THINK BIG!

Our only savior is our will power. Will is the switch that controls everything in this universe. If you don't exercise your will power, you will be a weakling, easily influenced by your environment. Development of the will is the secret of magnetism. Men of success are men of great will power. When you develop will, no matter how you are pounded down by life, you rise again and say, "I am successful. I can win." Regards from Prof Mahaley Head Gmsisuccess Your Career Mentor Gmsisuccess...

Saturday, November 8, 2025

CIA Part 1 mcq on objectivity integrity proficiency etc

Section A1

CIA Part 1 – MCQs on Objectivity & Integrity of Internal Auditors

1.

An internal auditor is assigned to review purchase transactions of a department where his brother works as a purchasing officer. What should the auditor do?
A. Continue the audit but disclose the relationship later.
B. Accept the assignment but avoid interviewing his brother.
C. Decline or reassign the audit to maintain objectivity.
D. Proceed with the audit as long as procedures are standard.
Answer: ✅ C
Explanation: A close family relationship creates a conflict of interest; auditor’s objectivity is impaired.

2.

While auditing supplier payments, an internal auditor receives a gift voucher from a supplier. What is the appropriate action?
A. Accept the gift if its value is below company policy limits.
B. Politely decline the gift to maintain integrity and objectivity.
C. Accept the gift and disclose it later.
D. Share the gift with the audit team.
Answer: ✅ B
Explanation: Accepting gifts from parties being audited may impair independence and integrity.

3.

An internal auditor discovers unauthorized cash sales made by a store manager. The manager offers a future promotion in exchange for silence. What should the auditor do?
A. Decline the offer and report the incident to the Chief Audit Executive (CAE).
B. Ignore the offer and continue working normally.
C. Accept the offer but perform a more detailed review.
D. Transfer to another department.
Answer: ✅ A
Explanation: Integrity requires the auditor to act honestly and report fraudulent or unethical behavior.

4.

An internal auditor’s objectivity is MOST likely impaired when:
A. The auditor has prior experience in the area being audited.
B. The auditor reviews a process they designed 10 months ago.
C. The auditor is certified in auditing standards.
D. The auditor is under the direct supervision of the CAE.
Answer: ✅ B
Explanation: Reviewing one’s own past work within one year impairs objectivity.

5.

A supplier offers an auditor free travel and accommodation to visit their manufacturing site for audit purposes. What is the best response?
A. Accept the offer to save company expenses.
B. Refuse the offer and arrange travel through the organization.
C. Accept the offer but disclose it to management.
D. Postpone the visit.
Answer: ✅ B
Explanation: Accepting travel or hospitality from auditees compromises independence and objectivity.

6.

Which of the following best describes integrity as per The IIA Code of Ethics?
A. Performing work without bias.
B. Being honest, diligent, and responsible.
C. Avoiding relationships that impair judgment.
D. Respecting confidentiality of information.
Answer: ✅ B
Explanation: Integrity emphasizes honesty and diligence in professional duties.

7.

An internal auditor is offered a full-time job by a client immediately after completing an audit. What should the auditor do?
A. Accept the offer if audit work is completed.
B. Notify the CAE and remove themselves from related audits.
C. Accept the offer privately.
D. Decline and continue with normal duties.
Answer: ✅ B
Explanation: The auditor must disclose potential conflicts such as job offers to avoid impaired objectivity.

8.

If an auditor suspects fraud in purchase orders and management pressures them to overlook it, integrity requires the auditor to:
A. Adjust findings to satisfy management.
B. Report the matter objectively to the CAE.
C. Ignore the issue to maintain team harmony.
D. Seek legal advice before proceeding.
Answer: ✅ B
Explanation: Integrity requires reporting significant issues truthfully despite management pressure.

9.

A family member of the internal auditor applies for a position in a department frequently audited by the auditor. What should the auditor do?
A. Recommend the family member for selection.
B. Disclose the relationship to the CAE and avoid related audits.
C. Continue auditing but avoid bias.
D. Withdraw from all audit activities.
Answer: ✅ B
Explanation: Disclosure and reassignment prevent conflicts of interest.

10.

Which principle of the IIA Code of Ethics requires internal auditors to perform their work honestly, diligently, and responsibly?
A. Confidentiality
B. Competency
C. Integrity
D. Objectivity
Answer: ✅ C

11.

An internal auditor discovers a missing cash receipt during cash sales verification. The cashier offers a gift to ignore it. What should the auditor do?
A. Refuse the gift and report the incident.
B. Accept the gift but make a note of it.
C. Informally warn the cashier.
D. Return the gift but avoid reporting.
Answer: ✅ A
Explanation: Accepting any bribe or favor compromises both integrity and objectivity.

12.

Objectivity requires internal auditors to:
A. Maintain impartial attitude and avoid conflicts of interest.
B. Follow instructions from management always.
C. Accept gifts that do not affect judgment.
D. Perform audits quickly to meet deadlines.
Answer: ✅ A

13.

When internal auditors perform consulting services for management, objectivity is maintained if they:
A. Accept responsibility for operational decisions.
B. Refrain from making management decisions.
C. Implement process improvements directly.
D. Act as part of the management team.
Answer: ✅ B

14.

Which of the following is a breach of integrity?
A. Reporting audit findings with factual evidence.
B. Concealing a material error to protect a colleague.
C. Declining a personal gift from a client.
D. Following the IIA’s standards.
Answer: ✅ B

15.

A purchasing clerk offers the auditor a “discount” on personal purchases as appreciation. What should the auditor do?
A. Accept as a courtesy.
B. Decline the offer and report it.
C. Accept if approved by the supervisor.
D. Ignore it and continue the audit.
Answer: ✅ B

16.

An internal auditor promotes a friend for employment within the audit department. This action:
A. Violates objectivity.
B. Violates integrity.
C. Violates both integrity and objectivity.
D. Is acceptable if the friend is qualified.
Answer: ✅ C

17.

The most significant threat to objectivity occurs when an internal auditor:
A. Performs both assurance and consulting services for the same client.
B. Audits areas in which they previously worked.
C. Participates in recruitment of staff they will audit.
D. All of the above.
Answer: ✅ D

18.

An auditor delays reporting fraud because the department head is a close friend. Which principle is violated?
A. Confidentiality
B. Objectivity
C. Competency
D. Courtesy
Answer: ✅ B

19.

Integrity in internal auditing primarily involves:
A. Avoiding relationships that impair judgment.
B. Being honest and transparent in all professional activities.
C. Maintaining technical proficiency.
D. Observing confidentiality.
Answer: ✅ B

20.

During a vendor verification, the auditor learns that a supplier routinely overbills. Integrity requires:
A. Ignoring it since it’s a common practice.
B. Reporting it honestly as a finding.
C. Discussing it only with the supplier.
D. Waiting for management approval.
Answer: ✅ B

21.

Which of the following best describes objectivity?
A. Free from bias or conflict of interest.
B. Possessing sufficient professional skills.
C. Keeping information confidential.
D. Following management orders.
Answer: ✅ A

22.

If an auditor is asked to audit an area they helped design two years ago, they should:
A. Accept without concern.
B. Decline due to self-review threat.
C. Proceed since enough time has passed.
D. Perform only partial testing.
Answer: ✅ C
Explanation: Objectivity impairment exists if within one year; after that, reassignment is acceptable.

23.

Which IIA principle emphasizes the auditor’s impartiality and avoidance of conflicts?
A. Competency
B. Integrity
C. Objectivity
D. Confidentiality
Answer: ✅ C

24.

When internal auditors accept job offers from entities they recently audited, what must occur?
A. The audit should be re-performed.
B. The auditor must report this to the CAE.
C. The auditor may accept freely.
D. No action required after resignation.
Answer: ✅ B

25.

A supplier gives a Diwali gift to all employees including auditors. What should the auditor do?
A. Accept since it’s customary.
B. Report and seek guidance from the CAE.
C. Return it silently.
D. Ignore and continue.
Answer: ✅ B
Explanation: Even small customary gifts should be reported to avoid perceived loss of independence.

Section A2

Objectivity, Integrity, Proficiency, Independence, Confidentiality

1. What is the primary objective of internal auditing?

A) To detect fraud

B) To ensure compliance with laws and regulations

C) To provide assurance on the effectiveness of internal controls

D) To improve organizational performance

Answer: C) To provide assurance on the effectiveness of internal controls

2. What is objectivity in internal auditing?

A) The ability to perform audits without bias

B) The ability to maintain confidentiality

C) The ability to detect fraud

D) The ability to improve organizational performance

Answer: A) The ability to perform audits without bias

3. What is integrity in internal auditing?

A) The quality of being honest and trustworthy

B) The ability to maintain confidentiality

C) The ability to detect fraud

D) The ability to improve organizational performance

Answer: A) The quality of being honest and trustworthy

4. What is proficiency in internal auditing?

A) The ability to perform audits with skill and care

B) The ability to maintain confidentiality

C) The ability to detect fraud

D) The ability to improve organizational performance

Answer: A) The ability to perform audits with skill and care

5. What is independence in internal auditing?

A) The ability to perform audits without interference

B) The ability to maintain confidentiality

C) The ability to detect fraud

D) The ability to improve organizational performance

Answer: A) The ability to perform audits without interference

Ethical Issues & Professionalism

6. What is the primary ethical issue in internal auditing?

A) Confidentiality

B) Objectivity

C) Integrity

D) Professionalism

Answer: A) Confidentiality

7. What is the role of the internal auditor in ensuring professionalism?

A) To maintain confidentiality

B) To perform audits with skill and care

C) To detect fraud

D) To improve organizational performance

Answer: B) To perform audits with skill and care

Internal Audit Mandate & Internal Audit Charter

8. What is the purpose of an internal audit charter?

A) To define the scope of internal audit activities

B) To establish the authority of internal audit

C) To define the role of internal audit

D) All of the above

Answer: D) All of the above

9. What is the internal audit mandate?

A) To provide assurance on the effectiveness of internal controls

B) To detect fraud

C) To improve organizational performance

D) To ensure compliance with laws and regulations

Answer: A) To provide assurance on the effectiveness of internal controls

Internal Audit Mission, Objectives, Core Principles

10. What is the mission of internal audit?

A) To provide assurance on the effectiveness of internal controls

B) To detect fraud

C) To improve organizational performance

D) To ensure compliance with laws and regulations

Answer: A) To provide assurance on the effectiveness of internal controls

11. What are the objectives of internal audit?

A) To provide assurance on the effectiveness of internal controls

B) To detect fraud

C) To improve organizational performance

D) All of the above

Answer: D) All of the above

12. What are the core principles of internal auditing?

A) Integrity, objectivity, confidentiality, and proficiency

B) Independence, objectivity, confidentiality, and proficiency

C) Integrity, objectivity, independence, and confidentiality

D) All of the above

Answer: D) All of the above

Internal Control & Internal Audit Activity

13. What is internal control?

A) A process designed to provide reasonable assurance of achieving organizational objectives

B) A process designed to detect fraud

C) A process designed to improve organizational performance

D) A process designed to ensure compliance with laws and regulations

Answer: A) A process designed to provide reasonable assurance of achieving organizational objectives

14. What is the role of internal audit in internal control?

A) To provide assurance on the effectiveness of internal controls

B) To detect fraud

C) To improve organizational performance

D) To ensure compliance with laws and regulations

Answer: A) To provide assurance on the effectiveness of internal controls

Assurance & Consultancy Services

15. What is assurance in internal auditing?

A) A service that provides an opinion on the effectiveness of internal controls

B) A service that provides advice on improving organizational performance

C) A service that detects fraud

D) A service that ensures compliance with laws and regulations

Answer: A) A service that provides an opinion on the effectiveness of internal controls

16. What is consultancy in internal auditing?

A) A service that provides advice on improving organizational performance

B) A service that provides an opinion on the effectiveness of internal controls

C) A service that detects fraud

D) A service that ensures compliance with laws and regulations

Answer: A) A service that provides advice on improving organizational performance

Scope, Limitations & Resource Limitations

17. What is the scope of internal audit?

A) To provide assurance on the effectiveness of internal controls

B) To detect fraud

C) To improve organizational performance

D) All of the above

Answer: D) All of the above

18. What are the limitations of internal audit?

A) Resource limitations

B) Scope limitations

C) Time limitations

D) All of the above

Answer: D) All of the above

Section B...

Objectivity, Integrity, Proficiency, Independence, Confidentiality

1. An internal auditor is assigned to audit a department where they previously worked. What should they do?

A) Accept the assignment and perform the audit

B) Decline the assignment due to potential bias

C) Accept the assignment and disclose the potential bias

D) Request guidance from the audit manager

Answer: C) Accept the assignment and disclose the potential bias

2. An internal auditor discovers a minor error in the financial statements. What should they do?

A) Ignore the error and continue with the audit

B) Report the error to management and include it in the audit report

C) Correct the error themselves

D) Discuss the error with the auditee and ask them to correct it

Answer: B) Report the error to management and include it in the audit report

Ethical Issues & Professionalism

3. An internal auditor is offered a gift by a vendor. What should they do?

A) Accept the gift and keep it confidential

B) Decline the gift and report it to management

C) Accept the gift and disclose it in the audit report

D) Return the gift and explain the company's policy

Answer: B) Decline the gift and report it to management

4. An internal auditor is asked to perform an audit in a department where their friend works. What should they do?

A) Accept the assignment and perform the audit

B) Decline the assignment due to potential bias

C) Accept the assignment and disclose the potential bias

D) Request guidance from the audit manager

Answer: C) Accept the assignment and disclose the potential bias

Internal Audit Mandate & Internal Audit Charter

5. What is the primary purpose of an internal audit charter?

A) To define the scope of internal audit activities

B) To establish the authority of internal audit

C) To define the role of internal audit

A) To establish the authority of internal audit

B) To define the scope of internal audit activities

C) To define the role of internal audit

D) To provide assurance on the effectiveness of internal controls

Answer: A) To establish the authority of internal audit

Internal Audit Mission, Objectives, Core Principles

6. What is the primary objective of internal audit?

A) To provide assurance on the effectiveness of internal controls

B) To detect fraud

C) To improve organizational performance

D) To ensure compliance with laws and regulations

Answer: A) To provide assurance on the effectiveness of internal controls

7. What is the mission of internal audit?

A) To provide assurance on the effectiveness of internal controls

B) To detect fraud

C) To improve organizational performance

D) To ensure compliance with laws and regulations

Answer: A) To provide assurance on the effectiveness of internal controls

Internal Control & Internal Audit Activity

8. What is the role of internal audit in internal control?

A) To provide assurance on the effectiveness of internal controls

B) To detect fraud

C) To improve organizational performance

D) To ensure compliance with laws and regulations

Answer: A) To provide assurance on the effectiveness of internal controls

9. What is the primary benefit of internal audit's assurance services?

A) Improved organizational performance

B) Enhanced risk management

C) Increased compliance with laws and regulations

D) Improved effectiveness of internal controls

Answer: D) Improved effectiveness of internal controls

Scope, Limitations & Resource Limitations

10. What is a limitation of internal audit?

A) Resource limitations

B) Scope limitations

C) Time limitations

D) All of the above

Answer: D) All of the above

Section C...

Objectivity, Integrity, Proficiency, Independence, Confidentiality

1. An internal auditor is assigned to audit a department where they previously worked. What should they do?

A) Accept the assignment and perform the audit

B) Decline the assignment due to potential bias

C) Accept the assignment and disclose the potential bias

D) Request guidance from the audit manager

Answer: C) Accept the assignment and disclose the potential bias

2. An internal auditor discovers a minor error in the financial statements. What should they do?

A) Ignore the error and continue with the audit

B) Report the error to management and include it in the audit report

C) Correct the error themselves

D) Discuss the error with the auditee and ask them to correct it

Answer: B) Report the error to management and include it in the audit report

Ethical Issues & Professionalism

3. An internal auditor is offered a gift by a live television interview and is asked about the company's financial performance. What should they do?

A) Share the information as it's public knowledge

B) Decline to comment and refer the question to the company's spokesperson

C) Share the information but ask the interviewer to keep it confidential

D) Share the information and explain the company's financials in detail

Answer: B) Decline to comment and refer the question to the company's spokesperson

Internal Audit Mandate & Internal Audit Charter

4. An internal audit charter is being reviewed and updated. Who should approve the charter?

A) The audit committee

B) The CEO

C) The internal audit director

D) The external auditor

Answer: A) The audit committee

5. An internal auditor is assigned to audit a department that is not included in the audit plan. What should they do?

A) Perform the audit as assigned

B) Decline the assignment and refer to the audit plan

C) Request guidance from the audit manager

D) Discuss the assignment with the department manager

Answer: B) Decline the assignment and refer to the audit plan

Internal Audit Mission, Objectives, Core Principles

6. What is the primary objective of internal audit?

A) To provide assurance on the effectiveness of internal controls

B) To detect fraud

C) To improve organizational performance

D) To ensure compliance with laws and regulations

Answer: A) To provide assurance on the effectiveness of internal controls

7. An internal auditor is performing an audit and identifies a significant control weakness. What should they do?

A) Report the weakness to management and include it in the audit report

B) Ignore the weakness and continue with the audit

C) Correct the weakness themselves

D) Discuss the weakness with the auditee and ask them to correct it

Answer: A) Report the weakness to management and include it in the audit report

Internal Control & Internal Audit Activity

8. An internal auditor is performing an audit and identifies a control that is not operating effectively. What should they do?

A) Report the control weakness to management and include it in the audit report

B) Ignore the control weakness and continue with the audit

C) Correct the control weakness themselves

D) Discuss the control weakness with the auditee and ask them to correct it

Answer: A) Report the control weakness to management and include it in the audit report

9. An internal auditor is performing an audit and identifies a significant risk. What should they do?

A) Report the risk to management and include it in the audit report

B) Ignore the risk and continue with the audit

C) Mitigate the risk themselves

D) Discuss the risk with the auditee and ask them to mitigate it

Answer: A) Report the risk to management and include it in the audit report

Assurance & Consultancy Services

10. An internal auditor is providing consultancy services to a department. What should they do?

A) Provide advice and recommendations to the department

B) Perform the audit and report findings to management

C) Correct the control weaknesses themselves

D) Discuss the control weaknesses with the auditee and ask them to correct it

Answer: A) Provide advice and recommendations to the department

Scope, Limitations & Resource Limitations

11. An internal auditor is performing an audit and encounters a scope limitation. What should they do?

A) Continue with the audit and report the scope limitation

B) Decline the assignment and refer to the audit plan

C) Request guidance from the audit manager

D) Discuss the scope limitation with the auditee and ask them to correct it

Answer: A) Continue with the audit and report the scope limitation

Section D....

🧭 CIA Part 1 – Ethics, Independence & Internal Audit Framework (50 MCQs with Answers)

1. Which of the following best defines objectivity in internal auditing?

A. Avoiding all personal relationships

B. Performing work with unbiased mental attitude

C. Disclosing all information to management

D. Accepting management’s view in every situation

✅ Answer: B

2. Which principle of the Code of Ethics requires auditors to perform their work honestly and diligently?

A. Objectivity

B. Integrity

C. Confidentiality

D. Proficiency

✅ Answer: B

3. Which standard defines the purpose, authority, and responsibility of the internal audit activity?

A. Standard 1000

B. Standard 1100

C. Standard 1200

D. Standard 1300

✅ Answer: A

4. The internal audit activity’s independence is primarily achieved through:

A. Annual appraisal by management

B. Dual reporting to management and the board

C. Internal auditors working in isolation

D. Performing only consulting engagements

✅ Answer: B

5. The Internal Audit Charter should be approved by:

A. Chief Audit Executive (CAE)

B. Senior Management

C. Board or Audit Committee

D. External Auditor

✅ Answer: C

6. The internal audit mission emphasizes:

A. Reviewing accounting records only

B. Enhancing and protecting organizational value

C. Detecting employee fraud

D. Preparing management reports

✅ Answer: B

7. Independence of the internal audit activity is threatened if:

A. Internal auditors recommend control improvements

B. The CAE reports to the CFO

C. Internal auditors evaluate operational performance

D. Audit reports are distributed to the board

✅ Answer: B

8. Which of the following is a core principle for the professional practice of internal auditing?

A. The internal audit activity manages all risk functions

B. Demonstrates integrity

C. Performs only compliance audits

D. Avoids communication with stakeholders

✅ Answer: B

9. Which of the following best describes the scope of internal auditing?

A. Only financial reporting controls

B. Only IT and operational controls

C. Governance, risk management, and control processes

D. Compliance with laws only

✅ Answer: C

10. Which statement best defines proficiency?

A. Objectivity in reporting

B. Possession of necessary knowledge and skills

C. Independence from management

D. Avoidance of conflicts of interest

✅ Answer: B

11. When an internal auditor discloses confidential information without proper authority, it violates:

A. Standard 1100

B. Code of Ethics – Confidentiality principle

C. Standard 1300

D. Objectivity standard

✅ Answer: B

12. Which standard covers independence and objectivity?

A. 1100 Series

B. 1200 Series

C. 2000 Series

D. 2100 Series

✅ Answer: A

13. The primary purpose of assurance services is to:

A. Offer advice and training to management

B. Provide objective evaluation of evidence for governance and control

C. Implement management decisions

D. Prepare financial statements

✅ Answer: B

14. Consulting services are performed to:

A. Provide independent assessment only

B. Add value and improve operations

C. Certify financial statements

D. Conduct statutory audit

✅ Answer: B

15. Internal auditors must refrain from:

A. Performing control evaluations

B. Making management decisions

C. Reviewing compliance processes

D. Reporting audit results

✅ Answer: B

16. Which standard requires the CAE to communicate resource limitations to the board?

A. Standard 2020

B. Standard 2030

C. Standard 2060

D. Standard 2100

✅ Answer: B

17. Scope limitation occurs when:

A. Management prevents auditors from accessing records

B. Auditors refuse to review financial reports

C. Audit team lacks proper certification

D. Audit findings are not accepted by management

✅ Answer: A

18. The Internal Audit Charter should:

A. Define scope of work and reporting relationships

B. Focus on IT audit only

C. Be confidential and undisclosed

D. Be approved annually by CFO

✅ Answer: A

19. Integrity in internal auditing means:

A. Being neutral when pressured

B. Acting honestly and ethically

C. Avoiding all management interaction

D. Being loyal to management

✅ Answer: B

20. Objectivity requires auditors to:

A. Support management’s decisions

B. Avoid conflicts of interest

C. Focus only on financial audits

D. Depend on prior audit results

✅ Answer: B

21. Which of the following is part of the core principles of internal auditing?

A. Demonstrates competence and due professional care

B. Performs consulting engagements only

C. Manages risk on behalf of management

D. Issues only financial recommendations

✅ Answer: A

22. An internal auditor discovering fraud must:

A. Ignore it if immaterial

B. Report it promptly through appropriate channels

C. Inform external auditors only

D. Report directly to the suspected employee

✅ Answer: B

23. Resource limitations may impact:

A. Audit independence

B. Audit plan execution

C. Objectivity of external auditors

D. Accounting policies

✅ Answer: B

24. Due professional care means:

A. Working within time limits

B. Applying care and skill expected of a reasonably prudent auditor

C. Following management’s orders

D. Avoiding professional judgment

✅ Answer: B

25. The Internal Audit Mandate is typically established through:

A. The Audit Plan

B. The Internal Audit Charter

C. The Code of Conduct

D. The Quality Assurance Program

✅ Answer: B

26. The Mission of Internal Audit aligns with:

A. Organizational accounting policy

B. Organizational mission and objectives

C. External audit objectives

D. Financial reporting standards

✅ Answer: B

27. Which of the following best represents a violation of independence?

A. CAE approving payroll transactions

B. Auditor auditing after management’s approval

C. Auditor providing recommendations

D. Auditor reviewing control design

✅ Answer: A

28. The Assurance Services include all except:

A. Control self-assessment

B. Risk assessment

C. Financial statement audit

D. Implementing control measures

✅ Answer: D

29. Consulting engagements must be:

A. Mandatory

B. Performed at management’s request

C. Avoided completely

D. Approved by external auditor

✅ Answer: B

30. Which of the following may impair objectivity?

A. Rotating audit assignments regularly

B. Accepting gifts from auditees

C. Reporting to the audit committee

D. Following IIA standards

✅ Answer: B

31. The Core Principles are intended to:

A. Replace the Standards

B. Reinforce the Standards and Code of Ethics

C. Define audit procedures

D. Replace the Charter

✅ Answer: B

32. Which of the following is a Standard 1100 requirement?

A. Internal auditors must be objective and independent

B. Internal audit plan must be approved by CFO

C. Audit results must be kept confidential

D. Internal audit must perform consulting work annually

✅ Answer: A

33. The CAE should confirm the organizational independence of the internal audit activity to the board:

A. Quarterly

B. Annually

C. As per local laws

D. Whenever management requests

✅ Answer: B

34. A conflict of interest arises when:

A. The auditor’s personal interest interferes with duty

B. The auditor performs both audit and advisory work

C. Management disagrees with audit results

D. The board approves audit recommendations

✅ Answer: A

35. Which standard addresses proficiency and due professional care?

A. 1200 Series

B. 1100 Series

C. 2000 Series

D. 1300 Series

✅ Answer: A

36. The internal auditor’s role in internal control is to:

A. Design and implement controls

B. Evaluate and recommend improvements

C. Own the controls

D. Enforce compliance

✅ Answer: B

37. Which of the following best demonstrates professionalism?

A. Exercising skepticism and maintaining ethical behavior

B. Prioritizing management’s opinion

C. Accepting all consulting assignments

D. Performing audit only if risk is high

✅ Answer: A

38. The Quality Assurance and Improvement Program (QAIP) ensures:

A. Objectivity of external audit

B. Continuous improvement of the audit function

C. Compliance with HR policies

D. Accounting system reliability

✅ Answer: B

39. Which standard covers coordination with external auditors?

A. 2050

B. 2060

C. 1100

D. 1000

✅ Answer: A

40. The CAE reports functionally to the:

A. CFO

B. Audit Committee or Board

C. CEO

D. COO

✅ Answer: B

41. Independence ensures that:

A. The auditor’s judgment is not compromised

B. The auditor agrees with management

C. The audit follows management directives

D. Confidential data remains secret

✅ Answer: A

42. Confidentiality requires auditors to:

A. Disclose all audit information publicly

B. Use information only for authorized purposes

C. Keep all information permanently

D. Share information with peers freely

✅ Answer: B

43. Ethical Dilemma arises when:

A. Two ethical principles conflict

B. Internal auditors have complete clarity

C. The audit is external

D. The CAE is independent

✅ Answer: A

44. The Internal Audit Objective includes:

A. Safeguarding assets and ensuring reliable information

B. Designing controls

C. Managing operations

D. Preparing accounting statements

✅ Answer: A

45. A resource limitation might lead to:

A. Reduction in audit coverage

B. Better audit quality

C. Increased independence

D. Improved communication

✅ Answer: A

46. Internal auditing is an independent, objective assurance and consulting activity designed to:

A. Certify accounts

B. Add value and improve an organization’s operations

C. Replace external auditors

D. Detect all frauds

✅ Answer: B

47. Assurance engagements should be performed in conformity with:

A. Company policy only

B. International Standards (IIA)

C. Auditor’s preference

D. Local law only

✅ Answer: B

48. Who is responsible for establishing and maintaining internal control?

A. Management

B. Internal Auditor

C. External Auditor

D. Audit Committee

✅ Answer: A

49. The IIA Code of Ethics applies to:

A. Only Certified Internal Auditors

B. All internal auditors, whether certified or not

C. Only senior auditors

D. Only CAEs

✅ Answer: B

50. Which of the following reflects due professional care?

A. Performing sufficient analysis before concluding

B. Completing audit as quickly as possible

C. Relying only on management representations

D. Avoiding documentation of work

✅ Answer: A

Section E....

### MCQ Objectivity, Integrity, Proficiency, Independence, Confidentiality

1. Which is NOT a core ethical principle for internal auditors?

- a) Integrity

- b) Objectivity

- c) Confidentiality

- d) Profitability

**Answer:** d) Profitability [3]

2. Objectivity in internal auditing requires:

- a) Loyalty to the audit client

- b) An unbiased mental attitude

- c) Reporting to the CFO only

- d) Avoidance of professional skepticism

**Answer:** b) An unbiased mental attitude [1]

3. An internal auditor maintaining professional skepticism is demonstrating:

- a) Objectivity

- b) Integrity

- c) Proficiency

- d) Confidentiality

**Answer:** a) Objectivity [9]

4. Integrity in internal audit is best demonstrated by:

- a) Adhering to organizational rules over auditing standards

- b) Reporting facts fearlessly

- c) Avoiding conflict with colleagues

- d) Using personal judgment for benefit

**Answer:** b) Reporting facts fearlessly [5]

5. Proficiency in internal auditing means:

- a) Passing only certification exams

- b) Applying knowledge, skills, and experience

- c) Focusing on a single industry

- d) Delegating audit work

**Answer:** b) Applying knowledge, skills, and experience [1]

6. Independence is achieved primarily through:

- a) Professional development

- b) Organizational status and objectivity

- c) Audit committee participation

- d) Peer review

**Answer:** b) Organizational status and objectivity [1]

7. Confidentiality requires internal auditors to:

- a) Share all information with management

- b) Disclose sensitive information only if legally obligated

- c) Report friends’ wrongdoing

- d) Use data for personal projects

**Answer:** b) Disclose sensitive information only if legally obligated [5]

8. Which violates confidentiality?

- a) Accepting an IT consulting request despite lacking experience

- b) Providing a friend with a confidential marketing plan

- c) Rewording an observation to avoid complaints

- d) Auditing a familiar department

**Answer:** b) Providing a friend with a confidential marketing plan [9]

9. The most critical component of objectivity is:

- a) Organizational status

- b) Avoidance of conflicts of interest

- c) Use of technology

- d) Summary reporting

**Answer:** b) Avoidance of conflicts of interest [7]

10. Internal auditors must exercise due professional care by considering:

- a) Cost versus benefit only

- b) Only management’s wishes

- c) Risks, controls, and probability of error

- d) The audit schedule

**Answer:** c) Risks, controls, and probability of error [9]

***

#### Ethical Issues & Professionalism

11. If an auditor is pressured to conceal irregularities, which core principle is at risk?

- a) Independence

- b) Objectivity

- c) Confidentiality

- d) Proficiency

**Answer:** b) Objectivity [5]

12. Professional conduct means:

- a) Appeasing management always

- b) Adhering to IIA’s Code of Ethics

- c) Prioritizing audit fees over accuracy

- d) Rapid audit completion

**Answer:** b) Adhering to IIA’s Code of Ethics [5]

13. A conflict of interest occurs when:

- a) The IA has a personal financial interest

- b) The engagement covers multiple departments

- c) Staff are untrained

- d) The working papers are incomplete

**Answer:** a) The IA has a personal financial interest [1]

14. Which action upholds integrity?

- a) Ignoring evidence that management dislikes

- b) Reporting material findings regardless of consequences

- c) Fabricating minor details for efficiency

- d) Delaying reports for client review

**Answer:** b) Reporting material findings regardless of consequences [5]

15. Professional skepticism involves:

- a) Trusting all evidence presented

- b) Questioning and validating audit evidence

- c) Basing reports on assumptions

- d) Limiting sample sizes

**Answer:** b) Questioning and validating audit evidence [1]

***

#### Internal Audit Mandate & Internal Audit Charter

16. The internal audit charter is primarily approved by:

- a) Chief Audit Executive (CAE)

- b) The Board

- c) Chief Financial Officer

- d) Audit staff

**Answer:** b) The Board [1]

17. The audit charter includes all except:

- a) Purpose and authority

- b) Annual audit plan

- c) Responsibility

- d) Organizational relationships

**Answer:** b) Annual audit plan [1]

18. The main purpose of an internal audit charter is to:

- a) Define audit roles, authority, and accountability

- b) Set cheap audit pricing

- c) Limit audit resources

- d) Detail technology workflows

**Answer:** a) Define audit roles, authority, and accountability [4]

19. What is the function of the internal audit mandate?

- a) Codify audit staff compensation

- b) Establish audit’s authority and responsibility

- c) Determine board composition

- d) Set IT policy

**Answer:** b) Establish audit’s authority and responsibility [1]

20. The charter should be reviewed:

- a) Every 5 years

- b) Annually or as needed

- c) Only if the CAE changes

- d) When the audit plan changes

**Answer:** b) Annually or as needed [1]

***

#### Mission, Objectives, Core Principles, Internal Control & Audit Activities

21. The internal audit mission statement focuses on:

- a) Profit maximization

- b) Enhancing and protecting organizational value

- c) IT implementation

- d) Legal compliance only

**Answer:** b) Enhancing and protecting organizational value [6]

22. Core principles include all except:

- a) Integrity

- b) Value-adding activities

- c) Independence

- d) Legal advocacy

**Answer:** d) Legal advocacy [1]

23. Objectives of internal audit activity exclude:

- a) Evaluate risk management

- b) Ensure compliance with external auditors

- c) Enhance control effectiveness

- d) Improve governance

**Answer:** b) Ensure compliance with external auditors [1]

24. Effectiveness of an audit relies on:

- a) CAE tenure

- b) Alignment with core principles

- c) Independence from standards

- d) Timeliness alone

**Answer:** b) Alignment with core principles [1]

25. Internal audit activity’s objective is:

- a) Appraise operational economy & efficiency

- b) Draft annual reports

- c) Conduct financial analysis only

- d) Resolve HR matters

**Answer:** a) Appraise operational economy & efficiency [1]

26. Internal control framework elements comprise:

- a) Control environment, risk assessment, info & communication, monitoring, control activities

- b) Audit planning and scheduling

- c) Budget and resource allocation

- d) Staff training only

**Answer:** a) Control environment, risk assessment, info & communication, monitoring, control activities [1]

27. Assurance services provide:

- a) Objective assessment of evidence to give opinions

- b) Direct management of controls

- c) Marketing consultancy

- d) Staff recruitment

**Answer:** a) Objective assessment of evidence to give opinions [1]

28. Consulting services in audit are defined as:

- a) Providing advice to add value and improve operations

- b) Setting operational targets

- c) Project management

- d) Procurement

**Answer:** a) Providing advice to add value and improve operations [1]

29. What does scope limitation primarily affect?

- a) The annual budget

- b) The ability to achieve engagement objectives

- c) The CAE’s compensation

- d) Training requirements

**Answer:** b) The ability to achieve engagement objectives [1]

30. Resource limitation in audit is best addressed by:

- a) Prioritizing risk-based audit activities

- b) Cancelling consultative engagements

- c) Reducing sample sizes arbitrarily

- d) Ignoring the audit plan

**Answer:** a) Prioritizing risk-based audit activities [1]

***

#### Internal Control, Assurance, Consultancy, Scope/Resource Limitations

31. Internal audit provides assurance by:

- a) Assessing the adequacy of risk management, control, and governance

- b) Approving transactions

- c) Managing day-to-day operations

- d) Only reporting major fraud

**Answer:** a) Assessing the adequacy of risk management, control, and governance [1]

32. Scope limitation examples include:

- a) Denial of access to records

- b) Sufficient audit staff provided

- c) Audit plan acceptance

- d) Continuous professional development

**Answer:** a) Denial of access to records [1]

33. Resource limitation may lead to:

- a) Incomplete audit coverage

- b) More assurance services

- c) Increased objectivity

- d) Legal immunity

**Answer:** a) Incomplete audit coverage [1]

34. Consultant activities may be subject to:

- a) Management approval and conflict resolution

- b) Legal action only

- c) Confidentiality breaches only

- d) Budget expansion only

**Answer:** a) Management approval and conflict resolution [1]

35. Internal audit’s independence for consultancy is maintained by:

- a) Avoiding management decision-making roles

- b) Approving contracts

- c) Negotiating employee wages

- d) Monitoring time entries

**Answer:** a) Avoiding management decision-making roles [1]

36. Core principle for assurance services:

- a) Free from bias or undue influence

- b) Based on CAE preference

- c) Informal communication

- d) Reliance on previous audits

**Answer:** a) Free from bias or undue influence [1]

37. Role of internal audit in risk management is:

- a) Providing assurance on risk management processes

- b) Designing risk strategies

- c) Day-to-day risk ownership

- d) Investment decisions

**Answer:** a) Providing assurance on risk management processes [1]

38. Example of a resource limitation:

- a) Insufficient staff for required audit coverage

- b) Unclear audit objectives

- c) Lack of reporting guidelines

- d) Favorable audit budget

**Answer:** a) Insufficient staff for required audit coverage [1]

39. Mission of internal auditing relates to:

- a) Enhancing and protecting value by providing risk-based, objective assurance, advice, and insight

- b) Minimizing compliance reporting

- c) Maximizing audit fees

- d) Ensuring management satisfaction

**Answer:** a) Enhancing and protecting value by providing risk-based, objective assurance, advice, and insight [6]

40. Audit charter should empower internal audit to:

- a) Access all records and personnel relevant to engagements

- b) Focus on IT audits only

- c) Participate in management meetings only

- d) Approve all expenditures

**Answer:** a) Access all records and personnel relevant to engagements [1]

***

#### Remaining Explained

41. External reporting lines for IA independence:

- a) Direct to audit committee/board

- b) To HR department

- c) To process owners

- d) Only to management

**Answer:** a) Direct to audit committee/board [1]

42. Professional competence in internal audit means:

- a) Fulfilling educational and experience requirements

- b) Accepting all engagements

- c) Relying solely on certifications

- d) Avoiding collaboration

**Answer:** a) Fulfilling educational and experience requirements [1]

43. Main purpose of working papers:

- a) Document planning, work done, and evidence obtained

- b) Demonstrate audit speed

- c) Calculate audit fees

- d) Provide public reports

**Answer:** a) Document planning, work done, and evidence obtained [1]

44. IIA Code of Ethics applies to:

- a) All IIA members and CIA holders globally

- b) Only US auditors

- c) Public auditors only

- d) Management accountants

**Answer:** a) All IIA members and CIA holders globally [1]

45. Professionalism in internal auditing includes:

- a) Exercising confidentiality, integrity, objectivity, and competence

- b) Prioritizing deadlines over quality

- c) Delegating ethics to managers

- d) Avoiding difficult tasks

**Answer:** a) Exercising confidentiality, integrity, objectivity, and competence [1]

46. Engagement objectives should be:

- a) Risk-based and aligned with the audit plan

- b) Changed at auditor’s discretion

- c) Same for every audit

- d) Set by IT only

**Answer:** a) Risk-based and aligned with the audit plan [1]

47. Limitation in audit scope must be:

- a) Communicated to senior management and board

- b) Hidden from clients

- c) Omitted from working papers

- d) Ignored if minor

**Answer:** a) Communicated to senior management and board [1]

48. Ensuring compliance with audit standards demonstrates:

- a) Due professional care

- b) Disregard for rules

- c) Focus on speed

- d) Only technical skills

**Answer:** a) Due professional care [1]

49. Due professional care implies:

- a) Performing work with skill and attention expected of a prudent internal auditor

- b) Fast-tracking all engagements

- c) Ignoring new audit standards

- d) Minimizing evidence collected

**Answer:** a) Performing work with skill and attention expected of a prudent internal auditor [1]

50. Internal auditor’s role in governance:

- a) Assess effectiveness of organization’s governance processes

- b) Approve all policies

- c) Lead the audit committee

- d) Dictate management structure

**Answer:** a)

www.gmsisuccess.in

Friday, November 7, 2025

Answers 125 MCQ Questions with answers on topic Internal Control system control, Governence,Risk Assessment

125 MCQ Questions with answers on topic Internal Control system control, Governence,Risk Assessment

Internal Control and Risk Management

1. What is the primary objective of internal control?

A) To ensure profitability

B) To ensure compliance with laws and regulations

C) To provide reasonable assurance of achieving organizational objectives

D) To detect and prevent fraud

Answer: C) To provide reasonable assurance of achieving organizational objectives

2. Which of the following is a type of internal control?

A) Detective control

B) Preventive control

C) Corrective control

D) All of the above

Answer: D) All of the above

3. What are the components of internal control?

A) Control environment, risk assessment, control activities, information and communication, monitoring

B) Control environment, risk assessment, control activities, information and communication

C) Control environment, risk assessment, control activities, monitoring

D) Control environment, risk assessment, information and communication, monitoring

Answer: A) Control environment, risk assessment, control activities, information and communication, monitoring

Types of Internal Control and Components

4. What is the purpose of a control environment?

A) To identify and assess risks

B) To design and implement control activities

C) To establish a culture of control and ethics

D) To monitor and report on internal control

Answer: C) To establish a culture of control and ethics

5. What is a risk owner?

A) The person responsible for identifying and assessing risks

B) The person responsible for implementing control activities

C) The person responsible for monitoring and reporting on internal control

D) The person responsible for accepting and managing risks

Answer: D) The person responsible for accepting and managing risks

Internal Control Activation and Function

6. What is the first step in activating internal control?

A) Identifying and assessing risks

B) Designing and implementing control activities

C) Establishing a control environment

D) Monitoring and reporting on internal control

Answer: C) Establishing a control environment

7. What is the function of control?

A) To prevent errors and irregularities

B) To detect errors and irregularities

C) To correct errors and irregularities

D) All of the above

Answer: D) All of the above

Efficient Operation of Internal Control

8. When is internal control considered to be efficiently operating?

A) When it provides reasonable assurance of achieving organizational objectives

B) When it detects and prevents all errors and irregularities

C) When it is designed and implemented effectively

D) When it is monitored and reported on regularly

Answer: A) When it provides reasonable assurance of achieving organizational objectives

Inherent Limitations of Internal Control

9. What is an inherent limitation of internal control?

A) Human error

B) Collusion

C) Management override

D) All of the above

Answer: D) All of the above

Types of Control and Risk Management

10. What is application control?

A) Control over the development and implementation of applications

B) Control over the processing of transactions

C) Control over the storage and retrieval of data

D) Control over the security of applications

Answer: A) Control over the development and implementation of applications

11. What is input control?

A) Control over the input of data into a system

B) Control over the processing of transactions

C) Control over the output of data from a system

D) Control over the storage and retrieval of data

Answer: A) Control over the input of data into a system

12. What is process control?

A) Control over the processing of transactions

B) Control over the input of data into a system

C) Control over the output of data from a system

D) Control over the storage and retrieval of data

Answer: A) Control over the processing of transactions

13. What is general control?

A) Control over the overall IT environment

B) Control over specific applications

C) Control over the development and implementation of applications

D) Control over the security of applications

Answer: A) Control over the overall IT environment

Design and Responsibility

14. Who designs control?

A) Management

B) Internal audit

C) External audit

D) Risk management

Answer: A) Management

15. Who is responsible for risk management?

A) Board of directors

B) Management

C) Risk management department

D) Internal audit

Answer: A) Board of directors

Duties and Responsibilities

16. What is the duty of the board of directors?

A) To oversee the internal control system

B) To design and implement control activities

C) To monitor and report on internal control

D) To manage risk

Answer: A) To oversee the internal control system

17. What is the responsibility of the audit committee?

A) To oversee the internal audit function

B) To design and implement control activities

C) To monitor and report on internal control

D) To manage risk

Answer: A) To oversee the internal audit function

Frameworks and Regulations

18. What is COSO?

A) A framework for internal control

B) A framework for risk management

C) A regulation for corporate governance

D) A standard for auditing

Answer: A) A framework for internal control

19. What is COBIT?

A) A framework for IT governance

B) A framework for internal control

C) A regulation for corporate governance

D) A standard for auditing

Answer: A) A framework for IT governance

20. What is SOX?

A) A regulation for corporate governance

B) A framework for internal control

C) A framework for risk management

D) A standard for auditing

Answer: A) A regulation for corporate governance

21. What is FCPA?

A) A regulation for foreign corrupt practices

B) A framework for internal control

C) A framework for risk management

D) A standard for auditing

Answer: A) A regulation for foreign corrupt practices

Risk Management Concepts

22. What is risk tolerance?

A) The amount of risk an organization is willing to take

B) The amount of risk an organization can take

C) The amount of risk an organization should take

D) The amount of risk an organization must take

Answer: A) The amount of risk an organization is willing to take

23. What is risk appetite?

A) The amount of risk an organization is willing to take

B) The amount of risk an organization can take

C) The amount of risk an organization should take

D) The amount of risk an organization must take

Answer: A) The amount of risk an organization is willing to take

24. What is a risk map?

A) A tool for identifying and assessing risks

B) A tool for prioritizing risks

C) A tool for monitoring and reporting on risks

D) A tool for managing risks

Answer: A) A tool for identifying and assessing risks

25. What is a risk maturity model?

A) A model for assessing the maturity of an organization's risk management process

B) A model for identifying and assessing risks

C) A model for prioritizing risks

D) A model for monitoring and reporting on risks

Answer: A) A model for assessing the maturity of an organization's risk management process

Section B....

### Accounting Information Systems & Cycles

1. What is the primary function of an Accounting Information System (AIS)?

a) Process data to provide information to users

b) Record financial transactions only

c) Manage payroll only

d) Prepare financial statements only

**Answer:** a

2. Which document initiates the revenue cycle?

a) Sales order

b) Purchase order

c) Invoice

d) Bill of lading

**Answer:** a

3. What document is primarily used to authorize shipments in the revenue cycle?

a) Bill of lading

b) Purchase order

c) Receiving report

d) Sales invoice

**Answer:** a

4. Which document starts the purchase cycle?

a) Sales order

b) Purchase requisition

c) Receiving report

d) Vendor invoice

**Answer:** b

5. In payroll cycle, what is the primary source document for recording hours worked by hourly employees?

a) Time cards

b) Pay stub

c) Employee contracts

d) Payroll register

**Answer:** a

6. Which control is important in the payroll cycle to prevent fictitious employees?

a) Segregation of duties

b) Matching purchase orders

c) Invoice verification

d) Inventory count

**Answer:** a

### Risk Concepts and Management

7. Who is the primary risk owner in risk management?

a) The individual responsible for managing the risk

b) The auditor

c) Internal control personnel

d) External consultants

**Answer:** a

8. Which of the following is a deliverable of a risk management process?

a) Risk register

b) Financial statements

c) Payroll records

d) Audit invoices

**Answer:** a

9. Risk appetite is best described as:

a) The amount of risk an organization is willing to accept

b) The actual level of risk faced

c) Risks identified in a risk assessment

d) Risks mitigated through controls

**Answer:** a

10. Risk tolerance is defined as:

a) The acceptable level of variation around the risk appetite

b) The maximum loss possible

c) The number of risks an organization faces

d) Risks detected by audit

**Answer:** a

11. What is a risk map used for?

a) Visual representation of risks by likelihood and impact

b) Listing controls

c) Identifying internal control weaknesses

d) Scheduling audits

**Answer:** a

12. What does a heat map illustrate in risk management?

a) Severity of risks by color coding

b) Process flows

c) Audit findings

d) Employee responsibilities

**Answer:** a

13. The risk maturity model assesses:

a) The level of development and effectiveness of risk management processes

b) Financial stability

c) Internal audit quality

d) IT system maturity

**Answer:** a

### Types of Risks

14. Inherent risk is:

a) Risk before any controls are applied

b) Risk after controls are applied

c) Risk of controls failing

d) Risk undetected by auditors

**Answer:** a

15. Control risk is:

a) Risk that controls will fail to prevent or detect a misstatement

b) Risk in the environment

c) Risk accepted by management

d) Auditor's risk

**Answer:** a

16. Detection risk is:

a) Risk that audit procedures will not detect a material misstatement

b) Risk of fraud

c) Risk of operational loss

d) Risk of poor financial performance

**Answer:** a

17. Residual risk is:

a) Risk remaining after controls are applied

b) Risk inherent to the process

c) Risk accepted by the board

d) Risk that is transferred

**Answer:** a

### COSO and COBIT Frameworks

18. Which COSO component focuses on setting objectives and identifying risks?

a) Risk assessment

b) Control activities

c) Information and communication

d) Monitoring activities

**Answer:** a

19. The role of COBIT in IT governance is to:

a) Provide a framework for IT management and governance

b) Conduct financial audits

c) Develop software

d) Manage human resources

**Answer:** a

20. COSO’s five components include all except:

a) Risk assessment

b) Technology management

c) Control environment

d) Monitoring activities

**Answer:** b

### Additional Questions on Cycles, Risk, and Controls

21. The primary goal of the revenue cycle is:

a) To deliver the right product at the right time to the right customer

b) To reduce purchase orders

c) To minimize payroll costs

d) To control financial reporting

**Answer:** a

22. A purchase requisition is used to:

a) Request goods or services internally

b) Pay vendors

c) Ship products to customers

d) Record payroll

**Answer:** a

23. Payroll register contains:

a) Details of employee wages and deductions

b) Purchase orders

c) Sales invoices

d) Inventory levels

**Answer:** a

24. What is a key inherent limitation of any internal control system?

a) Human error and collusion

b) Technology failures only

c) Legislation compliance

d) Financial accounting standards

**Answer:** a

25. Segregation of duties helps prevent:

a) Fraud and errors

b) Payroll processing

c) Risk appetite setting

d) COSO implementation

**Answer:** a

26. Delivery documents in the purchase cycle include:

a) Receiving report

b) Sales invoice

c) Purchase order

d) Time card

**Answer:** a

27. The term "control activities" in COSO refers to:

a) Policies and procedures that help ensure management directives are carried out

b) Financial statements

c) Risk transfer strategies

d) External audit reviews

**Answer:** a

28. Which is an example of residual risk?

a) Risk remaining after implementation of anti-fraud controls

b) Risk that exists before controls are applied

c) Risk identified by the auditor only

d) Risk transferred through insurance

**Answer:** a

29. A delivery note is used to:

a) Confirm goods received by the customer

b) Initiate purchase requisition

c) Record employee attendance

d) Authorize payment to vendors

**Answer:** a

30. Which cycle includes activities involving hiring, payroll processing, and benefits administration?

a) Payroll cycle

b) Revenue cycle

c) Purchase cycle

d) Inventory cycle

**Answer:** a

31. An example of operational risk is:

a) System failure causing business disruption

b) Stock market decline

c) Legal penalties

d) Currency exchange risk

**Answer:** a

32. Risk appetite and risk tolerance are:

a) Related but risk tolerance is narrower than risk appetite

b) The same concept

c) Unrelated

d) Only relevant to auditors

**Answer:** a

33. The main purpose of a risk heat map is to:

a) Prioritize risks for management focus

b) Document payroll transactions

c) Audit revenue transactions

d) Monitor purchase orders

**Answer:** a

34. The COSO internal control framework was first released in:

a) 1992

b) 2001

c) 2013

d) 1985

**Answer:** a

35. Which of the following is a component of the COSO ERM framework?

a) Governance and culture

b) Financial accounting

c) Human resources management

d) Supply chain management

**Answer:** a

36. Directive controls focus on:

a) Encouraging desired behaviors within a process

b) Detecting errors after occurrence

c) Preventing entry of transactions

d) External audit controls

**Answer:** a

37. Which of these is a preventive control?

a) Authorization requirements

b) Reconciliations

c) Audits

d) Reviews

**Answer:** a

38. A detective control is designed to:

a) Identify errors or irregularities after they have occurred

b) Prevent fraud

c) Monitor employee performance

d) Mange IT security

**Answer:** a

39. Who is responsible for defining risk appetite?

a) Board of directors or senior management

b) Internal auditors

c) Staff accountants

d) External auditors

**Answer:** a

40. An example of a deliverable from a risk assessment process would be:

a) Risk register or risk report

b) Payroll summary

c) Purchase orders

d) Financial statements

**Answer:** a

41. Which document controls the flow of goods coming into a company?

a) Receiving report

b) Sales invoice

c) Sales order

d) Purchase requisition

**Answer:** a

42. The primary focus of COBIT is:

a) IT governance and management

b) Internal audit process

c) Payroll control

d) Inventory management

**Answer:** a

43. The COSO control environment is best described as:

a) The foundation for all other components of internal control

b) A risk assessment procedure

c) An IT control framework

d) A compliance guideline

**Answer:** a

44. Risk capacity refers to:

a) The maximum amount of risk an organization can bear

b) Risk detected by audit

c) External risk factors

d) Risk transferred to insurers

**Answer:** a

45. Business continuity planning is a control designed to:

a) Ensure essential business operations during disruptions

b) Reduce payroll errors

c) Verify purchase orders

d) Manage financial reporting standards

**Answer:** a

46. An example of financial risk is:

a) Credit risk from customer defaults

b) Employee fraud

c) IT system failures

d) Legal compliance risk

**Answer:** a

47. Which of these is an example of a residual risk treatment?

a) Risk acceptance after controls are applied

b) Initial risk identification

c) Risk transfer prior to controls

d) Auditing the risk process

**Answer:** a

48. What type of risk is most affected by changes in legislation?

a) Compliance risk

b) Operational risk

c) Strategic risk

d) Market risk

**Answer:** a

49. The risk management process includes all except:

a) Auditing financial statements

b) Risk identification

c) Risk assessment

d) Risk monitoring

**Answer:** a

50. A key characteristic of internal control is that it provides:

a) Reasonable, not absolute, assurance

b) Absolute assurance of risk elimination

c) Financial profitability

d) Continuous monitoring without gaps

**Answer:** a

Section C....

📘 1–10: Accounting Information Systems Basics

1. Which of the following best describes an Accounting Information System (AIS)?

A. A system for recording only financial transactions

B. A system combining people, procedures, data, and IT to process accounting information

C. A manual system used for bookkeeping only

D. A software used for payroll

✅ Answer: B

➡️ AIS integrates people, procedures, and technology to collect and process accounting data.

---

2. The main output of an AIS is:

A. Financial statements and management reports

B. Data entry forms

C. Audit evidence only

D. Purchase orders only

✅ Answer: A

➡️ AIS produces reports to support decision-making.

---

3. The three major subsystems of AIS are:

A. Input, Process, Output

B. Transaction Processing, General Ledger/Reporting, and Management Reporting

C. Sales, Purchase, and Payroll

D. Hardware, Software, and People

✅ Answer: B

➡️ These subsystems capture, process, and report accounting data.

---

4. Which of the following is not a function of AIS?

A. Data collection

B. Data processing

C. Data destruction

D. Information output

✅ Answer: C

---

5. AIS supports internal control by:

A. Promoting segregation of duties

B. Encouraging data duplication

C. Allowing unauthorized access

D. Avoiding audit trails

✅ Answer: A

---

6. The primary objective of an AIS is to:

A. Reduce labor cost

B. Provide accurate and timely information

C. Store large volumes of data

D. Eliminate human errors completely

✅ Answer: B

---

7. Which document is used to record customer orders in AIS?

A. Invoice

B. Sales order

C. Purchase requisition

D. Goods receipt note

✅ Answer: B

---

8. The audit trail in AIS helps auditors:

A. Modify transactions

B. Trace transactions from source to output

C. Delete old records

D. Create new transactions

✅ Answer: B

---

9. Which of the following systems updates records immediately after each transaction?

A. Batch processing system

B. Real-time processing system

C. Periodic system

D. Sequential processing

✅ Answer: B

---

10. In a transaction processing system (TPS), the first step is:

A. Storing data

B. Processing data

C. Capturing data

D. Generating output

✅ Answer: C

---

🧾 11–20: Sales, Purchase, and Payroll Cycles

11. The first document prepared in the sales cycle is:

A. Invoice

B. Customer order

C. Bill of lading

D. Shipping notice

✅ Answer: B

---

12. The last step in the sales cycle is:

A. Shipment

B. Billing

C. Cash collection

D. Order entry

✅ Answer: C

---

13. In the purchase cycle, the process begins with:

A. Purchase order

B. Purchase requisition

C. Receiving report

D. Invoice

✅ Answer: B

---

14. In the payroll cycle, which document authorizes the payroll process?

A. Payroll register

B. Time card

C. Personnel action form

D. Paycheck

✅ Answer: C

---

15. Which document is used to verify goods received in the purchase cycle?

A. Goods receipt note (GRN)

B. Purchase order

C. Invoice

D. Material requisition

✅ Answer: A

---

16. The sales invoice is prepared based on:

A. Purchase order

B. Shipping document

C. Credit memo

D. Journal voucher

✅ Answer: B

---

17. Payroll cycle ends with:

A. Employee hiring

B. Distribution of paychecks

C. Recording journal entry

D. Time recording

✅ Answer: B

---

18. The primary control in payroll is:

A. Budgetary control

B. Authorization of employee records and pay rates

C. Verification of sales orders

D. Supplier reconciliation

✅ Answer: B

---

19. Which document triggers a payment to the supplier?

A. Invoice

B. Purchase order

C. Receiving report

D. Voucher package

✅ Answer: D

---

20. The voucher package consists of:

A. Purchase order, receiving report, supplier invoice

B. Purchase requisition, time card, payroll register

C. Sales order, invoice, receipt

D. Invoice, GRN, delivery challan

✅ Answer: A

---

💻 21–30: Documentation & Flowcharts

21. A data flow diagram (DFD) shows:

A. How data moves through a system

B. Physical movement of documents

C. Organizational hierarchy

D. Control flow in programming

✅ Answer: A

---

22. A system flowchart represents:

A. The sequence of program instructions

B. The physical and logical flow of data in AIS

C. Payroll cycle only

D. Accounting records only

✅ Answer: B

---

23. Document flowcharts focus on:

A. System controls

B. Movement of paper documents through departments

C. Data processing steps

D. Software code

✅ Answer: B

---

24. A control flowchart highlights:

A. Input/output devices

B. Control points within a system

C. Storage locations

D. Network architecture

✅ Answer: B

---

25. In a DFD, the symbol for a process is:

A. Rectangle

B. Circle or bubble

C. Arrow

D. Open-ended rectangle

✅ Answer: B

---

26. In a system flowchart, an arrow represents:

A. Flow of data or control

B. A process step

C. A decision

D. A document

✅ Answer: A

---

27. The triangle symbol in flowcharts often denotes:

A. Delay or storage

B. Decision

C. Process

D. Data input

✅ Answer: A

---

28. Which type of documentation best helps identify control weaknesses?

A. System flowchart

B. Data flow diagram

C. Program code

D. Organization chart

✅ Answer: A

---

29. DFD level 0 represents:

A. Context diagram

B. High-level system overview

C. Detailed process map

D. Flow of documents only

✅ Answer: B

---

30. The context diagram in DFD shows:

A. Internal system only

B. System boundaries and external entities

C. File storage

D. Decision logic

✅ Answer: B

---

⚙️ 31–40: Controls (Input, Process, Output, Application, General)

31. Input controls ensure:

A. Data is authorized, accurate, and complete before processing

B. Processing accuracy only

C. Data storage efficiency

D. System recovery after crash

✅ Answer: A

---

32. An example of an input control is:

A. Hash total

B. Exception report

C. Check digit verification

D. Both A and C

✅ Answer: D

---

33. Processing controls ensure:

A. Transactions are not lost or duplicated

B. Only valid data entered

C. Output is distributed correctly

D. Input data are accurate

✅ Answer: A

---

34. A run-to-run total is an example of:

A. Input control

B. Process control

C. Output control

D. Application control

✅ Answer: B

---

35. Output controls focus on:

A. Validity of printed or displayed information

B. Preventing unauthorized access to data

C. Backup and recovery

D. Input validation

✅ Answer: A

---

36. Application controls include:

A. Input, process, and output controls

B. Network and system software controls

C. Firewall and antivirus

D. Backup power supply

✅ Answer: A

---

37. General controls cover:

A. Overall IT environment controls

B. Specific application procedures

C. Payroll cycle only

D. Document authorization

✅ Answer: A

---

38. Examples of general controls include:

A. Password policies and access controls

B. Input edit checks

C. Output reconciliations

D. Batch totals

✅ Answer: A

---

39. A check digit is used to:

A. Verify data accuracy during input

B. Control report output

C. Record process flow

D. Validate document authorization

✅ Answer: A

---

40. Limit and range checks are types of:

A. Input validation controls

B. Process controls

C. Output controls

D. General controls

✅ Answer: A

---

🔐 41–50: System Security & Transaction Processing

41. The main purpose of transaction processing systems (TPS) is:

A. Decision making

B. Recording routine business transactions

C. Data mining

D. Forecasting

✅ Answer: B

---

42. In batch processing, transactions are:

A. Processed immediately

B. Collected and processed together later

C. Deleted after entry

D. Verified manually

✅ Answer: B

---

43. Real-time processing is most suitable for:

A. Payroll

B. Sales order entry

C. Month-end reports

D. Annual budgets

✅ Answer: B

---

44. Audit trail is an example of:

A. Detective control

B. Preventive control

C. Corrective control

D. Process control

✅ Answer: A

---

45. Backup procedures are part of:

A. Output control

B. General control

C. Application control

D. Input control

✅ Answer: B

---

46. Encryption in AIS is primarily a:

A. Physical control

B. Logical access control

C. Input control

D. Output control

✅ Answer: B

---

47. Exception reports are generated to:

A. Highlight unusual transactions

B. Show all transactions

C. Summarize payroll

D. Display all invoices

✅ Answer: A

---

48. Segregation of duties is an example of:

A. Preventive control

B. Detective control

C. Corrective control

D. Manual control only

✅ Answer: A

---

49. Hash totals help in detecting:

A. Omitted or duplicate transactions

B. Fraudulent journal entries

C. Unauthorized reports

D. Access violations

✅ Answer: A

---

50. Disaster recovery plans (DRP) are designed to:

A. Ensure system recovery after major failures

B. Improve process speed

C. Eliminate user errors

D. Train new employees

✅ Answer: A

www.gmsisuccess.in