IIA-CHAL-QISA Exam Questions

Audit workpapers are essential documents that provide evidence of the audit work performed and the conclusions reached.

Option A: While review notes can be useful, they do not need to be retained if they do not add value to the audit evidence.

Option B: Audit workpaper documentation policies are typically established by the internal audit department, not reviewed or approved by the audit committee.

Option C: Management should not review the workpapers for accuracy as this could compromise the independence of the audit.

Option D: Preparing workpapers helps auditors document their work thoroughly, facilitating learning and professional development.

Professional Responsibility: Internal auditors are expected to demonstrate their commitment to professional standards and ethics.

Code of Ethics: The IIA's Code of Ethics outlines principles that internal auditors must follow, including integrity, objectivity, confidentiality, and competency.

Annual Declaration: Signing an annual declaration reinforces the auditor's commitment to these principles and ensures ongoing adherence to the professional standards.

Demonstration of Due Care: By signing this declaration, auditors formally acknowledge their responsibility to uphold ethical standards, which is a demonstration of due professional care.

The IIA's Code of Ethics.

The IIA's International Standards for the Professional Practice of Internal Auditing.

Risk Assessment: Before developing audit engagement objectives, a thorough risk assessment should be conducted. This step helps identify and prioritize the areas of highest risk, ensuring that the audit focuses on the most critical issues.

Establishing Objectives: The results of the risk assessment guide the development of specific, relevant, and focused audit objectives. This ensures that the engagement addresses key risk areas and adds value to the organization.

Sequential Steps: Identification of controls, scope establishment, and review of resources are important steps but typically follow the initial risk assessment to ensure the audit is aligned with the organization's risk profile.

Corporate Policy Statement: Having the president and the board issue a statement stressing the importance of accurate management reporting and the negative consequences of intentional misreporting can help set a tone at the top. This reinforces the significance of ethical behavior and compliance with reporting policies across the organization.

Business Process Indicators: Assisting the controller in developing and monitoring business process indicators that are historically correlated with, but independent of, sales can provide an objective means to validate sales reports. This reduces the opportunity for management to exaggerate sales figures as these indicators can act as a control mechanism.

Other Options:

Internal Audit Engagements: While announcing a series of internal audit engagements (option 1) might deter some misreporting, it might not be as effective as a strong policy statement combined with objective monitoring indicators.

Hotline for Reporting Fraud: Setting up a hotline (option 3) is useful for detecting fraud but might not directly prevent exaggeration in sales reports as effectively as business process indicators.

Primary Responsibilities: For entry-level internal auditors, the primary responsibilities focus on learning and supporting tasks. Documentation is a key responsibility as it involves recording the findings and work performed during an audit engagement. This helps in building a foundation for understanding audit processes and methodologies.

Other Responsibilities:

Leadership: Typically a responsibility for more experienced auditors.

Analysis and Reporting: While entry-level auditors may assist with analysis and reporting, these tasks are generally more advanced and require a deeper understanding of audit processes.