A2 M7-8
An auditor's primary consideration regarding an entity's internal control is whether the controls: a. Affect the financial statement assertions b. Prevent management override c. Relate to the control environment d. Reflect management's philosophy and operating style
a. Affect the financial statement assertions Explanation: An auditor's primary consideration regarding an entity's internal control is whether the controls affect the financial statement assertions (to evaluate the risk that a material misstatement may exist in the financial statements).
In obtaining an understanding of the entity and its environment, including its internal control, an auditor is required to obtain knowledge about the: a. Design of relevant internal controls pertaining to financial reporting in each of the five internal control components b. Effectiveness of the internal controls that have been placed in operation c. Consistency with which the internal controls are currently being applied d. Controls related to each principal transaction class and account balance
a. Design of relevant internal controls pertaining to financial reporting in each of the five internal control components Explanation: In every audit, the auditor should obtain a sufficient understanding of the design of relevant internal controls pertaining to financial reporting in each of the five internal control components.
Internal control over safeguarding of assets may include controls relating to: a. Financial reporting objectives: Yes, Operations Objectives: Yes, Compliance Objectives: No b. Financial reporting objectives: No, Operations Objectives: Yes, Compliance Objectives: Yes c. Financial reporting objectives: Yes, Operations Objectives: No, Compliance Objectives: No d. Financial reporting objectives: No, Operations Objectives: No, Compliance Objectives: Yes
a. Financial reporting objectives: Yes, Operations Objectives: Yes, Compliance Objectives: No Explanation: Internal control over safeguarding of assets may relate to both financial reporting and operations objectives. For example, controls related to financial reporting might include: - Use of a lockbox system for collecting cash, or - Passwords for limiting access to accounts receivable data files. Controls related to operations might include controls to prevent the excess use of materials in production. Internal control over safeguarding of assets generally would not relate to compliance objectives. (Note that the auditor generally would only be concerned with the controls relevant to financial reporting, but this question does not ask which controls are important to the auditor.)
In planning an audit, the auditor's knowledge about the design of relevant internal controls should be used to: a. Identify the types of potential misstatements that could occur b. Assess the operational efficiency of internal control c. Determine whether controls have been circumvented by collusion d. Document the assessed level of control risk
a. Identify the types of potential misstatements that could occur Explanation: Knowledge about the design and implementation of relevant internal controls should be used to identify types of misstatements that could occur.
The primary objective of procedures performed to obtain an understanding of the entity and its environment is to provide an auditor with: a. Knowledge necessary for risk assessment and audit planning b. Audit evidence to use is assessing inherent risk c. A basis for issuing an opinion on the financial statements d. An evaluation of the consistency of application of management's policies
a. Knowledge necessary for risk assessment and audit planning Explanation: The auditor should obtain an understanding of the entity and its environment sufficient to assess the risk of material misstatement and to design and perform further audit procedures.
Manual controls would most likely be more suitable than automated controls for which of the following? a. Large, unusual, or nonrecurring transactions b. High-volume transactions that require additional calculations c. Situations with routine errors that can be predicted and corrected d. Circumstances that require a high degree of accuracy
a. Large, unusual, or nonrecurring transactions Explanation: Manual controls would most likely be more suitable than automated controls for large, unusual, or nonrecurring transactions.
When performing analytical procedures in the planning stage, the auditor most likely would develop expectations by reviewing which of the following sources of information? a. Unaudited information from internal quarterly reports b. Various account assertions in the planning memorandum c. Comments in the prior-year's management letter d. The control risk assessment relating to specific financial assertions
a. Unaudited information from internal quarterly reports Explanation: Analytical procedures involve comparison of recorded amounts to independent expectations developed by the auditor. During the planning stage, analytical procedures generally use financial data, such as unaudited information from internal quarterly reports.
The objective of performing analytical procedures in planning an audit is to identify the existence of: a. Unusual transactions and events b. Acts of noncompliance with laws and regulations that went undetected because of internal control weaknesses c. Related party transactions d. Recorded transactions that were not properly authorized
a. Unusual transactions and events Explanation: The objective of performing analytical procedures during planning is to discover unusual transactions or events that may have an impact on the planning of the financial statement audit.
In which of the following scenarios would an auditor most likely increase tests of controls? a. When the client's IT system is extensively integrated throughout the company's accounting system b. When the client's accounting system is largely based on manual processes c. When the auditor has decided not to rely on internal controls and instead elects to increase substantive testing d. When the auditor's assessment of inherent risk is low
a. When the client's IT system is extensively integrated throughout the company's accounting system Explanation: When a client's IT system is extensively integrated throughout the company's accounting system, evidence for a substantive audit test may not be available and the auditor will have to rely more heavily on tests of internal controls related to the IT system.
In an audit of financial statements, an auditor's primary consideration regarding internal control is whether the control: a. Reflects management's philosophy and operating style b. Affects management's financial statement assertions c. Provides adequate safeguards over access to assets d. Enhances management's decision-making process
b. Affects management's financial statement assertions Explanation: Assessing control risk is the process of evaluating the effectiveness of an entity's internal control in preventing or detecting material misstatements in the financial statements.
An auditor compared the current-year gross margin with the prior-year gross margin to determine if cost of sales is reasonable. What type of audit procedure was performed? a. Test of transactions b. Analytical procedures c. Test of controls d. Test of details
b. Analytical procedures Explanation: Analytical procedures are evaluations of financial information made by a study of plausible relationships among data, and they include comparisons between current year and prior year financial information.
Which of the following is an inherent limitation of internal controls? a. Judgmental sampling b. Collusion c. Segregation of duties d. Employee peer review
b. Collusion Explanation: Inherent limitations of internal control include collusion, human error, and management override.
Which of the following procedures would an auditor most likely perform in planning a financial statement audit? a. Inquiring of the client's legal counsel concerning pending litigation b. Comparing the financial statements to anticipated results c. Examining computer generated exception reports to verify the effectiveness of internal controls d. Searching for unauthorized transactions that may aid in detecting unrecorded liabilities
b. Comparing the financial statements to anticipated results Explanation: A requirement during planning is to perform analytical procedures, which involve comparisons of recorded amounts to expectations.
Which of the following items is an example of an inherent limitation in an internal control system? a. Segregation of employee duties b. Human error in decision making c. Ineffective board of directors d. Understaffed internal audit functions
b. Human error in decision making Explanation: Human error in decision making is an example of inherent limitation in an internal control system. Internal control, no matter how effective, has inherent limitations. Inherent limitations in internal control recognize the realities that human judgment in decision making can be faulty and that breakdowns in internal control can occur because of human error. These limitations in internal control prevent auditors from providing absolute assurance about an internal control system.
Management's attitude toward aggressive financial reporting and its emphasis on meeting projected profit goals most likely would significantly influence an entity's control environment when: a. External policies established by parties outside the entity affect its accounting policies b. Management is dominated by one individual who is also a shareholder c. Internal auditors have direct access to the board of directors and the entity's management d. Those charged with governance are active in overseeing the entity's financial reporting policies
b. Management is dominated by one individual who is also a shareholder Explanation: When management is dominated by one individual who is also a shareholder, there may be an opportunity for management to override control procedures.
Which of the following are considered internal control environment factors? a. Detection risk, management philosophy, personnel policies, and accounting systems b. Management philosophy and personnel policies c. Detection risk and accounting systems d. Neither detection risk, management philosophy, personnel policies, nor accounting systems
b. Management philosophy and personnel policies Explanation: Management's philosophy and human resource policies are both factors included in the control environment.
Which of the following procedures would an auditor most likely perform to identify unusual sales transactions? a. Tracing credits in the accounts receivable ledger to source documentation b. Performing a trend analysis of quarterly sales c. Examining duplicate sales invoices for credit approval by the credit manager d. Tracing cash receipt entries to the bank statement deposit for amount and date
b. Performing a trend analysis of quarterly sales Explanation: An auditor is most likely to perform a trend analysis of quarterly sales to identify unusual sales transactions. This is considered an analytical procedure.
An auditor should obtain sufficient knowledge of an entity's information system relevant to financial reporting to understand the: a. Safeguards used to limit access to computer facilities b. Process used to prepare significant accounting estimates c. Procedures used to assure proper authorization of transactions d. Policies used to detect the concealment of fraud
b. Process used to prepare significant accounting estimates Explanation: The auditor should obtain sufficient knowledge of the client's information system relevant to financial reporting to understand the types of transactions processed, and how the transactions are initiated, recorded and summarized. Included in the information system relevant to financial reporting is the preparation of significant accounting estimates.
Which of the following situations represents a limitation, rather than a failure, of internal control? a. A jewelry store employee steals a small necklace from a display cabinet b. A bank teller embezzles several hundred dollars from the cash drawer c. A purchasing employee and an outside vendor participate in a kickback scheme d. A movie theater cashier sells reduced-price tickets to full-paying customers and pockets the difference
c. A purchasing employee and an outside vendor participate in a kickback scheme Explanation: Even a well-designed internal control system has its limitations. One example of a limitation of internal control includes deliberate circumvention of controls by collusion of two or more people, such as when a purchasing employee and an outside vendor participate in a kickback scheme. Other limitations of internal controls include human error and management override of control.
Which of the following statement is true regarding the risk assessment component of internal control? a. An auditor evaluates an entity's risk assessment because it is a component of overall risk in a financial statement audit b. An auditor's evaluation of an entity's risk assessment may not be applicable to the audit of every entity c. An auditor evaluates an entity's risk assessment to understand how management addresses risks relevant to financial reporting d. An auditor need not consider an entity's risk assessment because he or she is primarily concerned with audit risk in a financial statement audit.
c. An auditor evaluates an entity's risk assessment to understand how management addresses risks relevant to financial reporting Explanation: The auditor needs to understand how management addresses risks relevant to financial reporting in order to properly plan the audit.
An auditor is required to document the auditor's understanding of the: I. Entity's control activities that ensure management directives are carried out; II. Entity's control environment factors that help the auditor plan the engagement a. I only b. II only c. Both I and II d. Neither I nor II
c. Both I and II Explanation: The auditor should document key elements of the understanding of the entity and its environment, including each of the five components of internal control. The five components include the entity's control activities and the entity's control environment.
The overall attitude and awareness of those charged with governance (i.e., an entity's board of directors) concerning the importance of internal control usually is reflected in its: a. Computer-based controls b. System of segregation of duties c. Control environment d. Safeguards over access to assets
c. Control environment Explanation: The control environment reflects the overall attitude, awareness and actions of those charged with governance (i.e., the board of directors, management, owners, and others) concerning the importance of control and its emphasis in the entity.
Internal control includes which of the following components: a. Control environment: Yes, Monitoring: No; Information and Communication Systems: No, Risk Assessment: Yes b. Control environment: No, Monitoring: No; Information and Communication Systems: Yes, Risk Assessment: Yes c. Control environment: Yes, Monitoring: Yes; Information and Communication Systems: Yes, Risk Assessment: Yes d. Control environment: No, Monitoring: Yes; Information and Communication Systems: No, Risk Assessment: No
c. Control environment: Yes, Monitoring: Yes; Information and Communication Systems: Yes, Risk Assessment: Yes Explanation: In addition, "control activities" rounds out the five components of internal control.
Analytical procedures used in planning an audit should focus on: a. Reducing the scope of tests of controls and substantive tests b. Providing assurance that potential material misstatements will be identified c. Enhancing the auditor's understanding of the client's business d. Assessing the adequacy of the available audit evidence
c. Enhancing the auditor's understanding of the client's business Explanation: Analytical procedures used in planning the audit should focus on enhancing the auditor's understanding of the client's business and the transactions and events that have occurred since the last audit date.
Which of the following is a management control method that most likely could improve management's ability to supervise company activities effectively? a. Monitoring compliance with internal control requirements imposed by regulatory bodies b. Limiting direct access to assets by physical segregation and protective devices c. Establishing budgets and forecasts to identify variances from expectations d. Supporting employees with the resources necessary to discharge their responsibilities
c. Establishing budgets and forecasts to identify variances from expectations Explanations: The use of budgets and forecasts to identify variances improves managers' ability to supervise company activities. Variances from budgets serve as signals to managers that a potential problem exists.
Which of the following is a complete and accurate list of the walkthrough procedures usually performed in an issuer's integrated audit? a. Inquiry, observation, analytical procedures, and testing of controls b. Inquiry, sampling, analytical procedures, and testing of controls c. Inquiry, observation, inspection of relevant documentation, and reperformance of controls d. Inquiry, inspection of relevant documentation, and reperformance of controls
c. Inquiry, observation, inspection of relevant documentation, and reperformance of controls Explanation: Walkthrough procedures usually performed in an issuer's integrated audit include inquiry, observation, inspection of relevant documentation, and reperformance of controls.
Which of the following is a component of internal control? a. Financial reporting b. Operating effectiveness c. Risk assessment d. Organizational structure
c. Risk assessment Explanation: Risk assessment is a component of internal control. The other four components of internal control are control environment, information and communications systems, monitoring, and existing control activities.
Of the following nonfinancial information, what would an auditor most likely consider in performing analytical procedures during the planning phase of an audit? a. Turnover of personnel in the accounting department b. Objectivity of audit committee members c. Square footage of selling space d. Management's plans to repurchase stock
c. Square footage of selling space Explanation: When performing analytical procedures, the auditor considers relevant nonfinancial information, which generally is related to financial data in some way. For example, a relationship might exist between the square footage of selling space and the level of sales.
Which of the following procedures would a CPA most likely perform in the planning stage of a financial statement audit? a. Obtain representations from management regarding the availability of all financial records b. Communicate with those charged with governance concerning the prior year's audit adjustments c. Make inquiries of the client's attorney regarding pending and threatened litigation and assessments d. Compare recorded financial information with anticipated results from budgets and forecasts
d. Compare recorded financial information with anticipated results from budgets and forecasts Explanation: The planning process should include application of analytical procedures, such as comparison of the financial statements with budgeted or anticipated results.
The auditor should obtain sufficient knowledge of the client's information and communication system relevant to financial reporting to understand all of the following, except: a. Classes of transactions in the entity's operations that are significant to the financial statements, and how those transactions are processed, from initiation to inclusion in the financial statements b. The financial reporting process, including development of significant accounting estimates and inclusion of appropriate disclosures c. The means the entity uses to communicate roles, responsibilities, and significant matters relating to financial reporting d. Control activities related to each account balance, transaction class, and disclosure component in the financial statements or to every assertion relevant to them
d. Control activities related to each account balance, transaction class, and disclosure component in the financial statements or to every assertion relevant to them Explanation: Ordinarily, audit planning does not require an understanding of the control activities related to each account balance, transaction class, and disclosure component in the FS or to every assertion relevant to them.
Which of the following procedures most likely would provide an auditor with evidence about whether an entity's internal control activities are suitably designed to prevent or detect material misstatements? a. Reperforming the activities for a sample of transactions b. Performing analytical procedures using data aggregated at a high level c. Vouching a sample of transactions d. Observing the entity's personnel applying the activities
d. Observing the entity's personnel applying the activities Explanation: Observation and inspection may be used to evaluate the design of controls. Observation of entity personnel applying control activities is a procedure that would likely provide evidence about the design of the activities.
Which of the following factors are included in an entity's control environment? a. Participation of those charged with governance: Yes, Management philosophy: Yes, Organizational structure: No b. Participation of those charged with governance: Yes, Management philosophy: No, Organizational structure: Yes c. Participation of those charged with governance: No, Management philosophy: Yes, Organizational structure: Yes d. Participation of those charged with governance: Yes, Management philosophy: Yes, Organizational structure: Yes
d. Participation of those charged with governance: Yes, Management philosophy: Yes, Organizational structure: Yes Explanation: An entity's control environment includes participation of those charged with governance, management's philosophy, and the organizational structure.
Proper segregation of duties reduces the opportunities to allow persons to be in positions to both: a. Journalize entries and prepare financial statements b. Record cash receipts and cash disbursements c. Establish internal controls and authorize transactions d. Perpetrate and conceal errors and fraud
d. Perpetrate and conceal errors and fraud Explanation: Segregation of duties reduces the opportunity to allow any person to be in a position to both perpetrate and conceal errors and fraud in the normal course of duties.
An auditor obtains knowledge about a new client's business and its industry to: a. Make constructive suggestions concerning improvements to the client's internal control b. Develop an attitude of professional skepticism concerning management's financial statement assertions c. Evaluate whether the aggregation of identified misstatements causes the financial statements taken as a whole to be materially misstated d. Understand the events and transactions that may have an effect on the client's financial statements
d. Understand the events and transactions that may have an effect on the client's financial statements Explanation: The auditor should obtain knowledge of the client's business and its industry in order to determine the effect of transactions, events, and practices on the client's financial statements.
In which of the following circumstances would an auditor expect to find that an entity implemented automated controls to reduce risks of misstatement? a. When errors are difficult to predict b. When misstatements are difficult to define c. When, large, unusual, or nonrecurring transactions require judgment d. When transactions are high-volume and recurring
d. When transactions are high-volume and recurring Explanation: Automated controls are more suitable than manual controls where transactions are high-volume and recurring.
