Accounting 344 Ch 7 Review Questions
C. A primary objective of procedures performed to obtain an understanding of internal control is to provide the auditors with: (1) Knowledge necessary to determine the nature, timing, and extent of further audit procedures. (2) Audit evidence to use in reducing detection risk. (3)A basis for modifying tests of controls. (4) An evaluation of the consistency of application of management policies.
1
G. When a CPA decides that the work performed by internal auditors may have an effect on the nature, timing, and extent of the CPA's procedures, the CPA should consider the competence and objectivity of the internal auditors. Relative to objectivity, the CPA should: (1) Consider the organizational level to which the internal auditors report the results of their work. (2) Review the internal auditors' work. (3) Consider the qualifications of the internal audit staff. (4) Review the training program in effect for the internal audit staff.
1
I. Which of the following is not an advantage of establishing an enterprise risk management system within an organization? (1) Reduces operational surprises. (2) Provides integrated responses to multiple risks. (3) Eliminates all risks. (4) Identifies opportunities.
3
B. Complementary control
2
D. An auditor may compensate for a weakness in internal control by increasing the extent of: (1) Tests of controls. (2) Detection risk. (3) Substantive tests of details. (4) Inherent risk.
3
C. Corrective control
1
G. Transaction cycle
10
F. Walk-through
11
A. Compensating control
3
F. See Book
4
E. Material weakness in internal control
5
22. Distinguish between the two subsections of Section 404 of the Sarbanes-Oxley Act of 2002.
Part A) The company gives a public Statement about Internal Controls. Part B) Auditors give a public statement about internal controls
e. You are performing an audit of Systex Corporation and evaluating various controls. Classify the following controls as being primarily preventive (P), detective (D), or corrective (C). Explain your answers. Dual signatures for checks.
Preventive
35. A. Which of the following would be least likely to be considered an objective of internal control? (1) Checking the accuracy and reliability of accounting data. (2) Detecting management fraud. (3) Encouraging adherence to managerial policies. (4) Safeguarding assets.idered an objective of internal control?
2
1. What is Internal Control?
A process brought about by a companies board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the categories of (1) operations (2) reporting (3) compliance. COSO says the objectives for Internal Controls are: 1. Accurate & Reliable Fin. Records (auditors are most concerned with this) 2. Efficient & Effective Procedures (Internal auditors are most concerned with this) 3. Compliance With laws & Procedures Basically it is making sure that employees do not misappropriate assets (stealing), fraudulant financial reporting, and making sure that business process are performed correctly and compliance with the law happens.
H. Effective internal control in a small company that has an insufficient number of employees to permit proper separation of responsibilities can be improved by: (1)Employment of temporary personnel to aid in the separation of duties. (2) Direct participation by the owner in key record keeping and control activities of the business. (3) Engaging a CPA to perform monthly write-up work. (4) Delegation of full, clear-cut responsibility for a separate major transaction cycle to each employee.
2
J. Which of the following is not ordinarily a procedure for documenting an auditor's understanding of internal control for planning purposes? (1) Checklist. (2) Confirmation. (3) Flowchart. (4) Questionnaire.
2
B. An entity's ongoing monitoring activities often include: (1)Periodic audits by internal auditors. (2)The audit of the annual financial statements. (3)Approval of cash disbursements. (4)Management review of weekly performance reports.
4
f. You are performing an audit of Systex Corporation and evaluating various controls. Classify the following controls as being primarily preventive (P), detective (D), or corrective (C). Explain your answers. Adjustment of perpetual inventory records to physical counts.
Corrective
36. a. You are performing an audit of Systex Corporation and evaluating various controls. Classify the following controls as being primarily preventive (P), detective (D), or corrective (C). Explain your answers. Annual Physical Inventory.
Detective
b. You are performing an audit of Systex Corporation and evaluating various controls. Classify the following controls as being primarily preventive (P), detective (D), or corrective (C). Explain your answers. Monthly reconciliation of bank accounts.
Detective
g. You are performing an audit of Systex Corporation and evaluating various controls. Classify the following controls as being primarily preventive (P), detective (D), or corrective (C). Explain your answers. Management review of budget/actual information.
Detective
h. You are performing an audit of Systex Corporation and evaluating various controls. Classify the following controls as being primarily preventive (P), detective (D), or corrective (C). Explain your answers. Internal audits of payroll.
Detective
c. You are performing an audit of Systex Corporation and evaluating various controls. Classify the following controls as being primarily preventive (P), detective (D), or corrective (C). Explain your answers. Segregation of duties over purchasing.
Preventive
4. How does separation of the record keeping function from custody of assets contribute to internal control?
This will contribute because it will decrease the likely hood of fraud. For example, when someone has the power to oversee physical assets they should not be able to keep records as well. If an asset were to go missing that individual could then change records to make it appear as if they had never received the asset or never had it.
K. To have an adequate basis to issue a management report on internal control under Section 404(a) of the Sarbanes-Oxley Act, management must do all of the following, except: (1) Establish internal control with no material weakness. (2) Accept responsibility for the effectiveness of internal control. (3) Evaluate the effectiveness of internal control using suitable control criteria. (4) Support the evaluation with sufficient evidence.
1
2. Identify the five components of an organization's internal control.
1. Control Environment 2. Risk Assessment 3. Control Activities 4. The accounting information system, 5. Monitoring
D. Deficiency in internal control
7
d. You are performing an audit of Systex Corporation and evaluating various controls. Classify the following controls as being primarily preventive (P), detective (D), or corrective (C). Explain your answers. Supervisory approval of time cards.
Preventive
E. Controls over financial reporting are often classified as preventative, detective, or corrective. Which of the following is an example of a detective control? (1) Segregation of duties over cash disbursements. (2) Requiring approval of purchase transactions. (3) Preparing bank reconciliations. (4) Maintaining backup copies of key transactions.
3
L. When the auditors are performing a first-time internal control audit in accordance with the Sarbanes-Oxley Act and PCAOB standards, they should: (1) Modify their report for any significant deficiencies identified. (2) Use a "bottom-up" approach to identify controls to test. (3) Test controls for all significant accounts. (4) Perform a separate assessment of controls over operations.
3