencies required to demonstrate the authority, credibility, and ethical conduct essential for a valuable internal audit activity.

b) Competencies required to plan and perform engagements in conformance with IIA guidance.

c) Competencies required to identify and address the risks specific to the industry and environment in which the organization operates.

d) Competencies required to provide strategic direction, communicate effectively, maintain relationships, and manage internal audit personnel and processes.

Answer 22

a) Competencies required to demonstrate the authority, credibility, and ethical conduct essential for a valuable internal audit activity.

Rationale
According to The IIA’s Internal Audit Competency Framework, Professionalism encompasses competencies required to demonstrate the authority, credibility, and ethical conduct essential for a valuable internal audit activity. Performance encompasses competencies required to plan and perform internal audit engagements in conformance with the Standards. Environment encompasses competencies required to identify and address the risks specific to the industry and environment in which the organization operates. Leadership and communications encompass competencies required to provide strategic direction, communicate effectively, maintain relationships, and manage internal audit personnel and processes.

Question 23

Which of the IIA resources is the best tool for the internal auditor to use as a basis for creating a professional development plan?

a) The Competency Framework.

b) The Core Principles for the Professional Practice of Internal Auditing.

c) The International Standards for the Professional Practice of Internal Auditing.

d) Implementation Guidance.

Answer 23

a) The Competency Framework.

Rationale
The Competency Framework provides detail on all knowledge areas in which internal auditors are expected to have competency, defining three different competency levels for each knowledge area. An internal auditor may use a self-assessment tool such as the Competency Framework as a basis for creating a professional development plan. The Standards and Core Principles and Implementation Guidance each may have some relevant information, but do not provide a detailed, global view of competencies to use a basis for creating a professional development plan.

Question 24

Exercising due professional care during a consulting engagement requires that

a) internal auditors be more closely linked with the activities they are reviewing in comparison to the independence required in an assurance review.

b) the consulting engagement be performed by those persons who collectively possess the necessary knowledge, skills, and disciplines to conduct the audit properly and objectively.

c) internal auditors follow up on reported audit findings to ascertain that appropriate action was taken.

d) internal auditors identify additional risk areas to add to the scope.

Answer 24

b) the consulting engagement be performed by those persons who collectively possess the necessary knowledge, skills, and disciplines to conduct the audit properly and objectively.

Rationale
As in an assurance review, the consulting engagement must be performed by those persons who collectively possess the necessary knowledge, skills, and disciplines to conduct the audit properly and objectively. Internal auditors are not required to follow up on reported audit findings to ascertain that appropriate action was taken, and additional risk areas identified are not to be added to the scope unless requested by management.

Question 25

The IIA Global Internal Audit Competency Framework defines the competencies needed to meet the requirements of the International Professional Practices Framework. Which is the competency that requires an internal auditor to demonstrate problem solving, creativity, rationalization, and a refusal to accept things at face value?

a) Persuasion and collaboration
b) Business acumen
c) Critical thinking
d) Improvement and innovation

Answer 25

c) Critical thinking

Rationale
In order to create value for the organization, internal auditors must apply a critical thinking approach to internal audit—a level beyond basic operational audits. This involves analyzing a situation or task for the development of supportable conclusions—applying process analysis and business intelligence and problem-solving techniques—and conveying the assessed results in a logical manner.

Question 26

An internal auditor understands the client organization, its culture, its business sector, and local and global factors that affect it. The internal auditor also has technical expertise in governance, risk management, and control. What else does this auditor need to have expertise in?

a) Forensic auditing
b) Business acumen
c) International Professional Practices Framework (IPPF)
d) Compliance

Answer 26

c) International Professional Practices Framework (IPPF)

Rationale
The principal points of focus of an internal auditor’s expertise are the IPPF; governance, risk, and control; and business acumen. The first sentence describes business acumen, so this internal auditor already has that expertise. Compliance and forensic auditing are specialized areas of expertise rather than principal requirements for the profession of internal auditing.

Question 27

The chief audit executive (CAE) determines that specialized skills and expertise are needed to assess the organization’s susceptibility to fraudulent financial reporting. Which is a potential advantage of co-sourcing related internal audit activities?

a) Greater process control

b) Simplified privacy and confidentiality issues and considerations

c) Improved potential for high staff morale

d) Improved timeliness of the internal audit activity

Answer 27

d) Improved timeliness of the internal audit activity

Rationale
It is incumbent upon the CAE to obtain assistance from experts outside the internal audit activity to support or complement areas where the activity is not fully proficient. Co-sourcing and out-sourcing are viable options when the internal audit function cannot efficiently and effectively fulfill an internal audit activity. However, they typically result in a loss of process control can entail additional privacy and confidentiality issues and considerations. Co-sourcing in particular has potential to undermine staff morale.

Question 28

In performing an audit, auditors who want to be perceived as credible should try to make sure that their verbal and nonverbal messages

a) are ambiguous.
b) occur in clusters.
c) reinforce each other.
d) contain a lot of variety.

Answer 28

c) reinforce each other.

Rationale
Experts say that between 70% and 90% of a sender’s meaning is transmitted nonverbally. If the sender says one thing while nonverbally conveying something else, the listeners are most likely to believe the nonverbal message.

Question 29

What is the best definition of business acumen as it pertains to internal auditors?

a) Personal skills, including effective communication, rational or emotional persuasion, a collaborative mindset, and critical thinking skills

b) Finding ways to be more forward-looking by embracing change and driving improvement and innovation

c) Understanding the client organization, its culture, the way it works, the sector it operates in, and the local and global factors that act upon it

d) Assessing the quality of risk management processes and systems and internal control and corporate governance processes

Answer 29

c) Understanding the client organization, its culture, the way it works, the sector it operates in, and the local and global factors that act upon it

Rationale
Business acumen is an essential prerequisite that enables internal auditors to provide effective assurance and advisory services and add value to the organization. Personal skills are also important, but business acumen is part of the technical expertise skill set.

Question 30

Regarding due professional care in consulting engagements, which of the following would the internal auditor need to understand the earliest?

a) Background or nature of the area requested to be reviewed

b) Possible motivations and reasons of those requesting the service

c) Effect on the scope of the audit plan as previously approved by the audit committee

d) Needs of management officials, including the nature, timing, and communication of engagement results

Answer 30

b) Possible motivations and reasons of those requesting the service

Rationale
The background or nature of the area requested to be reviewed will be obtained during the planning phase of the consulting engagement. Possible motivations and reasons of those requesting the service would have to be understood at the onset of agreeing to perform the review.

Question 31

What constitutes due professional care in assurance engagements?

a) Performing a risk assessment that identifies the particular assurance audit

b) Adhering to the International Professional Practices Framework

c) Establishing an internal audit charter that is approved by the audit committee

d) Accomplishing the extent of work needed to achieve the engagement objectives

Answer 31

d) Accomplishing the extent of work needed to achieve the engagement objectives

Rationale
One principal factor for due professional care in assurance engagements is the extent of work needed to achieve the engagement objectives. (Engagement objectives are “broad statements developed by internal auditors that define intended engagement accomplishments.”)

Question 32

What is a key factor that impacts engagement staffing decisions?

a) Types of controls involved (hard or soft).
b) Known relationship issues with internal audit.
c) Operating style of management.
d) Culture of areas included in scope.

Answer 32

a) Types of controls involved (hard or soft).

Rationale
The key factors impacting engagement staffing conditions are: type of service (assurance or advisory); type of engagement (compliance, financial, operational, etc.); engagement objectives; engagement scope; types of controls involved (hard, soft). Culture of areas included in the scope, operating style of management, and known relationship issues with internal audit also may impact staffing decisions, but are secondary.

Question 33

Which would best be performed by an internal auditor with continuing professional education in accounting?

a) Looking for processing efficiencies for transactions placed in suspense accounts.

b) Providing advice on accounting transactions.

c) Determining the reasonableness of segregation of duties.

d) Assessing lease provisions.

Answer 33

a) Looking for processing efficiencies for transactions placed in suspense accounts.

Rationale
As internal audit functions strive to move up the maturity ladder, they must acquire or develop internal auditors with more advanced specialist accounting knowledge to leverage their skills to go beyond basic accounting; an example is looking for processing efficiencies for transactions placed in suspense accounts. Assessing lease provisions, determining the reasonableness of segregation of duties, and providing advice on accounting practices are examples of skills requiring the baseline knowledge of basic accounting principles expected of all internal auditors.

Question 34

Which activity supports due professional care in assurance engagements?

a) Preferring manual audit tools over the use of computer-assisted tools and other data analysis techniques

b) Forgoing engagements due to a lack of specialized knowledge

c) Considering the needs and expectations of clients, including the nature, timing, and communication of assurance engagement results

d) Being alert to specific activities in which irregularities are most likely to occur

Answer 34

d) Being alert to specific activities in which irregularities are most likely to occur

Rationale
Implementation Guide 1220, “Due Professional Care,” tells us that due professional care implies reasonable care and competence, not infallibility or extraordinary performance. Internal auditors cannot give absolute assurance that noncompliance or irregularities do not exist. Nevertheless, the possibility of material irregularities or noncompliance needs to be considered whenever an internal auditor undertakes an internal audit assignment. Forgoing an engagement due to a lack of specialized knowledge might be acceptable in consulting engagements but does not uphold due professional care in assurance engagements. Considering the needs and expectations of clients is appropriate to consulting engagements but not assurance engagements. In exercising due professional care, internal auditors must consider the use of technology-based audit tools and other data analysis techniques.

Question 35

When may the chief audit executive decline an engagement due to a lack of specialized knowledge?

a) In the case of an assurance engagement.

b) In the case of a consulting engagement.

c) In neither the case of an assurance exercise nor a consulting exercise.

d) In the case of an assurance engagement or a consulting engagement.

Answer 35

b) In the case of a consulting engagement.

Rationale
The chief audit executive must decline the consulting engagement or obtain competent advice and assistance if the internal auditors lack the knowledge, skills, or other competencies needed to perform all of part of the engagement. Declining an assurance engagement is not an option. In the case of an assurance engagement, the chief audit executive must obtain competent advice and assistance if the internal auditors lack the knowledge, skills, or other competencies needed to perform all or part of the engagement.

Question 36

Which is a primary benefit that internal auditors should consider in pursuing the Certified Internal Auditor (CIA) certification?

a) Proving professional credibility

b) Fulfilling all requirements for continuing professional development

c) Increasing promotional opportunities and earning capacity

d) Demonstrating mastery of professional practice standards

Answer 36

d) Demonstrating mastery of professional practice standards

Rationale
The primary benefit of obtaining a certification is demonstrating mastery of a defined body of knowledge. Obtaining professional certification does provide continuing professional development, but internal auditors need to continue learning even after earning the CIA. Credibility is built over time from many actions and choices, not just one, but earning a certification can help.

Question 37

What major skill would be most beneficial to an internal auditor in learning to be an exceptional communicator?

a) Creating compelling conversations to influence others to act

b) Keeping the audit client informed with email and texts

c) Becoming likeable in the organization to increase the ability to obtain information

d) Giving the client the facts and letting them reach their own conclusion

Answer 37

a) Creating compelling conversations to influence others to act

Rationale
Per interpretation of Performance Standard 2420, “Quality of Communications,” clear communications are easily understood and logical, avoiding unnecessary technical language and providing all significant and relevant information. Concise communications are to the point and avoid unnecessary elaboration, superfluous detail, redundancy, and wordiness.

Question 38

An internal auditor who needs to further develop competencies required for assurance engagements should focus on which skills?

a) Facilitation.
b) Negotiation.
c) Critical thinking.
d) Thought leadership.

Answer 38

c) Critical thinking.

Rationale
Critical thinking skills help auditors to reach sound conclusions based on disciplined thinking and informed by evidence; critical thinking skills are required for both assurance and advisory engagements. Facilitation, thought leadership, and negotiation skills are competencies applicable to advisory engagements.

Question 39

Regarding due professional care in consulting engagements, which of the following would the internal auditor need to understand the earliest?

a) Effect on the scope of the audit plan as previously approved by the audit committee

b) Needs of management officials, including the nature, timing, and communication of engagement results

c) Possible motivations and reasons of those requesting the service

d) Background or nature of the area requested to be reviewed

Answer 39

c) Possible motivations and reasons of those requesting the service

Rationale
The background or nature of the area requested to be reviewed will be obtained during the planning phase of the consulting engagement. Possible motivations and reasons of those requesting the service would have to be understood at the onset of agreeing to perform the review.

Question 40

Your boss and coworkers often state something like, “There’s just no communication around here!” What is most likely the reason why people utter this complaint so frequently?

a) People feel too busy to make things easier by communicating.

b) Social media has reduced the ability to communicate.

c) Auditors are typically introverted individuals, and this reduces the ability to communicate.

d) People have a natural tendency to complain.

Answer 40

a) People feel too busy to make things easier by communicating.

Rationale
Per interpretation of Performance Standard 2420, “Quality of Communications,” timely communications are opportune and expedient, depending on the significance of the issue, allowing management to take appropriate corrective action. People feeling too busy is the best answer because it relates to a systemic problem at the organization related to work schedules and basic human nature in such situations. If this is the root cause, it can be explored and changes can be recommended to improve the situation. The other answer choices all imply in one way or another that there is nothing that can be done, which is less constructive.

Question 41

On an assurance engagement, an internal auditor’s consideration of technology-based audit and other data analysis techniques best demonstrates which of the following?
a) Objectivity.
b) Due professional care.
c) Proficiency.
d) Resource management.

Answer 41

b) Due professional care.

Rationale
According to Standard 1220 – Due Professional Care, “in exercising due professional care internal auditors must consider the use of technology-based audit and other data analysis techniques.” Proficiency would be best demonstrated by evidence of sufficient knowledge and skills (such as training records or certifications.) Objectivity would be better demonstrated by such actions as disclosing material facts and avoiding conflicts of interest. Resource management applies to the chief audit executive and would be better demonstrated by the internal audit plan, post-audit comparison of budgeted hours, and the results of client assessments.

Question 42

A chief audit executive would most likely co-source a specialist with business process expertise for an engagement in which area?

a) Supply chain.
b) Enterprise risk management.
c) System development risk.
d) Governance, ethics, and compliance.

Answer 42

a) Supply chain.

Rationale
Chief audit executives commonly co-source with outside specialists to obtain skills in information technology; business process; and governance, risk, and control. A specialist with expertise in business process would be most suitable for a supply chain engagement. A specialist with expertise in information technology would be most suitable for an engagement related to system development risk. A specialist with expertise in governance, risk, and control needs would be most suitable for an engagement related to governance, ethics, and compliance.

Question 43

Which is a way that continuing professional development may be accomplished?

a) By performing the same work process over an extended period of time

b) By having several jobs over a short period of time

c) By performing a job function without any accountability

d) By gaining collective wisdom from analyzing or synthesizing information

Answer 43

d) By gaining collective wisdom from analyzing or synthesizing information

Rationale
Any topics that develop or enhance an auditor’s proficiency contribute to continuing education. This may include specialized training in business processes, audit techniques, interpersonal skills, communication skills, and related topics. Collective wisdom derived from analyzing or synthesizing information is one way to participate in continuing professional development.

Question 44

The IIA Global Internal Audit Competency Framework defines the competencies needed to meet the requirements of the International Professional Practices Framework. Which is the competency that requires an internal auditor to demonstrate problem solving, creativity, rationalization, and a refusal to accept things at face value?

Answers

Persuasion and collaboration

Business acumen

Improvement and innovation

Critical thinking

Question 45

The IIA Global Internal Audit Competency Framework defines the competencies needed to meet the requirements of the International Professional Practices Framework. Which is the competency that requires an internal auditor to demonstrate problem solving, creativity, rationalization, and a refusal to accept things at face value?

a) Persuasion and collaboration
b) Business acumen
c) Improvement and innovation
d) Critical thinking

Answer 45

d) Critical thinking

Rationale
In order to create value for the organization, internal auditors must apply a critical thinking approach to internal audit—a level beyond basic operational audits. This involves analyzing a situation or task for the development of supportable conclusions—applying process analysis and business intelligence and problem-solving techniques—and conveying the assessed results in a logical manner.