Pass Using IIA-CIA-Part2 Exam Dumps

To determine the projected misstatement for the population using ratio estimation, the following calculation can be used:

Projected Misstatement=(Sample MisstatementSample Book Value)×Population Book ValueProjected Misstatement=(Sample Book ValueSample Misstatement​)×Population Book Value

Given:

Sample Misstatement = $420,000

Sample Book Value = $12,000,000

Population Book Value = $20,000,000

Projected Misstatement=(420,00012,000,000)×20,000,000Projected Misstatement=(12,000,000420,000​)×20,000,000

Projected Misstatement=0.035×20,000,000=700,000Projected Misstatement=0.035×20,000,000=700,000

Therefore, the projected misstatement is $700,000.

References:

IIA Standards: 2320 - Analysis and Evaluation

IIA Practice Guide: Statistical Sampling

To investigate unusually high employee turnover at the organization's primary manufacturing plant, the internal auditor is likely to use benchmarking. Benchmarking involves comparing the organization’s turnover rates with those of similar organizations or industry standards to identify deviations and potential issues. This approach helps in understanding whether the turnover rate is indeed unusually high and what factors may be contributing to it.

References:

IIA Practice Guide: Benchmarking in Internal Audit

IIA Standards: 1220 - Due Professional Care

In this scenario, the most appropriate action for the internal auditor is to verify that the risk highlighted by the previous audit has indeed been addressed by the new IT system. This involves a detailed examination of the system documentation and possibly testing the controls within the new system. Once the auditor confirms that the new system adequately addresses the identified risk, they should report this finding to senior management and close the issue.

This approach ensures that the internal audit activity adheres to the IIA Standards regarding follow-up on audit findings, which requires auditors to ensure that agreed-upon actions have been implemented effectively.

IIA References:

IIA Standard 2500: Monitoring Progress mandates that the chief audit executive must establish and maintain a system to monitor the disposition of results communicated to management. This includes ensuring that the risks identified are appropriately addressed.

The Practice Advisory 2500.A1-1: Follow-up Process advises that follow-up is a critical part of the audit process, and it is essential to confirm that management actions address the risks identified during the audit.

Given these considerations, the correct answer is A. The auditor examines the system documentation of the new system to verify that the risk has been addressed in the new system, then reports to senior management the closure of the issue.

The chief audit executive (CAE) should meet with the chief IT officer to discuss the incident, the investigation, and any control improvements that will be implemented (1). Additionally, developing an appropriate audit program with the IT auditor to review the organization’s Internet-based sales process and key controls (3) is a proactive approach to ensure future incidents are prevented and to enhance the organization's security posture. References: = IIA Standard 2120 - Risk Management and IIA Standard 2201 - Planning Considerations.