CCIA Practice
Sign inStart free
Home / PART1 · Part 1: Essentials of Internal Auditing / Domain III: Proficiency and Due Professional Care

CIA·PART1 · Part 1: Essentials of Internal Auditing·UnitPART1 · Unit 03Access: Premium

Domain III: Proficiency and Due Professional Care

Prepare for Domain III: Proficiency and Due Professional Care with CIA practice questions covering 5 topics. Part of Part 1: Essentials of Internal Auditing — build your knowledge and track your progress with CIA Practice.

Questions
161
Topics
5
Access
Premium

What’s in it.

5 topics
  • Topic 01

    Required Knowledge, Skills, and Abilities for Internal Auditors

    37 questions
  • Topic 02

    Due Professional Care — Reasonable Assurance, Professional Scepticism

    36 questions
  • Topic 03

    Continuing Professional Development Requirements

    31 questions
  • Topic 04

    Human Relations, Communication, and Persuasion Skills

    30 questions
  • Topic 05

    Technology Literacy and Data Analytics Competency

    27 questions

Sample questions

3 of many

A few questions from this unit, with the answer and a full explanation. The complete bank is available when you start practising.

  1. An internal audit team outsources a complex derivatives valuation review to an external specialist firm. The specialist's final report is received and the CAE includes the specialist's conclusions directly in the audit report without any review of the underlying methodology or data. An external quality assessor later finds that the specialist's model contained a fundamental error that a competent review would have identified. Which obligation has been breached?

    • The CAE breached the obligation to critically evaluate the specialist's work, including methodology and data, before relying on it
      Correct answer
    • The CAE breached the documentation requirement by not appending the specialist's full workpapers to the file
    • Only the specialist breached an obligation — the auditor is not responsible for verifying specialist methodology
    • The obligation breached was to obtain the audit committee's approval before engaging the specialist
    Explanation

    When relying on specialist work, the auditor must critically evaluate the specialist's work — assessing their competence, objectivity, and the appropriateness of their methodology and conclusions. Simply including a specialist's report without evaluation breaches this obligation. The CAE cannot outsource audit responsibility to the specialist. The quality assessor's finding that a competent review would have identified the error confirms that appropriate oversight was not exercised. This breach involves both the KSA framework (appropriate use of specialists) and due professional care (Standard 1220).

  2. The IPPF Core Principle 'Communicates Effectively' applies to which of the following?

    • Both written and oral communication across all stages of an engagement — planning, fieldwork, reporting, and follow-up
      Correct answer
    • Only formal written audit reports issued to management
    • Only written communications, since oral communication is addressed separately under Standard 1210
    • Only verbal communication during audit committee presentations
    Explanation

    The Core Principle 'Communicates Effectively' is not limited to any single communication format or engagement phase. Internal auditors must communicate effectively throughout the audit lifecycle: pre-engagement notices, fieldwork interviews and document requests, preliminary findings discussions, draft and final reports, and follow-up on agreed actions. This encompasses written communication (reports, working papers, engagement letters) and oral communication (interviews, presentations, meetings). Standard 2420 defines quality attributes for all audit communications, not just reports.

  3. How does engagement supervision relate to the exercise of due professional care?

    • Supervisors must review work performed by less experienced auditors as part of due professional care, ensuring adequate oversight across the engagement
      Correct answer
    • Supervision is an administrative function that is separate from and unrelated to due professional care
    • The CAE must personally supervise every engagement to meet the due professional care standard
    • Supervision satisfies due professional care only if the supervisor holds a CIA certification
    Explanation

    Due professional care extends to supervisors as well as individual auditors. Appropriate supervision of less experienced staff — reviewing their work, evaluating the sufficiency of evidence, checking that conclusions are supported, and ensuring that red flags are followed up — is a required element of the due professional care standard. A supervisor who fails to critically review a junior auditor's work, or who simply approves files without meaningful review, has not exercised due professional care in their supervisory role.