IIA Certification in Risk Management Assurance (CRMA) Exam - IIA-CRMA Exam Practice Test

According to IIA guidance, the results of a formal quality assessment should be reported to which of the following groups?
Correct Answer: A
The manager for an organization's accounts payable department resigned her post in that capacity. Three months later, she was recruited to the internal audit activity and has been working with the audit team for the last eight months. Which of the following assignments would the newly hired internal auditor be able to execute without any impairments to independence or objectivity?
Correct Answer: A
Who is responsible for setting the risk appetite?
Correct Answer: C
An internal auditor is performing analytical reviews as part of an audit of a supermarket's merchandising department. Because the economy has declined since midyear, the auditor can expect to encounter which of the following?
Correct Answer: C
According to The IIA's Code of Ethics, which of the following actions violates the principle of confidentiality?
Correct Answer: A
During an internal audit, an organization's processing department is found to have incidences of both duplicate invoices and notices from customers that purchased goods were not received. The department under review insists that some of these reports are false and that others were isolated oversights due to understaffing.
Which of the following tests would best help the internal auditor detect fraudulent activity?
Correct Answer: A
An internal auditor notes that employees are able to download files from the internet. According to IIA guidance, which of the following strategies would best protect the organization from the risk of copyright infringement and licensing violations resulting from this practice?
Correct Answer: C
When auditing the award of a major contract, which of the following should an internal auditor suspect as a red flag for a bidding fraud scheme?
1. Subsequent change orders increase requirements for low-bid items.
2. Material contract requirements are different on the actual contract than on the request for bids.
3. A high percentage of employees are charged to indirect accounts.
4. Losing bidders are hired as subcontractors.
Correct Answer: C
Which of the following statements accurately describes the responsibility of the internal audit activity regarding IT governance?
1. The internal audit activity does not have any responsibility because IT governance is the responsibility of the board and senior management of the organization.
2. The internal audit activity must assess whether the IT governance of the organization supports the organization's strategies and objectives.
3. The internal audit activity may assess whether the IT governance of the organization supports the organization's strategies and objectives.
4. The internal audit activity may accept requests from management to perform advisory services regarding how the IT governance of the organization supports the organization's strategies and objectives.
Correct Answer: D
In the area of business acumen, which of the following competencies would be the sole responsibility of an internal audit staff member?
Correct Answer: D
According to the IIA guidance, who is responsible for periodically assessing the internal audit activity?
Correct Answer: C
An internal auditor is evaluating techniques management uses to mitigate risks within a particular product division. Which of the following is an example of risk reduction?
Correct Answer: C
Which of the following is not a standard technique that the chief audit executive (CAE) would use to provide evidence of supervisory review of working papers?
Correct Answer: B
Which of the following is most likely to be considered a control weakness?
Correct Answer: A
Which of the following techniques would best assist an internal auditor in evaluating the efficiency of a wholesale grocery distributor`s process to fill and package orders for shipping?
Correct Answer: A
If appropriate safeguards exist, which of the following is considered a legitimate internal audit role within risk management at an organization?
Correct Answer: C
Which of the following is an example of a risk avoidance strategy?
Correct Answer: C
After being terminated due to downsizing, an internal auditor finds a different job with an organization in the same industry. Which of the following actions would violate the IIA Code of Ethics?
Correct Answer: A