IIA Business Knowledge for Internal Auditing IIA-CIA-Part3 Question # 5 Topic 1 Discussion
IIA-CIA-Part3 Exam Topic 1 Question 5 Discussion:
Question #: 5
Topic #: 1
An internal auditor uses a risk and control questionnaire as part of the preliminary survey for an audit of the organization's anti-bribery and corruption program. What is the primary purpose of using this approach?
A.
To compare records from one source to subsequently prepared records about the anti-bribery program
B.
To ascertain the existence of certain controls in the organization's anti-bribery program
C.
To obtain testimonial information about certain controls in the organization's anti-bribery program
D.
To validate control information through outside parties independent of the anti-bribery program
A risk and control questionnaire (RCQ) is used during preliminary surveys to help the auditor ascertain the existence of controls in a specific process or program. It provides structured information about which controls are in place, which are missing, and how they are applied.
Option A refers to reconciliation, which is not the main purpose. Option C (testimonial information) suggests reliance on management statements, which is weaker than structured control identification. Option D involves external confirmation, which goes beyond the RCQ’s purpose.
[Reference:, IIA Practice Guide – Engagement Planning: Preliminary Survey and Risk Assessment., ]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit