Академический Документы
Профессиональный Документы
Культура Документы
In applying the standards of conduct set forth in The IIA's Code of Ethics, internal
auditors are expected to
RATIONALE
The IIA's Code of Ethics contains basic principles which require individual judgment to
apply; however, judgment may not be used to decide whether or not to use the code.
During an audit, an employee with whom you have developed a good working
relationship informs you that she has some information about top management which
would be damaging to the organization and may concern illegal activities. The employee
does not want to go public with the information and does not want her name associated
with the release of the information. Which of the following actions would be considered
inconsistent with the Code of Ethics and the Standards?
A. Inform the individual that you will attempt to keep the source of the information confidential
and will look into the matter further.
B. Suggest the person consider talking to legal counsel.
C. Inform the employee of other methods of communicating this type of information.
D. Assure the employee that you can maintain her anonymity and listen to the information.
RATIONALE
The Code of Ethics and Standards do not provide for strict confidentiality of information.
The other options are allowable.
In the final report for an internal audit, the internal auditor states that security controls
are at the same level of effectiveness as the last audit. There is no mention that control
activities in the previous audit were found to be unsatisfactory. According to the Code of
Ethics, this communication is
RATIONALE
Rule 2.3 in the Code of Ethics prohibits the potential biasing of communication of the
message in an internal auditor’s report. All information necessary for the user to
correctly understand the report must be disclosed.
A. I and II only
B. III and IV only
C. II and IV only
D. II, III, and IV only
RATIONALE
The auditor may have recognized a red flag in the staff member's situation and should
have made discreet inquiries to look for any further indications of potential fraud, but the
interim report was not necessary and the note to the spouse, while understandable, was
a violation of confidentiality. Buying stock on public information in a quarterly report is
not insider trading, but acquiring stock in an operation under audit does compromise the
auditor's objectivity. It is therefore not a "prudent use" of information acquired during the
audit and is use of information for personal gain (or may be perceived as such).
Criminal acts, no matter who may have committed them, require action. Providing
information related to a legal proceeding does not violate confidentiality.
For more information, refer to Part 1, Section I, Chapter B, Topic 1.
Q5 –
Which of the following would be permissible under The IIA's Code of Ethics?
RATIONALE
Auditors must exhibit loyalty to the organization, but they must not be a party to any
illegal activity. Thus, auditors must comply with legal subpoenas. The other options are
prohibited by the Rules of Conduct (1.2, 2.3, and 3.2).
During a consulting engagement, the internal auditor discovers that materials are being
used against contractual requirements. The finding is not related to the scope of the
engagement so the auditor does not include the information in the final audit report.
According to the Code of Ethics, this behavior is
RATIONALE
Through nondisclosure, the internal auditor would be lying about what he or she found.
This behavior violates the Code's integrity principle. Rule 1.2 in the Code of Ethics
states, internal auditors shall observe the law and make disclosures expected by the
law and the profession. In other words, internal auditors are expected to perform their
work with diligence and truthfulness and in accordance with the law and ethical values
of their organization and the profession.
During the course of work on an operations audit, the internal auditor learns that the
organization is about to purchase one of its suppliers, which is a public company. There
is no public discussion of this matter as yet. Which of the following actions by the
internal auditor would be a violation of The IIA's Code of Ethics?
I. The auditor buys stock in the supplier but tells no one of the potential acquisition.
II. The auditor does not buy stock in the supplier and only mentions the talk of a
takeover to family members.
III. The auditor tells a friend that the supplier has many good qualities and would be a
good addition to the friend's portfolio but does not mention the takeover possibility.
IV. The auditor takes no investment action on the information but documents the
confidential information in the working papers to include in the final report.
A. I only
B. II and III only
C. I, II, and III only
D. I, II, III, and IV
RATIONALE
An auditor with special expertise in financial statement analysis would most likely risk
violating The IIA's Code of Ethics by doing which of the following activities without
consulting senior management and the chief audit executive (CAE)?
RATIONALE
Performing paid services for a division manager of the organization would create a
potential conflict of interest and therefore requires the consent of senior management
and the CAE. Even though the internal auditor is providing a personal service that may
seem unrelated to the work of the organization, the auditor's interest in promoting the
personal financial success of the executive and the executive's interest in providing
compensation for the auditor's outside work could impair the independence of both in
discharging their responsibilities in the organization.
An auditor, nearing the end of an engagement, discovers that the director of marketing
has a gambling habit. The gambling issue is not directly related to the existing
engagement, and there is pressure to complete the current engagement. The auditor
notes the problem and forwards the information to the chief audit executive but performs
no further follow-up. The auditor’s actions would
RATIONALE
There is no violation of either The IIA Code of Ethics or the Standards. The auditor is
not withholding information because the auditor has documented a red flag and has
forwarded the information to the chief audit executive.
A CIA, working as the director of purchasing, signs a contract to procure a large order
from the supplier with the best price, quality, and performance. Shortly after signing the
contract, the supplier presents the CIA with a gift of significant monetary value. Which of
the following statements regarding the acceptance of the gift is correct?
A. Since the CIA is not acting as an internal auditor, acceptance of the gift would be governed
only by the organization’s code of conduct.
B. Since the contract was signed before the gift was offered, acceptance of the gift would not
violate either The IIA Code of Ethics or the organization’s code of conduct.
C. Acceptance of the gift would be prohibited only if it were noncustomary.
D. Acceptance of the gift would violate The IIA Code of Ethics and would be prohibited for a
CIA.
RATIONALE
Which of the following would constitute a violation of The IIA's Code of Ethics?
A. George has been assigned to do an audit of the warehousing function six months from now.
George has no expertise in that area, but he accepted the assignment anyway. He has
signed up for continuing professional education courses in warehousing which will be
completed before his assignment begins.
B. Janice has accepted an assignment to audit the electronics manufacturing division. Janice
has recently joined the internal auditing department. However, she was senior auditor for the
external audit of that division and has audited many electronics companies during the past
two years.
C. John discovered an internal financial fraud during the year. The books were adjusted to
properly reflect the loss associated with the fraud. John discussed the fraud with the external
auditor when the external auditor reviewed working papers detailing the incident.
D. Jane is content with her career as an internal auditor and has come to look at it as a regular
9-to-5 job. She has not engaged in continuing professional education or other activities to
improve her effectiveness during the last three years. However, she feels she is performing
the same quality work she always has.
RATIONALE
This scenario would be a violation of the Competency Rule of Conduct of the Code of
Ethics, which requires auditors to continually strive for improvement in their proficiency
and in the effectiveness of their audits.