IIA Updated IIA-CIA-Part2 Exam Questions and Answers by aden

The rotational model of internal audit staffing involves bringing in staff from other parts of the organization for a temporary period before they return to their original roles. While this model has several advantages, such as bringing diverse perspectives and business knowledge, it also has the disadvantage that auditors are often new to the internal audit function and are continuously in training.

Rotational Model:

In this model, employees from various departments are rotated into the internal audit activity for a specific period. They gain audit experience before rotating back to their original or other roles within the organization.

Disadvantages:

Since these individuals are not career auditors, they may lack the deep audit expertise of career auditors, and a significant amount of time is often spent on training. This constant influx of new, inexperienced staff can lead to a scenario where the team is always in training mode, potentially impacting audit efficiency and effectiveness.

IIA Practice Advisory 1210-1:

The advisory notes that while the rotational model can enhance business understanding within the audit team, it requires careful management to ensure that audit quality is not compromised due to the continuous learning curve of rotating staff.

Option A (Career model): This involves auditors who remain in the internal audit function throughout their careers, leading to a highly skilled and experienced team.

Option B (Center of competence model): This model focuses on a centralized group of audit experts, ensuring specialized skills and consistency.

Option D (Hybrid model): This combines elements of the rotational and career models, aiming to balance expertise with fresh perspectives.

Detailed Explanation:Why Not Other Options?

The chief audit executive (CAE) should meet with the chief IT officer to discuss the incident, the investigation, and any control improvements that will be implemented (1). Additionally, developing an appropriate audit program with the IT auditor to review the organization’s Internet-based sales process and key controls (3) is a proactive approach to ensure future incidents are prevented and to enhance the organization's security posture. References: = IIA Standard 2120 - Risk Management and IIA Standard 2201 - Planning Considerations.

A. Determine whether the purchasing department complies with policy by examining a random selection of purchase orders:Correct. Reviewing a random sample of purchase orders is a standard procedure for evaluating compliance with purchasing policies, such as approval requirements, vendor selection, and adherence to budget constraints.

B. Evaluate whether purchasing requests are properly approved by authorized staff by obtaining independent verification from the vendors:Vendor verification is not typically used to evaluate internal approvals as this information is available within the organization’s records.

C. Ascertain whether material receipts are recorded on a timely basis by reviewing physical inventory stock counts:Physical inventory reviews focus on inventory management and reconciliation, not specifically on the timeliness of receipts.

D. Determine whether prices charged for goods received are correct by reviewing the appropriate accounts payable record by vendor:While reviewing accounts payable records helps verify the accuracy of pricing, it does not directly evaluate the purchasing department’s adherence to procedures.

CIA Exam Syllabus Reference:

Domain V: Performing Internal Audit Services – Audit Engagement Objectives and Procedures.

To confirm the existence of a specific vehicle selected from the fixed asset register, the best indirect evidence would be to compare the registered details of the vehicle with a date-stamped photograph. This method provides a verifiable form of evidence that the vehicle exists and matches the details recorded in the asset register. It ensures that the vehicle is still in possession of the organization and can be indirectly verified without the need for physical presence at an off-site location.

References:

IIA Practice Guide: "Auditing Fixed Assets"

COSO Internal Control – Integrated Framework