CIA Part 1 - Q24

24. Which of the following best describes an internal auditor’s purpose in reviewing the organization’s existing risk management, control and governance processes?

a. To help determine the nature, timing, and extent of tests necessary to achieve engagement objectives.

b. To ensure that weaknesses in the internal control system are corrected.

c. To provide reasonable assurance that the processes will enable the organization’s objectives and goals to be met efficiently and economically.

d. To determine whether the processes ensure that the accounting records are correct and that financial statements are fairly stated.

24. Solution: c
a. Incorrect. This is the purpose of the audit plan.

b. Incorrect. Correcting internal control weaknesses is the function of management, not a function of the internal auditor.

c. Correct. As described by the IIA, the internal auditors’ primary purpose in reviewing an organization’s existing risk management, control, and governance processes is to provide reasonable assurance that these processes are functioning as intended and will enable the organization’s objectives and goals to be met.

d. Incorrect. This is a basic objective from a financial accounting and auditing perspective, but is not broad enough to cover the internal auditor’s entire purpose for review.