Wiley CIA Exam Review 2019 Focus Notes, Part 1

S. RAO VALLABHANENI is an educator, author, publisher, consultant, and practitioner in business with more than thirty years of management and teaching experience in auditing, accounting, manufacturing, and IT consulting in both public and private sectors. He is the author of more than sixty trade books, study guides, review guides, monographs, audit guides, and articles in auditing and IT. He holds twenty-four professional certifications in business management in Accounting, Auditing, Finance, Information Technology, Manufacturing, Quality, and Human Resource fields.

Preface xi


CIA Exam Content Syllabus and Specifications ix


CIA Exam-Taking Tips xiv


Professional Standards (100%) 1


Attribute Standards 2


Performance Standards 22


Domain 1: Foundations of Internal Auditing (15%) 28


Mission of Internal Audit 28


Definition of Internal Auditing 29


Core Principles 32


Internal Audit Charter 34


Types of Audit Services 40


IIA’s Code of Ethics 42


Roles and Responsibilities of Management 45


Domain 2: Independence and Objectivity (15%) 46


Independence Defined 47


Factors Threatening and Supporting Independence 51


Objectivity Defined 56


Factors Threatening and Supporting Objectivity 57


Policies to Promote Objectivity 66


Domain 3: Proficiency and Due Professional Care (18%) 68


Proficiency Defined 69


Competency Defined 70


Due Professional Care Defined 74


Continuing Professional Development 75


Professional Judgment and Competence 77


Competency Levels for Internal Auditors 80


Domain 4: Quality Assurance and Improvement Program (7%) 99


Required Elements 100


Reporting Requirements 108


Conformance versus Nonconformance 110


TQM in Internal Audit Operations 112


Domain 5: Governance, Risk Management, and Control (35%) 115


Governance Principles, Components, and Problems 117


Governance Models and Frameworks 126


Roles of the Board of Directors 140


Characteristics of Effective and Ineffective Boards 142


Roles of Executives and Officers 146


Roles of the Audit Committee 148


Roles of Internal Auditors in Corporate Governance, Risk Management, and Control Processes 150


Roles of Board-Level Committees 151


Roles and Rights of Shareholders and Stakeholders 153


Scope of Board-Level Audits 163


Organizational Culture 169


Organizational Ethics 180


Risk Concepts, Risk Types, and Risk Management Processes 199


Globally Accepted Risk Management Frameworks 235


Effectiveness of Risk Management 269


Internal Audit’s Role in the Risk Management Processes 274


Internal Control Concepts and Types of Controls 281


Globally Accepted Internal Control Frameworks 305


Effectiveness and Efficiency of Internal Controls 326


Compliance Management 333


Domain 6: Fraud Risks (10%) 336


Interpretation of Fraud Risks 337


Acts, Traits, and Profiles of Fraud Perpetrators 342


Types of Fraud 347


Indicators of Fraud 360


Awareness of Fraud 366


Awareness of Fraud (continued) 367


Controls to Prevent or Detect Fraud Risks 368


Audit Tests to Detect Fraud, Including Discovery Sampling 373


Integrating Analytical Relationships to Detect Fraud 378


Interrogation or Investigative Techniques 380


Forensic Auditing and Computer Forensics 384


Use of Computers in Analyzing Data for Fraud and Crime 390


GAO’s Framework for Managing Fraud Risks 393


COSO’s Framework for Fraud Risk Management 400


Fraud Analytics 405


Fraud and the Internal Auditor 413


Appendix Risks to Internal Audit Activity 415


The IIA’s Three-Lines-of-Defense Model 423


Audit Metrics and Key Performance Indicators 428