An internal auditor assessed the controls within his organization's payroll process and suspects that erroneous payments may have been made to a fraudulent bank account. What is the best course of action for the auditor to take?
Which combination of strategies would provide the best evaluation of the effectiveness of the organization's risk assessment activity?
1. Interview staff at various levels to discuss the organization's objectives, significant risks, and risk appetite.
2. Review board meeting minutes to determine whether the significant risks identified are communicated timely to the board.
3. Evaluate the adequacy and timeliness of management remediation actions by reviewing the control design, testing the controls, and reviewing monitoring procedures.
4. Review the professional development plans of internal audit staff to ensure all are competent to assess the organization's risk assessment activity.
Which of the following practices is generally most effective to protect internal audit objectivity?
An experienced internal auditor is planning an assurance engagement of the organization's sales activities. During process walkthroughs and interviews, many sales representatives expressed concerns about management's escalating demands to meet the organization's sales goals. According to the MA guidance, which of the following is the best application of due professional care in planning the engagement?
According to The IIA's Competency Framework, which competency is considered the mandatory minimum for internal auditors to possess when performing internal audit engagements?