Month End Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmaspas7

Easiest Solution 2 Pass Your Certification Exams

IIA-CRMA-ADV IIA Certification in Risk Management Assurance Free Practice Exam Questions (2025 Updated)

Prepare effectively for your IIA IIA-CRMA-ADV Certification in Risk Management Assurance certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.

IIA IIA-CRMA-ADV Premium Access     Download Demo    
Page: 2 / 5
Total 283 questions

During an engagement, an internal auditor decided to use variance analysis as an auditing techniques. Which of the following steps should the auditor pursue if he discovers unexpected deviations of actual results from budget?

A.

Report the deviations immediately to the audit committee.

B.

Gather additional information to determine the cause of the deviations.

C.

Conclude that the budget was unreasonably set and accept the deviations.

D.

Perform alternative forms of analytical procedures which provide no deviations.

Which of the following best ensures an internal audit activity has the ability to render impartial and unbiased assessments?

A.

Organizational status and objectivity.

B.

Supervision of the chief audit executive (CAE) by senior management.

C.

Organizational knowledge and skills.

D.

CAE certification.

An internal auditor notes that employees are able to download files from the internet. According to IIA guidance, which of the following strategies would best protect the organization from the risk of copyright infringement and licensing violations resulting from this practice?

A.

Apply antivirus and patch management software.

B.

Utilize dedicated and encrypted network connections.

C.

Install a software inventory management application.

D.

Utilize secure socket layer encryption.

According to the IIA guidance, who is responsible for periodically assessing the internal audit activity?

A.

The board.

B.

The chief audit executive.

C.

Senior management.

D.

The external auditors.

During an internal audit, an organization's processing department is found to have incidences of both duplicate invoices and notices from customers that purchased goods were not received. The department under review insists that some of these reports are false and that others were isolated oversights due to understaffing.

Which of the following tests would best help the internal auditor detect fraudulent activity?

A.

Check inventory levels.

B.

Search for gaps in check numbers.

C.

Compare vendor summaries.

D.

Review raw material purchase quantities.

Which of the following actions does not violate the IIA Code of Ethics or Standards?

A.

An internal auditor performing an audit on an operation that they managed less than a year ago.

B.

An internal auditor performing an audit on procedures that they were responsible for creating.

C.

An internal auditor disclosing details of an audit report to colleagues from a different organization.

D.

An internal auditor disclosing confidential information in response to a lawsuit.

After being terminated due to downsizing, an internal auditor finds a different job with an organization in the same industry. Which of the following actions would violate the IIA Code of Ethics?

A.

To determine audit priorities in the new job, the auditor uses the audit risk approach that the auditor's previous employer used, without receiving permission to do so.

B.

At the new organization, the auditor is asked to develop forms to implement probability-proportional-to-size sampling. Although unsure of how to perform this type of sampling, the auditor proceeds without asking for assistance.

C.

In preparing for an audit at the previous organization, the auditor had conducted a great deal of research on the Internet at home to identify best practices for the management of a treasury function. The auditor has retained much of the research and uses it to conduct an audit of the new employer's treasury function.

D.

In the first week at the new organization, the auditor discovers a high fraud risk surrounding the organization's database and suggests that the information technology department implement a new password system to prevent fraudulent actions before they occur.

In which of the following scenarios would a customer service hotline receive a high volume of complaints regarding payments not being applied to customers’ accounts?

A.

Invoices are not being mailed to customers.

B.

An employee is tampering with customer checks.

C.

Employees are submitting fraudulent expense reports.

D.

The customer service department is not forwarding complaints to the accounts receivable department.

Which the following activities should be performed by the internal audit activity to facilitate an effective relationship with the audit committee?

1. Periodically report about the accounting standards followed by the organization.

2. Provide assurance to the audit committee that its charter, activities, and processes are appropriate.

3. Ensure that the role and activities of the internal audit activity are clearly understood and responsive to the needs of the audit committee.

4. Maintain open and effective communications with the audit committee.

A.

1 and 2 only

B.

3 and 4 only

C.

1, 3, and 4 only

D.

2, 3, and 4 only

The internal audit supervisor is reviewing the workpapers prepared by the staff. According to the Standards, which of the following statements regarding workpaper supervision is not true?

A.

Review notes of questions that arise during the review process must be retained.

B.

Dating and initialing each workpaper provides evidence of review.

C.

Workpaper review allows for staff training and development.

D.

Workpapers may be amended during the review process.

Which of the following actions indicates a lack of due professional care by an internal auditor performing an audit of a store's cash function?

A.

The audit report included a well-supported recommendation for a reduction in staff even though such a reduction might adversely impact morale.

B.

The auditor tested samples of transactions to test the cash function's process flows.

C.

After determining that the cash function internal controls were strong, the audit report assured senior management that fraud was not present.

D.

The auditor discovered an instance of potential fraud and reported it immediately to management, but did not alert authorities outside the organization.

A manufacturing organization discovers that the waste water released has failed to meet permitted limits.

Which control function will be least effective in correcting the issue?

A.

Performing a chemical analysis of the water, prior to discharge, for components specified in the permit.

B.

Posting signs that tell employees which substances may be disposed of via sinks and floor drains within the facility.

C.

Diluting pollutants by flushing sinks and floor drains daily with large volumes of clean water.

D.

Establishing a preventive maintenance program for the pretreatment system.

During the course of an audit, an internal auditor discovers that a valuable employee in the research department has been patenting new developments in the employee's name that are unrelated to the basic business of the organization.

The organization does not have a policy addressing this specific issue, but does have a general policy that all important new discoveries by employees are the property of the organization.

Division management views the employee's actions as extra incentive to retain the employee.

A decision to include the employee's action in the engagement final communication would be:

1. A violation of the IIA Code of Ethics.

2. A violation of the reporting requirements in the Standards.

3. Justified and necessary, according to the IIA Code of Ethics and Standards.

A.

1 only

B.

2 only

C.

3 only

D.

1 and 2 only

Which of the following statements describes a control failure that is not directly attributable to a customer billing application?

1. End users have raised a number of concerns regarding data integrity.

2. An untested program change is transferred from the test environment to production.

3. Purchase history does not reconcile with accounts receivable for some customers.

4. End user security is inadvertently granted to an unauthorized individual by management.

A.

1 and 3.

B.

1 and 4.

C.

2 and 3.

D.

2 and 4.

Why is a code of ethics for the internal audit profession necessary?

A.

It ensures that all members of the profession possess the same level of competence.

B.

It provides auditors with protection from lawsuits.

C.

It guides internal auditors in their service to others.

D.

It requires auditors to exhibit loyalty to their organizations.

A staff auditor, nearly finished with an audit engagement, discovers that the director of marketing has a gambling habit. The gambling issue is not directly related to the existing engagement, and there is pressure to complete the current engagement. The auditor notes the problem and forwards the information to the chief audit executive, but performs no further follow-up.

Which of the following statements is true about the auditor's actions?

A.

They are in violation of the IIA Code of Ethics because the auditor withheld meaningful information.

B.

They are in violation of the Standards because the auditor did not properly follow up on a red flag that might indicate the existence of fraud.

C.

They are in violation of neither the IIA Code of Ethics nor the Standards.

D.

They are not in violation of the Standards but are in violation of the IIA Code of Ethics.

Allegations have been made that an organization's share price has been manipulated.

Which of the following would provide an internal auditor with the most objective evidence in this case?

A.

Major shareholders of the organization.

B.

Large customers of the organization.

C.

Former members of management.

D.

Former financial consultants.

According to IIA guidance, which of the following best describes processes and tools typically used in ongoing internal assessments?

A.

Benchmarking of the internal audit activity's practices and performance.

B.

Report of internal assessment results, response plans, and outcomes.

C.

Analysis of performance metrics such as cycle times.

D.

Self-assessments and surveys of stakeholder groups.

Which of the following is the most significant disadvantage of using checklists to evaluate internal controls?

A.

They serve as a reminder of what controls should exist in a process.

B.

They require yes/no responses to specific questions, not open-ended responses.

C.

They do not capture all controls that may exist.

D.

They are useful in assessing risk.

Which of the following scenarios exemplifies a potential internal control weakness?

A.

The same employee who receives cash from customers prepares a prelisting of cash receipts.

B.

The same employee who records cash receipts in the accounts receivable subsidiary ledger ensures that the ledger automatically updates the information.

C.

The same employee who restrictively endorses checks received from customers prepares the bank's check deposit slips.

D.

The same employee who makes deposits at the bank prepares the monthly bank reconciliation.

IIA IIA-CRMA-ADV Premium Access     Download Demo    
Page: 2 / 5
Total 283 questions
Copyright © 2014-2025 Solution2Pass. All Rights Reserved