AUDIT
The audit risk model includes the four risks listed below. Match the type of risk with the related definition. A) The probability that an auditor will give an inappropriate opinion on financial statements. B) The probability that audit procedures will fail to produce evidence of material misstatements. C) The probability that the client's internal control policies and procedures will fail to detect material misstatements if they have entered the accounting system. D) The probability that material misstatements have occurred in transactions entering the accounting system. 61) Detection risk 62) Control risk 63) Inherent risk 64) Audit risk
1. B 2. C 3. D 4. A
60) Below are several of the ASB management assertions.A. OccurrenceB. CompletenessC. Rights and obligationsD. Allocation or valuationE. ClassificationF. ExistenceG. CutoffH. AccuracyI. UnderstandabilityFor each of the following control activities, identify the management assertion that best applies by placing the correct letter in the blank space below. ________ 1. Match shipping documents with sales invoices before a sale is recorded. ________ 2. Balance total of individual customers' receivables with the control account. ________ 3. Sales manager approves taking discounts. ________ 4. Computer check for billing the quantity shipped, list price, and total. ________ 5. Account for numerical sequence of pre-numbered shipping documents
1.A 2.E 3.D 4.H 5.B
74) For each of the descriptions in Column A, match the correct word or words from Column B. Column A ________ 1. Refers to changes across two or more years ________ 2. A wide range of evidence-gathering activity that occurs before year-end ________ 3. Chain of evidence found at an audit client ________ 4. Procedures performed that rely on relationships among account balances and/or relevant non-financial data ________ 5. Financial statement amounts expressed as proportions of a base Column B A. Analytical procedures B. Year-end audit work C. Audit trail D. Horizontal analysis E. Vertical analysis F. Interim audit work
1.D 2.F 3.C 4.A 5.E
For each of the following statements or phrases, match the professional standard to which it relates. A) Evaluate the net realizable value of inventory. B) Disagreements with management on significant accounting and auditing matters. C) Make inquiries about management's policies and procedures for compliance with laws and regulations. D) Investigate large and unusual transactions, particularly those that occur at or near year-end. 65) AU 250: "Consideration of Laws and Regulations" 66) AU 260: "The Auditor's Communication with Those Charged with Governance" 67) AU 540: "Auditing Accounting Estimates" 68) AU 240: "Consideration of Fraud in a Financial Statement Audit" Answers: 65) C 66) B 67) A 68) D
65. C . 66. B 67. A 68. D
13) Which of the following is a definition of control risk? A) The risk that a material misstatement will not be prevented or detected on a timely basis by the client's internal controls. B) The risk that the auditor will not detect a material misstatement. C) The risk that the auditor's assessment of internal controls will be at less than the maximum level. D) The susceptibility of material misstatement assuming there are no related internal controls, policies, or procedures.
A
15) According to auditing standards, external auditors' responsibilities for indirect noncompliance do not include: A) designing audit procedures to detect noncompliance in the absence of specific information brought to the auditors' attention. B) performing audit procedures when specific information indicates that possible noncompliance may have a material indirect effect on financial statements. C) considering the qualitative materiality of known and suspected noncompliance. D) obtaining written management representations concerning the absence of violations of laws
A
20) Which of the following statements concerning noncompliance by clients is correct? A) An auditor's responsibility to detect noncompliance that has a direct and material effect on the financial statements is the same as that for errors and frauds. B) An audit in accordance with generally accepted auditing standards normally includes audit procedures specifically designed to detect noncompliance that has an indirect but material effect on the financial statements. C) An auditor considers noncompliance from the perspective of the reliability of management's representations rather than their relation to audit objectives derived from financial statement assertions. D) An auditor has no responsibility for noncompliance that has an indirect effect on the financial statements.
A
21) Which of the following statements best describes auditors' responsibility to detect errors and frauds? A) Auditors should design an audit to provide reasonable assurance of detecting errors and frauds that are material to the financial statements. B) Auditors are responsible to detect material errors, but have no responsibility to detect material frauds that are concealed through employee collusion or management override of the internal control structure. C) Auditors have no responsibility to detect errors and frauds unless analytical procedures or tests of transactions identify conditions causing a reasonably prudent auditor to suspect that the financial statements were materially misstated. D) Auditors have no responsibility to detect errors and frauds because an auditor is not an insurer and an audit does not constitute a guarantee.
A
22) The probability that an audit team will give an inappropriate opinion on financial statements best describes: A) audit risk. B) inherent risk. C) control risk. D) detection risk
A
23) After obtaining an understanding of the entity's internal control and assessing control risk, an auditor of a non-public company decided not to perform additional tests of controls. The auditor most likely concluded that the: A) additional evidence to support a further reduction in control risk was not cost beneficial. B) assessed level of inherent risk exceeded the assessed level of control risk. C) internal control structure was properly designed and justifiably may be relied on. D) evidence obtainable through tests of controls would not support an increased level of control risk.
A
24) If control risk increases, and all other risks in the audit risk model stay constant except the one referred to below, which of the following statements is correct? A) Detection risk will decrease. B) Inherent risk will increase. C) Audit risk will decrease. D) Detection risk will increase.
A
29) Which of the following is not an input control activity? A) Reasonableness tests. B) Record counts. C) Financial totals. D) Hash totals
A
30) The acceptable level of detection risk is inversely related to the: A) assurance provided by substantive tests. B) risk of misapplying audit procedures. C) preliminary judgment about materiality levels. D) risk of failing to discover material misstatements
A
31) Which of the following is the least important audit reason for the auditor's obtaining an understanding of a company's internal control? A) To serve as a basis for constructive suggestions. B) To plan subsequent substantive tests. C) To identify types of possible misstatements that may occur. D) To consider factors that may affect the risk of material misstatement.
A
32) Tracing bills of lading to sales invoices provides evidence that: A) shipments to customers were invoiced. B) shipments to customers were recorded as sales. C) recorded sales were shipped. D) invoiced sales were recorded as sales
A
34) When an auditor becomes aware of possible noncompliance by a client, the auditor should obtain an understanding of the nature of the act to: A) evaluate the effect on the financial statements. B) determine the reliability of management's representations. C) consider whether other similar acts may have occurred. D) recommend remedial actions to the audit committee
A
35) Jones, CPA, is auditing the financial statements of XYZ Retailing Inc. What assurance does Jones provide that direct effect noncompliance that is material to XYZ's financial statements, and noncompliance that has a material, but indirect effect on the financial statements will be detected? A) Direct effect noncompliance: Reasonable; Indirect effect noncompliance: None. B) Direct effect noncompliance: Reasonable; Indirect effect noncompliance: Reasonable. C) Direct effect noncompliance: Limited; Indirect effect noncompliance: None. D) Direct effect noncompliance: Limited; Indirect effect noncompliance: Reasonable.
A
37) In the planning stage, analytical procedures are used to: A) identify potential problem areas. B) provide direct evidence about the balances in accounts. C) determine the mathematical correctness of the financial statements. D) perform all of these
A
39) When the audit team increases the planned assessed level of control risk because certain control activities were determined to be ineffective, the audit team would most likely increase the: A) extent of substantive tests of details. B) level of inherent risk. C) extent of tests of controls. D) level of detection risk
A
4) When an auditor plans to rely on controls that have changed since they were last tested, which of the following courses of action would be most appropriate? A) Test the operating effectiveness of such controls in the current audit. B) Document that reliance and proceed with the original audit strategy. C) Inquire of management as to the effectiveness of the controls. D) Report the reliance in the report on internal controls
A
40) In computer systems, the information technology general controls (ITGC) would not include: A) processing control activities. B) separation of various computer system functions. C) appropriate documentation of the data processing system. D) control over physical access to computer hardware
A
41) If an auditor encounters significant risks at the client, the auditor should do all of the following except: A) inform the SEC. B) perform extended procedures. C) include more experienced auditors on the engagement. D) perform tests closer to year end.
A
49) When an auditor increases the planned assessed level of control risk because certain control activities were determined to be ineffective, the auditor would most likely increase the: A) extent of substantive tests of details. B) level of inherent risk. C) extent of tests of controls. D) level of detection risk.
A
49) Which of the following most likely would not be considered an inherent limitation of the potential effectiveness of an entity's internal controls? A) Incompatible duties. B) Management override. C) Mistakes in judgment. D) Collusion among employees
A
51) The primary objective of procedures performed to obtain an understanding of the entity's internal control is to provide an auditor with: A) knowledge necessary for audit planning. B) evidential matter to use in assessing inherent risk. C) a basis for modifying tests of controls. D) an evaluation of the consistency of application of management's policies
A
53) After obtaining an understanding of internal controls and assessing control risk on the audit of a non-public company, an auditor decided to perform tests of controls. The auditor most likely decided that: A) it would be efficient to perform tests of controls that would result in a reduction in planned substantive tests. B) additional evidence to support a further reduction in control risk is not available. C) an increase in the assessed level of control risk is justified for certain financial statement assertions. D) there were many internal control weaknesses that could allow errors to enter the accounting system.
A
54) In an audit of financial statements of a non-public company in accordance with generally accepted auditing standards, an auditor is required to: A) document the auditor's understanding of the entity's internal control. B) search for significant deficiencies in the operation of the internal controls. C) perform tests of controls to evaluate the effectiveness of the entity's accounting system. D) determine whether control activities are operating effectively to prevent or detect material misstatements.
A
57) A report on internal control effectiveness by the management team of public companies is required by: A) the Sarbanes-Oxley Act of 2002. B) the PCAOB. C) the AICPA. D) the auditors
A
59) Auditors use brainstorming: A) to heighten the audit team's awareness of fraud potential. B) to heighten management's awareness of fraud potential. C) to determine detection risk. D) to set materiality.
A
6) An auditor's analytical procedures indicate a lower than expected return on an equity method investment. This situation most likely could have been caused by: A) an error in recording amortization of the excess of the investor's cost over the investment's underlying book value. B) the investee's decision to reduce cash dividends declared per share of its common stock. C) an error in recording the unrealized gain from an increase in the fair value of available-for-sale securities in the income account for trading securities. D) a substantial fluctuation in the price of the investee's common stock on a national stock exchange.
A
8) Which of the following analytical procedures most likely would be used during the planning stage of an audit? A) Comparing current-year to prior-year sales volumes. B) Reading the financial statements and notes and considering the adequacy of evidence. C) Comparing the current-year ratio of aggregate salaries paid to the number of employees to the prior-year's ratio. D) Reading the letter from the client's attorney and considering the threat of litigation.
A
Chapter 5 Risk Assessment: Internal Control Evaluation 1) An audit team's responsibility would not include: A) designing client's internal controls. B) documentation of understanding of a client's internal controls. C) communicating internal control deficiencies. D) assessing the effectiveness of a client's internal controls.
A
1) The major emphasis in GAAS related to consideration of fraud in a financial statement audit (AU 240) is on: A) employee misappropriation of assets. B) management fraud. C) client fraud on customers. D) employee embezzlement
B
12) Inherent risk and control risk differ from detection risk in which of the following ways? A) Inherent risk and control risk are calculated by the client. B) Inherent risk and control risk exist independently of the audit. C) Inherent risk and control risk are controlled by the auditor. D) Inherent risk and control risk exist as a result of the auditor's judgment about materiality
B
14) If not already performed during the overall review stage of the audit, the auditor should perform analytical procedures relating to which of the following transaction cycles? A) Payroll. B) Revenue. C) Purchasing. D) Inventory.
B
15) Which of the following is the best way to compensate for the lack of adequate segregation of duties in a small organization? A) Disclosing lack of segregation of duties to the external auditors during the annual review. B) Replacing personnel every three or four years. C) Requiring accountants to pass a yearly background check. D) Allowing for greater management oversight of incompatible activities.
B
17) Obtaining an understanding of an internal control involves evaluating the design of the control and determining whether the control has been: A) authorized. B) implemented. C) tested. D) monitored.
B
27) Control strengths and weaknesses should be documented in audit documentation, sometimes called: A) questionnaires, narratives, and flowcharts. B) bridge working papers. C) communications of significant deficiencies. D) internal control letters.
B
29) Based on audit evidence gathered and evaluated, an auditor decides to increase the assessed level of control risk from that originally planned. To achieve an overall audit risk level that is substantially the same as the planned audit risk level, the auditor would: A) decrease substantive testing. B) decrease detection risk. C) increase inherent risk. D) increase materiality levels
B
3) A set of characteristics that helps to define a seriousness about employees' attitudes about the control activities in a company is referred to as: A) management assertions. B) the control environment. C) control risk assessment. D) functional responsibilities.
B
3) External auditors are responsible: A) for authenticating documents. B) for reporting immaterial frauds to a level of management at least one level above the people involved. C) for finding all intentional misstatements concealed by collusion. D) for reporting all frauds to outside agencies or parties
B
33) An auditor who discovers that client employees have committed an illegal act that has a material effect on the client's financial statements most likely would withdraw from the engagement if: A) the noncompliance is a violation of generally accepted accounting principles. B) the client does not take the remedial action that the auditor considers necessary. C) the illegal act was committed during a prior year that was not audited. D) the auditor has already assessed control risk at the maximum level.
B
36) Generally accepted auditing standards states that analytical procedures: A) should be applied in the planning and final review stages of the audit and as a substantive test during the audit. B) should be applied in the planning and final review stages of the audit and can be used as a substantive test during the audit. C) should be applied in the planning stage and can be applied as a substantive test and in the final review stage. D) should be applied in the final review stage, and can be applied as a substantive test and in the planning stage.
B
37) If auditors assess control risk at the maximum level, they will tend to: A) perform a great deal of additional tests of controls. B) perform a great deal of substantive testing during the audit. C) perform substantive tests at an interim date. D) perform more audit procedures using internal evidence
B
38) Assume that application of analytical procedures revealed significant unexplained differences between recorded amounts and the expectations (estimates) developed by the auditor. If management is unable to provide an acceptable explanation, the auditor should: A) consider the matter a scope limitation. B) perform additional audit procedures to investigate the matter further. C) intensify the audit with the expectation of detecting management fraud. D) withdraw from the engagement
B
4) Which of the following information that comes to an auditor's attention most likely would raise a question about the occurrence of illegal acts? A) The exchange of property for similar property in a nonmonetary transaction. B) The discovery of unexplained payments made to government employees. C) The presence of several difficult-to-audit transactions affecting expense accounts. D) The failure to develop adequate procedures that detect unauthorized purchases
B
42) Horizontal analysis refers to: A) the trend of income from year to year of persons suspected of fraud. B) changes of financial statement numbers and ratios across several years. C) financial statement amounts expressed each year as a proportion of a base amount. D) the change in a suspect's net worth from the beginning to the end of a period.
B
44) Generally accepted auditing standards (GAAS) give auditors considerable discretion to decide the amount of work required to satisfy auditing standards guiding internal control evaluation and related audit planning. Which of the descriptions below best expresses the minimum amount of work permitted by GAAS for nonpublic companies? A) Do not obtain an understanding of client environment, accounting, or control activities. Do not document the decision to assess control risk at maximum. Perform 100% substantive audit on all financial statement transactions and balances. B) Obtain an understanding of client environment, accounting, and control activities. Document the decision to assess control risk at maximum. Perform an extensive but not 100% substantive audit on financial statement transactions and balances. C) Obtain an understanding of client environment, accounting, and control activities, and perform detail tests of controls. Document the decision to assess control risk below the maximum. Perform restricted substantive audit on financial statement transactions and balances, considering the control risk assessment. D) Obtain an understanding of client environment, accounting, and control activities, and perform detail tests of controls. Document the decision to assess control risk at zero. Perform no substantive audit on financial statement transactions and balances, since zero control risk means that no errors or fraud can reach the accounts.
B
45) The type of financial analysis that expresses balance sheet accounts as percentages of total assets is known as: A) horizontal analysis. B) vertical analysis. C) net worth analysis. D) expenditure analysis
B
46) In an audit of financial statements, an auditor's primary consideration regarding an internal control policy or activity is whether the policy or activity: A) reflects management's philosophy and operating style. B) affects management's financial statement assertions. C) provides adequate safeguards over access to assets. D) enhances management's decision making processes.
B
5) An auditor is concerned about a policy of management override as a limitation of internal control. Which of the following tests would best assess the validity of the auditor's concern? A) Matching purchase orders to accounts payable. B) Verifying that approved spending limits are not exceeded. C) Tracing sales orders to the revenue account. D) Reviewing minutes of board meeting
B
55) In testing control activities, an auditor ordinarily selects from a variety of techniques, including: A) inquiry and analytical procedures. B) reperformance and observation. C) comparison and confirmation. D) inspection and verification
B
57) Managing business risk is the responsibility of: A) the auditors. B) management. C) the SEC. D) the PCAOB.
B
59) Which of the following areas can external auditors rely on internal auditors' work in auditing internal controls? A) Evaluation of the auditing environment. B) Testing of low risk internal control activities. C) All testing of the operating effectiveness of internal control activities. D) As providing the principle evidence for the external auditors' opinion.
B
7) Which of the following outcomes is a likely benefit of information technology used for internal control? A) Processing of unusual or nonrecurring transactions. B) Enhanced timeliness of information. C) Potential loss of data. D) Recording of unauthorized transactions
B
9) Which of the following factors is most likely to affect the extent of the documentation of the auditor's understanding of a client's system of internal controls? A) The industry and the business and regulatory environments in which the client operates. B) The degree to which information technology is used in the accounting function. C) The relationship between management, the board of directors, and external stakeholders. D) The degree to which the auditor intends to use internal audit personnel to perform substantive tests.
B
10) Which of the following would not be considered an analytical procedure? A) Converting dollar amounts of income statement account balances to percentages of net sales for comparison with industry averages. B) Developing the current year's expected net sales based on the sales trend of similar entities within the same industry. C) Projecting a deviation rate by comparing the results of a statistical sample with the actual population characteristics. D) Estimating the current year's expected expenses based on the prior year's expenses and the current year's budget.
C
11) Each of the following types of controls is considered to be an entity-level control, except those: A) relating to the control environment. B) pertaining to the company's risk assessment process. C) regarding the company's annual stockholder meeting. D) addressing policies over significant risk management practices.
C
12) Which of the following is not a component of internal controls? A) Control environment. B) Control activities. C) Inherent risk. D) Monitoring.
C
14) Which of the following should an auditor do when control risk is assessed at the maximum level? A) Perform fewer substantive tests of details. B) Perform more tests of controls. C) Document the assessment. D) Document the control structure more extensively.15) Which of the following statements is correct regarding internal control?
C
16) Certain conditions and circumstances are often present when management fraud occurs. Which of the following is not such a condition or circumstance? A) Unfavorable industry conditions. B) Lack of working capital. C) High liquidity. D) Slow customer collections
C
17) Independent auditors who consider fraud in the course of financial statement audits are well-advised to quantify "materiality" in terms of: A) the maximum amount of asset overstatement that might mislead investors in relation to the latest financial statements under audit. B) a maximum percentage of net income overstatement that might mislead investors in relation to the latest financial statements under audit. C) a cumulative amount of misstatement of assets or income over several years past and current that might mislead investors in relation to the latest financial statements under audit. D) controversial accounting measurements that might mislead investors in relation to the latest financial statements under audit
C
18) Which of the following statements best describes why an auditor would use only substantive procedures to evaluate specific relevant assertions and risks? A) The relevant internal control components are not well documented. B) The internal auditor already has tested the relevant controls and found them effective. C) Testing the operating effectiveness of the relevant controls would not be efficient. D) The cost of substantive procedures will exceed the cost of testing the relevant controls
C
19) An auditor is evaluating a client's internal controls. Which of the following situations would be the most difficult internal control issue for an auditor to detect? A) The accounting staff neglects the control, due to increased transactions to be processed. B) The technology department writes a program that does not properly implement the control, due to a lack of understanding. C) Two employees, who work in different departments, are circumventing an internal control. D) Someone erroneously disables edit checks in a software program designed to identify control exceptions.
C
2) Management fraud generally refers to: A) unintentional mistakes. B) noncompliance. C) intentional distortions of financial statements. D) violations of GAAS
C
23) Inherent risk is the: A) probability that some accounts are more susceptible to misstatement than others. B) probability that the client's internal control policies and procedures will fail to detect material misstatements. C) probability that material misstatements have occurred in transactions entering the accounting system used to develop financial statements. D) probability that the auditor may not detect material misstatements in the financial statements
C
24) Regardless of the assessed level of control risk, an auditor of a non-public company would perform some: A) tests of controls to determine the effectiveness of internal control policies. B) analytical procedures to verify the design of internal control activities. C) substantive tests to restrict detection risk for significant transaction classes. D) dual purpose tests to evaluate both the risk of monetary misstatement and preliminary control risk.
C
25) If fictitious credit sales were recorded, and the fictitious accounts receivable were later directly written off as bad debt expense, A) income would be overstated. B) income would be understated. C) income would not be misstated. D) accounts receivable would be understated
C
25) The "obtaining an understanding" work phase (Phase 1) of internal control evaluation would not give auditors an overall acquaintance with the client's: A) control environment. B) information and communication system. C) control activity effectiveness. D) monitoring activities
C
27) The risk of material misstatement differs from detection risk in that it: A) arises from the misapplication of audit procedures. B) may be assessed in either quantitative or non-quantitative terms. C) exists independently of the financial statement audit. D) can be changed at the auditor's discretion
C
28) The internal control in small business is highly dependent on the: A) separation of functional responsibilities. B) complexity of the client's internal controls. C) owner-manager's competence, as well as his/her ethics and integrity. D) bonding of employees.
C
32) When determining the inherent risk related to an account balance, an auditor theoretically does not explicitly consider the: A) liquidity of the account. B) degree of management estimation involved in determining the proper account balance. C) related internal control policies and procedures. D) complexity of calculations involved
C
34) Which of the following audit procedures most likely would provide an auditor with the most assurance about the effectiveness of the operation of an entity's internal control? A) Confirmation with outside parties. B) Inquiry of client personnel. C) Successful re-performance of the control activity. D) Observation of client personnel
C
36) After obtaining an understanding of a client's financial reporting control activities, the auditor would next: A) test the client's control activities. B) assess the final control risk. C) document the understanding obtained. D) plan the remainder of the audit w
C
38) The ultimate purpose of assessing control risk is to contribute to the auditor's evaluation of the: A) factors that raise doubts about the auditability of the financial statements. B) operating effectiveness of internal control policies and procedures. C) risk that material misstatements exist in the financial statements. D) possibility that the nature and extent of substantive tests may be reduced.
C
39) For audits of financial statements made in accordance with generally accepted auditing standards, the use of analytical procedures is required to some extent. A) As a substantive test: Yes; In the final review stage: Yes. B) As a substantive test: Yes; In the final review stage: No. C) As a substantive test: No; In the final review stage: Yes. D) As a substantive test: No; In the final review stage: No.
C
41) When auditing financial statements of a private company, the minimum work an auditor must perform in connection with a company's internal control is best described by which of the following statements? A) Perform exhaustive tests of accounting controls and evaluate the company's control system effectiveness. B) Determine whether the company's control policies are designed well enough to prevent material misstatements. C) Prepare auditing working papers that document the auditor's understanding of the company's internal control. D) Design procedures to search for significant deficiencies in the actual operation of the company's internal control.
C
43) Analytical procedures used in planning an audit should focus on: A) reducing the scope of tests of controls and substantive tests. B) providing assurance that potential material misstatements will be identified. C) enhancing the auditor's understanding of the client's business. D) assessing the adequacy of the available evidential matter.
C
46) Which of the following accounts tends to be most predictable for purposes of analytical procedures? A) Accounts receivable. B) Travel and entertainment expense. C) Interest expense. D) Income taxes payable
C
47) Analytical procedures are audit methods of evaluating financial statement accounts by studying and comparing relationships among financial and nonfinancial data. The primary purpose of analytical procedures conducted during the planning stages is to: A) identify the appropriate schedules to be prepared by the client. B) identify the types of errors or frauds that can occur in transactions. C) identify unusual conditions that deserve additional audit effort. D) determine the existence of unrecorded liabilities or overstated assets
C
47) Which of the following is a step in an auditor's decision to assess control risk at below the maximum? A) Apply analytical procedures to both financial data and nonfinancial information to detect conditions that may indicate weak controls. B) Perform tests of details of transactions and account balances to identify potential errors and fraud. C) Identify specific internal control policies and activities that are likely to detect or prevent material misstatements. D) Document that the additional audit effort to perform tests of controls exceeds the potential reduction in substantive testing.
C
48) Which of the following is not an objective of internal controls over financial reporting as defined by the Sarbanes-Oxley Act? A) Policies and procedures that pertain to the maintenance of records that in reasonable detail accurately and fairly reflect the transactions and dispositions of the assets of the registrant. B) Policies and procedures that provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with generally accepted accounting principles, and receipts and expenditures of the registrant are being made only in accordance with authorizations of management and directors of the registrant. C) Policies and procedures that provide reasonable assurance regarding the compliance with applicable laws and regulations. D) Policies and procedures that provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use or disposition of the registrant's assets that could have a material effect on the financial statements
C
52) The overall attitude and awareness of an entity's board of directors concerning the importance of the client's internal control usually is reflected in its: A) computer-based control activities. B) system of separation of duties. C) control environment. D) safeguards over access to assets
C
55) Which of the following is an acceptable response to fraud risks related to sales that were identified in an audit? A) Exercise professional skepticism when performing sales testing. B) Increase the assessment of control risk for sales. C) Increase the assessment of detection risk for sales. D) Perform additional substantive sales procedures on a surprise basis
C
56) If tests of controls induce the auditor to change the assessed level of control risk for Property Plant & Equipment from 50% to 100%, and audit risk (6%) and inherent risk remain constant, the acceptable level of detection risk: A) would most likely change from 10% to 5%. B) would most likely change from 20% to 40%. C) would most likely change from 30% to 15%. D) would be unchanged, because the auditor has control over detection risk. E) cannot be determined because inherent risk is not given
C
58) Auditors would use the enterprise risk model: A) to reduce the client's business risk. B) to determine detection risk. C) to evaluate management's risk assessment. D) to monitor client risk.
C
8) Which of the following procedures is considered a test of controls? A) An auditor reviews the entity's check register for unrecorded liabilities. B) An auditor evaluates whether a general journal entry was recorded at the proper amount. C) An auditor interviews and observes appropriate personnel to determine segregation of duties. D) An auditor reviews the audit workpapers to ensure proper sign-off.
C
10) Which of the following payroll control activities would most effectively ensure that payment is made only for work performed? A) Require all employees to record arrival and departure by using the time clock. B) Have a payroll clerk recalculate all time cards. C) Require all employees to sign their time cards. D) Require employees to have their direct supervisors approve their time cards.
D
11) While performing an audit of the financial statements of a company for the year ended December 31, year 1, the auditor notes that the company's sales increased substantially in December, year 1, with a corresponding decrease in January, year 2. In assessing the risk of fraudulent financial reporting or misappropriation of assets, what should be the auditor's initial indication about the potential for fraud in sales revenue? A) There is a broad indication of misappropriation of assets. B) There is an indication of theft of the entity's assets. C) There is an indication of embezzling receipts. D) There is a broad indication of financial reporting fraud
D
13) While performing interim audit procedures of accounts receivable, numerous unexpected errors are found resulting in a change of risk assessment. Which of the following audit responses would be most appropriate? A) Move detailed analytical procedures from year end to interim. B) Increase the dollar threshold of vouching customer invoices. C) Send negative accounts receivable confirmations instead of positive accounts receivable confirmations. D) Use more experienced audit team members to perform year-end testing
D
16) Which of the following statements is correct regarding internal control? A) A well-designed internal control environment ensures the achievement of an entity's control objectives. B) An inherent limitation to internal control is the fact that controls can be circumvented by management override. C) A well-designed and operated internal control environment should detect collusion perpetrated by two people. D) Internal control is a necessary business function and should be designed and operated to detect all errors and fraud.
D
18) An auditor assesses the risk of material misstatement because it: A) is relevant to the auditor's understanding of the control environment. B) provides assurance that the auditor's overall materiality levels are appropriate. C) indicates to the auditor where inherent risk may be the greatest. D) affects the level of detection risk that the auditor may accept.
D
19) When fraud risk is significant, and management cooperation is unsatisfactory, the auditors will most likely: A) perform extended audit procedures. B) consult with fraud examiners. C) report directly to the Securities and Exchange Commission within one day. D) withdraw from the engagement.
D
2) The appropriate separation of duties does not include: A) authorization to execute transactions. B) recording of transactions. C) custody of assets involved in the transactions. D) data preparation.
D
20) Which of the following is a factor in the control environment? A) Segregation of duties. B) Information processing. C) Performance reviews. D) Management's philosophy and operating style.
D
21) Control activities intended to ensure that transactions are recorded in the right period are designed to achieve the ASB assertion of: A) occurrence. B) accuracy. C) valuation or allocation. D) cutoff.
D
22) Sound internal control can be described as separating all of the following duties and responsibilities except for: A) transaction authorization. B) recordkeeping. C) custody of, or direct access to, assets. D) hiring of employees
D
26) An audit team uses the assessed risk of material misstatement to: A) evaluate the effectiveness of the entity's internal control policies and activities. B) identify transactions and account balances where inherent risk is at the maximum. C) indicate whether materiality thresholds for planning and evaluation purposes are sufficiently high. D) determine the acceptable level of detection risk for financial statement assertions.
D
26) Which of the following is an information technology general control? A) Check digit. B) Run-to-run totals. C) Distribution of computerized output. D) Separation of duties in the IT department
D
28) The risk that an auditor's procedures will lead to the conclusion that a material misstatement does not exist in an account balance when, in fact, such misstatement actually exists is: A) audit risk. B) inherent risk. C) control risk. D) detection risk.
D
30) A sales clerk enters a customer's six-number customer account. The computer program uses the first five numbers to calculate a sixth number. This resulting number is then compared to the sixth number entered by the sales clerk. This is an example of a: A) valid character test. B) missing data test. C) reasonableness test. D) check digit.
D
31) The existence of audit risk is recognized by the statement in the auditor's standard report that the: A) auditor is responsible for expressing an opinion on the financial statements, which are the responsibility of management. B) financial statements are presented fairly, in all material respects, in conformity with applicable financial reporting framework. C) audit includes examining, on a test basis, evidence supporting the amounts and disclosures in the financial statements. D) auditor obtains reasonable assurance about whether the financial statements are free of material misstatement.
D
35) When obtaining an understanding of an entity's internal control in a financial statement audit at a non-public company, an auditor is not obligated to: A) determine whether the control activities have been placed in operation. B) perform procedures to understand the design of the internal control system. C) document the understanding of the company's internal control system. D) search for significant deficiencies in the operation of the internal control system
D
40) Which of the following would not likely be found in the minutes of the board of directors? A) Amount of dividends declared. B) Approval to pledge assets as security for debts. C) Authorization of officers' salaries. D) Approval of a new desktop computer for the controller
D
42) Which of the following would most likely be classified as a material weakness? A) Absence of appropriate separation of duties. B) Absence of appropriate reviews and approvals of transactions. C) Evidence of failure of control activities. D) Ineffective oversight of the financial reporting process by the company's audit committee
D
43) If a control total were to be computed on each of the following data items, which would best be identified as a hash total for a payroll IT application? A) Hours worked. B) Total debits and total credits. C) Net pay. D) Department numbers
D
44) Sources of financial and nonfinancial data do not include: A) financial account information for comparable prior periods. B) nonfinancial information such as physical production statistics. C) company budgets and forecasts. D) Bureau of Labor statistics
D
45) Proper separation of duties reduces the opportunities to allow persons to be in positions to both: A) journalize entries and prepare financial statements. B) record cash receipts and cash disbursements. C) establish internal controls and authorize transactions. D) perpetrate a fraud and then conceal it in the books
D
48) Which of the following is not required by AU 240, "Consideration of Fraud in a Financial Statement Audit"? A) Conduct a continuing assessment of the risks of material misstatement due to fraud throughout the audit. B) Conduct a discussion by the audit team of the risks of material misstatement due to fraud. C) Conduct the audit with professional skepticism, which includes an attitude that assumes balances are incorrect until verified by the auditor. D) Conduct inquiries of shareholders as to their views about the risks of fraud and their knowledge of any fraud or suspected fraud.
D
50) As part of understanding the internal control, an auditor is not required to: A) consider factors that affect the risk of material misstatement. B) ascertain whether internal control policies and activities have been placed in operation. C) identify the types of potential misstatements that can occur. D) obtain knowledge about the operating effectiveness of the client's internal control activities
D
50) What assurance does the auditor provide that errors, frauds, and direct effect noncompliance that are material to the financial statements will be detected? A) Errors: Limited; Frauds: Negative; Direct effect noncompliance: Limited. B) Errors: Limited; Frauds: Limited; Direct effect noncompliance: Reasonable. C) Errors: Reasonable; Frauds: Limited; Direct effect noncompliance: Limited. D) Errors: Reasonable; Frauds: Reasonable; Direct effect noncompliance: Reasonable
D
51) Experience has shown that the many large fraudulent transactions can be found in: A) systematic processing of large volumes of day-to-day ordinary transactions. B) payroll fraudsters' mistakes in using unissued Social Security numbers. C) petty cash embezzlements. D) non-routine, nonsystematic journal entries.
D
52) Which of the following pieces of information discovered by an auditor when performing substantive tests of account balances would most likely raise red flags about the possible existence of material fraudulent financial reporting? A) Paper copies of paid invoices and cancelled checks are microfiched and then destroyed. B) The controller requires that you schedule any audit inquiries for after lunch each day, not in the morning. C) The petty cash fund custodian never takes a vacation. D) The client's estimate of the allowance for doubtful accounts is lower than the auditor's independent evaluation of the allowance.
D
53) Inherent risk and control risk differ from detection risk in that inherent risk and control risk are: A) elements of audit risk whereas detection risk is not. B) changed at the auditor's discretion whereas detection risk is not. C) considered at the individual account-balance level whereas detection risk is not. D) functions of the client and its environment whereas detection risk is not.
D
54) The auditor uses the assessed level of risk of material misstatement to determine the acceptable level of detection risk for financial statement assertions. As the acceptable level of detection risk decreases, the auditor may do one or more of the following except change the: A) nature of substantive tests to more effective procedures. B) timing of substantive tests, such as performing them at year-end rather than at an interim date. C) extent of substantive tests, such as using larger sample sizes. D) assurances provided by substantive tests to a lower level
D
56) Assessing control risk at below the maximum level most likely would involve: A) performing more extensive substantive tests with larger sample sizes than originally planned. B) reducing inherent risk for most of the assertions relevant to significant account balances. C) changing the timing of substantive tests by omitting interim-date testing and performing the tests at year end. D) identifying specific internal control activities that are relevant to specific financial statement assertions.
D
58) Management's report on internal controls must include each of the following except: A) a statement that management is responsible for establishing and maintaining adequate internal control over financial reporting. B) a statement identifying the framework management uses to evaluate the effectiveness of the company's internal control. C) a statement providing management's assessment of the effectiveness of the company's internal control. D) a statement providing management's evaluation of the company's control environment
D
6) Which of the following activities performed by a department supervisor most likely would help in the prevention or detection of a payroll fraud? A) Distributing paychecks directly to department store employees. B) Setting the pay rate for departmental employees. C) Hiring employees and authorizing them to be added to payroll. D) Approving a summary of hours each employee worked during the pay period
D
60) The purpose of an audit strategy is: A) to provide a defense against litigation. B) to gain an understanding of the client. C) to comply with securities law. D) to set the scope, timing, and direction for auditing each relevant assertion
D
7) Prior to, or in conjunction with, the information-gathering procedures for an audit, audit team members should discuss the potential for material misstatement due to fraud. Which of the following best characterizes the mind-set that the audit team should maintain during this discussion? A) Presumptive. B) Judgmental. C) Criticizing. D) Questioning
D
9) In auditing related party transactions, an auditor ordinarily places primary emphasis on: A) the probability that related party transactions will recur. B) confirming the existence of the related parties. C) verifying the valuation of the related party transactions. D) the adequacy of the disclosure of the related party transactions.
D
33) Which of the following client internal control activities is not usually performed in the treasurer's department? A) Verifying the accuracy of checks and vouchers. B) Controlling the mailing of checks to vendors. C) Approving vendors' invoices for payment. D) Canceling payment vouchers when paid
c
5) Analytical procedures are most appropriate when testing which of the following types of transactions? A) Payroll and benefit liabilities. B) Acquisitions and disposals of fixed assets. C) Operating expense transactions. D) Long-term debt transactions
c