An internal auditor has been asked to join a project team to help design controls in a software application to address specific risks that have been identified by the team Which of the following actions is most appropriate for the internal auditor to perform?

The chief audit executive (CAE) for a manufacturing company included in this year s audit plan a review of the company's laboratory, using an experienced external service provider. The audit plan was approved by the audit committee without any changes At the time of engaging the external service provider, the CAE also secured the approval from the CEO. Who is responsible for ensuring that the conclusions reached for this exercise are adequately supported7

An internal auditor is planning an engagement at a financial institution. Toe engagement objective is to identify whether loans were granted in accordance with the organization's policies. When of the following approaches would provide the auditor with the best information?

While conducting an audit of a third party's Web-based payment processor, an internal auditor discovers that a programming error allows customers to create multiple accounts for a single mailing address. Management agrees to correct the program and notify customers with multiple accounts that the accounts will be consolidated. Which of the following actions should the auditor take?
1. Schedule a follow-up review to verify that the program was corrected and the accounts were consolidated.
2. Evaluate the adequacy and effectiveness of the corrective action proposed by management.
3. Amend the scope of the subsequent audit to verify that the program was corrected and that accounts were consolidated.
4. Submit management's plan of action to the external auditors for additional review.

During an assurance engagement, an internal auditor discovered that a sales manager approved numerous sales contracts for values exceeding his authorization limit. The auditor reported the finding to the audit supervisor, noting that the sales manager had additional new contracts under negotiation. According to IIA guidance, which of the following would be the most appropriate next step?