Organizational Development and Internal Auditing Practices, Exams of Nursing

Various topics related to organizational development (od) and internal auditing practices. It discusses the objectives of od, the evaluation of coordination between internal and external auditors, the responsibilities of the chief audit executive (cae), and different approaches to control-based, process-based, and objective-based auditing formats. The document also covers topics such as privacy, environmental audits, business process reengineering, benchmarking, risk assessment, audit planning, and reporting. The information provided in this document could be useful for students and professionals interested in understanding the principles and practices of organizational development and internal auditing.

Typology: Exams

2024/2025

Available from 10/28/2024

EXAMDOC
EXAMDOC 🇺🇸

4.4

(9)

22K documents

1 / 20

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
CIA Part 2 questions with correct answers
Governance process objectives Correct Answer-1. Promoting appropriate ethics
and values within the organization.
2. Ensuring effective organizational performance management and accountability.
3. Communicating risk and control information to appropriate areas of the
organization.
4. Coordinating the activities of and communicating information among the board,
external and internal auditors, and management.
Audit committee purpose Correct Answer-1. Helps keep external and internal
auditors independent of management and to assure that the directors are exercising
due care.
2. Selects the external auditors; reviews their overall audit plan; examines the
results of external and internal auditing engagements; meets regularly with the
CAE; and reviews the internal audit activity's engagement work schedule, staffing
plan, and financial budget. These functions should increase public confidence that
financial statements are fairly presented.
Considerations when evaluating a code of conduct Correct Answer-
comprehensiveness and compliance. The code should address the ethical issues
that the employees are expected to encounter and provide suitable guidance. The
internal auditor also must consider the extent to which employees are complying
with the standards established.
The objectives of Organizational development (OD) (one of change management
approaches) Correct Answer-(1) deepen the sense of organizational purpose and
align individuals with it; (2) promote interpersonal trust, communication,
cooperation, and support; (3) encourage a problem-solving approach; (4) develop a
satisfying work experience; (5) supplement formal authority with authority based
on expertise; (6) increase personal responsibility; and (7) encourage willingness to
change.
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14

Partial preview of the text

Download Organizational Development and Internal Auditing Practices and more Exams Nursing in PDF only on Docsity!

CIA Part 2 questions with correct answers

Governance process objectives Correct Answer-1. Promoting appropriate ethics and values within the organization.

  1. Ensuring effective organizational performance management and accountability.
  2. Communicating risk and control information to appropriate areas of the organization.
  3. Coordinating the activities of and communicating information among the board, external and internal auditors, and management. Audit committee purpose Correct Answer-1. Helps keep external and internal auditors independent of management and to assure that the directors are exercising due care.
  4. Selects the external auditors; reviews their overall audit plan; examines the results of external and internal auditing engagements; meets regularly with the CAE; and reviews the internal audit activity's engagement work schedule, staffing plan, and financial budget. These functions should increase public confidence that financial statements are fairly presented. Considerations when evaluating a code of conduct Correct Answer- comprehensiveness and compliance. The code should address the ethical issues that the employees are expected to encounter and provide suitable guidance. The internal auditor also must consider the extent to which employees are complying with the standards established. The objectives of Organizational development (OD) (one of change management approaches) Correct Answer-(1) deepen the sense of organizational purpose and align individuals with it; (2) promote interpersonal trust, communication, cooperation, and support; (3) encourage a problem-solving approach; (4) develop a satisfying work experience; (5) supplement formal authority with authority based on expertise; (6) increase personal responsibility; and (7) encourage willingness to change.

Evaluation of the coordination between the internal and external auditors Correct Answer-May be made by chief audit executive. The CAE is responsible for regular evaluations of the coordination between internal and external auditors. Such evaluations may also include assessments of the overall efficiency and effectiveness of internal and external audit activities, including aggregate audit cost. The CAE communicates the results of these evaluations to senior management and the board, including relevant comments about the performance of external auditors External assessment includes Correct Answer-(1) conformance with The IIA's mandatory guidance and the internal audit activity's charter, plans, policies, procedures, practices, and applicable legislative and regulatory requirements; (2) the expectations of the internal audit activity expressed by the board, senior management, and operational managers; (3) the integration of the internal audit activity into the governance process; (4) the tools and techniques employed by the internal audit activity; (5) the mix of knowledge, experience, and disciplines within the staff, including staff focus on process improvement; and (6) the determination whether the internal audit activity adds value and improves operations. However, the costs and benefits of internal auditing are neither easily quantifiable nor the subject of an external assessment. Responsibility of the board. Correct Answer-Oversight of the work of external auditors, including coordination with the internal audit activity Responsibility of CAE Correct Answer-Regular evaluations of the coordination between internal and external auditors.

activities, provides guidance to employees on relevant issues, and decreases the risk that employees will engage in unethical or illegal behavior.

  1. Organization creates an organizational chart identifying board members, senior officers, a senior compliance officer, and department personnel who are responsible for implementing compliance programs.
  2. Organization creates a compliance program on a global basis, not just for selective geographic locations, to reflect appropriate local conditions, laws, and regulations Control self-assessment (CSA) Correct Answer-process that involves employees in assessing the adequacy of controls and identifying opportunities for improvement within an organization combines: (1) traditional auditing concepts, (2) risk analysis, (3) self-assessment approaches Program-results engagement Correct Answer-is intended to obtain information about the costs, outputs, benefits, and effects of the program. It attempts to measure the accomplishment and relative success of the undertaking. Because benefits often cannot be quantified in financial terms, a special concern is the ability to measure effectiveness. Control-based format Correct Answer-begins with the facilitator identifying the key risks and controls, then the group determining how well they are working Process-based format Correct Answer-focuses on selected activities that are elements of a chain of processes.

Objective-based format Correct Answer-- begins by identifying controls currently in place, then determining the residual risks.

  • focuses on the best way to accomplish a business objective. The workshop begins by identifying the procedures presently in place to support the objective and then determines the residual risks remaining. The aim of the workshop is to decide whether the procedures are working effectively and are resulting in residual risks within an acceptable level. Risk-based format Correct Answer-focuses on listing the risks to achieving an objective. The workshop begins by listing all possible barriers, obstacles, threats, and exposures that might prevent achieving an objective and, then, examining the control procedures to determine if they are sufficient to manage the key risks. The aim of the workshop is to determine significant residual risks. This format takes the work team through the entire objective-risks-controls formula. Operational engagement Correct Answer-involves "the review of a function or process to appraise the efficiency and economy of operations and the effectiveness with which those functions achieve their objectives." A comparison of actual and standard costs addresses efficiency and economy issues. Internal control Correct Answer-is a process affected by an entity's board management and other personnel that is designed to provide reasonable assurance regarding the achievement of (1) reliability of financial reporting, (2) effectiveness and efficiency of operations, and (3) compliance with applicable laws and regulations. The three distinct categories of assurance services correspond to the three objectives of internal control defined in the control framework by COSO Correct Answer-reliability of financial reporting, effectiveness and efficiency of operations, and compliance with applicable laws and regulations.

The questionnaire approach of CSA program Correct Answer-uses a survey, not work teams representing different levels in the business unit or function. The self-certification approach of CSA program Correct Answer-is produced by management, not by work teams representing different levels in the business unit or function. It allows for the chief audit executive (CAE) to synthesize information provided by the internal auditors with other information to enhance the understanding about controls and to share the knowledge Four categories of measures of performance included in balanced scorecard Correct Answer-1. profitability;

  1. customer satisfaction;
  2. innovation;
  3. efficiency, quality, and time. Innovations in the production of goods or services do not typically lend themselves to ongoing performance measurement. Limitation to employee termination or other discipline Correct Answer-(1) whistleblower laws; (2) exceptions to the employee-at-will doctrine (the right of an employer to fire an employee for any reason); (3) employee or union contracts; and (4) employer responsibilities with regard to discrimination, wrongful discharge, and requirements to act in good faith. However, a governmental requirement that an entity report certain employee violations is not itself a limitation on the employer's power to discipline employees.

TQM Correct Answer-comprehensive approach to quality. It treats the pursuit of quality as a basic organizational function that is as important as production or marketing. It is the continuous pursuit of quality in every aspect of organizational activities through: (1) a philosophy of doing it right the first time; (2) employee training and empowerment; (3) promotion of teamwork; (4) improvement of processes; and (5) attention to satisfaction of customers, both internal and external. It emphasizes the supplier's relationship with the customer, identifies customer needs, and recognizes that everyone in a process is at some time a customer or supplier of someone else, either inside or outside of the organization. Privacy of communication Correct Answer-freedom from monitoring Privacy of space Correct Answer-freedom from surveillance Privacy of information Correct Answer-collection, use, and disclosure of personal information by others Personal privacy Correct Answer-physical and psychological Privacy framework evaluation considerations Correct Answer-1. The various laws, regulations, and policies relating to privacy in the jurisdictions where the organization operates.

  1. Conferring with in-house legal counsel to determine the exact nature of laws, regulations, and other standards and practices applicable to the organization and the countries where it operates.

Their extent depends on the degree of risk of noncompliance. Transactional environmental audits Correct Answer-(also called acquisition and divestiture audits, property transfer site assessments, property transfer evaluations, and due diligence audits) assess the environmental risks and liabilities of land or facilities prior to a property transaction. Product audits Correct Answer-determine whether products are environmentally friendly and whether product and chemical restrictions are being met. This process may result in the development of fully recyclable products, changes in the use and recovery of packaging materials, and the phaseout of some chemicals Effectiveness of internal control assessed answering the following questions: Correct Answer-1. Is the ethical environment and culture strong?

  1. How does the organization identify and manage risks?
  2. Is the control system effective?
  3. Is monitoring strong? Business process reengineering Correct Answer-involves process innovation and core process redesign. Instead of improving existing procedures, it finds new ways of doing things. One of the primary tools used in the implementation of a TQM approach Correct Answer-Benchmarking Process (function) benchmarking Correct Answer-studies operations of organizations with similar processes regardless of industry.

Contingency estimates Correct Answer-include any threatened or pending litigation, claims, and assessments. Subsequent to the acquisition of a new subsidiary, the internal auditor should contact the external organizational counsel regarding any threatened or pending litigation, claims, and assessments. When expanding the reporting to other parties, the auditor takes the following steps until satisfied with the resolution of the matter: Correct Answer-1. Determine what direction is provided in the agreement concerning the consulting engagement and related communications.

  1. Attempt to persuade those receiving or requesting the service to expand voluntarily the communication to the appropriate parties.
  2. Determine what guidance is provided in the internal audit charter or audit activity's policies and procedures concerning consulting communications.
  3. Determine what guidance is provided in the organization's code of conduct, code of ethics, and other relative policies, administrative directives, or procedures.
  4. Determine what guidance is provided by The IIA's Standards and Code of Ethics, other standards or codes applicable to the auditor, and any legal or regulatory requirements that relate to the matter under consideration. Steps performed during a review of the waste vendor Correct Answer-- Review the vendor's documentation on hazardous material.
    • Review the vendor's emergency response planning.
    • Review the financial solvency of the vendor.
    • Determine that the vendor is approved by the governmental entity that is responsible for environmental protection
    • Obtain the vendor's permit number.
    • Conduct an inspection of the vendor's facilities.

(2) likelihood of environmental harm, fines, and penalties; (3) expenditures mandated by governmental agencies; (4) history of injuries and deaths; (5) history of losing customers; and (6) episodes of negative publicity and loss of public image and reputation. Customer satisfaction measure Correct Answer-Includes:

  1. market share,
  2. retention,
  3. response time,
  4. delivery performance,
  5. .number of defects,
  6. lead time. Internal auditors must identify key business risks and controls during XXX phase Correct Answer-during the planning phase Considerations for proposed consulting engagements Correct Answer-should be considered based on the engagement's potential to improve:
  7. management of risks,
  8. add value,
  9. improve the organization's operations. Accepted engagements must be included in the plan. Inherent risk Correct Answer-susceptibility of a relevant assertion to a misstatement that could be material assuming that there are no related controls.

Control risk Correct Answer-risk that a misstatement that could occur in a relevant assertion and that could be material will not be prevented or detected on a timely basis by the internal controls. Detection risk Correct Answer-risk that the auditor will not detect a misstatement that exists in a relevant assertion that could be material. Audit resources are considered to be effectively deployed Correct Answer-when they are used in a way that optimizes the achievement of the approved plan of the chief audit executive. Least essential in the preparation of an engagement work program Correct Answer- The preparation of a budget identifying the costs of resources needed. Internal auditors must determine appropriate and sufficient resources to achieve engagement objectives based on an evaluation of the nature and complexity of each engagement, time constraints, and available resources (Perf. Std. 2230). Hence, it is implicit that the work program state the resources necessary to carry out the detailed tasks specified. However, quantification of costs is not essential to writing the work program. Audit risk Correct Answer-the risk that an auditor's procedures will lead to the expression of an inappropriate audit opinion when the financial statements are materially misstated. It is a function of inherent risk, control risk, and detection risk. The only risk the auditor directly controls is detection risk. Thus, the auditor achieves the desired level of overall audit risk by adjusting detection risk in response to the assessed levels of inherent risk and control risk.

It includes: (1) providing opportunities for developing internal auditors' knowledge, skills, and other competencies. (2) appropriate evidence of supervision should be documented and retained. (3) the extent of supervision required will depend on the proficiency and experience of internal auditors and the complexity of the engagement. Three basic information-gathering procedures Correct Answer-(1) observing conditions, (2) interviewing people, (3) examining records. Interrogations would be used during a fraud investigation after the internal auditor has already gathered pertinent facts and is seeking a confirmation. Tracing Correct Answer-is used to gain assurance regarding the completeness assertion, for example, that a liability was properly accrued for all goods received. Pro forma work program Correct Answer-designed to be used for repeated engagements related to similar operations. It is ordinarily modified over a period of years in response to problems encountered in the field. This type of program assures at least minimum coverage, provides comparability, and saves resources when operations at different locations have similar activities, risks, and controls. Also useful when management is concerned with standardized operation of various functions. The engagement supervisor Correct Answer-responsible for:

(1) assembling and training the team; (2) making assignments; (3) reviewing working papers; (4) establishing a process to ensure regular, thorough, and timely communication of necessary information among team members. Vouching Correct Answer-verifying recorded amounts by examining the underlying documents from the final documents to the original documents. The engagement objective of working backward is to provide information that recorded amounts reflect valid transactions. It supports the existence or occurrence assertion. It is irrelevant to the completeness assertion, because the existence of records of some transactions does not prove that all transactions were recorded. Interim reports Correct Answer-written or oral and may be transmitted formally or informally. They are used to communicate information that requires immediate attention, to communicate a change in engagement scope for the activity under review, or to keep management informed of engagement progress when engagements extend over a long period Cause attribute Correct Answer-is the reason for the difference between the expected and actual conditions (why the conditions exist). Criteria Correct Answer-are the standards, measures, or expectations used in making an evaluation and/or verification (the correct state). Condition attribute Correct Answer-is the factual evidence that the internal auditor found in the course of the examination.

Forensic auditing Correct Answer-the use of accounting and auditing knowledge and skills in matters having civil or criminal implications. Management or the board Correct Answer-determines whether to inform parties outside the organization about fraud incidents after consultation with individuals such as legal counsel, human resources personnel, and the CAE. Internal communications Correct Answer-strategic tool used by management to reinforce its position relating to integrity and to show why internal controls are important. CAE Correct Answer-is responsible for fraud reporting, which consists of the various oral or written, interim or final, communications to management or the board regarding the status and results of fraud investigations. Safeguarding of assets Correct Answer-Determining whether all goods paid for have been received Performance audit engagements Correct Answer-involve review of the business and control environment and key performance indicators against set criteria using balanced scorecards, SWOT analysis, and management control evaluation. A balanced scorecard is an evaluation of company performance against established criteria. SWOT analysis appraises the business and potentially the control environment. Using slides/overheads to support a discussion of major points Correct Answer-is the most effective way to report observations, conclusions, and recommendations and to stimulate action.

Verification Correct Answer-broad term for the process of determining the validity of provided information.