Audit - Quiz 2, Component 3
The acceptable level of detection risk is inversely related to the A. Assurance provided by substantive tests. B. Risk of misapplying C. Preliminary judgement about materiality levels. D. risk of failing to discover material misstatements.
A. Assurance provided by substantive tests.
An auditor may decide not to assess control risk at the maximum level for certain assertions because the auditor believes. A. Control policies and procedures are unlikely to pertain to the assertions. B. The entity's control environment, accounting system and control procedures are interrelated. C. Sufficient evidential matter to support the assertions is likely to be available. D. More emphasis on tests of controls than substantive tests is warranted
A. Control policies and procedures are unlikely to pertain to the assertions.
Obtaining an understanding of an entity's internal control structure policies and procedures that are relevant to audit planning, an auditor is required to obtain knowledge about the A. Design of the policies and procedures pertaining to the internal control structure elements B. Effectiveness of the policies and procedures that have been placed in operation C. Consistency with which the policies and procedures are currently being applied D. Control procedures related to each principal transaction class and account balance
A. Design of the policies and procedures pertaining to the internal control structure elements
To what degree, if at all, is a significant deficiency related to a material weakness? A. It is LESS severe than a material weakness. B. It is more severe than a material weakness. C. It is unrelated to a material weakness. D. It is equivalent to a material weakness.
A. It is LESS severe than a material weakness.
Which of the following actions should the auditor take in response to discovering a deviation from the prescribed control procedure? A. Make inquiries to understand the potential consequences of the deviation B. Assume that the deviation is an isolated occurrence without audit significance C. Report the matter to the next higher level of authority within the entity D. Increase sample size of tests of controls
A. Make inquiries to understand the potential consequences of the deviation
A measure of how much risk the auditor is willing to take that the financial statements may be materially misstated after the audit is completed and an unqualified audit opinion has been issued
Acceptable audit risk
The risk that auditor will conclude, based on substantive tests, that a material error does not exist in an account balance when, in fact, such error does exist is referred to as A. Sampling risk B. Detection risk C. Nonsampling risk D. Inherent risk
B. Detection risk
Inherent risk and control risk differ from detection risk in which of the following ways? A. Inherent risk and control risk are calculated by the client B. Inherent risk and control risk exist independently of the audit C. Inherent risk and control risk are controlled by the auditor D. Inherent risk and control risk exist as a result of the auditor's judgement about materiality.
B. Inherent risk and control risk exist independently of the audit
When the operating effectiveness of a control is NOT evidenced by written documentation, an auditor should obtain evidence about the control's effectiveness by. A. Mailing confirmations B. Inquiry and other procedures such as observation C. Analytical Procedures D. Recalculating the balance in related accounts
B. Inquiry and other procedures such as observation
Holding other planning considerations equal, a decrease in the amount of misstatements in a class of transactions that an auditor could tolerate most likely would cause the auditor to A. Apply the planned substantive tests prior to the balance sheet date. B. Perform the planned auditing procedures closer to the balance sheet date. C. Increase the assessed level of control risk for relevant financial statement assertions. D. Decrease the extent of auditing procedures to be applied to the class of transactions.
B. Perform the planned auditing procedures closer to the balance sheet date.
The risk that the auditor or audit firm will suffer harm because of a client relationship, even though the audit report rendered for the client was correct.
Business Risk
The auditor is required to communicate each of the following items to those charged with governance except A. An overview of the planned scope and timing of the audit B. The auditor's responsibilities to complete the audit in accordance with generally accepted auditing standards. C. All control deficiencies detected during the course of the audit D. Any significant findings from the audit
C. All control deficiencies detected during the course of the audit
When assessing control risk at below the maximum level, an auditor is required to document the auditor's understanding of the I. Entity's control activities that help ensure management directives are carried out. II. Entity's control environment factors that help the auditor plan the engagement A. I only B. II only C. Both I and II D. Neither I nor II
C. Both I and II
Which of the following factors should an auditor consider in making a judgement about whether an internal control deficiency is so significant that is a significant deficiency? I. Diversity of the entity's business II. Size of the entity's operations. A. I only B. II only C. Both I and II D. Neither I nor II
C. Both I and II
Which of the following matters would an auditor most likely consider to be a significant deficiency to be communicated to the audit committee (or otherwise those charged with governance)? A. Management's failure to renegotiate unfavorable long-term purchase commitments. B. Recurring operating losses that may indicate going concern problems. C. Evidence of a lack of objectivity by those responsible for accounting decisions D. Management's current plans to reduce its ownership equity in the entity
C. Evidence of a lack of objectivity by those responsible for accounting decisions
Inherent risk and control risk differ from detection risk in that they A. Arise from the misapplication of auditing procedures. B. May be assessed in either quantitative or nonquantitative terms. C. Exist independently of the financial statement audit. D. Can be changed at the auditor's discretion.
C. Exist independently of the financial statement audit.
When an auditor increases the assessed level of control risk because certain control procedures were determined to be ineffective, the auditor would most likely increase the A. Extent of tests of controls B. Level of detection risk. C. Extent of tests of details. D. Level of inherent risk
C. Extent of tests of details.
Which of the following is not a component of internal control? A. Control environment B. Control Activities C. Inherent Risk D. Monitoring
C. Inherent Risk
Significant deficiencies are matters that come to an auditor's attention that should be communicated to an entity's audit committee (or those charged with governance) because they represent A. Disclosures of information that significantly contradict the auditor's going concern assumption B. Material irregularities or illegal acts perpetrated by high-level management C. Significant deficiencies in the design or operation of internal control D. Manipulation or falsification of accounting records or documents from which financial statements are prepared
C. Significant deficiencies in the design or operation of internal control
As a result of control testing, a CPA has decided to reduce control risk. What is the impact on substantive testing sample size if all other factors remain constant? A. The sample size would be irrelevant B. The sample size would be higher C. The sample size would be lower D. The sample size would be unaffected.
C. The sample size would be lower
As the acceptable level of detection risk increases, an auditor may change the A. Assessed level of control risk from below the maximum level. B. Assurance provided by tests of controls by using a larger sample size than planed C. Timing of substantive tests from year end to an interim date. D. Nature of substantive tests from a less effective to a more effective procedure.
C. Timing of substantive tests from year end to an interim date.
When companies use information technology (IT) extensively, evidence may be available only in electronic form. What is an auditor's best course of action in such situations? A. Assess the the control risk as high B. Use audit software to perform analytical procedures C. Use generalized audit software to extract evidence from client databases. D. Perform limited tests of controls over electronic data
C. Use generalized audit software to extract evidence from client databases.
A measure of the auditor's assessment of the likelihood that misstatements exceeding a tolerable amount in a segment will not be prevented or detected by the client's internal controls
Control Risk
Which of the following is the best way to compensate for the lack of adequate segregation of duties in a small organization? A. Disclosing lack of segregation of duties to the external auditors during the annual review. B. Replacing personnel every 3 or 4 years C. Requiring accountants to pass a yearly background check D. Allowing for greater management oversight of incompatible activities
D. Allowing for greater management oversight of incompatible activities
Which of the following matters in a financial statements audit is most appropriate to communicate with those charged with governance? A. Clearance explanations of workpaper review notes B. Major variances in budgeted versus actual audit hours C. The nature and timing of detailed audit procedures D. An overview of the planned scope and timing of the audit
D. An overview of the planned scope and timing of the audit
The objective of tests of details of transactions performed as tests of controls is to A. Monitor the design and use of entity documents such as prenumbered shipping forms B. Determine whether internal control structure policies and procedures have been placed in operation C. Detect material misstatements in the account balances of the financial statements D. Evaluate whether internal control structure procedures operated effectively
D. Evaluate whether internal control structure procedures operated effectively
Inherent risk and control risk differ from detection risk in that inherent risk and control risk are A. Elements of audit risk while detection risk is not B. Changed at the auditor's discretion while detection risk is not. C. Considered at the individual account-balance level while detection risk is not. D. Functions of the client and its environment while detection risk is not.
D. Functions of the client and its environment while detection risk is not.
When considering the internal control structure, an auditor should be aware of the concept of reasonable assurance, which recognizes that A. Internal control policies and procedures may be ineffective due to mistakes in judgement and personal carelessness B. Adequate safeguards over access to assets and records should permit an entity to maintain proper accountability C. Establishing and maintaining the internal control structure is an important responsibility of management. D. The cost of an entity's internal control structure should not exceed the benefits expected to be derived
D. The cost of an entity's internal control structure should not exceed the benefits expected to be derived
Which of the following auditor concerns most likely could be so serious that the auditor concludes that the financial statements audit cannot be performed? A. Management fails to modify prescribed internal controls for changes in information technology B. Internal control activities requiring segregation of duties are rarely monitored by management C. Management is dominated by one person who is also the majority stockholder D. There is a substantial risk of intentional misapplication of accounting principles.
D. There is a substantial risk of intentional misapplication of accounting principles.
Inherent risk and control risk differ from detection risk in that they may be assessed in either quantitative or non-quantitative terms
False, All 3 (IR, CR & PDR) can be assessed in quantitative and non-quantitative
Acceptable audit risk is a measure of the auditor's willingness to accept that the financial statements do not contain material misstatements after the audit is complete and the audit report has been issued.
False, Audit risk is the risk that something is missing (negative)
In an audit of financial statements in accordance with generally accepted auditing standards, an auditor is required to perform tests of controls to evaluate the effectiveness of the entity's internal control.
False, it is not a requirement to test controls
The audit risk model is useful in evaluating results but of limited use in planning
False, it's main purpose is for planning
If the auditor's assessment of control risk increases, more extensive tests of controls are applied
False, more extensive substantive tests would be applied NOT tests of controls.
An auditor decides to increase the assessed level of control risk from that originally planned. To achieve an overall audit risk level that is substantially the same as the planned audit risk level, the auditor would decrease substantive testing.
False, substantive testing would increase
As the acceptable level of audit risk increases, substantive tests should increase
False, substantive tests would decrease (inverse relationship)
The relationship between control risk and detection risk is ordinarily parallel.
False, the relationship is inverse
A measure of the risk that audit evidence for a segment will fail to detect misstatements exceeding a tolerable amount, should such misstatements exist
Planned Detection Risk
Acceptable Audit Risk = HIGHER Inherent Risk = LOW Control Risk = LOW Planned Detection Risk = ? Planned Evidence = ?
Planned Detection Risk = HIGH Planned Evidence = LOW
Acceptable Audit Risk = LOW Inherent Risk = LOW Control Risk = LOW Planned Detection Risk = ? Planned Evidence = ?
Planned Detection Risk = HIGH Planned Evidence = LOW
Acceptable Audit Risk = LOW Inherent Risk = HIGH Control Risk = HIGH Planned Detection Risk = ? Planned Evidence = ?
Planned Detection Risk = LOW Planned Evidence = HIGH
Acceptable Audit Risk = HIGHER Inherent Risk = LOW Control Risk = MEDIUM Planned Detection Risk = ? Planned Evidence = ?
Planned Detection Risk = MED Planned Evidence = MED
The maximum amount by which the auditor believes that the statements could be misstated and still not affect the decisions of reasonable users
Preliminary judgement about materiality (Preliminary because about the auditor)
The materiality allocated to any given account balance
Tolerable Misstatment
As the acceptable level of detection risk decreases, the assurance directly provided from substantive tests should increase
True
When an auditor increase the assessed level of control risk because certain control activities were determined to be ineffective, the auditor would most likely increase the extent of substantive tests.
True