1 - Audit Stds & Engmt Planning
An auditor has determined a $10 million materiality level for a client's balance sheet and a $3 million materiality level for the client's income statement. As a result, the auditor will consider items in the audit to be material if they individually or collectively could result in a misstatement of
3 mill The lower the assessed level of materiality applied in an audit, the more thorough the auditor will be since procedures will be applied to items that are less significant than when materiality levels are set higher. If different materiality thresholds are determined for the income statement and the balance sheet, the lower amount, $3 million in this case, will be applied to make certain that the audit is sufficiently thorough such that neither statement will be materially misstated.
Define reasonable assurance
A high, but *not* absolute, level of assurance to allow an auditor to detect a material misstatement.
Which of the following situations represents a risk factor that relates to misstatements arising from misappropriation of assets?
A lack of independent checks. A lack of independent checks, such as a lack of inventory test counts or not reconciling the checking account, could result in asset misappropriations going undetected. A high turnover of senior management, a strained relationship between management and the predecessor, and the inability to generate cash flows from operations, are more indicative of fraudulent financial reporting than misappropriation of assets.
Which of the following describes the relationship between an increase or decrease in one of the following and how the auditor will assess the level of materiality to be used in an audit: Audit Risk Detection Risk Inherent Risk DIRECT or INVERSE
AUDIT RISK is the risk that the auditor will issue an inappropriate opinion when the material misstatement can be decreased by performing a more thorough audit. Decreasing audit risk would be associated with a decrease in the assessed level of materiality, which would require the auditor to look at smaller items DIRECT. Similarly, the auditor reduces DETECTION RISK by performing a more thorough audit, implying a lower assessed level of materiality DIRECT. Unlike audit risk and detection risk, INHERENT RISK is INVERSE is based on the nature of the items on the entity's financial statements and is not within the control of the auditor. As inherent risk, the risk that an item will be materially misstated if there are no controls in place, decreases, the risk that the financial statements will be materially misstated also decreases and the auditor will be able to achieve an acceptable level of assurance despite performing a less thorough audit. This would indicate increasing the assessed level of materiality to be applied in the audit as the auditor will limit procedures to the more significant aspects.
An auditor's primary consideration regarding an entity's internal control structure policies and procedures is whether the policies and procedures
Affect the financial statements. All audit procedures contribute to the goal of expressing an opinion on the financial statements.
From the following, choose the statement(s) which describe an inherent risk in an audit: I. The financial statements include assets which are highly susceptible to theft. II. The financial statements include items which are complex or involve very high volumes of transactions. III. The financial statements include assets which require significant estimates requiring high levels of judgement to determine their carrying values.
All deee abuvvvv
What is fraud?
An intentional act committed for the purpose of deceiving another and may or may not involve criminal intent
audit risk = [RMM(IRxCR) x DR] can be stated in what terms Qualitative, Quantitative, or Both?
Both
An auditor of a nonissuer is most likely to conclude that a misstatement identified during an audit that is below the quantitative materiality limit is qualitatively material if it
Changes the company's operating results from a net loss to a net income.
Compliance audits
Compliance audits are designed to determine if an entity is complying with laws and regulations, such as tax audits performed by the Internal Revenue Service.
What procedure would an auditor most likely perform during an audit engagement's overall review stage in formulating an opinion on an entity's financial statements?
Consider whether the results of audit procedures affect the RMM risk of material misstatement due to FRAUD
What procedures would be most effective in reducing attestation risk?
EXAMINATION OF EVIDENCE would be most effective in reducing attestation risk, which, similar to audit risk, is the risk that the CPA will not identify and report on something that should be identified and reported upon. Types of audit evidence may include discussions with responsible individuals, inquiries of senior management, and the performance of analytical procedures.
Which of the following is an element of a CPA firm's quality control policies and procedures applicable to the firm's accounting and auditing practice?
Engagement performance.
What action would a CPA firm take to comply with the AICPA's quality control standards?
Establish policies to ensure that audit work meets applicable professional standards
Inherent risk and control risk differ from detection risk in that they
Exist independently of the financial statement audit
Control risk should be assessed in terms of
Financial Statement Assertions Financial Statements ARE assertions made by management control risk is assessed in terms of whether controls will provide reasonable assurance that management's assertions are valid A misstatement on financial statements occurs when an assertion made by management is contradicted by audit evidence
Financial statement audits
Financial statement audits are designed to determine if financial reports are prepared in conformity with an applicable financial reporting framework.
A person serving as the financial reporting expert will not be considered an expert if the only factor attributing to their expertise is:
Having served on another issuer's audit committee or disclosure committee of the BOD
Choose the correct statement(s), if any, regarding fraud risk factor(s) from the following: I. Needlessly complex transactions present an opportunity for fraud. II. Ineffective oversight by those charged with governance provides an incentive for fraud. III. Stock options that expire soon after the release of financial statements present an opportunity for fraud.
I. Needlessly complex transactions present an opportunity for fraud. TRUE II. Makes fraud easier, does not provide an incentive FALSE III. Provides an incentive, not an opportunity FALSE
When an auditor assesses control risk at the maximum level, the auditor is required to document the auditor's I. Understanding of the entity's accounting system II. Basis for concluding that control risk is at the maximum level
II. Basis for concluding that control risk is at the maximum level
How should an auditor's consideration of the possibility of noncompliance (illegal acts) by clients be handled
If specific information concerning noncompliance (illegal acts) comes to the auditor's attention, the auditor should apply audit procedures specifically directed to ascertaining whether an illegal act has occurred.
The Auditing Standards Board's statements on Quality Control Standards pertain to implementation at the firm level, implementation at the engagement level, or are uniformly required?
Implementation at the firm level depends on the size of the firm, the nature of the firm's practice, and cost-benefit constraints
Choose the incentive(s) for fraud, if any, listed below: I. Promotions, compensation, or other rewards inconsistent with expectations. II. Access to valuable inventory that is easy to resell. III. Known or anticipated layoffs.
Incentives are the reasons that individuals commit fraud, which may be to make their performance appear better than it actually was to earn promotions, compensation, or other rewards; or to obtain resources in anticipation of layoffs. Access to valuable inventory creates the opportunity to commit fraud but would not be the incentive.
An auditor may decide to assess control risk at the maximum level for certain assertions because the auditor believes
Internal controls are weak and/or Evaluating the effectiveness of policies and procedures is inefficient.
The Clarity Standards require that each standard will consist of: (6 things)
Introduction Objectives Definitions Requirements Application and Other explanatory material (provides guidance, further explanations, and suggestions as to how to go about complying with the standard)
Detection risk differs from inherent risk and control risk in that
It can be changed at any time at the auditor's discretion Detection risk is the risk that a material misstatement will not be detected by the performance of an audit procedure. This can be changed by the auditor by changing the nature, timing, or extent of audit procedures applied. The more effective the audit procedures, for example, the lower detection risk will be. It is affected by the audit, not independent of it. Inherent risk and control risk arise from risk factors relating to fraud. Detection risk can be assessed in quantitative or nonquantitative terms.
What would indicate to an auditor that a material misstatement may be fraudulent
Management wanting to maintain earning trends and adopting aggressive accounting practices to achieve them
What event would likely cause a cpa to decide not to accept a new audit engagement?
Management's disregard of its responsibility to maintain an adequate internal control environment. Management accepting its responsibilities for the preparation and fair presentation of the financial statements; and for the design, implementation, and maintenance of internal control are preconditions to the acceptance of an audit engagement and management's refusal to accept these responsibilities would require the auditor to reject the engagement
What is meant by the term generally accepted auditing standards for a PCAOB audit?
Measures of the quality of the auditor's performance
In general, can an auditor perform nonattest services for an audit client under PCAOB standards?
No
How does the auditor obtain an understanding of internal control when assessing control risk? (two words)
Observance and Re-performance
Operational audits
Operational audits, often performed by internal auditors and governmental auditors, are designed to determine if an entity is operating as it is expected to, including the execution of duties in accordance with the entity's internal control policies and procedures.
What does the Fraud Triangle consist of
Opportunity, Incentive, Rationalization
As the acceptable level of detection risk decreases, the assurance directly provided from
Substantive Testing INCREASES The auditor performs substantive tests to address detection risk. When detection risk is higher than acceptable, it is decreased by increasing substantive testing. Substantive testing can be decreased when the risk of material misstatement is low and a high level of detection risk is acceptable. Tests of controls are performed in the evaluation of control risk and are not related to detection risk.
A statement that would be included in an engagement letter from an auditor to a client?
The CPA firm will involve information technology specialists in the performance of the audit. A statement that limits the auditors responsibility to detect errors and fraud (ie "management's responsibility - auditor's responsibility is limited") Management's acknowledgement of its responsibility for designing, maintaining, and implementing effective internal controls
An auditor has performed certain bookkeeping and other nonattest services that are not prohibited by interpretations to Rule 101 of the AICPA Code of Professional Conduct for a potential audit client. The auditor has established and documented an understanding with the client and the client has agreed to assume all management responsibility, to oversee the services and designate an individual within the organization to do so, to evaluate the adequacy of the services, and accept responsibility for the results. Can the auditor perform the audit and if so, under what standards?
The auditor may conduct the audit under GAAS without meeting any additional requirements.
Communicating which of the following to the audit committee is not typically required of an auditor?
The auditor's judgment of management integrity. The auditor evaluates the integrity of management when evaluating whether to accept or continue a client or engagement and, since the accountant is prohibited from associating with a client whose management lacks integrity, it is presumed that management's integrity is not an issue that would be communicated to the audit committee. The auditor is required to communicate significant findings that include qualitative aspects of accounting practices, policies, estimates, and disclosures; disagreements with managements; and any material corrected misstatements.
Quality control policies and procedures that are established to decide whether to accept a new client should provide the CPA firm with reasonable assurance that
The likelihood of associating with clients whose management lacks integrity is minimized.
What is the ultimate purpose of assessing control risk?
The primary objective of assessing control risk is to DETERMINE THE RISK THAT MATERIAL MISSTATEMENTS EXIST IN THE F/S. The higher the control risk, the more likely financial statements are misstated.
What is the conceptual similarity between generally accepted auditing standards and the attestation standards?
The requirement that the CPA be independent in mental attitude is included in both sets of standards.
Materiality levels are generally considered in terms of the smallest aggregate level of misstatement that could be considered material to any one of the financial statements.
To minimize audit risk, the risk of issuing an unmodified report when the financial statements contain a material misstatement, the auditor will consider the smallest aggregate level of misstatement that could be considered material to any of the financial statements and measure materiality against that amount. Analytical procedures do not affect the judgment of materiality. As materiality amounts increase, larger errors become acceptable and the auditor will decrease, not increase, substantive testing. Materiality judgments involve both qualitative and quantitative considerations.
A successor auditor should make specific and reasonable inquiries of the predecessor auditor regarding the predecessor's
Understanding of the reasons for the change in auditors.
What statement would likely not be included in an audit engagement letter?
We will not disclose any advice provided under the terms of this engagement letter to third parties unless instructed to do so. (may be found in a Tax or Consulting Eng Ltr)
A successor auditor should request the new client to authorize the predecessor auditor to allow a review of the predecessor's
Working papers
An important activity to be considered in an attestation engagement is to issue a report about
a firms compliance with laws an regulations
A successor auditor ordinarily should request to review the predecessor's working papers relating to contingencies, or internal control, or both
both
Before accepting an engagement to audit a new client, a CPA must obtain:
consent from the new client to make inquiries of the predecessor auditor
When an auditor increases the planned assessed level of control risk because certain control procedures were determined to be ineffective, the auditor would most likely increase the
extent of test of details When control risk increases, the auditor would decrease detection risk, which is the risk that the auditor won't detect a misstatement.
Assessing control risk below the maximum would involve
identifying internal control structures and policies The auditor will rely on internal controls more and do less substantive testing
An auditor who discovers that a client's employees paid small bribes to municipal officials most likely would withdraw from the engagement if
management fails to take appropriate remedial action