Our only savior is our will power. Will is the switch that controls everything in this universe. If you don't exercise your will power, you will be a weakling, easily influenced by your environment. Development of the will is the secret of magnetism. Men of success are men of great will power. When you develop will, no matter how you are pounded down by life, you rise again and say, "I am successful. I can win." Regards from Prof Mahaley Head Gmsisuccess Your Career Mentor Gmsisuccess...

Monday, February 9, 2026

MCQ Questions on Internal control, corporate governance,risk Assessment and accounting information systems

INTERNAL CONTROL – 50 MCQs (US CMA PART 1)

1. Internal Control – Meaning & COSO

Q1. According to COSO, internal control is best described as a process designed to provide:
A. Absolute assurance regarding fraud prevention
B. Reasonable assurance regarding objectives
C. Legal compliance only
D. Risk elimination

Answer:

Q2. COSO defines internal control as a process effected by:
A. Only top management
B. Only auditors
C. Board of directors, management, and other personnel
D. External consultants

Answer:

Q3. Which of the following is NOT an objective of internal control under COSO?
A. Effectiveness and efficiency of operations
B. Reliability of financial reporting
C. Elimination of business risk
D. Compliance with laws and regulations

Answer:

2. COSO Components

Q4. Which COSO component establishes the foundation for all other components?
A. Risk assessment
B. Control activities
C. Information & communication
D. Control environment

Answer:

Q5. Management identifying and analyzing risks relevant to achieving objectives relates to:
A. Monitoring
B. Risk assessment
C. Control activities
D. Information systems

Answer:

Q6. Policies and procedures that ensure management directives are carried out are called:
A. Control environment
B. Monitoring
C. Control activities
D. Risk assessment

Answer:

Q7. Continuous evaluations of internal controls fall under:
A. Monitoring
B. Risk assessment
C. Information & communication
D. Control environment

Answer:

3. Types of Internal Controls

Q8. Which control is designed to stop an error before it occurs?
A. Detective
B. Corrective
C. Preventive
D. Compensating

Answer:

Q9. A bank reconciliation primarily serves as a:
A. Preventive control
B. Detective control
C. Corrective control
D. Application control

Answer:

Q10. Backup data restoration after system failure is a:
A. Preventive control
B. Detective control
C. Corrective control
D. Monitoring control

Answer:

Q11. A control that reduces risk when a primary control fails is called:
A. Detective
B. Corrective
C. Compensating
D. Monitoring

Answer:

4. Preventive, Detective & Corrective – Examples

Q12. Which is a preventive control?
A. Internal audit review
B. Authorization of transactions
C. Reconciliation of accounts
D. Error correction entry

Answer:

Q13. Which is a detective control?
A. Password policy
B. Segregation of duties
C. Exception reports
D. Access control

Answer:

Q14. Reprocessing rejected transactions represents a:
A. Preventive control
B. Detective control
C. Corrective control
D. Compensating control

Answer:

5. Complementary / Compensating Controls

Q15. Lack of segregation of duties in a small company is best addressed by:
A. Eliminating transactions
B. Hiring more staff
C. Owner’s independent review
D. Ignoring the risk

Answer:

Q16. Compensating controls are most commonly used when:
A. Risks are eliminated
B. Preventive controls exist
C. Ideal controls are not feasible
D. Auditors require them

Answer:

6. Inherent Limitations of Internal Control

Q17. Which is an inherent limitation of internal control?
A. Poor documentation
B. Human judgment errors
C. Lack of management support
D. Weak governance

Answer:

Q18. Internal control cannot provide absolute assurance mainly because of:
A. Technology failure
B. Cost-benefit constraints
C. External audits
D. Regulatory oversight

Answer:

Q19. Management override of controls is a risk related to:
A. Control activities
B. Monitoring
C. Inherent limitations
D. Risk assessment

Answer:

7. General Controls & Application Controls

Q20. General IT controls primarily relate to:
A. Specific transaction processing
B. Overall IT environment
C. Data input validation
D. Report accuracy

Answer:

Q21. Which is a general control?
A. Edit checks
B. User access security
C. Input validation
D. Batch totals

Answer:

Q22. Which is an application control?
A. Disaster recovery plan
B. Program change control
C. Authorization checks
D. Logical access policy

Answer:

Q23. Application controls ensure:
A. Proper functioning of IT infrastructure
B. Accuracy and completeness of transactions
C. Segregation of IT duties
D. Data backup

Answer:

8. Corporate Governance & Internal Control

Q24. Primary responsibility for internal control rests with:
A. Internal auditors
B. Audit committee
C. External auditors
D. Management

Answer:

Q25. The audit committee enhances internal control mainly by:
A. Preparing financial statements
B. Overseeing financial reporting and controls
C. Managing daily operations
D. Approving transactions

Answer:

Q26. Strong corporate governance improves internal control by:
A. Eliminating risk
B. Increasing audit fees
C. Enhancing oversight and accountability
D. Reducing regulation

Answer:

9. Sarbanes–Oxley Act (SOX)

Q27. Section 302 of SOX requires:
A. Auditor attestation on controls
B. Management certification of financial reports
C. Mandatory internal audit
D. Risk elimination

Answer:

Q28. Under SOX Section 302, CEOs and CFOs must certify:
A. Audit opinion
B. Effectiveness of internal controls
C. Tax returns
D. Budget accuracy

Answer:

Q29. Section 404 of SOX focuses on:
A. Fraud prevention
B. Management assessment of internal control effectiveness
C. Corporate governance rules
D. Audit committee formation

Answer:

Q30. Section 404 requires:
A. Only management report
B. Only auditor report
C. Both management assessment and auditor attestation
D. No reporting

Answer:

10. Identifying Weaknesses in Internal Control

Q31. A material weakness indicates:
A. Minor error
B. Significant deficiency
C. Reasonable possibility of material misstatement
D. No risk

Answer:

Q32. Which is most likely a control weakness?
A. Independent review
B. Lack of segregation of duties
C. Authorization procedures
D. Monitoring activities

Answer:

Q33. Which tool helps identify control weaknesses?
A. Bank loans
B. Walkthroughs and testing
C. Budgeting
D. Forecasting

Answer:

11. Resolving Internal Control Issues

Q34. The best response to identified control deficiencies is to:
A. Ignore immaterial issues
B. Implement corrective actions
C. Delay until audit
D. Transfer risk

Answer:

Q35. Which action strengthens internal control?
A. Increasing transaction volume
B. Enhancing segregation of duties
C. Reducing documentation
D. Removing monitoring

Answer:

Q36. Training employees improves internal control by enhancing:
A. Fraud opportunity
B. Control environment
C. Risk elimination
D. Monitoring cost

Answer:

12. Integrated & Scenario-Based Questions

Q37. An organization with strong preventive controls but weak detective controls faces risk of:
A. Errors not occurring
B. Errors not being identified timely
C. Absolute assurance
D. No risk

Answer:

Q38. If management ignores known control weaknesses, this affects:
A. Risk assessment
B. Control environment
C. Monitoring
D. Application control

Answer:

Q39. Excessive reliance on manual controls increases risk of:
A. Automation errors
B. Human error
C. IT failures
D. Cyber risk

Answer:

Q40. Which control best mitigates management override risk?
A. Authorization
B. Audit committee oversight
C. Input validation
D. Backup systems

Answer:

13. Advanced CMA-Level Questions

Q41. A control that is effective but too costly violates which principle?
A. Reasonable assurance
B. Segregation of duties
C. Control activities
D. Monitoring

Answer:

Q42. Which COSO component is most impacted by unethical leadership?
A. Risk assessment
B. Control activities
C. Control environment
D. Monitoring

Answer:

Q43. Poor documentation primarily affects:
A. Preventive controls
B. Detective controls
C. Monitoring
D. Information & communication

Answer:

Q44. Unauthorized program changes indicate weakness in:
A. Application control
B. Input control
C. General control
D. Monitoring

Answer:

Q45. Batch totals are used to ensure:
A. System security
B. Data completeness
C. Disaster recovery
D. User authorization

Answer:

14. Final Conceptual MCQs

Q46. Which statement about internal control is TRUE?
A. It guarantees fraud prevention
B. It provides reasonable assurance
C. It eliminates business risk
D. It replaces management responsibility

Answer:

Q47. Internal audit primarily assists management by:
A. Managing operations
B. Designing strategy
C. Evaluating internal controls
D. Preparing financials

Answer:

Q48. Continuous monitoring of controls improves:
A. Risk elimination
B. Timely detection of issues
C. Audit independence
D. Cost reduction only

Answer:

Q49. Which factor most weakens internal control effectiveness?
A. Strong governance
B. Ethical culture
C. Management override
D. Automation

Answer:

Q50. The ultimate goal of an internal control system is to:
A. Reduce audit work
B. Prevent all fraud
C. Achieve organizational objectives
D. Increase compliance cost

Answer:

www.gmsisuccess.in

Got it 👍
Here are US CMA Part 1–style MCQs with answers on Corporate Governance, Board Duties, Audit Committee Duties, and Management Responsibilities for effective operations & internal control.
These are conceptual, exam-oriented, and slightly tricky, exactly how CMA likes them.

CORPORATE GOVERNANCE & INTERNAL CONTROL

MCQs (US CMA PART 1)

A. Corporate Governance – Concepts

Q1. Corporate governance primarily focuses on:
A. Day-to-day operations
B. Maximizing short-term profits
C. Accountability, fairness, and transparency
D. External audit procedures

Answer:

Q2. The primary objective of corporate governance is to:
A. Eliminate business risk
B. Protect stakeholder interests
C. Replace management decisions
D. Reduce operational costs

Answer:

Q3. Which of the following is a key mechanism of corporate governance?
A. Operational budgeting
B. Board of directors
C. Employee training
D. Internal audit planning

Answer:

Q4. Strong corporate governance is MOST likely to result in:
A. Increased fraud risk
B. Improved internal control effectiveness
C. Elimination of internal audits
D. Reduced regulatory compliance

Answer:

B. Board of Directors – Duties & Responsibilities

Q5. The board of directors’ PRIMARY responsibility is to:
A. Prepare financial statements
B. Manage daily operations
C. Oversee management and strategy
D. Perform internal audits

Answer:

Q6. Which of the following is NOT a duty of the board of directors?
A. Approving major policies
B. Hiring and evaluating the CEO
C. Performing transaction authorization
D. Overseeing risk management

Answer:

Q7. The board ensures ethical conduct primarily through:
A. Budget control
B. Code of conduct and tone at the top
C. External audits
D. Performance incentives

Answer:

Q8. Which board responsibility most directly supports effective internal control?
A. Selecting accounting methods
B. Establishing audit committee
C. Approving journal entries
D. Reconciling bank accounts

Answer:

Q9. The board’s oversight role reduces which risk most significantly?
A. Market risk
B. Management override risk
C. Currency risk
D. Liquidity risk

Answer:

C. Audit Committee – Duties & Responsibilities

Q10. The audit committee primarily serves as a link between:
A. Management and employees
B. External auditors and internal auditors
C. Board of directors and auditors
D. Regulators and management

Answer:

Q11. Which of the following is a key responsibility of the audit committee?
A. Preparing financial statements
B. Overseeing financial reporting integrity
C. Approving operational budgets
D. Managing company operations

Answer:

Q12. Audit committee members should be:
A. Company executives
B. Independent directors
C. Internal auditors
D. External consultants

Answer:

Q13. Which activity BEST supports audit committee independence?
A. Participation in daily operations
B. Direct communication with external auditors
C. Authorizing transactions
D. Designing control activities

Answer:

Q14. The audit committee is directly responsible for overseeing:
A. Strategic planning
B. Internal control over financial reporting
C. Marketing strategy
D. Employee performance

Answer:

Q15. Which function typically reports functionally to the audit committee?
A. Operations
B. Marketing
C. Internal audit
D. Human resources

Answer:

D. Management Responsibilities – Operations & Internal Control

Q16. Management is primarily responsible for:
A. Auditing internal controls
B. Designing and implementing internal controls
C. Approving audit opinions
D. Ensuring auditor independence

Answer:

Q17. Which management responsibility MOST directly affects operational effectiveness?
A. External audit coordination
B. Risk assessment and control design
C. Board evaluation
D. Regulatory enforcement

Answer:

Q18. Management demonstrates commitment to internal control by:
A. Delegating all control activities
B. Establishing clear policies and procedures
C. Eliminating detective controls
D. Reducing documentation

Answer:

Q19. Management override of controls is primarily a failure of:
A. Risk assessment
B. Control activities
C. Monitoring
D. Control environment

Answer:

Q20. Which action by management strengthens the control environment?
A. Ignoring minor violations
B. Promoting ethical values
C. Increasing transaction volume
D. Limiting audit access

Answer:

E. Effective Internal Control System – Integrated View

Q21. An effective internal control system provides:
A. Absolute assurance
B. Reasonable assurance
C. Guaranteed fraud prevention
D. Complete risk elimination

Answer:

Q22. Segregation of duties is MOST closely related to which COSO component?
A. Risk assessment
B. Control activities
C. Monitoring
D. Information & communication

Answer:

Q23. Continuous evaluations of controls are part of:
A. Control environment
B. Risk assessment
C. Monitoring
D. Governance

Answer:

Q24. A strong internal control system is LEAST effective when:
A. Board oversight is weak
B. Controls are documented
C. Risks are assessed
D. Monitoring exists

Answer:

Q25. Which factor MOST enhances internal control effectiveness?
A. Increased automation only
B. Strong tone at the top
C. High transaction volume
D. External regulation

Answer:

F. Scenario-Based / CMA-Style Questions

Q26. If the board fails to challenge management decisions, the greatest risk is:
A. Market volatility
B. Management override of controls
C. Increased audit cost
D. Operational inefficiency only

Answer:

Q27. An audit committee that lacks financial expertise increases risk related to:
A. Strategic planning
B. Financial reporting reliability
C. Operational efficiency
D. Employee morale

Answer:

Q28. Management focusing only on financial controls but ignoring operational controls may result in:
A. Strong governance
B. Ineffective operations
C. Better compliance
D. Reduced risk

Answer:

Q29. Which action BEST demonstrates effective governance?
A. CEO dominance over board
B. Independent audit committee oversight
C. Limited internal audit access
D. Management-only risk assessment

Answer:

Q30. In an effective governance structure, internal audit should report:
A. Administratively to CFO and functionally to audit committee
B. Only to management
C. Only to external auditors
D. Only to regulators

Answer:

✅ Exam Tip (CMA Favorite Area):

Board = Oversight
Audit Committee = Financial reporting & internal control oversight
Management = Design, implement & operate controls
Internal Control = Reasonable assurance, not guarantee

www.gmsisuccess.in

RISK ASSESSMENT & INTERNAL CONTROL SYSTEM

MCQs (US CMA PART 1)

A. Risk Assessment – Core Concepts

Q1. Risk assessment under the COSO framework involves:
A. Eliminating all risks
B. Identifying and analyzing risks to achieving objectives
C. Detecting errors after occurrence
D. Implementing corrective controls

Answer:

Q2. Risk assessment is MOST closely related to which COSO component?
A. Control environment
B. Control activities
C. Risk assessment
D. Monitoring

Answer:

Q3. Which of the following BEST describes business risk?
A. Risk of audit failure
B. Risk of incorrect financial statements only
C. Risk that events will adversely affect achievement of objectives
D. Risk eliminated by internal controls

Answer:

Q4. Which risk arises from ineffective or failed internal controls?
A. Inherent risk
B. Residual risk
C. Control risk
D. Detection risk

Answer:

B. Risk Identification & Analysis

Q5. The FIRST step in risk assessment is to:
A. Design control activities
B. Identify relevant risks
C. Evaluate monitoring controls
D. Correct deficiencies

Answer:

Q6. Which factor MOST affects risk assessment?
A. Changes in business environment
B. Historical audit findings only
C. External audit opinion
D. Accounting policies

Answer:

Q7. Rapid growth in operations increases risk primarily due to:
A. Strong controls
B. Inadequate control adaptation
C. Improved governance
D. Reduced transactions

Answer:

Q8. Risk assessment should be performed:
A. Once at formation
B. Only during audits
C. Continuously and periodically
D. Only after control failure

Answer:

C. Inherent, Residual & Control Risk

Q9. Inherent risk is best described as:
A. Risk remaining after controls
B. Risk caused by auditors
C. Risk existing before controls
D. Risk eliminated by governance

Answer:

Q10. Residual risk refers to:
A. Total business risk
B. Risk before controls
C. Risk remaining after controls
D. Detection risk

Answer:

Q11. High inherent risk requires management to:
A. Ignore control design
B. Implement stronger controls
C. Eliminate monitoring
D. Reduce documentation

Answer:

D. Risk Assessment & Internal Control Relationship

Q12. Risk assessment helps management to:
A. Detect errors
B. Determine appropriate control activities
C. Eliminate fraud
D. Replace monitoring

Answer:

Q13. Failure to assess risk properly MOST likely results in:
A. Strong internal controls
B. Ineffective control activities
C. Reduced operational efficiency
D. Better compliance

Answer:

Q14. Which internal control component is directly influenced by risk assessment outcomes?
A. Control environment
B. Control activities
C. Monitoring
D. Governance

Answer:

E. Risk Response & Control Design

Q15. Which is NOT a common risk response?
A. Risk avoidance
B. Risk reduction
C. Risk acceptance
D. Risk elimination

Answer:

Q16. Implementing segregation of duties is primarily a response to:
A. Market risk
B. Control risk
C. Liquidity risk
D. Compliance risk

Answer:

Q17. Which control BEST addresses high fraud risk?
A. Detective controls only
B. Preventive controls
C. No controls
D. Monitoring only

Answer:

Q18. Compensating controls are MOST appropriate when:
A. Risks are eliminated
B. Primary controls are not feasible
C. Controls already exist
D. Auditors require them

Answer:

F. Risk Assessment in Operations & Reporting

Q19. Risk assessment related to financial reporting focuses on:
A. Market volatility
B. Accuracy and reliability of financial statements
C. Employee performance
D. Customer satisfaction

Answer:

Q20. Operational risk primarily affects:
A. Financial statement presentation
B. Efficiency and effectiveness of operations
C. Audit opinion
D. Compliance reporting

Answer:

Q21. Compliance risk arises from:
A. Operational inefficiency
B. Failure to follow laws and regulations
C. Weak segregation of duties
D. System downtime

Answer:

G. Monitoring Risk & Control Effectiveness

Q22. Continuous monitoring helps management to:
A. Eliminate risk
B. Identify control deficiencies timely
C. Replace risk assessment
D. Avoid governance oversight

Answer:

Q23. Which indicates a failure in risk assessment?
A. Controls not aligned with risk level
B. Strong governance
C. Regular monitoring
D. Ethical leadership

Answer:

H. Scenario-Based / CMA-Tricky Questions

Q24. Management identifies a high risk but implements weak controls. This indicates failure in:
A. Monitoring
B. Risk response
C. Information & communication
D. Control environment

Answer:

Q25. A company with outdated risk assessments is MOST exposed to:
A. Reduced audit cost
B. Emerging risks
C. Strong control environment
D. Low residual risk

Answer:

Q26. Excessive reliance on detective controls increases risk of:
A. Errors occurring
B. Late error detection
C. Strong prevention
D. Risk elimination

Answer:

Q27. Management override risk should be considered during:
A. Risk identification
B. Control design
C. Monitoring
D. All of the above

Answer:

I. Integrated COSO-Based Questions

Q28. Risk assessment interacts MOST closely with:
A. Control activities and monitoring
B. External audit
C. Budgeting
D. Financial reporting only

Answer:

Q29. A well-designed internal control system reduces:
A. Inherent risk
B. Residual risk
C. Business uncertainty
D. External risk

Answer:

Q30. The PRIMARY purpose of risk assessment in internal control is to:
A. Prevent all losses
B. Design effective and efficient controls
C. Reduce audit effort
D. Comply with regulations only

Answer:

✅ CMA Exam Quick Memory Aid

Risk Assessment = Identify → Analyze → Respond
Controls must match risk level
Risk is dynamic → assessment must be ongoing
Goal = Reduce residual risk to acceptable level

www. gmsisuccess.in

ACCOUNTING INFORMATION SYSTEMS (AIS) & INTERNAL Control

A. Accounting Information System – Basics

Q1. The primary purpose of an Accounting Information System (AIS) is to:
A. Eliminate accounting errors
B. Collect, process, and report financial information
C. Replace management judgment
D. Detect fraud only

Answer:

Q2. Which AIS component captures transaction data?
A. Output
B. Processing
C. Input
D. Storage

Answer:

Q3. An effective AIS should provide information that is:
A. Complex and detailed
B. Timely, accurate, and relevant
C. Only historical
D. Only for auditors

Answer:

B. AIS & Internal Control Relationship

Q4. Internal controls in AIS primarily ensure:
A. High profits
B. Data reliability and system integrity
C. Faster processing only
D. Reduced staffing

Answer:

Q5. Which COSO objective is MOST directly supported by AIS?
A. Operational efficiency
B. Reliability of financial reporting
C. Corporate governance
D. Compliance monitoring

Answer:

Q6. A weakness in AIS controls MOST directly affects:
A. Marketing decisions
B. Financial statement reliability
C. Employee morale
D. Customer satisfaction

Answer:

C. General Controls vs Application Controls

Q7. Controls that relate to the overall IT environment are called:
A. Application controls
B. Preventive controls
C. General controls
D. Detective controls

Answer:

Q8. Which of the following is a general control?
A. Input validation checks
B. User access security
C. Edit checks
D. Batch totals

Answer:

Q9. Which of the following is an application control?
A. Disaster recovery plan
B. Program change control
C. Authorization of transactions
D. Logical access policy

Answer:

Q10. Application controls primarily ensure:
A. IT infrastructure reliability
B. Accuracy, completeness, and validity of transactions
C. System availability only
D. Cybersecurity compliance

Answer:

D. Input, Processing & Output Controls

Q11. Which control ensures only valid data is entered into the system?
A. Output control
B. Processing control
C. Input control
D. General control

Answer:

Q12. Edit checks and reasonableness tests are examples of:
A. Output controls
B. Input controls
C. Processing controls
D. Monitoring controls

Answer:

Q13. Run-to-run totals help ensure:
A. Authorized access
B. Processing accuracy and completeness
C. Proper segregation of duties
D. Data backup

Answer:

Q14. Reviewing exception reports is primarily a:
A. Preventive control
B. Detective control
C. Corrective control
D. Compensating control

Answer:

E. Data Security & Access Controls

Q15. Restricting system access using passwords is a:
A. Detective control
B. Corrective control
C. Preventive control
D. Monitoring control

Answer:

Q16. Which control BEST reduces the risk of unauthorized data modification?
A. Backup files
B. Logical access controls
C. Error reports
D. Reconciliations

Answer:

Q17. Segregation of duties in AIS helps prevent:
A. System downtime
B. Fraud and errors
C. Data storage issues
D. Reporting delays

Answer:

F. AIS Risks & Control Weaknesses

Q18. Lack of program change controls increases risk of:
A. Data input errors
B. Unauthorized system modifications
C. Poor audit opinions
D. Late reporting

Answer:

Q19. Excessive reliance on automated controls without monitoring may lead to:
A. Stronger controls
B. Undetected system failures
C. Reduced risk
D. Better compliance

Answer:

Q20. Which situation indicates a weakness in AIS internal control?
A. Regular backup and recovery testing
B. Shared user IDs
C. Access logs review
D. Segregation of duties

Answer:

G. AIS & COSO Integration

Q21. AIS contributes MOST directly to which COSO component?
A. Control environment
B. Risk assessment
C. Information and communication
D. Monitoring

Answer:

Q22. Automated controls mainly strengthen which COSO component?
A. Control activities
B. Control environment
C. Risk assessment
D. Governance

Answer:

Q23. Inadequate AIS documentation primarily affects:
A. Control activities
B. Information and communication
C. Monitoring
D. Risk elimination

Answer:

H. Scenario-Based / CMA-Tricky Questions

Q24. If AIS processes transactions accurately but allows unauthorized access, the weakness is in:
A. Application controls
B. General controls
C. Output controls
D. Processing controls

Answer:

Q25. Management override of AIS controls MOST directly threatens:
A. Operational efficiency
B. Reliability of financial reporting
C. System availability
D. Data storage

Answer:

Q26. A strong AIS with weak governance is MOST exposed to:
A. Data redundancy
B. Fraud risk
C. Processing delays
D. System cost overrun

Answer:

I. Final Integrated Questions

Q27. An effective AIS internal control system provides:
A. Absolute assurance
B. Reasonable assurance
C. Guaranteed fraud prevention
D. Zero system risk

Answer:

Q28. Which control ensures completeness of batch processing?
A. Passwords
B. Batch totals
C. Firewalls
D. Backup files

Answer:

Q29. Internal audit’s role in AIS controls is to:
A. Operate the system
B. Evaluate system controls
C. Design transactions
D. Approve user access

Answer:

Q30. The PRIMARY goal of AIS controls is to:
A. Reduce IT costs
B. Ensure reliable financial information
C. Increase automation
D. Support external audit only

Answer:

✅ CMA Exam Quick Recall

AIS + Internal Control = Reliable, timely, accurate data
General controls → Overall IT environment
Application controls → Transaction accuracy & completeness
Control gives reasonable assurance, not guarantee.

www.gmsisuccess.in

Friday, February 6, 2026

Corporate finance MCQ

50 MCQs – Corporate Finance (Risk & Return) | CMA Part 2

1. Shareholders’ Wealth Maximization

The primary financial objective of a firm under modern finance theory is to: A. Maximize accounting profit
B. Maximize EPS
C. Maximize shareholders’ wealth
D. Minimize cost
✅ Answer: C

2. Market Capitalization

Market capitalization is calculated as: A. Book value of equity
B. Shares outstanding × Market price per share
C. Net income × P/E ratio
D. Total assets – liabilities
✅ Answer: B

3. Holding Period Return (HPR)

Holding period return for a stock includes: A. Dividend only
B. Capital gain only
C. Dividend + Capital gain
D. Interest income
✅ Answer: C

4. HPR Formula

HPR for common stock is best defined as: A. (Ending price − Beginning price) ÷ Beginning price
B. (Dividend + Price change) ÷ Beginning price
C. Dividend ÷ Market price
D. Price change ÷ Ending price
✅ Answer: B

5. Expected Return

Expected return is calculated using: A. Arithmetic mean of past returns
B. Weighted average of possible returns
C. Geometric mean
D. Median return
✅ Answer: B

6. Risk Measurement

Total risk of a security is most commonly measured by: A. Beta
B. Variance
C. Standard deviation
D. Covariance
✅ Answer: C

7. Coefficient of Variation

Coefficient of variation (CV) measures: A. Absolute risk
B. Systematic risk
C. Risk per unit of return
D. Market risk
✅ Answer: C

8. Risk Comparison

Between two investments, the one with the higher coefficient of variation is: A. Less risky
B. Risk-free
C. More risky
D. Better investment
✅ Answer: C

9. Risk-Free Asset

In CAPM, the risk-free rate is generally represented by: A. Corporate bonds
B. Equity shares
C. Treasury bills
D. Treasury bonds
✅ Answer: C

10. Default Risk

Default risk refers to: A. Market price fluctuation
B. Interest rate change
C. Failure to meet contractual payments
D. Inflation risk
✅ Answer: C

11. Financial Risk

Financial risk primarily arises due to: A. Business operations
B. Use of debt financing
C. Market volatility
D. Inflation
✅ Answer: B

12. Business Risk

Business risk is associated with: A. Capital structure
B. Operating leverage
C. Interest rates
D. Exchange rates
✅ Answer: B

13. Risk Attitudes

A risk-averse investor prefers: A. Higher risk for same return
B. Lower risk for same return
C. Riskier investments
D. Gambling investments
✅ Answer: B

14. Risk-Seeking Investor

A risk-seeking investor: A. Avoids uncertainty
B. Requires high certainty equivalent
C. Accepts more risk for same return
D. Invests only in T-bills
✅ Answer: C

15. Risk-Indifferent Investor

Risk-indifferent investors are concerned only with: A. Risk
B. Return
C. Variance
D. Beta
✅ Answer: B

16. Certainty Equivalent

Certainty equivalent represents: A. Risk premium
B. Guaranteed return equivalent to risky return
C. Expected return
D. Market return
✅ Answer: B

17. Portfolio Return

Portfolio expected return is: A. Average of individual returns
B. Weighted average of individual returns
C. Product of returns
D. Highest individual return
✅ Answer: B

18. Portfolio Risk

Portfolio risk depends on: A. Individual security risk only
B. Correlation among securities
C. Market return
D. Risk-free rate
✅ Answer: B

19. Covariance

Covariance measures: A. Individual risk
B. Degree to which two assets move together
C. Market risk
D. Beta
✅ Answer: B

20. Correlation Coefficient

Correlation coefficient ranges between: A. 0 to 1
B. –1 to +1
C. –∞ to +∞
D. 0 to +∞
✅ Answer: B

21. Diversification

Diversification reduces: A. Systematic risk
B. Unsystematic risk
C. Market risk
D. Inflation risk
✅ Answer: B

22. Fully Diversified Portfolio

In a well-diversified portfolio, remaining risk is: A. Total risk
B. Unsystematic risk
C. Systematic risk
D. Zero risk
✅ Answer: C

23. Systematic Risk

Systematic risk is also known as: A. Diversifiable risk
B. Firm-specific risk
C. Market risk
D. Operational risk
✅ Answer: C

24. Unsystematic Risk

Unsystematic risk can be reduced by: A. Hedging
B. Diversification
C. CAPM
D. Inflation
✅ Answer: B

25. Beta

Beta measures: A. Total risk
B. Firm-specific risk
C. Market risk sensitivity
D. Interest rate risk
✅ Answer: C

26. Beta = 1

A stock with beta = 1 has: A. No risk
B. Less risk than market
C. Same risk as market
D. Higher risk than market
✅ Answer: C

27. Security Market Line (SML)

SML represents the relationship between: A. Risk and price
B. Expected return and beta
C. Return and variance
D. Risk-free rate and inflation
✅ Answer: B

28. CAPM Formula

CAPM states: A. E(Ri)=Rf + β(Rm − Rf)
B. E(Ri)=Rm + β(Rf − Rm)
C. E(Ri)=Rf − β(Rm)
D. E(Ri)=Rm − β
✅ Answer: A

29. Market Portfolio

The market portfolio consists of: A. Only stocks
B. Only bonds
C. All risky assets
D. Risk-free assets
✅ Answer: C

30. T-Bills

Treasury bills are: A. Long-term
B. Risk-free
C. Corporate securities
D. Inflation indexed
✅ Answer: B

31. T-Bonds

Treasury bonds differ from T-bills mainly in: A. Credit risk
B. Maturity
C. Liquidity
D. Default risk
✅ Answer: B

32. Private Company Bonds

Bonds of private companies generally have: A. No risk
B. Lower return
C. Higher default risk
D. Risk-free status
✅ Answer: C

33. Equity vs Debt Risk

Compared to bonds, equity shares are: A. Less risky
B. Risk-free
C. More risky
D. Fixed return
✅ Answer: C

34. Portfolio Standard Deviation

Portfolio standard deviation depends on: A. Individual SD only
B. Covariance & correlation
C. Market return
D. Risk-free rate
✅ Answer: B

35. Negative Correlation

Perfect negative correlation helps: A. Increase risk
B. Eliminate risk
C. Increase return
D. Increase beta
✅ Answer: B

36. Market Risk Premium

Market risk premium equals: A. Rm − Rf
B. Rf − Rm
C. Ri − Rf
D. β × Rm
✅ Answer: A

37. Alpha

Alpha represents: A. Total risk
B. Excess return over expected
C. Market risk
D. Correlation
✅ Answer: B

38. CAPM Assumption

CAPM assumes: A. Multiple risk factors
B. Single risk factor (market)
C. Arbitrage pricing
D. Behavioral bias
✅ Answer: B

39. APT

Arbitrage Pricing Theory assumes: A. One risk factor
B. Multiple macroeconomic factors
C. Risk-free portfolio
D. Perfect certainty
✅ Answer: B

40. Advantage of APT

APT is preferred over CAPM because: A. It is simpler
B. It allows multiple risk factors
C. No arbitrage assumption
D. Uses beta only
✅ Answer: B

41. Fama-French Model

Fama-French Three Factor Model includes: A. Market, size, value
B. Market, inflation, GDP
C. Interest rate, beta, size
D. Beta only
✅ Answer: A

42. SMB Factor

SMB in Fama-French refers to: A. Small minus big
B. Systematic market beta
C. Stock market bonds
D. Small market beta
✅ Answer: A

43. HML Factor

HML represents: A. High minus low book-to-market
B. High market leverage
C. High market liquidity
D. High momentum loss
✅ Answer: A

44. Efficient Portfolio

An efficient portfolio: A. Has minimum risk for given return
B. Has maximum risk
C. Has no risk
D. Has lowest return
✅ Answer: A

45. Efficient Frontier

Efficient frontier represents: A. All possible portfolios
B. Risk-free portfolios
C. Best risk-return combinations
D. Market portfolio
✅ Answer: C

46. Investor Choice

Rational investors prefer portfolios on: A. Capital market line
B. Security market line
C. Efficient frontier
D. Random walk
✅ Answer: C

47. Capital Market Line

CML relates: A. Return and beta
B. Return and total risk
C. Risk-free rate and beta
D. Market risk and inflation
✅ Answer: B

48. Zero Beta Asset

An asset with beta zero: A. Moves opposite to market
B. Has no expected return
C. Has risk-free return
D. Is market portfolio
✅ Answer: C

49. Market Risk Cannot Be

Market risk cannot be eliminated through: A. Hedging
B. Diversification
C. Portfolio formation
D. Asset allocation
✅ Answer: B

50. CMA Exam Focus

CMA Part 2 places maximum emphasis on: A. Memorization
B. Conceptual + application-based questions
C. Only theory
D. Only calculations
✅ Answer: B

www.gmsisuccess.in

Perfect 👍
Below are CMA Part 2–style NUMERICAL PROBLEMS on Risk & Return, with step-by-step solutions (exactly how CMA expects).

NUMERICAL PROBLEMS – CORPORATE FINANCE (RISK & RETURN)

(CMA Part 2 Exam Focus)

1️⃣ Holding Period Return (HPR) – Common Stock

Problem:
A share was purchased for ₹120. During the year, a dividend of ₹6 was received and the share was sold for ₹138.
Calculate the Holding Period Return (HPR).

Solution:


HPR = \frac{Dividend + (Selling Price - Purchase Price)}{Purchase Price}


= \frac{6 + (138 - 120)}{120}
= \frac{24}{120}
= 0.20 = \mathbf{20\%}

✅ Answer: 20%

2️⃣ Expected Return (Probability Method)

Problem:
An investment has the following returns:

Return (%)	Probability
10%	0.3
15%	0.4
20%	0.3

Calculate the expected return.

Solution:


E(R) = \sum (R \times P)


= (10 \times 0.3) + (15 \times 0.4) + (20 \times 0.3)


= 3 + 6 + 6 = \mathbf{15\%}

✅ Answer: 15%

3️⃣ Standard Deviation of Returns

Using Problem 2 data, calculate standard deviation.

Step 1: Mean Return


\bar R = 15\%

Step 2: Variance


\sigma^2 = \sum P(R - \bar R)^2


= 0.3(10-15)^2 + 0.4(15-15)^2 + 0.3(20-15)^2


= 0.3(25) + 0 + 0.3(25)
= 15

Step 3: Standard Deviation


\sigma = \sqrt{15} = \mathbf{3.87\%}

✅ Answer: 3.87%

4️⃣ Coefficient of Variation (CV)

Problem:
Expected return = 12%
Standard deviation = 6%

Solution:


CV = \frac{\sigma}{E(R)} = \frac{6}{12} = \mathbf{0.50}

✅ Interpretation:
Lower CV = lower risk per unit of return

5️⃣ Comparing Two Investments Using CV

Investment	Return	SD
A	10%	4%
B	15%	9%

CV Calculation


CV_A = \frac{4}{10} = 0.40

CV_B = \frac{9}{15} = 0.60 

✅ Investment A is less risky

6️⃣ Portfolio Expected Return

Problem:
A portfolio consists of:

Asset	Weight	Return
X	60%	12%
Y	40%	8%

Solution:


E(R_p) = (0.6 \times 12) + (0.4 \times 8)


= 7.2 + 3.2 = \mathbf{10.4\%}

7️⃣ Portfolio Standard Deviation (2 Assets)

Problem:


\sigma_X = 10\%,\ \sigma_Y = 6\%

w_X = 0.5,\ w_Y = 0.5 
Correlation (ρ) = 0.3

Formula:


\sigma_p = \sqrt{w_X^2\sigma_X^2 + w_Y^2\sigma_Y^2 + 2w_Xw_Y\sigma_X\sigma_Y\rho}

Solution:


= \sqrt{(0.5^2)(10^2) + (0.5^2)(6^2) + 2(0.5)(0.5)(10)(6)(0.3)}


= \sqrt{25 + 9 + 9} = \sqrt{43}
= \mathbf{6.56\%}

8️⃣ CAPM – Required Rate of Return

Problem:
Risk-free rate = 5%
Market return = 13%
Beta = 1.2

Solution (CAPM):


E(R) = R_f + \beta (R_m - R_f)


= 5 + 1.2(13 - 5)
= 5 + 9.6 = \mathbf{14.6\%}

9️⃣ Security Over/Under Valued (SML Test)

Problem:
Required return (CAPM) = 12%
Expected return = 14%

Interpretation:

Expected > Required ⇒ Undervalued Security

✅ Buy recommendation

🔟 Certainty Equivalent Approach

Problem:
A risky project has expected return of 18%.
Certainty equivalent (CE) return is 14%.

Risk Premium:


Risk\ Premium = 18 - 14 = \mathbf{4\%}

🔥 CMA EXAM TIP

CV → comparison
SD → absolute risk
Beta → market risk
Diversification → removes unsystematic risk only
CAPM & portfolio numericals = high scoring

www.gmsisuccess.in

Thursday, February 5, 2026

Objectivity, Integrity and Independence of Internal Auditor

Objectivity, Integrity, and Independence of Internal Auditors

(As per CIA Part 1 – IIA Standards & Code of Ethics)

Introduction

Objectivity, integrity, and independence are foundational ethical principles governing the professional conduct of internal auditors. These principles are embedded in the IIA Code of Ethics and the International Standards for the Professional Practice of Internal Auditing (Standards). They ensure that internal auditors perform their work with unbiased judgment, honesty, and freedom from undue influence, thereby enhancing the credibility and reliability of assurance and consulting services.

Failure to uphold these principles can undermine audit quality, impair stakeholder confidence, and expose the organization to governance, risk, and compliance failures.

1. Integrity of Internal Auditors

Meaning and Concept

Integrity refers to the honesty, diligence, and responsibility with which internal auditors carry out their professional duties. Integrity establishes trust and provides the basis for reliance on the auditor’s judgment.

According to the IIA Code of Ethics, internal auditors shall:

• Perform their work with honesty, diligence, and responsibility

• Observe the law and make required disclosures

• Not knowingly engage in illegal activities

• Respect and contribute to legitimate and ethical objectives of the organization

Key Characteristics of Integrity

• Truthful reporting without concealment of facts

• Ethical courage to report unfavorable findings

• Avoidance of misleading statements

• Compliance with laws, regulations, and professional standards

Importance of Integrity

Integrity is the moral backbone of internal auditing. Even if an auditor is technically competent and independent, lack of integrity can result in:

• Manipulated audit reports

• Suppressed findings

• Misrepresentation of risks

• Loss of credibility of the internal audit function

CIA Exam Focus

• Integrity is non-negotiable

• It applies at all times, even when independence is not impaired

• An auditor cannot justify unethical conduct by management pressure

2. Objectivity of Internal Auditors

Meaning and Concept

Objectivity refers to an unbiased mental attitude that allows internal auditors to perform engagements without compromising professional judgment.

As per Standard 1120 – Objectivity:

Internal auditors must have an impartial, unbiased attitude and avoid conflicts of interest.

Objectivity vs Independence

• Objectivity is a state of mind

• It applies to individual auditors

• Independence is more about organizational positioning

Threats to Objectivity

• Personal relationships with auditees

• Previous operational responsibility

• Financial interests

• Self-review threats

• Familiarity threats

Safeguards to Maintain Objectivity

• Disclosure of conflicts of interest

• Rotation of audit assignments

• Independent review of work

• Exclusion from auditing areas of prior responsibility

CIA Exam Focus

• Objectivity can be impaired even without actual bias

• Perceived bias is enough to impair objectivity

• Disclosure alone may not always be sufficient

3. Independence of Internal Auditors

Meaning and Concept

Independence refers to the freedom from conditions that threaten the ability of the internal audit activity to carry out responsibilities in an unbiased manner.

As per Standard 1110 – Organizational Independence:

• The Chief Audit Executive (CAE) must report functionally to the board

• The internal audit activity must be free from interference in:

o Scope of work

o Performance of work

o Communication of results

Types of Independence

1. Organizational Independence

o Functional reporting to audit committee / board

2. Individual Independence

o Auditors should not audit areas where they had recent operational responsibility

Impairment of Independence

Independence is impaired when:

• Management restricts audit scope

• CAE reports only to management

• Auditors perform operational roles and later audit the same area

Disclosure Requirement

If independence is impaired:

• The impairment must be disclosed

• Disclosure should be made to appropriate parties

CIA Exam Focus

• Independence is primarily a structural concept

• Consulting services do not automatically impair independence

• Performing management responsibilities does impair independence

Relationship Between Integrity, Objectivity, and Independence

Aspect Integrity Objectivity Independence

Nature Ethical principle Mental attitude Structural condition

Applies to Individual auditor Individual auditor Audit function & auditor

Can be perceived No Yes Yes

Disclosure cures issue No Sometimes Sometimes

Key CIA Insight:

An auditor may be independent but not objective, or objective but not independent, but cannot lack integrity under any circumstances.

Consequences of Violation

• Loss of stakeholder confidence

• Audit findings ignored

• Regulatory scrutiny

• Professional disciplinary action

• Violation of IIA Code of Ethics

Here are some key words for CIA Part 1 exam on Objectivity, Integrity, and Independence of Internal Auditor:

Key Concepts

- *Objectivity*: Unbiased, impartial, and independent mindset

- *Integrity*: Honest, trustworthy, and ethical behavior

- *Independence*: Freedom from undue influence, conflicts of interest

Key Points

- Internal auditors must maintain objectivity and independence

- Avoid conflicts of interest, bias, or undue influence

- Disclose any impairments to independence or objectivity

- Maintain professional skepticism and due care

- Uphold confidentiality and avoid misuse of information

Relevant Standards

- *IIA Standards*: 1100, 1110, 1120, 1130 (Independence and Objectivity)

- *Code of Ethics*: Principles of Integrity, Objectivity, Confidentiality, and Competency

Some possible exam questions:

- What are the threats to internal auditor independence?

- How can internal auditors maintain objectivity?

- What should an internal auditor do if they encounter a conflict of interest?

www.gmsisuccess.in

TRICKY LOGICAL QUESTIONS (CIA Part 1 Style)

Question 1 (Objectivity vs Independence Trap)

An internal auditor previously worked as the procurement manager until six months ago. The CAE assigns the auditor to audit procurement due to staff shortage. The auditor believes they can remain unbiased.

Which statement is MOST appropriate?

A. The assignment is acceptable if the auditor remains objective

B. The assignment impairs objectivity, regardless of auditor belief

C. The assignment impairs independence of the internal audit activity

D. Disclosure alone eliminates any impairment

✅ Correct Answer: B

Explanation:

Self-review threat exists. Belief of objectivity is irrelevant. Objectivity is impaired due to recent operational responsibility.

Question 2 (Integrity Logic Test)

Management asks an internal auditor to delay reporting a significant control weakness until next quarter to avoid reputational damage. The auditor agrees but plans to disclose it later.

Which principle is primarily violated?

A. Objectivity

B. Independence

C. Integrity

D. Confidentiality

✅ Correct Answer: C

Explanation:

Delaying disclosure of known material issues violates honesty and responsibility, which directly breaches integrity.

Question 3 (Perception vs Reality)

An internal auditor is auditing a department headed by a close friend. The auditor feels confident of remaining unbiased and has no financial interest.

What is the BEST action?

A. Proceed with audit since no actual bias exists

B. Proceed but disclose relationship in the report

C. Decline assignment to avoid perceived impairment

D. Request management approval

✅ Correct Answer: C

Explanation:

Perceived impairment of objectivity is sufficient under CIA standards.

Question 4 (Consulting Engagement Trick)

The internal audit activity assists management in designing a risk management framework and later performs an assurance review of the same framework.

What is the MOST appropriate safeguard?

A. No safeguard needed since consulting does not impair independence

B. Disclosure of consulting role in the assurance report

C. Independent review by an external auditor

D. Assign different auditors for the assurance engagement

✅ Correct Answer: D

Explanation:

Using different auditors avoids self-review threat and preserves objectivity.

Question 5 (Board vs Management Reporting)

The CAE reports administratively and functionally to the CFO. Audit scope is approved by management.

Which principle is MOST compromised?

A. Objectivity

B. Integrity

C. Organizational independence

D. Individual independence

✅ Correct Answer: C

Explanation:

Functional reporting must be to the board, not management.

Question 6 (Disclosure Misconception)

Which of the following impairments CANNOT be resolved solely by disclosure?

A. Previous consulting engagement

B. Familiarity threat

C. Management responsibility assumed by auditor

D. Financial interest disclosed

✅ Correct Answer: C

Explanation:

Assuming management responsibility fundamentally impairs independence — disclosure is not sufficient.

Exam Tip (VERY IMPORTANT ⭐)

Integrity cannot be restored by safeguards.

Objectivity may be protected by safeguards.

Independence depends on structure and role clarity.

www.gmsisuccess.in

IS YOUR CHILD FACING THESE CHALLENGES? TALK WITH US!

GMSI Success Professional LLP

Student & Parent Counselling Centre

Goregaon West | Mumbai

www.gmsisuccess.in

🌟 Is Your Child Facing These Challenges?

Many parents today observe that their children:

Lack interest in studies
Cannot concentrate or focus
Have weak memory power
Forget lessons quickly
Show aggressive or impulsive behaviour
Feel stressed before exams
Underperform despite effort

👉 These are common problems — and they are solvable.

🧠 Our Solution: Scientific Counselling & Learning Support

At GMSI Success, we help students and parents using modern, scientifically-backed techniques that improve learning ability, behaviour, and academic performance.

We Focus On:

Memory enhancement
Concentration & focus building
Study skills & exam readiness
Behavioural improvement
Confidence & motivation

🎯 Benefits for Your Child

✔ Improved memory sharpness
✔ Better concentration & attention span
✔ Easy and effective study techniques
✔ Reduced stress, anxiety & aggression
✔ Improved exam performance
✔ Positive learning attitude

🧠 Scientifically-Backed Techniques We Use

Memory Enhancement Techniques

Spaced Repetition – Strengthens long-term memory
Chunking – Simplifies complex topics
Mnemonics – Smart memory tricks & associations
Active Recall – Learning by testing
Dual Coding – Visual + verbal learning

Concentration & Focus Techniques

Attentional Training – Focus despite distractions
Pomodoro Technique – Smart study-break cycles
Cognitive Shifting – Improves mental flexibility

Neuroplasticity Boosters

Neurofeedback-based methods
Brain training activities
Physical & mental exercises for brain growth

🔑 Best Options to Improve Memory Power

Spaced Repetition
Mnemonics
Active Recall
Dual Coding
Pomodoro Technique

👨‍🏫 Professional Counselling Support

One-to-one counselling
Parent & child guidance
Personalised improvement plan
Continuous monitoring & support

📍 Visit Us Today

GMSI Success Professional LLP

📌New Vohra House,2nd floor,Above Kajal Jewellers OPP Goregaon Rly Station Goregaon West, Mumbai

📞 Call Now: 9773464206
👨‍🏫 Counselling by experienced professionals

✨ Right Guidance Today Builds a Successful Tomorrow

www.gmsisuccess.in

Monday, February 2, 2026

Casebased question ⁉️ Integrity Objectivity Independence etc CIA Part 1

Here are case-based MCQs with answers focused specifically on objectivity, integrity, independence, proficiency, and professional credibility — topics emphasized in the CIA Part 1 (New Syllabus 2025).FIRST SOLVE..THEN CHECK ✅ YOURSELF, ANSWERS ARE AT THE END..

✅ OBJECTIVITY & INDEPENDENCE

Q1 — Case

An internal auditor in a multinational company has been asked to audit a division where a close relative is a senior manager. The auditor believes they can remain unbiased.

Which of the following is the best course of action according to internal audit standards?

A. Accept the assignment but disclose the relationship to the division manager.
B. Request reassignment to a different audit to avoid any perception of bias.
C. Proceed with the audit because the auditor feels objective.
D. Conduct the audit with limited reporting.

✅ Answer:

Q2 — Case

During an audit of procurement controls, an auditor realizes they’ve developed a close friendship with one of the procurement supervisors. The supervisor often provides informal suggestions during audit work.

What should the auditor do?

A. Disregard this friend’s influence but continue the audit.
B. Document the relationship but remain on the engagement.
C. Inform the audit manager and remove themselves from the audit if needed.
D. Accept suggestions as long as they help audit work.

✅ Answer:

✅ INTEGRITY & PROFESSIONAL BEHAVIOR

Q3 — Case

An internal auditor discovers evidence of expense fraud by a senior executive. The executive threatens that disclosing the findings will harm the auditor’s career.

According to professional standards, the internal auditor should:

A. Refrain from reporting to protect their job.
B. Report the findings to the audit committee or equivalent authority.
C. Modify the findings to reduce severity.
D. Discuss the issue only with the executive to avoid conflict.

✅ Answer:

Q4 — Case

An internal audit manager finds that a long-serving junior auditor has been inflating audit hours on timesheets to receive higher productivity scores.

What is the most appropriate action for the manager?

A. Ignore it to maintain team morale.
B. Report it to human resources or audit leadership and take corrective action.
C. Adjust the hours themselves without notifying anyone.
D. Advise the junior auditor to be more honest in future.

✅ Answer:

✅ PROFICIENCY & DUE PROFESSIONAL CARE

Q5 — Case

An internal audit team is assigned to evaluate complex IT security controls. None of the team members have experience or certification in IT auditing.

The best action before performing the engagement is to:

A. Proceed and learn on the job.
B. Outsource or involve auditors with appropriate IT expertise.
C. Skip the detailed audit steps.
D. Rely on management’s assurance.

✅ Answer:

Q6 — Case

During a financial statement audit, an internal auditor encounters accounting treatments that are unfamiliar and potentially misleading.

Which action shows due professional care?

A. Ignore the unfamiliar treatments and proceed.
B. Consult with a senior auditor or accounting specialist.
C. Conclude the accounts are correct because management authorized them.
D. Guess the appropriate treatment based on experience in other areas.

✅ Answer:

✅ PROFESSIONAL CREDIBILITY

Q7 — Case

An internal audit report understated a significant control deficiency because the auditor believed management would be upset and delay future support for audit work.

Which of the following BEST describes what was compromised?

A. Audit efficiency
B. Professional credibility
C. Auditor independence
D. Regulatory compliance

✅ Answer:

Q8 — Case

A chief audit executive (CAE) wants to increase the internal audit’s visibility and influence in the organization. However, their reports contain frequent inaccuracies and unsupported conclusions.

Which of the following should the CAE do FIRST?

A. Assign more audits to junior auditors to build experience.
B. Improve quality assurance and training in the internal audit practice.
C. Focus on public relations to enhance perception.
D. Reduce the number of audits issued each year.

✅ Answer:

✅ KEY TAKEAWAYS

✔ Objectivity & Independence: Avoid conflicts and perceptions of bias.
✔ Integrity: Always be truthful and report significant issues even under pressure.
✔ Proficiency: Ensure skills and knowledge are adequate for assignments.
✔ Due Professional Care: Use judgment, seek help, and apply audit standards.
✔ Professional Credibility: Built through reliability, accuracy, and ethical conduct.

www.gmsisuccess.in

ANSWERS...

✅ OBJECTIVITY & INDEPENDENCE

Q1 — Case

An internal auditor in a multinational company has been asked to audit a division where a close relative is a senior manager. The auditor believes they can remain unbiased.

Which of the following is the best course of action according to internal audit standards?

✅ Answer: B – Auditors must avoid conflicts of interest and maintain independence; disclosing isn’t enough when a close relative is involved.

Principle: Objectivity & independence require avoiding situations that impair unbiased judgment.

Q2 — Case

What should the auditor do?

✅ Answer: C – The auditor must address the possible impairment of objectivity by involving supervision and changing assignment if necessary.

Principle: Objectivity also means avoiding relationships that compromise or appear to compromise judgment.

✅ INTEGRITY & PROFESSIONAL BEHAVIOR

Q3 — Case

An internal auditor discovers evidence of expense fraud by a senior executive. The executive threatens that disclosing the findings will harm the auditor’s career.

According to professional standards, the internal auditor should:

✅ Answer: B – Auditors must maintain integrity and report significant findings to the appropriate level.

Principle: Integrity means honesty and truthfulness; it overrides personal threats or pressure.

Q4 — Case

An internal audit manager finds that a long-serving junior auditor has been inflating audit hours on timesheets to receive higher productivity scores.

What is the most appropriate action for the manager?

✅ Answer: B – The situation involves ethical misconduct and must be reported and addressed appropriately.

Principle: Integrity applies not only to audit results but also professional conduct.

✅ PROFICIENCY & DUE PROFESSIONAL CARE

Q5 — Case

An internal audit team is assigned to evaluate complex IT security controls. None of the team members have experience or certification in IT auditing.

The best action before performing the engagement is to:

A. Proceed and learn on the job.
B. Outsource or involve auditors with appropriate IT expertise.
C. Skip the detailed audit steps.
D. Rely on management’s assurance.

✅ Answer: B – Auditors must have the knowledge, skills, or bring in specialists to conduct the audit properly.

Principle: Proficiency and due professional care require competent personnel and appropriate skills.

Q6 — Case

During a financial statement audit, an internal auditor encounters accounting treatments that are unfamiliar and potentially misleading.

Which action shows due professional care?

✅ Answer: B – Seeking expert input improves audit quality and accuracy.

Principle: Due professional care means using appropriate competence and obtaining help when needed.

✅ PROFESSIONAL CREDIBILITY

Q7 — Case

An internal audit report understated a significant control deficiency because the auditor believed management would be upset and delay future support for audit work.

Which of the following BEST describes what was compromised?

A. Audit efficiency
B. Professional credibility
C. Auditor independence
D. Regulatory compliance

✅ Answer: B – Professional credibility suffers when auditors alter findings to appease management.

Principle: Credibility requires accurate, complete, unbiased reporting.

Q8 — Case

A chief audit executive (CAE) wants to increase the internal audit’s visibility and influence in the organization. However, their reports contain frequent inaccuracies and unsupported conclusions.

Which of the following should the CAE do FIRST?

✅ Answer: B – Without quality and accuracy, credibility cannot be built.

Principle: Credibility derives from consistent quality, not visibility alone.