0% found this document useful (0 votes)

67 views29 pages

ISO 19011:2018 Audit Program Management

This document presents 16 questions about ISO 19011:2018 section 5 on managing audit programs. The questions test understanding of factors for determining audit scope, maintaining audit integrity, and overseeing program implementation. Each question is followed by a single correct answer referring to standards in

Uploaded by

muhammad.daify

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

67 views29 pages

ISO 19011:2018 Audit Program Management

Uploaded by

muhammad.daify

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

You are on page 1/ 29

Chat GPT

Questions 5.1

Certainly, here are some questions related to Section 5 (Managing an audit programme) of ISO
19011:2018:

1. What factors should be considered when determining the extent of an audit programme, according to
ISO 19011:2018?

a. The audit team's size and expertise

b. The location of the auditee

c. The organizational objectives of the auditee

d. The number of audit team members

2. When important functions are outsourced and managed by other organizations, what should the audit
programme pay particular attention to, as per ISO 19011:2018?

a. The auditee's organizational objectives

b. The audit team's expertise

c. Where the most important decisions are made and who constitutes the top management of the
management system

d. The number of audit locations

3. How does ISO 19011:2018 suggest scaling the audit programme for smaller or less complex
organizations?

a. By increasing the number of audits

b. By increasing the scope of each audit

c. By scaling the audit programme appropriately

d. By conducting combined audits

4. According to ISO 19011:2018, what should the audit programme take into account in order to
understand the context of the auditee?

a. The audit team's experience

b. The scope of each audit

c. The auditee's organizational objectives, relevant external and internal issues, and the needs and
expectations of interested parties

d. The audit schedule

5. Who should ensure the integrity of the audit and prevent undue influence over the audit, as stated in
ISO 19011:2018?

a. The auditee

b. The top management of the auditee

c. The individual(s) managing the audit programme

d. The external audit team

6. What should be given priority when allocating resources and methods in the audit programme,
according to ISO 19011:2018?

a. Matters with lower inherent risk

b. Matters with higher inherent risk and lower level of performance

c. Matters based on the audit team's preferences

d. Matters that are easier to audit

7. What information should be included in the audit programme to enable effective and efficient audits,
according to ISO 19011:2018?

a. The color-coded audit schedule

b. The audit team members' personal preferences

c. The auditee's contact information

d. Objectives for the audit programme, risks and opportunities, audit scope, schedule, and more.

8. How often should the implementation of the audit programme be monitored and measured, as per
ISO 19011:2018?
a. Annually

b. Quarterly

c. On an ongoing basis

d. Only at the conclusion of the audit programme

9. What should the extent of an audit programme be based on, according to ISO 19011:2018?

a. The auditor's availability

b. The color of the auditee's logo

c. The size and nature of the auditee, the nature of risks and opportunities, and the level of maturity of
the management system

d. The number of audit team members

10. When the most important functions are outsourced and managed by other organizations, what
aspect of the management system should receive particular attention in the design and planning of the
audit programme, according to ISO 19011:2018?

a. The location of the outsourced functions

b. The number of audit team members

c. Where the most important decisions are made and what constitutes the top management of the
management system

d. The duration of each audit

11. In the context of the audit programme, what is meant by "scaling" for smaller or less complex
organizations, as suggested by ISO 19011:2018?

a. Reducing the duration of audits

b. Increasing the number of audit criteria

c. Adjusting the audit programme to suit the organization's size and complexity

d. Conducting audits in multiple locations

12. According to ISO 19011:2018, what aspects of the auditee's context should the audit programme
take into account for a better understanding of the auditee?

a. The personal preferences of the auditee's management

b. The auditee's color-coded audit schedule

c. Organizational objectives, relevant external and internal issues, the needs and expectations of
interested parties, and information security and confidentiality requirements

d. The number of audit team members

13. Who should ensure that the audit's integrity is maintained and prevent undue influence over the
audit, as per ISO 19011:2018?

a. The external audit team

b. The auditee

c. The individual(s) managing the audit programme

d. The relevant interested parties

14. According to ISO 19011:2018, where should audit priority be given when allocating resources and
methods in the audit programme?

a. Matters with lower inherent risk and higher level of performance

b. Matters that are easier to audit

c. Matters in a management system with higher inherent risk and lower level of performance

d. Matters related to information security and confidentiality

15. What information should the audit programme include to enable effective and efficient audits within
specified time frames, as outlined in ISO 19011:2018?

a. The auditee's financial statements

b. The auditee's organizational chart

c. Objectives, risks, and opportunities associated with the audit program, audit scope, and more

d. The number of employees in the auditee's organization

16. How often should the implementation of the audit programme be monitored and measured to
ensure its objectives have been achieved, as per ISO 19011:2018?

a. Annually

b. Biannually

c. On an ongoing basis

d. Only at the start of each audit program

These questions are based on the content of Section 5 of ISO 19011:2018.

Answers
1. Answer: c) The organizational objectives of the auditee

2. Answer: c) Where the most important decisions are made and who constitutes the top management
of the management system

3. Answer: c) By scaling the audit programme appropriately

4. Answer: c) The auditee's organizational objectives, relevant external and internal issues, and the
needs and expectations of interested parties

5. Answer: c) The individual(s) managing the audit programme

6. Answer: b) Matters with higher inherent risk and lower level of performance

7. Answer: d) Objectives for the audit programme, risks and opportunities, audit scope, schedule, and
more.

8. Answer: c) On an ongoing basis

9. Answer: c) The size and nature of the auditee, the nature of risks and opportunities, and the level of
maturity of the management system

10. Answer: c) Where the most important decisions are made and what constitutes the top management
of the management system

11. Answer: c) Adjusting the audit programme to suit the organization's size and complexity

12. Answer: c) Organizational objectives, relevant external and internal issues, the needs and
expectations of interested parties, and information security and confidentiality requirements

13. Answer: c) The individual(s) managing the audit programme

14. Answer: c) Matters in a management system with higher inherent risk and lower level of
performance

15. Answer: c) Objectives, risks, and opportunities associated with the audit program, audit scope, and
more.

16. Answer: c) On an ongoing basis

Bing
Questions 5.1

1- What are the factors that influence the extent of an audit programme? Select four
factors from the list below.

a) The size and nature of the auditee

b) The nature, functionality, complexity, the type of risks and opportunities, and the
level of maturity of the management system(s) to be audited

c) The number and qualifications of the auditors available

d) The organizational objectives of the auditee

e) The relevant external and internal issues affecting the auditee

f) The needs and expectations of relevant interested parties

2- What is the purpose of taking into account the auditee’s information security and
confidentiality requirements when managing an audit programme?

a) To ensure that the audit information is used appropriately and protected from
unauthorized access or disclosure

b) To ensure that the audit methods are compatible with the auditee’s technology and
systems

c) To ensure that the audit criteria are aligned with the auditee’s policies and standards
d) To ensure that the audit team members have the necessary clearance and
authorization to access the auditee’s information
3- What are some of the benefits of arranging internal audit programmes and
programmes for auditing external providers to contribute to other objectives of the
organization?

a) To improve the efficiency and effectiveness of the audit process

b) To enhance the communication and collaboration between different functions and

departments

c) To support the strategic direction and continual improvement of the organization

d) All of the above

4- What are some of the actions that can be taken by the individual(s) managing the
audit programme to ensure the integrity of the audit is maintained and that there is not
undue influence exerted over the audit?

a) Establishing clear roles and responsibilities for all parties involved in the audit
programme

b) Ensuring that the auditors are competent, independent, impartial and objective

c) Providing adequate resources and support for conducting and reporting audits

d) All of the above

5- What are some of the information that should be included in an audit programme?
Select four information from the list below.

a) Objectives for the audit programme

b) Risks and opportunities associated with the audit programme and the actions to
address them

c) Scope (extent, boundaries, locations) of each audit within the audit programme

d) Schedule (number/duration/frequency) of the audits

e) Audit types, such as internal or external

f) Audit criteria

g) Audit methods to be employed

h) Criteria for selecting audit team members

6- What are some of the activities that should be performed to monitor and measure
the implementation of an audit programme on an ongoing basis?

a) Collecting feedback from auditors, auditees, audit clients and other interested
parties

b) Comparing actual performance with planned performance and objectives

c) Identifying any deviations, problems or opportunities for improvement

d) All of the above

7- What is the purpose of reviewing an audit programme in order to identify needs for
changes and possible opportunities for improvements?

a) To ensure that the audit programme remains relevant, adequate and effective in
achieving its objectives

b) To ensure that the audit programme adapts to any changes in internal or external
issues affecting the organization or its management system(s)

c) To ensure that the audit programme incorporates any lessons learned or best
practices from previous audits or other sources

d) All of the above

Answers 5.1

1- The correct answers are a) The size and nature of the auditee, b) The nature,
functionality, complexity, the type of risks and opportunities, and the level
of maturity of the management system(s) to be audited, d) The
organizational objectives of the auditee, and e) The relevant external and
internal issues affecting the auditee. These are the factors that influence the
extent of an audit programme according to section 5.1.

2- The correct answer is a) To ensure that the audit information is used

appropriately and protected from unauthorized access or disclosure. This
is the purpose of taking into account the auditee’s information security and
confidentiality requirements when managing an audit programme according to
section 5.1.

3- The correct answer is d) All of the above. These are some of the benefits of
arranging internal audit programmes and programmes for auditing external
providers to contribute to other objectives of the organization according to
section 5.1.

4- The correct answer is d) All of the above. These are some of the actions that
can be taken by the individual(s) managing the audit programme to ensure the
integrity of the audit is maintained and that there is not undue influence exerted
over the audit according to section 5.1.

5- The correct answers are a) Objectives for the audit programme, b) Risks
and opportunities associated with the audit programme and the actions to
address them, c) Scope (extent, boundaries, locations) of each audit within
the audit programme, d) Schedule (number/duration/frequency) of the
audits, e) Audit types, such as internal or external, f) Audit criteria, g)
Audit methods to be employed, and h) Criteria for selecting audit team
members. These are some of the information that should be included in an
audit programme according to section 5.1.
6- The correct answer is d) All of the above. These are some of the activities that
should be performed to monitor and measure the implementation of an audit
programme on an ongoing basis according to section 5.6.

7- The correct answer is d) All of the above. This is the purpose of reviewing an
audit programme in order to identify needs for changes and possible
opportunities for improvements according to section 5.7.
Questions 5.2 & 5.3

1- Who should ensure that the audit programme objectives are established to direct the
planning and conducting of audits and to ensure the effective implementation of the
audit programme?

a) The auditee b) The auditor c) The audit client d) The audit team leader

2- What are some of the sources that can be used to establish the audit programme
objectives? Select four sources from the list below.

a) Needs and expectations of relevant interested parties, both external and internal

b) Characteristics of and requirements for processes, products, services and projects,

and any changes to them

c) Management system requirements

d) Need for evaluation of external providers

e) Auditee’s level of performance and level of maturity of the management system(s),

as reflected in relevant performance indicators (e.g. KPIs), the occurrence of
nonconformities or incidents or complaints from interested parties

f) Identified risks and opportunities to the auditee

g) Results of previous audits

3- What are some of the examples of audit programme objectives that can be derived
from the sources mentioned in question 2? Select four examples from the list below.
a) Identify opportunities for the improvement of a management system and its
performance

b) Evaluate the capability of the auditee to determine its context

c) Evaluate the capability of the auditee to determine risks and opportunities and to
identify and implement effective actions to address them
d) Conform to all relevant requirements, e.g. statutory and regulatory requirements,
compliance commitments, requirements for certification to a management system
standard

e) Obtain and maintain confidence in the capability of an external provider

f) Determine the continuing suitability, adequacy and effectiveness of the auditee’s

management system

g) Evaluate the compatibility and alignment of the management system objectives

with the strategic direction of the organization

4- What are some of the risks associated with planning an audit programme? Select
three risks from the list below.

a) Failure to set relevant audit objectives and determine the extent, number, duration,
locations and schedule of the audits

b) Allowing insufficient time, equipment and/or training for developing the audit
programme or conducting an audit

c) Insufficient overall competence to conduct audits effectively

d) Ineffective external/internal communication processes/channels

e) Ineffective coordination of the audits within the audit programme, or not

considering information security and confidentiality

f) Ineffective determination of the necessary documented information required by

auditors and relevant interested parties, failure to adequately protect audit records to
demonstrate audit programme effectiveness

5- What are some of the opportunities for improving an audit programme? Select
three opportunities from the list below.

a) Allowing multiple audits to be conducted in a single visit

b) Minimizing time and distances travelling to site

c) Matching the level of competence of the audit team to the level of competence
needed to achieve the audit objectives

d) Aligning audit dates with the availability of auditee’s key staff

e) Using different audit methods, such as remote auditing or sampling techniques

f) Sharing best practices and lessons learned among auditors and auditees

Answers 5.2 & 5.3

1- The correct answer is c) The audit client. The audit client should ensure that
the audit programme objectives are established to direct the planning and
conducting of audits and to ensure the effective implementation of the audit
programme according to section 5.2.

2- The correct answers are a) Needs and expectations of relevant interested

parties, both external and internal, b) Characteristics of and requirements
for processes, products, services and projects, and any changes to them, c)
Management system requirements, d) Need for evaluation of external
providers, e) Auditee’s level of performance and level of maturity of the
management system(s), as reflected in relevant performance indicators
(e.g. KPIs), the occurrence of nonconformities or incidents or complaints
from interested parties, f) Identified risks and opportunities to the auditee,
and g) Results of previous audits. These are some of the sources that can be
used to establish the audit programme objectives according to section 5.2.

3- The correct answers are a) Identify opportunities for the improvement of a

management system and its performance, b) Evaluate the capability of the
auditee to determine its context, c) Evaluate the capability of the auditee to
determine risks and opportunities and to identify and implement effective
actions to address them, d) Conform to all relevant requirements, e.g.
statutory and regulatory requirements, compliance commitments,
requirements for certification to a management system standard, e) Obtain
and maintain confidence in the capability of an external provider, f)
Determine the continuing suitability, adequacy and effectiveness of the
auditee’s management system, and g) Evaluate the compatibility and
alignment of the management system objectives with the strategic
direction of the organization. These are some of the examples of audit
programme objectives that can be derived from the sources mentioned in
question 2 according to section 5.2.

4- The correct answers are a) Failure to set relevant audit objectives and
determine the extent, number, duration, locations and schedule of the
audits, b) Allowing insufficient time, equipment and/or training for
developing the audit programme or conducting an audit, and e) Ineffective
coordination of the audits within the audit programme, or not considering
information security and confidentiality. These are some of the risks
associated with planning an audit programme according to section 5.3.

5- The correct answers are a) Allowing multiple audits to be conducted in a

single visit, b) Minimizing time and distances travelling to site, c) Matching
the level of competence of the audit team to the level of competence needed
to achieve the audit objectives, and d) Aligning audit dates with the
availability of auditee’s key staff. These are some of the opportunities for
improving an audit programme according to section 5.3.

6- What are some of the risks associated with resources for an audit programme?
Select three risks from the list below.

a) Insufficient overall competence to conduct audits effectively

b) Ineffective external/internal communication processes/channels

c) Ineffective determination of the necessary documented information required by

auditors and relevant interested parties, failure to adequately protect audit records to
demonstrate audit programme effectiveness

d) Allowing insufficient time, equipment and/or training for developing the audit
programme or conducting an audit

e) Ineffective coordination of the audits within the audit programme, or not

considering information security and confidentiality

f) Availability and cooperation of auditee and availability of evidence to be sampled

The correct answers are d) Allowing insufficient time, equipment and/or training
for developing the audit programme or conducting an audit, f) Availability and
cooperation of auditee and availability of evidence to be sampled, and either a) or
c) depending on whether resources refer only to physical or human resources or both.
These are some of the risks associated with resources for an audit programme
according to section 5.3.

7- What are some of the risks associated with selection of the audit team for an audit
programme? Select three risks from the list below.

a) Insufficient overall competence to conduct audits effectively

b) Ineffective external/internal communication processes/channels

c) Ineffective determination of the necessary documented information required by

auditors and relevant interested parties, failure to adequately protect audit records to
demonstrate audit programme effectiveness

d) Allowing insufficient time, equipment and/or training for developing the audit
programme or conducting an audit

e) Ineffective coordination of the audits within the audit programme, or not

considering information security and confidentiality

f) Availability and cooperation of auditee and availability of evidence to be sampled

The correct answers are a) Insufficient overall competence to conduct audits

effectively, either b) or e) depending on whether communication and coordination are
considered part of the selection process or not, and f) Availability and cooperation
of auditee and availability of evidence to be sampled. These are some of the risks
associated with selection of the audit team for an audit programme according to
section 5.3.

8- What are some of the risks associated with communication for an audit
programme? Select three risks from the list below. a) Insufficient overall competence
to conduct audits effectively b) Ineffective external/internal communication
processes/channels c) Ineffective determination of the necessary documented
information required by auditors and relevant interested parties, failure to adequately
protect audit records to demonstrate audit programme effectiveness d) Allowing
insufficient time, equipment and/or training for developing the audit programme or
conducting an audit e) Ineffective coordination of the audits within the audit
programme, or not considering information security and confidentiality f) Availability
and cooperation of auditee and availability of evidence to be sampled
The correct answers are b) Ineffective external/internal communication
processes/channels, c) Ineffective determination of the necessary documented
information required by auditors and relevant interested parties, failure to
adequately protect audit records to demonstrate audit programme effectiveness,
and e) Ineffective coordination of the audits within the audit programme, or not
considering information security and confidentiality. These are some of the risks
associated with communication for an audit programme according to section 5.3.

9- What are some of the opportunities for improving an audit programme related to
resources? Select three opportunities from the list below. a) Allowing multiple audits
to be conducted in a single visit b) Minimizing time and distances travelling to site c)
Matching the level of competence of the audit team to the level of competence needed
to achieve the audit objectives d) Aligning audit dates with the availability of
auditee’s key staff e) Using different audit methods, such as remote auditing or
sampling techniques f) Sharing best practices and lessons learned among auditors and
auditees

The correct answers are b) Minimizing time and distances travelling to site, c)
Matching the level of competence of the audit team to the level of competence
needed to achieve the audit objectives, and e) Using different audit methods, such
as remote auditing or sampling techniques. These are some of the opportunities for
improving an audit programme related to resources according to section 5.3.

10- What are some of the opportunities for improving an audit programme related to
communication? Select three opportunities from the list below. a) Allowing multiple
audits to be conducted in a single visit b) Minimizing time and distances travelling to
site c) Matching the level of competence of the audit team to the level of competence
needed to achieve the audit objectives d) Aligning audit dates with the availability of
auditee’s key staff e) Using different audit methods, such as remote auditing or
sampling techniques f) Sharing best practices and lessons learned among auditors and
auditees

The correct answers are a) Allowing multiple audits to be conducted in a single

visit, d) Aligning audit dates with the availability of auditee’s key staff, and f)
Sharing best practices and lessons learned among auditors and auditees. These
are some of the opportunities for improving an audit programme related to
communication according to section 5.3.
Questions 5.4.1 & 5.4.2

1- What are some of the processes that the individual(s) managing the audit
programme should establish according to section 5.4.1? Select four processes from the
list below.

a) The coordination and scheduling of all audits within the audit programme

b) The establishment of audit objectives, scope(s) and criteria of the audits,

determining audit methods and selecting the audit team

c) The evaluation of auditors

d) The establishment of external and internal communication processes, as appropriate

e) The resolutions of disputes and handling of complaints

f) Audit follow-up if applicable g) Reporting to the audit client and relevant interested
parties, as appropriate

2- What are some of the knowledge areas that the individual(s) managing the audit
programme should have according to section 5.4.2? Select four knowledge areas from
the list below.

a) Audit principles (see Clause 4), methods and processes (see A.1 and A.2)

b) Management system standards, other relevant standards and reference/guidance

documents

c) Information regarding the auditee and its context (e.g. external/internal issues,
relevant interested parties and their needs and expectations, business activities,
products, services and processes of the auditee)

d) Applicable statutory and regulatory requirements and other requirements relevant

to the business activities of the auditee

e) Risk management, project and process management, and information and

communications technology (ICT)
f) Auditing techniques, such as interviewing, observing, sampling and verifying

3- What is the purpose of engaging in appropriate continual development activities for

the individual(s) managing the audit programme according to section 5.4.2?

a) To maintain the necessary competence to manage the audit programme

b) To update their knowledge on the latest changes in standards and regulations

c) To enhance their skills in communication and leadership

d) All of the above

4- Who should approve the audit programme according to section 5.4.1?

a) The auditee

b) The auditor

c) The audit client

d) The audit team leader

5- What are some of the actions that can be taken by the individual(s) managing the
audit programme to determine and ensure provision of all necessary resources
according to section 5.4.1? Select three actions from the list below.

a) Estimating the time, budget and equipment needed for each audit within the
programme

b) Allocating adequate human resources with suitable competence and availability for
each audit within the programme

c) Providing training, guidance and support for auditors and other parties involved in
the programme
d) Negotiating with auditees and external providers to ensure their cooperation and
access to evidence

e) Monitoring and reviewing the resource utilization and performance throughout the
programme

Answers 5.4.1 & 5.4.2

1- The correct answers are a) The coordination and scheduling of all audits
within the audit programme, b) The establishment of audit objectives,
scope(s) and criteria of the audits, determining audit methods and
selecting the audit team, c) The evaluation of auditors, d) The
establishment of external and internal communication processes, as
appropriate, e) The resolutions of disputes and handling of complaints, f)
Audit follow-up if applicable, and g) Reporting to the audit client and
relevant interested parties, as appropriate. These are some of the processes
that the individual(s) managing the audit programme should establish according
to section 5.4.1.

2- The correct answers are a) Audit principles (see Clause 4), methods and
processes (see A.1 and A.2), b) Management system standards, other
relevant standards and reference/guidance documents, c) Information
regarding the auditee and its context (e.g. external/internal issues, relevant
interested parties and their needs and expectations, business activities,
products, services and processes of the auditee), d) Applicable statutory
and regulatory requirements and other requirements relevant to the
business activities of the auditee, and e) Risk management, project and
process management, and information and communications technology
(ICT). These are some of the knowledge areas that the individual(s) managing
the audit programme should have according to section 5.4.2.

3- The correct answer is d) All of the above. These are some of the purposes of
engaging in appropriate continual development activities for the individual(s)
managing the audit programme according to section 5.4.2.
4- The correct answer is c) The audit client. The audit client should approve the
audit programme according to section 5.4.1.

5- The correct answers are

a) Estimating the time, budget and equipment needed for each audit within
the programme,
b) Allocating adequate human resources with suitable competence and
availability for each audit within the programme,
c) Providing training, guidance and support for auditors and other parties
involved in the programme,
and d) Negotiating with auditees and external providers to ensure their
cooperation and access to evidence. These are some of the actions that can be
taken by the individual(s) managing the audit programme to determine and
ensure provision of all necessary resources according to section 5.4.1.
Questions 5.4.3 & 5.4.4

1- What are some of the factors that can influence the extent of an audit programme
according to section 5.4.3? Select four factors from the list below.

a) The objective, scope and duration of each audit and the number of audits to be
conducted, reporting method and, if applicable, audit follow up

b) The management system standards or other applicable criteria

c) The number, importance, complexity, similarity and locations of the activities to be

audited

d) Those factors influencing the effectiveness of the management system

e) Applicable audit criteria, such as planned arrangements for the relevant

management system standards, statutory and regulatory requirements and other
requirements to which the organization is committed

f) Results of previous internal or external audits and management reviews, if

appropriate

g) Results of a previous audit programme review

h) Language, cultural and social issues

2- What are some of the resources that the individual(s) managing the audit
programme should consider according to section 5.4.4? Select four resources from the
list below.

a) The financial and time resources necessary to develop, implement, manage and
improve audit activities

b) Audit methods (see A.1)

c) The individual and overall availability of auditors and technical experts having
competence appropriate to the particular audit programme objectives
d) The extent of the audit programme (see 5.4.3) and audit programme risks and
opportunities (see 5.3)

e) Travel time and cost, accommodation and other auditing needs

f) The impact of different time zones

g) The availability of information and communication technologies (e.g. technical

resources required to set up a remote audit using technologies that support remote
collaboration)

h) The availability of any tools, technology and equipment required

3- What are some of the benefits of using information and communication

technologies (ICT) to support audit activities according to section 5.4.4? Select three
benefits from the list below.

a) Reducing travel time and cost, accommodation and other auditing needs

b) Enabling remote auditing methods (see A.16) that can increase audit coverage and
efficiency

c) Enhancing communication and collaboration among auditors, auditees and other

interested parties

d) Improving access to relevant documented information and evidence

e) Increasing the security and confidentiality of audit information

f) Providing feedback and evaluation tools for auditors

4- What are some of the requirements related to the facility that the individual(s)
managing the audit programme should consider according to section 5.4.4? Select
three requirements from the list below.

a) Any security clearances and equipment (e.g. background checks, personal

protective equipment, ability to wear clean room attire)

b) Any health and safety hazards or environmental impacts

c) Any accessibility or mobility issues for auditors or auditees

d) Any special permissions or authorizations needed to access certain areas or

processes

e) Any cultural or social norms or expectations that may affect the audit conduct or
behaviour

f) Any language barriers or translation needs

5- What are some of the actions that can be taken by the individual(s) managing the
audit programme to monitor, review and improve the audit programme according to
section 5.4.1? Select three actions from the list below.

a) Collecting feedback from auditors, auditees, audit clients and other interested
parties on the audit process and outcomes

b) Comparing actual performance with planned performance and objectives using

relevant indicators (e.g. KPIs)

c) Identifying any deviations, problems or opportunities for improvement in the audit

programme or its processes

d) Implementing corrective or preventive actions as appropriate to address any issues

or risks identified

e) Evaluating the effectiveness and efficiency of the audit programme in achieving its
objectives

f) Communicating the results of the review and improvement actions to relevant

interested parties

Answers 5.4.3 & 5.4.4

1- The correct answers are: - a) The coordination and scheduling of all audits
within the audit programme - b) The establishment of audit objectives, scope(s)
and criteria of the audits, determining audit methods and selecting the audit
team - c) The evaluation of auditors - d) The establishment of external and
internal communication processes, as appropriate - e) The resolutions of
disputes and handling of complaints - f) Audit follow-up if applicable - g)
Reporting to the audit client and relevant interested parties, as appropriate
These are some of the processes that the individual(s) managing the audit
programme should establish according to section 5.4.1.

2- The correct answers are: - a) Audit principles (see Clause 4), methods and
processes (see A.1 and A.2) - b) Management system standards, other relevant
standards and reference/guidance documents - c) Information regarding the
auditee and its context (e.g. external/internal issues, relevant interested parties
and their needs and expectations, business activities, products, services and
processes of the auditee) - d) Applicable statutory and regulatory requirements
and other requirements relevant to the business activities of the auditee - e)
Risk management, project and process management, and information and
communications technology (ICT) These are some of the knowledge areas that
the individual(s) managing the audit programme should have according to
section 5.4.2.

3- The correct answer is: - d) All of the above These are some of the benefits of
using information and communication technologies (ICT) to support audit
activities according to section 5.4.4.

4- The correct answers are: - a) Any security clearances and equipment (e.g.
background checks, personal protective equipment, ability to wear clean room
attire) - b) Any health and safety hazards or environmental impacts - c) Any
accessibility or mobility issues for auditors or auditees - d) Any special
permissions or authorizations needed to access certain areas or processes - e)
Any cultural or social norms or expectations that may affect the audit conduct
or behaviour These are some of the requirements related to the facility that the
individual(s) managing the audit programme should consider according to
section 5.4.4.

5- The correct answers are: - a) Collecting feedback from auditors, auditees, audit
clients and other interested parties on the audit process and outcomes - b)
Comparing actual performance with planned performance and objectives using
relevant indicators (e.g. KPIs) - c) Identifying any deviations, problems or
opportunities for improvement in the audit programme or its processes - d)
Implementing corrective or preventive actions as appropriate to address any
issues or risks identified - e) Evaluating the effectiveness and efficiency of the
audit programme in achieving its objectives These are some of the actions that
can be taken by the individual(s) managing the audit programme to monitor,
review and improve the audit programme according to section 5.4.1.
Questions 5.4.1 & 5.4.2

Here are some questions on section 5.5 of ISO 19011 “Managing an audit
programme”:

1- Who should communicate the relevant parts of the audit programme, including the
risks and opportunities involved, to relevant interested parties and inform them
periodically of its progress, using established external and internal communication
channels? a) The auditee b) The auditor c) The audit client d) The individual(s)
managing the audit programme

2- What are some of the factors that should be included in the audit scope for an
individual audit according to section 5.5.2? Select four factors from the list below.

a) Locations, functions, activities and processes to be audited

b) Time period covered by the audit

c) Audit methods to be employed

d) Audit criteria to be used as a reference

e) Audit team members and their roles

f) Audit objectives and expected outcomes

3- What are some of the examples of audit criteria that can be used as a reference
against which conformity is determined according to section 5.5.2? Select four
examples from the list below.

a) Applicable policies, processes, procedures, performance criteria including

objectives
b) Statutory and regulatory requirements and other requirements to which the
organization is committed

c) Management system requirements

d) Information regarding the context and the risks and opportunities as determined by
the auditee (including relevant external/internal interested parties requirements)

e) Sector codes of conduct or other planned arrangements

f) Customer feedback, complaints or satisfaction surveys

4- What should be done in the event of any changes to the audit objectives, scope or
criteria according to section 5.5.2?

a) The audit programme should be modified if necessary and communicated to

interested parties, for approval if appropriate

b) The audit team should adjust their audit plan and procedures accordingly and
inform the auditee of the changes

c) The audit client should evaluate the impact of the changes on the audit programme
objectives and resources

d) All of the above

5- What are some of the challenges or considerations when more than one discipline is
being audited at the same time according to section 5.5.2? Select three challenges or
considerations from the list below.

a) Ensuring that the audit objectives, scope and criteria are consistent with the relevant
audit programmes for each discipline

b) Coordinating and integrating the activities of different audit teams or auditors with
different competencies and backgrounds
c) Balancing the time and resources allocated for each discipline without
compromising the audit quality or coverage

d) Communicating and reporting the audit findings and conclusions for each
discipline clearly and coherently

e) Resolving any conflicts or discrepancies between different disciplines or standards

Multiple Choice Exam Questions Management Systems Internal Audit Guideline Based On ISO 19011
No ratings yet
Multiple Choice Exam Questions Management Systems Internal Audit Guideline Based On ISO 19011
2 pages
ISO 19011:2018 Auditing Principles Quiz
No ratings yet
ISO 19011:2018 Auditing Principles Quiz
8 pages
Final Paper Auditing Management System
No ratings yet
Final Paper Auditing Management System
5 pages
ISO 27001 Internal Auditor Support Questions (V112023)
No ratings yet
ISO 27001 Internal Auditor Support Questions (V112023)
12 pages
Questions 19011 2018 Updated
75% (4)
Questions 19011 2018 Updated
5 pages
ISO 19011-2018 Standard On Audit
100% (2)
ISO 19011-2018 Standard On Audit
26 pages
Audit and Assurance (ACCA)
No ratings yet
Audit and Assurance (ACCA)
4 pages
ISO 19001:2018 Audit Essentials
100% (2)
ISO 19001:2018 Audit Essentials
11 pages
Exam Questions
No ratings yet
Exam Questions
3 pages
Contoh Soal Audit
No ratings yet
Contoh Soal Audit
5 pages
Audit Test 2 QP
No ratings yet
Audit Test 2 QP
3 pages
ISO19011
No ratings yet
ISO19011
44 pages
Quality Auditor Exam Prep Guide
No ratings yet
Quality Auditor Exam Prep Guide
3 pages
Details of Changes in ISO 19011 2018 20082020
No ratings yet
Details of Changes in ISO 19011 2018 20082020
44 pages
Aud Plan 123
No ratings yet
Aud Plan 123
7 pages
Iso 19011
No ratings yet
Iso 19011
7 pages
A&a Set 6
No ratings yet
A&a Set 6
3 pages
Internal Auditor 27001 Simulator
No ratings yet
Internal Auditor 27001 Simulator
15 pages
Chapter 4 Audit Planning
No ratings yet
Chapter 4 Audit Planning
18 pages
Sample Exam ISO 27001 Internal Auditor (V112023) EN
No ratings yet
Sample Exam ISO 27001 Internal Auditor (V112023) EN
12 pages
Summary of ISO 19011
No ratings yet
Summary of ISO 19011
7 pages
.Archivetempaudit Planning Done
No ratings yet
.Archivetempaudit Planning Done
5 pages
Chapter 7: Audit Planning
No ratings yet
Chapter 7: Audit Planning
7 pages
AUDIT Part 1 Sample Exam Questions
No ratings yet
AUDIT Part 1 Sample Exam Questions
3 pages
Audit Objectives and Responsibilities
No ratings yet
Audit Objectives and Responsibilities
4 pages
Audit Planning Quizlet
No ratings yet
Audit Planning Quizlet
32 pages
ACC 139 Assurance and Audit Principles - P1 1S SY2324 - Key Answer
No ratings yet
ACC 139 Assurance and Audit Principles - P1 1S SY2324 - Key Answer
10 pages
7 MCQ CH 4 (S)
No ratings yet
7 MCQ CH 4 (S)
4 pages
Auditing Theory and Standards Guide
No ratings yet
Auditing Theory and Standards Guide
4 pages
KiemToan Thu
No ratings yet
KiemToan Thu
15 pages
PRTC AUD 1stPB - 10.21
No ratings yet
PRTC AUD 1stPB - 10.21
15 pages
Quiz 1
No ratings yet
Quiz 1
6 pages
Gather Evidence.: 10 Points
No ratings yet
Gather Evidence.: 10 Points
11 pages
Quiz 2 Set A
100% (1)
Quiz 2 Set A
3 pages
Financial Auditing Another MCQ
No ratings yet
Financial Auditing Another MCQ
7 pages
Internal Auditing Frameworks Guide
No ratings yet
Internal Auditing Frameworks Guide
6 pages
1ed9eaad539c4e238ead12520db5bee7
No ratings yet
1ed9eaad539c4e238ead12520db5bee7
15 pages
Aud 310 Test 3 and Memo 2018
No ratings yet
Aud 310 Test 3 and Memo 2018
12 pages
Assurance Engagements Quiz
No ratings yet
Assurance Engagements Quiz
6 pages
Administrative Audit Questionnaire For Exam
No ratings yet
Administrative Audit Questionnaire For Exam
22 pages
ICPA Audit Planning Handout
No ratings yet
ICPA Audit Planning Handout
4 pages
Questions For Assurance Class Test
No ratings yet
Questions For Assurance Class Test
6 pages
Att
No ratings yet
Att
8 pages
Mock Answer
No ratings yet
Mock Answer
16 pages
Asuprin Activity Worksheet: Compiled By: A. S. MALQUISTO
No ratings yet
Asuprin Activity Worksheet: Compiled By: A. S. MALQUISTO
3 pages
Auditing Questions
No ratings yet
Auditing Questions
12 pages
Auditing Principle and Practice I Mid Exam For Weakend
No ratings yet
Auditing Principle and Practice I Mid Exam For Weakend
5 pages
ASQ CQA Exam A: Key Questions & Answers
50% (2)
ASQ CQA Exam A: Key Questions & Answers
39 pages
Part II - Print
No ratings yet
Part II - Print
12 pages
Tqs Finals Operations-Audit
No ratings yet
Tqs Finals Operations-Audit
46 pages
Audit Theo FPB With Answer Keys
100% (1)
Audit Theo FPB With Answer Keys
6 pages
Quiz 2 Auditing
100% (1)
Quiz 2 Auditing
4 pages
ISO 19011 Auditing Essentials
100% (1)
ISO 19011 Auditing Essentials
5 pages
Aud 2 PDF
No ratings yet
Aud 2 PDF
7 pages
9AT
No ratings yet
9AT
2 pages
Quiz No 1.A Operations Auditing Answer Key
No ratings yet
Quiz No 1.A Operations Auditing Answer Key
2 pages
Audit Planning Practice Quiz
No ratings yet
Audit Planning Practice Quiz
8 pages
Section 2 of ISO 9001:2015 Exam Quiz and Answers by AI
100% (5)
Section 2 of ISO 9001:2015 Exam Quiz and Answers by AI
19 pages
ISO 9001:2015 Exam Questions & Answers
100% (1)
ISO 9001:2015 Exam Questions & Answers
27 pages
ISO 9001 Audit Nonconformities
No ratings yet
ISO 9001 Audit Nonconformities
2 pages
ISO 9001:2015 Audit Challenges
No ratings yet
ISO 9001:2015 Audit Challenges
8 pages
Audit Situations
No ratings yet
Audit Situations
3 pages
Lean 2
No ratings yet
Lean 2
12 pages
Glossary Terms of Library
No ratings yet
Glossary Terms of Library
27 pages
Buy 13-Inch MacBook Air - Apple
No ratings yet
Buy 13-Inch MacBook Air - Apple
1 page
Macromolecules Rice
No ratings yet
Macromolecules Rice
47 pages
OSRIC Players Guide
100% (3)
OSRIC Players Guide
180 pages
Introduction to Cost Accounting
No ratings yet
Introduction to Cost Accounting
36 pages
Nanomagnetism for Researchers
No ratings yet
Nanomagnetism for Researchers
32 pages
Malcks Set Guide
No ratings yet
Malcks Set Guide
25 pages
User Manual ROADCAM PRO 4K Ultra HD Dashcam With App Control BT532966E - V1 - r1
No ratings yet
User Manual ROADCAM PRO 4K Ultra HD Dashcam With App Control BT532966E - V1 - r1
32 pages
Sperre HL2 105
No ratings yet
Sperre HL2 105
1 page
Achard Et Al 2002-Determination of Deforestation
100% (2)
Achard Et Al 2002-Determination of Deforestation
5 pages
Chapter - 1 Economics The Story of Village Palampur: Portal For CBSE Notes, Test Papers, Sample Papers, Tips and Tricks
0% (1)
Chapter - 1 Economics The Story of Village Palampur: Portal For CBSE Notes, Test Papers, Sample Papers, Tips and Tricks
2 pages
Terrace Waterproofing Guide
No ratings yet
Terrace Waterproofing Guide
6 pages
Consolidated Financial Statement Guide
100% (1)
Consolidated Financial Statement Guide
3 pages
Group 6 STS Written Report
No ratings yet
Group 6 STS Written Report
11 pages
Serhii Konowalow
No ratings yet
Serhii Konowalow
2 pages
Chapter 1 EP Answers
No ratings yet
Chapter 1 EP Answers
10 pages
Chapter 10
No ratings yet
Chapter 10
9 pages
Jee Adv Class2
No ratings yet
Jee Adv Class2
4 pages
Class 8 English1
No ratings yet
Class 8 English1
48 pages
Islamic Inheritance Guide
No ratings yet
Islamic Inheritance Guide
34 pages
Redox Titration
No ratings yet
Redox Titration
3 pages
Problem Solution Pattern Mayvel
No ratings yet
Problem Solution Pattern Mayvel
12 pages
Oop DS U3
No ratings yet
Oop DS U3
17 pages
viewNitPdf 4453283
No ratings yet
viewNitPdf 4453283
16 pages
Ballistic Calibration
No ratings yet
Ballistic Calibration
4 pages
ICT 34: Data Structures & Algorithms
No ratings yet
ICT 34: Data Structures & Algorithms
9 pages
Public Health & Nutrition Expert
No ratings yet
Public Health & Nutrition Expert
1 page
The Lady of Shalott Analysis
100% (2)
The Lady of Shalott Analysis
5 pages
Needful Things Stephen King PDF Download
0% (1)
Needful Things Stephen King PDF Download
29 pages