A large investment organization hired a chief risk officer (CRO) to be responsible for the organization's risk management processes. Which of the following people should prioritize risks to be used for the audit plan?
An internal auditor is analyzing sates records and is concerned whether a transaction is recorded in the coned period. The accounting manager explains that the external auditor approved the records and produces an email from the external audit team leader. How should tie internal auditor respond?
Which informal ion- gathering method would be most efficient for an internal auditor to determine whether specified control procedures are in place?
According to IIA guidance, which of the following would not be a consideration for the internal audit activity (IAA) when determining the need to follow-up on recommendations?