Written by students who passed Immediately available after payment Read online or as PDF Wrong document? Swap it for free 4.6 TrustPilot
logo-home
Exam (elaborations)

NYC MANAGEMENT AUDITOR TRAINEE EXAM - QUESTIONS AND ANSWERS | VERIFIED AND WELL DETAILED ANSWERS | PLUS RATIONALES | GUARANTEED PASS | LATEST EXAM UPDATE

Rating
-
Sold
-
Pages
68
Grade
A+
Uploaded on
08-07-2026
Written in
2025/2026

NYC MANAGEMENT AUDITOR TRAINEE EXAM - QUESTIONS AND ANSWERS | VERIFIED AND WELL DETAILED ANSWERS | PLUS RATIONALES | GUARANTEED PASS | LATEST EXAM UPDATE 1. A city agency processes payments to vendors through an automated system. The system allows a single user to enter a new vendor, approve the vendor, and process a payment to that vendor. Which internal control component is most directly compromised? A. Control environment B. Risk assessment C. Control activities D. Information and communication Answer: C Rationale: Control activities include segregation of duties. Allowing one person to perform all steps from vendor setup to payment violates segregation of duties, a key control activity. The control environment sets the tone, but the specific weakness here is in control activities. 2. During an audit of a housing assistance program, the auditor finds that 15% of sampled recipients had incomes above the eligibility threshold. The error appears concentrated in three of the five boroughs. Which audit procedure would best determine if the overpayments are due to systemic control failures or isolated errors? A. Expand the sample size to 200 recipients and recalculate the error rate. B. Interview program staff in the three boroughs about income verification procedures. C. Perform a regression analysis of error rates against caseload per caseworker. D. Review the IT system logs to see if income data was entered correctly. Answer: C Rationale: Regression analysis can identify whether error rates are associated with factors like caseload, suggesting systemic issues. Simply expanding the sample (A) would not reveal root causes. Interviews (B) may provide context but are less systematic. IT logs (D) address data entry but not broader systemic factors.

Show more Read less
Institution
NYC MANAGEMENT AUDITOR TRAINEE
Course
NYC MANAGEMENT AUDITOR TRAINEE

Content preview

NYC MANAGEMENT AUDITOR TRAINEE EXAM -
QUESTIONS AND ANSWERS | VERIFIED AND
WELL DETAILED ANSWERS | PLUS
RATIONALES | GUARANTEED PASS | LATEST
EXAM UPDATE


1. A city agency processes payments to vendors through an automated system. The system allows a
single user to enter a new vendor, approve the vendor, and process a payment to that vendor.
Which internal control component is most directly compromised?

A. Control environment
B. Risk assessment
C. Control activities
D. Information and communication

Answer: C
Rationale: Control activities include segregation of duties. Allowing one person to perform all steps from
vendor setup to payment violates segregation of duties, a key control activity. The control environment
sets the tone, but the specific weakness here is in control activities.


2. During an audit of a housing assistance program, the auditor finds that 15% of sampled
recipients had incomes above the eligibility threshold. The error appears concentrated in three of
the five boroughs. Which audit procedure would best determine if the overpayments are due to
systemic control failures or isolated errors?

A. Expand the sample size to 200 recipients and recalculate the error rate.
B. Interview program staff in the three boroughs about income verification procedures.
C. Perform a regression analysis of error rates against caseload per caseworker.
D. Review the IT system logs to see if income data was entered correctly.

Answer: C
Rationale: Regression analysis can identify whether error rates are associated with factors like caseload,
suggesting systemic issues. Simply expanding the sample (A) would not reveal root causes. Interviews
(B) may provide context but are less systematic. IT logs (D) address data entry but not broader systemic
factors.


3. An auditor is evaluating the design of controls over a grant program. The program manager
states that all grant applications are reviewed for completeness by a clerk, then approved by a
supervisor. However, the auditor observes that the clerk sometimes approves applications when the
supervisor is unavailable. Which type of control deficiency does this represent?




Page 1

,A. Design deficiency
B. Operating deficiency
C. Compliance deficiency
D. Monitoring deficiency

Answer: B
Rationale: An operating deficiency occurs when a control that is properly designed does not operate as
intended. Here, the design requires supervisor approval, but in practice the clerk bypasses it. A design
deficiency (A) would mean the control itself is flawed. Compliance (C) and monitoring (D) are not the
primary issue.


4. In a performance audit of a public transportation agency, the auditor wants to assess the
efficiency of bus route scheduling. Which data analysis technique would best identify routes with
low ridership relative to operating cost?

A. Benford's Law analysis of fare collection data
B. Cost-benefit ratio calculation for each route
C. Trend analysis of ridership over the past five years
D. Stratified sampling of passenger counts by time of day

Answer: B
Rationale: A cost-benefit ratio directly compares operating cost to ridership (benefit), identifying
inefficient routes. Benford's Law (A) is for detecting fraud in numerical data, not efficiency. Trend
analysis (C) shows changes over time but not efficiency. Stratified sampling (D) provides descriptive
data but not a direct efficiency metric.


5. Under the New York City Charter, which entity is primarily responsible for conducting audits of
city agencies?
A. The City Council
B. The Comptroller
C. The Mayor's Office of Operations
D. The Department of Investigation

Answer: B
Rationale: The NYC Comptroller is the chief audit official, responsible for auditing all city agencies. The
City Council (A) has oversight but does not conduct audits. The Mayor's Office (C) manages operations,
and DOI (D) investigates fraud and corruption, not routine audits.


6. An auditor is testing the effectiveness of a control that requires two signatures on checks over
$5,000. The auditor selects a sample of 50 checks over $5,000 and finds that 48 have two signatures.
The two without two signatures were for $5,100 and $5,200. What is the most appropriate
conclusion?

A. The control is operating effectively with a 96% compliance rate.
B. The deviation rate is 4%, which may be tolerable depending on the tolerable deviation rate.
C. The control is ineffective because the deviations involve high-dollar amounts.
D. The auditor should immediately report the two deviations as a material weakness.




Page 2

,Answer: B
Rationale: The sample deviation rate is 4% (2/50). Whether this is acceptable depends on the tolerable
deviation rate set during planning. A 96% compliance rate (A) sounds good but is not the auditor's
primary conclusion; the deviation rate must be compared to the tolerable rate. Materiality (C, D)
requires further analysis.


7. In a compliance audit of a federal grant, the auditor discovers that the grantee used funds to
purchase equipment that was not approved in the grant agreement. Which of the following is the
most appropriate audit report modification?

A. Qualified opinion due to material noncompliance
B. Adverse opinion due to pervasive noncompliance
C. Unmodified opinion with an emphasis-of-matter paragraph
D. Disclaimer of opinion due to scope limitation

Answer: A
Rationale: The use of funds for unapproved equipment is a specific instance of noncompliance that is
material but not pervasive (assuming other areas are compliant). A qualified opinion (A) is appropriate.
An adverse opinion (B) would require pervasive noncompliance. Emphasis-of-matter (C) is for matters
properly presented in financial statements. Disclaimer (D) is for scope limitations.


8. An auditor is using computer-assisted audit techniques (CAATs) to test a population of 10,000
transactions for duplicate payments. Which approach is most efficient and effective?
A. Sort the file by vendor and invoice number, then identify records with duplicate invoice numbers for the
same vendor.
B. Use Benford's Law to identify transactions that deviate from expected digit frequencies.
C. Select a random sample of 200 transactions and manually check for duplicates.
D. Run a regression analysis to predict which transactions are likely duplicates.

Answer: A
Rationale: Sorting by vendor and invoice number and flagging duplicates is a straightforward and
efficient CAAT approach for identifying duplicate payments. Benford's Law (B) is for detecting
anomalies in numerical data, not specifically duplicates. Sampling (C) may miss duplicates. Regression
(D) is complex and not designed for this specific task.


9. Which of the following best describes the concept of 'audit risk' in a government performance
audit?
A. The risk that the auditor will issue an incorrect opinion on the financial statements.
B. The risk that the audit will fail to detect a material misstatement due to fraud.
C. The risk that the auditor's conclusions may be inappropriate based on the audit evidence obtained.
D. The risk that the audited entity will not implement audit recommendations.

Answer: C
Rationale: In performance audits, audit risk is the risk that the auditor's conclusions may be
inappropriate. Options A and B are specific to financial statement audits. Option D is a risk of the entity,
not audit risk.




Page 3

, 10. An auditor is evaluating the reliability of data from a city agency's new case management
system. The system was implemented six months ago, and there have been no known data entry
errors. However, the auditor finds that the system does not have automated validation checks for
key fields. Which conclusion about data reliability is most appropriate?


A. The data is reliable because no errors have been found.
B. The data is not reliable due to lack of controls, regardless of error history.
C. The data may be reliable, but the auditor should perform additional testing to assess accuracy.
D. The data is reliable if the auditor confirms that all data was entered by trained staff.

Answer: C
Rationale: Without automated validation, errors could exist but remain undetected. The absence of known
errors is not sufficient evidence of reliability. Additional testing (e.g., tracing a sample to source
documents) is needed. Option B is too absolute; lack of controls increases risk but does not
automatically render data unreliable. Option D relies on an assumption not tested.


11. A city agency's procurement process for a large IT contract is under audit. The auditor finds
that the agency used a sole-source justification despite having multiple qualified vendors. Which of
the following audit procedures would be MOST effective in determining whether the sole-source
decision was justified?

A. Review the agency's procurement manual for compliance with city procurement rules
B. Interview the procurement officer about the decision-making process
C. Perform a cost-benefit analysis comparing the sole-source contract to competitive bids
D. Examine the technical evaluation criteria used to deem other vendors unqualified

Answer: D
Rationale: The core issue is whether the sole-source justification was valid. Examining the technical
evaluation criteria that led to disqualification of other vendors directly addresses whether the agency
properly assessed alternatives. Options A and B check procedural compliance but not the substantive
justification. Option C is premature without first validating the basis for sole-source.


12. In a performance audit of a city grant program, the auditor discovers that grantees are not
consistently reporting outcomes. Which of the following audit findings is MOST directly supported
by this evidence?

A. The grant program lacks a mechanism to verify reported outcomes
B. Grant funds may have been misused for unauthorized purposes
C. The program's performance cannot be reliably assessed
D. Grantees require additional training on reporting requirements

Answer: C
Rationale: Inconsistent reporting directly undermines the ability to assess program performance, making
option C the most directly supported finding. Option A is a possible underlying cause but not a direct
finding. Option B is not supported without evidence of misuse. Option D is a recommendation, not a
finding.




Page 4

Written for

Institution
NYC MANAGEMENT AUDITOR TRAINEE
Course
NYC MANAGEMENT AUDITOR TRAINEE

Document information

Uploaded on
July 8, 2026
Number of pages
68
Written in
2025/2026
Type
Exam (elaborations)
Contains
Questions & answers

Subjects

$20.99
Get access to the full document:

Wrong document? Swap it for free Within 14 days of purchase and before downloading, you can choose a different document. You can simply spend the amount again.
Written by students who passed
Immediately available after payment
Read online or as PDF

Get to know the seller
Seller avatar
Goldenpass

Get to know the seller

Seller avatar
Goldenpass Arizona university of allied health
View profile
Follow You need to be logged in order to follow users or courses
Sold
-
Member since
2 year
Number of followers
1
Documents
230
Last sold
-

0.0

0 reviews

5
0
4
0
3
0
2
0
1
0

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their tests and reviewed by others who've used these notes.

Didn't get what you expected? Choose another document

No worries! You can instantly pick a different document that better fits what you're looking for.

Pay as you like, start learning right away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

Student with book image

“Bought, downloaded, and aced it. It really can be that simple.”

Alisha Student

Working on your references?

Create accurate citations in APA, MLA and Harvard with our free citation generator.

Working on your references?

Frequently asked questions