Certified Internal Auditor (CIA) Part 2: Practice of Internal Auditing — Question 225

Which of the following is an acceptable compliance audit for the chief audit executive to include on the annual audit plan, even though there is little inherent risk of noncompliance in that area?

Answer options

• A. An audit of a new multi-million dollar vendor contract.
• B. An audit of a department that has not been audited in over 10 years.
• C. An audit of a major revenue-generating department that has not been audited in last few years.
• D. An audit of a new regulation required to be audited.

Correct answer: D

Explanation

Option D is the correct answer because auditing new regulations is essential to ensure compliance and mitigate any potential risks associated with noncompliance. The other options, while significant, involve areas with less immediate compliance requirements, making them less critical for the audit plan in comparison to new regulations.