Econ 132A
An auditor normally obtains an understanding of transaction-level controls by:
a system walkthrough
Which of the following statements is correct regarding audit risk?
Auditors set the acceptable audit risk first before assessing control and inherent risk. Detection risk is determined last from working through the audit risk equation.
Five steps ADA
1. Plan the ADA 2. Prepare data 3. Consider relevance and reliability 4. Perform the ADA 5. Evaluate the results
Which of the following statements regarding risk is correct? A There is no set relationship between inherent risk and control risk. B The higher the control risk, the lower the inherent risk is likely to be. C The higher the inherent risk, the lower the control risk is likely to be. D The higher the inherent risk, the higher the control risk is likely to be.
A There is no set relationship between inherent risk and control risk.
Calvin Andrews is an auditor using audit data analytics (ADA) on the accounts receivable testing for a manufacturer. Which of the following is Calvin looking for when performing his ADA application?
Anomalies
Which of the following sentences regarding audit data analytics (ADA) is correct?
Audit data analytics can be used at virtually any phase of the audit.
Lisa is auditing a private company that manufactures batteries for cell phones. While the company has good perpetual inventory records and careful inventory controls, Jennifer is concerned about reported problems with lithium-ion battery fires. It is not clear that the industry has solved these problems. The company has already noted a slowing in sales of one battery model. Which audit strategy or strategies is Lisa most like to take? I. Analytical approach II. Substantive approach III. Reliance approach A III only B II only C I only D II and III
B II only
Which of the following statements regarding a substantive approach is correct? A The process for a substantive approach begins very differently than a reliance on controls approach. B If there is an internal control in place, auditors may decide to test the effectiveness of the internal control. C If there is no internal control in place, auditors assess RMM as low since both inherent and control risk are low. D If RMM is low, the audit strategy will be to perform extensive detailed substantive procedures and place little or no reliance on the client's internal controls.
B If there is an internal control in place, auditors may decide to test the effectiveness of the internal control.
You are in client acceptance phase for the audit of Jako Corp. You have determined that management is preoccupied with meeting specific profitability targets. Which of the following factors related to client acceptance does this affect? A. Competence B. Independence C. Integrity of management D. Special circumstances and unusual risks
C. Integrity of management
Which of the following statements about auditing standards is correct? A The auditing standards provide rigorous guidelines for determining performance materiality. B None of the choices is correct. C The auditing standards provide limited guidelines for the determination of performance materiality. D The auditing standards do not provide any guidelines for the determination of performance materiality.
D The auditing standards do not provide any guidelines for the determination of performance materiality.
In which type of analysis are the groups not necessarily known beforehand, but instead determined by the data?
Cluster analysis
Which of the steps associated with accessing and preparing data for audit data analytics (ADA) does the following statement relate? "When appropriate, the auditor should determine if the data set agrees with the general ledger"
Completeness of the data
Which of the following statements regarding performance measurement is correct? A The key performance indicators used by a client to monitor and assess its own performance do not provide auditors with insights into the accounts their client focuses on when compiling its financial statements. B The key performance indicators used by a client to monitor and assess its own performance do not provide auditors with insights into which accounts are potentially at risk of material misstatement. C It is appropriate to assume all clients use the same KPIs. D It is inappropriate to assume a client will use the same KPIs every year.
D It is inappropriate to assume a client will use the same KPIs every year.
Which of the following statements is most correct regarding integrated audits?
For efficiency purposes, auditors will select audit procedures that allow them to gather evidence that is useful to both of the audits.
A typical question the auditor would ask before using audit data analytics (ADA) is
Is the data obtained from the client complete?
A primary objective of procedures performed to obtain an understanding of internal control is to provide an auditor with
Knowledge necessary to assess the risk of misstatement.
Within the AICPA Code of Professional Conduct, _______ express the basic tenets of ethical conduct and provide framework for the rules.
Principles
What is the relationship between a rule of conduct and an interpretation in the AICPA Code of Professional Conduct?
Rules of conduct establish minimum standards of acceptable conduct, whereas interpretations provide additional guidance regarding the scope and applicability of these rules.
When an auditor identifies internal control deficiencies, what levels of internal control deficiencies must be reported to those charged with governance of the entity?
Significant deficiencies and material weaknesses
An auditor is using audit data analytics in the audit of inventory. Which of the following is true regarding preparing the data?
The auditor will want to make sure the inventory data being used is the same that is used to prepare the financial statements.
Which of the following is a good example of an IT application control over the occurrence of revenue transactions?
The software application compares information on a sales invoice with information from the bill of lading to ensure that sales invoices are only prepared for actual shipments. Any exceptions are not processed and are set aside for manual follow-up.
Which of the following represent a common categorization of control activities?
authorization controls, performance reviews, information-processing controls, physical controls, and segregation of duties
In a good system of segregation of duties, which of the following duties should be segregated?
authorization of transactions, physical access to assets, and recording transactions
Documenting internal controls:
can be handled with a combination of narratives and flowcharts or logic diagrams.
A management letter:
contains recommendations for improving significant deficiencies and material weaknesses in internal control discovered during the course of the audit.
An entity's risk assessment process:
is the entity's process for identifying and responding to business risks and the results of those risks.
The objectives of internal control include:
operations objectives, reporting objectives, and compliance objectives.
If the auditor is able to collect evidence that IT general controls are strong, then the auditor can conclude that:
software applications are more likely to operate consistently over time.
The internal control component that addresses how an organization holds an individual accountable for his or her internal control responsibilities in pursuit of objectives is related to:
the control environment