Table of Contents
Preface vii
CIA Exam Content Syllabus and Specifications xi
CIA Exam-Taking Tips xv
Professional Standards 1
I.1 New IPPF Defined 2
II.2 Introduction to the IIA’s Standards 2
III.3 IIA’s International Standards 4
Domain 1 Managing the Internal Audit Activity 83
1.1 Internal Audit Operations 83
1.2 Risk-Based Internal Audit Plan 96
1.3 Assurance Engagements 102
1.4 Consulting Engagements 227
1.5 Coordination between Internal Auditors and Others 265
1.6 Communicating and Reporting 272
1.7 Sample Practice Questions 276
Domain 2 Planning the Engagement 279
2.1 Objectives and Scope of Audit Engagement 279
2.2 Risk Assessment for Auditable Areas 282
2.3 Engagement Work Program 290
2.4 Audit Resources for Audit Engagements 293
2.5 Sample Practice Questions 295
Domain 3 Performing the Engagement 299
3.1 Information-Gathering Tools and Techniques 299
3.2 Sampling Methods and Statistical Analysis 307
3.3 Data Analysis and Evaluation Techniques 349
3.4 Audit Analytics 369
3.5 Audit and Legal Evidence 389
3.6 Audit Workpapers 396
3.7 Engagement Supervision 399
3.8 Sample Practice Questions 404
Domain 4 Communicating Results and Monitoring Progress 411
4.1 Communication Quality and Elements 411
4.2 Audit Reporting Process 423
4.3 Residual Risk and Risk Acceptance 425
4.4 Monitoring Audit Progress 429
4.5 Sample Practice Questions 432
Sample Practice Questions, Answers, and Explanations 435
Appendix A: Characteristics of Effective Auditors and Audit Function 467
Appendix B: Sarbanes-Oxley Act of 2002 475
Appendix C: Big Data and Data Mining 483
Appendix D: Operational Audits 511
Appendix E: Information Technology Audits 617
Appendix F: Environmental Compliance Audits 741
Appendix G: Human Resources Compliance Audits 751
Appendix H: Quality Audits 761
Appendix I: Information Security Protection Methods 787
General Glossary 799
Risk Glossary 841
Sampling and Statistics Glossary 865
About the Author 881
Index 883
