Certificering | CIA | Inhoud examen | Deel II
Inhoud examen, deel  II

Het CIA examen bestaat uit de vier “Parts” die verder als volgt kunnen worden onderverdeeld. Ieder deel omvat 125 multiple-choice vragen. De toegestane tijd per deel is 3½ uur. Het examen wordt in de Engelse taal afgenomen.

Part II Conducting the Internal Audit Engagement

A.  Conduct Engagements (25-35%)
  1. Research and apply appropriate standards: 
    a.  IIA Professional Practices Framework (Code of Ethics, Standards, and Practice Advisories)
    b.  Other professional., legal, and regulatory standards
  2. Maintain an awareness of potential for fraud when conducting an engagement
    a.  Notice indicators or symptoms of fraud
    b.  Design appropriate engagement steps to address significant risk of fraud
    c.  Employ audit tests to detect fraud
    d.  Determine if any suspected fraud merits investigation
  3. Collect data.
  4. Evaluate the relevance, sufficiency, and competence of evidence.
  5. Analyze and interpret data.
  6. Develop workpapers.
  7. Review workpapers.
  8. Communicate interim progress.
  9. Draw conclusions.
  10. Develop recommendations when appropriate.
  11. Report engagement results
    a.  Conduct exit conference
    b.  Prepare report or other communication
    c.  Approve engagement report
    d.  Determine distribution of report
    e.  Obtain management response to report
  12. Conduct client satisfaction survey.
  13. Complete performance appraisals of engagement staff.

B.  Conduct Specific Engagements (25-35%)

1.    Conduct assurance engagements
        a.  Fraud investigation
         1)  Determine appropriate parties to be involved with investigation
         2)  Establish facts and extent of fraud (e.g., interviews, interrogations and data analysis)
         3)  Report outcomes to appropriate parties
         4)  Complete a process review to improve controls to prevent fraud and recommend changes
        b.  Risk and control self-assessment
         1)  Facilitated approach
              (a)   Client-facilitated
              (b)   Audit-facilitated
         2)  Questionnaire approach
         3)  Self-certification approach
        c.  Audits of third parties and contract auditing
        d.  Quality audit engagements
        e.  Due diligence audit engagements
        f.   Security audit engagements
        g.   Privacy audit engagements
        h.   Performance (key performance indicators) audit engagements
        i.   Operational (efficiency and effectiveness) audit engagements
        j.   Financial audit engagements
        k.   Information technology (IT) audit engagements
          1)  Operating systems
               (a)   Mainframe
               (b)  Workstations
               (c)   Server
          2)  Application development
               (a)   Application authentication
               (b)   Systems development methodology
               (c)   Change control
               (d)   End user computing
          3)  Data and network communications/connections (e.g., LAN, VAN, and WAN)
          4)  Voice communications
          5)  System security (e.g., firewalls, access control)
          6)  Contingency planning
          7)  Databases
          8)  Functional areas of IT operations (e.g., data center operations)
          9)  Web infrastructure
          10) Software licensing
          11) Electronic Funds Transfer (EFT)/Electronic Data Interchange (EDI)
          12) E-Commerce
          13) Information protection/viruses
          14) Encryption
          15) Enterprise-wide resource plannng (ERP) software (e.g., SAP R/3)
        i.  Compliance audit engagements
2.  Conduct consulting engagements
     a.  Internal control training
     b.  Business process review
     c.  Benchmarking
     d.  Information technology (IT) and systems development
     e.  Design of performance measurement systems 

C. Monitor Engagement Outcomes (5-15%)

  1. Determine appropriate follow-up activity by the internal audit activity
  2. Identify appropriate method to monitor engagement outcomes
  3. Conduct follow-up activity
  4. Communicate monitoring plan and results

D. Fraud Knowledge Elements (5-15%)

  1. Discovery sampling
  2. Interrogation techniques
  3. Forensic auditing
  4. Use of computers in analyzing data
  5. Red flag
  6. Types of fraud

E. Engagement Tools (15-25%)

  1. Sampling
    a.  Nonstatistical (judgmental)
    b.  Statistical 
  2. Statistical analyses (process control techniques)
  3. Data gathering tools
    a.  Interviewing
    b.  Questionnaires
    c.  Checklists
  4. Analytical review techniques
    a.  Ratio estimation
    b.  Variance analysis (e.g., budget vs. actual)
    c.  Other reasonableness tests
  5. Observation
  6. Problem solving
  7. Risk and control self-assessment (CSA)
  8. Computerized audit tools and techniques
    a.  Embedded audit modules
    b.  Data extraction techniques
    c.  Generalized audit software (e.g., ACL, IDEA)
    d.  Spreadsheet analysis
    e.  Automated workpapers (e.g., Lotus Notes, Auditor Assistant)
  9. Process mapping including flowcharting
Deel I
Deel III
Deel IV
Zoeken naar:
Gebruiker:
Wachtwoord:
Presentaties IIA Jaarcongres beschikbaar
ISACA Round Table 6 september 2010
IIA Response to IFAC Draft Standards 610 and 315
Nieuwe Wet op het accountantsberoep
BWise – IIA workshops 2010
Synergievoordelen kunnen rechtvaardigen dat de externe accountant bij zijn klant ook de rol van internal auditor heeft.
1. Geheel eens
2. Deels eens
3. Geheel oneens
4. Geen mening