Legit IIA-CIA-Part2 Exam Download

Preparing a detailed audit program is a critical component of engagement planning. This program outlines the specific procedures and tests that the internal auditor will perform to evaluate the effectiveness of controls. It ensures that the audit is conducted systematically and thoroughly, addressing all relevant risks and objectives. A detailed audit program provides a clear roadmap for the audit, helping to ensure that all necessary areas are covered and that the audit's objectives are achieved.References:

The Institute of Internal Auditors (IIA) - Standards for the Professional Practice of Internal Auditing, Standard 2201 - Planning Considerations

In the five-attribute approach to documenting deficiencies, the attribute that answers the question "What should be in place?" is Criteria. Criteria represent the standards, measures, or expectations used in making an evaluation and/or verification (what should be). It defines what the process or control should achieve, serving as a benchmark against which the actual condition (what is) is compared. The criteria are essential for identifying deviations and determining the nature and significance of deficiencies.References: IIA's International Standards for the Professional Practice of Internal Auditing, Standard 2410 – Criteria for Communicating.

To prevent the situation where discrepancies identified by the auditor are corrected after being noted, it is essential to preserve the audit evidence. Taking screenshots or extracting tender documents would provide a permanent record of the discrepancies, ensuring that any subsequent changes do not invalidate the auditor's findings. This practice is crucial for maintaining the integrity of the audit evidence and supporting the audit conclusions. Option B is related but not as direct as preserving primary evidence. Options C and D do not address the preservation of evidence effectively.References: The IIA's International Standards for the Professional Practice of Internal Auditing, Standard 2310 - Identifying Information.

According to IIA guidance, the internal audit plan should be based on an assessment of risks to the organization (1), designed to determine the effectiveness of the organization's risk management process (2), and aligned with the organization's goals (4). The development of the audit plan is typically the responsibility of the chief audit executive, often with input from senior management and the audit committee, rather than being solely developed by senior management (3). References: IIA Standard 2010 – Planning, IIA Practice Guide – Developing the Internal Audit Plan