Gleim Questions
The primary purpose of obtaining an understanding of the entity and its environment, including its internal control, is to provide an auditor with
A frame of reference within which to plan the audit.
Which of the following situations represents a limitation, rather than a failure, of internal control?
A purchasing employee and an outside vendor participate in a kickback scheme.
It is important for the auditor to consider the competence of the audit client's employees, because their competence bears directly and importantly upon the
Achievement of the objectives of internal control.
In an audit of financial statements, an auditor's primary consideration regarding an internal control is whether the control
Affects management's financial statement assertions.
Which of the following is the best way to compensate for the lack of adequate segregation of duties in a small organization?
Allowing for greater management oversight of incompatible activities.
The following is a section of a system flowchart for a payroll application: Symbol X could represent
An error report.
Which of the following statements is correct regarding internal control?
An inherent limitation of internal control is that controls can be circumvented by management override.
Control activities constitute one of the five components of internal control described in the COSO model. Control activities do not encompass
An internal auditing function.
Transaction authorization within an organization may be either specific or general. An example of specific transaction authorization is the
Approval of a detailed construction budget for a warehouse.
Which of the following factors are included in an entity's control environment?
Audit Committee Participation- Yes Integrity and Ethical Values- Yes Organizational Structure- Yes
Proper segregation of functional responsibilities to achieve effective internal control calls for separation of the functions of
Authorization, recording, and custody.
Which of the following is an inherent limitation of internal control?
Collusion.
The auditor's understanding of internal control is documented to substantiate
Compliance with generally accepted auditing standards.
The design or operation of a control may not allow management or employees, in the normal course of performing their assigned functions, to prevent, or detect and correct, misstatements on a timely basis. According to AU-C 265, this circumstance is a
Control deficiency.
Which of the following components of internal control includes development and use of training policies that communicate prospective roles and responsibilities to employees?
Control environment.
Which of the following components of internal control would be considered the foundation for the other components?
Control environment.
Which of the following best describe the interrelated components of internal control?
Control environment; risk assessment process; control activities; the information system, including related business processes; and monitoring of controls.
After obtaining an understanding of the entity and its environment, including its internal control, the auditor assesses
Control risk and inherent risk to determine the acceptable level of detection risk.
Which of the following is not a component of internal control?
Control risk.
Which of the following best describes an inherent limitation that should be recognized by an auditor when considering the potential effectiveness of internal control?
Controls, whether manual or automated, whose effectiveness depends on segregation of duties can be circumvented by collusion.
Which of the following symbolic representations indicates that new payroll transactions and the old payroll file have been used to prepare payroll checks, prepare a printed payroll journal, and generate a new payroll file?
D
In obtaining an understanding of controls that are relevant to audit planning, an auditor is required to obtain knowledge about the
Design of the controls included in the internal control components.
Which of the following are considered control environment elements?
Detection Risk - No Commitment to Competence- Yes
Recording a transaction not compare the accounting record of the asset with the asset itself.
Detection Risk- No Human Resources Policies and Practices- Yes
An auditor uses the knowledge provided by the understanding of internal control and the assessed risks of material misstatement primarily to
Determine the nature, timing, and extent of substantive procedures for financial statement assertions.
In obtaining an understanding of internal control, the auditor may trace several transactions through the control process, including how the transactions interface with any service organizations whose services are part of the information system. The primary purpose of this task is to
Determine whether the controls have been implemented.
Effective internal control in a small company that has an insufficient number of employees to permit proper division of responsibilities can best be enhanced by
Direct participation by the owner of the business in the recordkeeping activities of the business.
In an audit of financial statements of a nonissuer in accordance with GAAS, an auditor is required to
Document the auditor's understanding of the entity's internal control components.
In an audit of financial statements in accordance with generally accepted auditing standards, an auditor should
Document the auditor's understanding of the entity's internal control.
Which of the following activities by small business clients best demonstrates management integrity in the absence of a written code of conduct?
Emphasizing ethical behavior through oral communication and management example.
An auditor would most likely be concerned with controls that provide reasonable assurance about the
Entity's ability to initiate, authorize, record, process, and report financial data
Which of the following is a management control method that most likely could improve management's ability to supervise company activities effectively?
Establishing budgets and forecasts to identify variances from expectations.
Which of the following is an inherent limitation in internal control?
Faulty human judgment.
Internal control cannot be designed to provide reasonable assurance that
Fraud will be eliminated.
An auditor uses the audit evidence provided by the understanding of internal control and the assessment of the risks of material misstatement to determine the nature, timing, and extent of
Further audit procedures.
Which of the following items is an example of an inherent limitation in an internal control system?
Human error in decision making.
Which of the following factors would most likely be considered an inherent limitation to an entity's internal control?
Human judgment in the decision making process.
A conceptually logical approach to the auditor's consideration of relevant controls consists of the following four steps: Determine whether the relevant controls are capable of preventing, or detecting and correcting, material misstatements and have been implemented. Evaluate the operating effectiveness of relevant controls. Assess the risks of material misstatement. Design further audit procedures. What is the most logical order in which these four steps are performed?
I, III, IV, II
Which of the following is the most logical order of performing steps I through III below? I. Tests of controls II. Understanding of internal control III. Substantive procedures
II, I, III.
The following are steps in the financial statement audit process: Prepare flowchart Gather exhibits of all documents Interview personnel The most logical sequence of steps is
III, II, I.
In planning an audit, the auditor's knowledge about the design of relevant controls should be used to
Identify the types of potential misstatements that could occur.
Obtaining an understanding of an internal control involves evaluating the design of the control and determining whether the control has been
Implemented.
An entity should consider the cost of a control in relationship to the risk. Which of the following controls best reflects this philosophy for a large dollar investment in heavy machine tools?
Imprinting a controlled identification number on each tool.
Which of the following most likely would not be considered an inherent limitation of the potential effectiveness of an entity's internal control?
Incompatible duties.
The primary objective of procedures performed to obtain an understanding of internal control is to provide an auditor with
Knowledge necessary for audit planning.
For the audit of a nonissuer, the primary objective of procedures performed to obtain an understanding of internal control is to provide an auditor with
Knowledge necessary to plan the audit.
Decision tables differ from program flowcharts in that decision tables emphasize
Logical relationships among conditions and actions.
An auditor is concerned with controls designed to safeguard assets that are relevant to the reliability of financial reporting. Adequate safeguards over access to and use of assets means protection from
Losses arising from access by unauthorized persons.
According to AU-C 315, Understanding the Entity and its Environment and Assessing the Risks of Material Misstatement, not all controls are relevant to a financial statement audit. Which one of the following would most likely be considered in an audit?
Maintenance of control over unused checks.
The control environment may decrease the effectiveness of control activities when
Management has substantial incentives for meeting earnings projections.
A small private entity may use less formal means to ensure that internal control objectives are achieved. For example, extensive accounting procedures, sophisticated accounting records, or formal controls are least likely to be needed if
Management is closely involved in operations
When obtaining an understanding of an entity's control environment, an auditor should concentrate on the substance of controls rather than their form because
Management may establish appropriate controls but not act on them.
When obtaining an understanding of an entity's internal control, an auditor should concentrate on their substance rather than their form because
Management may establish appropriate controls but not enforce compliance with them.
Which of the following would an auditor most likely consider in evaluating the control environment of an audit client?
Management's operating style.
Which of the following is a factor in the control environment?
Management's philosophy and operating style.
Internal controls are designed to provide reasonable assurance that
Material errors or fraud will be prevented, or detected and corrected, within a timely period by employees in the course of performing their assigned duties.
The ultimate purpose of understanding internal control is to contribute to the auditor's evaluation of the risk that
Material misstatements may exist in the financial statements.
Which of the following statements regarding auditor documentation of the understanding of the client's internal control components obtained to plan the audit is correct?
No one particular form of documentation is necessary, and the extent of documentation may vary.
Which of the following procedures most likely will provide an auditor with sufficient evidence about whether an entity's controls are suitably designed and have been implemented to prevent, or detect and correct, material misstatements?
Observing the entity's personnel applying the controls.
Which of the following procedures is an auditor most likely to include in the planning phase of a financial statement audit?
Obtain an understanding of the entity's risk assessment process.
As part of understanding internal control relevant to the audit of a non issuer, an auditor does not need to
Obtain knowledge about the operating effectiveness of internal control.
The auditor observes client employees while obtaining an understanding of internal control to
Obtain knowledge of the design and implementation of relevant controls.
Proper segregation of duties reduces the opportunities to allow persons to be in positions both to
Perpetrate and conceal fraud and error.
Which of the following audit techniques ordinarily would provide an auditor with the least assurance about the operating effectiveness of an internal control activity?
Preparation of system flowcharts.
Which of the following is not a medium that can normally be used by an auditor to record information concerning internal control?
Procedures manual.
An auditor should obtain an understanding of an entity's information system, including
Process used to prepare significant accounting estimates.
An advantage of using systems flowcharts to document information about internal control instead of using internal control questionnaires is that systems flowcharts
Provide a visual depiction of clients' activities.
The auditor should document the understanding of internal control. For example, a narrative memorandum may be
Provide a written description of the process and flow of documents and of the control points.
Proper segregation of duties reduces the opportunities to allow any employee to be in a position to both
Record and conceal fraudulent transactions in the normal course of assigned tasks.
A proper segregation of duties requires that an individual
Recording a transaction not compare the accounting record of the asset with the asset itself.
Each of the following types of controls is considered to be an entity-level control, except those
Regarding the company's annual stockholder meeting.
Internal control is a function of management, and effective control is based upon the concept of charge and discharge of responsibility and duty. Which of the following is one of the overriding principles of internal control?
Responsibility for the performance of each duty must be fixed.
In obtaining an understanding of a manufacturing entity's internal control concerning inventory balances, an auditor most likely would
Review the entity's descriptions of inventory policies and procedures.
Internal control has five components: the control environment, risk assessment, information and communication, monitoring, and control activities. Control activities relevant to an audit may be categorized as policies and procedures that pertain to
Reviewing actual performance.
Which of the following is a component of internal control?
Risk assessment.
In order to obtain an initial understanding of internal control sufficient to assess the risk of material misstatement of the financial statements, an auditor would most likely perform which of the following procedures?
Risk-assessment procedures to evaluate the design of relevant controls.
In obtaining an understanding of internal control in a financial statement audit, an auditor is not obligated to
Search for significant deficiencies in the operation of internal control.
Basic to a proper control environment are the quality and integrity of personnel who must perform the prescribed procedures. Which is not a factor in providing for competent personnel?
Segregation of duties
When documenting internal control, the independent auditor sometimes uses a systems flowchart, which can best be described as a
Symbolic representation of a system or series of sequential processes.
Which of the following represents an example of an inherent limitation of internal controls?
The CEO can override a control and request a check with no purchase order.
Which of the following factors is least likely to affect the extent of the auditor's understanding of the entity's internal controls?
The amount of time budgeted to complete the engagement.
Internal control can provide only reasonable assurance of achieving an entity's control objectives. The likelihood of achieving those objectives is affected by which limitation inherent to internal control?
The cost of internal control should not exceed its benefits.
Which of the following statements about internal control is correct?
The cost-benefit relationship is a primary criterion that should be considered in designing internal control.
Which of the following factors is most likely to affect the extent of the documentation of the auditor's understanding of a client's system of internal controls?
The degree to which information technology is used in the accounting function.
Although substantive tests may support the accuracy of underlying information used in monitoring, these tests may provide no affirmative evidence of the effectiveness of monitoring controls because
The information used in monitoring may be accurate even though it is subject to ineffective control.
Although substantive procedures may support the accuracy of underlying records, these tests frequently provide no affirmative evidence of segregation of duties because
The records may be accurate even though they are maintained by a person who performs incompatible functions.
Which of the following factors is most relevant when an auditor considers the client's organizational structure in the context of the risks of material misstatement?
The suitability of the client's lines of reporting.
The normal sequence of documents and operations on a well-prepared systems flowchart is
Top to bottom and left to right.
An auditor is evaluating a client's internal controls. Which of the following situations would be the most difficult internal control issue for an auditor to detect?
Two employees, who work in different departments, are circumventing an internal control.
An auditor's flowchart of a client's accounting system is a diagrammatic representation that depicts the auditor's
Understanding of the system.
An auditor is concerned about management override as a limitation of internal control. Which of the following tests would best assess the validity of the auditor's concern?
Verifying that approved spending limits are not exceeded.
Which of the following is not a valid concept of internal control?
When one person is responsible for all phases of a transaction, there should be a clear designation of that person's responsibility.
