An internal auditor was assigned to review controls in the accounts payable function. Most of tie accounts payable processes are performed by a third-party service provider. The auditor included in the audit report a number of control deficiencies involving processes performed by the service provider. The service provider requested a copy of the report Which of Vie following would be the most appropriate response from the chief audit executive (CAE)?
A chief audit executive (CAE) determined that management chose to accept a high-level risk that may be unacceptable lo the organization. Which is the best course of action for the CAE to Follow?
Which of the following steps should an internal auditor complete when conducting a review of an electronic data interchange application provided by a third-party service?
Ensure encryption keys meet ISO standards.
Determine whether an independent review of the service provider ' s operation has been conducted.
Verify that the service provider’s contracts include necessary clauses.
Verify that only public-switched data networks are used by the service provider.
Which of the following processes does the board manage to ensure adequate governance?
A company makes a product at a cost of $26 per unit, of which $10 is fixed cost. The product is usually sold for $30 per unit; however, the company has been approached by a new customer who would like to purchase 3,500 units for $18 each Further, the company would Incur additional cost to deliver the units to this customer If the company has the excess manufacturing capacity and all other factors are constant, what is the additional cost that the company would Incur in order to make a profit of $1.50 per unit for this order?
The board of directors of a global organization has found an increased number of reported cases of unethical practices since last year. To assist the board in gaining a better understanding of the degree of ethics awareness within the organization, which of the following actions should be undertaken?
During a review of the organization ' s waste management processes, the internal auditor discovered that wastewater is being disposed of inappropriately. The auditor ' s recommendations, suggested to mitigate the risk of regulatory sanctions and reputational damages, were accepted and timelines for implementation were agreed. However, during the internal audit activity ' s periodic follow-up exercise, management indicated that the recommendation was too expensive to implement and the current disposal method has been cost-effective. What should the chief audit executive do in this case?
The following is a list of major findings in the executive summary report for an audit of the contract management process
- Noncompliance with contract provisions requiring vendors to obtain insurance policies with indemnity value of not less than $1 million
- Compliance with contract obligations and deliverables is not monitored
- No contract agreement with five vendors providing core services
Which of the following is an appropriate conclusion that can be drawn from these findings?
While conducting a review of the logistics department the internal audit team identified a crucial control weakness. The chief audit executive (CAE) decided to prepare an audit memorandum for management of the logistics department followed by an informal meeting What is the most likely reason the CAE decided to prepare the audit memorandum?
Which of the following is the primary reason an internal auditor would issue an interim report during an engagement?
A corporate merger decision prompts the chief audit executive (CAE) lo propose interim changes to the existing annual audit plan to account for emerging risks Which of the following is the most appropriate action for the CAE to take regarding the changes made to the audit plan ' '
An internal auditor is conducting a financial audit. Which of the following audit procedures is most appropriate when existing internal controls are weak?
An internal auditor conducted interviews with several employees, documented the interviews analyzed the summaries, and drew a number of conclusions. What sort of audit evidence has the internal auditor primarily obtained?
Which of the following is most likely to impair the organizational independence of the internal audit activity?