Auditing Chapter 7

Which of the following is NOT ordinarily a procedure for documenting an auditor's understanding of internal control for planning purpose?

Confirmation

When a CPA decides that the work performed by internal auditors may have an effect on the nature, timing, and extent of the CPA's procedures, the CPA should consider the competence and objectivity of the internal auditors. Relative to objectivity, the CPA should:

Consider the organizational level to which the internal auditors report the results of their work.

Which of the following would be least likely to be considered an objective of internal control?

Detecting management fraud

Effective internal control in a small company that has an insufficient number of employees to permit proper separation of responsibilities can be improved by:

Direct participation by the owner in key record keeping and control activities of the business

Which of the following is not an advantage of establishing an enterprise risk management system system within the organization

Eliminate all risks

To have an adequate basis to issue a management report on internal control under Section 404(a) of the Sarbanes-Oxley Act, management must do all of the following, except:

Establish internal control with no material weakness

Tests of control do not address:

How controls were originated

A primary objective of procedures performed to obtain an understanding or internal control is to provide

Knowledge necessary to determine the nature, timing, and extent of further audit procedures

An entity's ongoing monitoring activities often include:

Management review of weekly performance reports

Which of the following is least likely to be a test of controls?

Observation of confirmations

Tests of controls ordinarily are designed to provide evidence of:

Operating effectiveness

Controls over financial reporting are often classified as preventive, detective, or corrective. Which of the following is an example of a detective control?

Preparing bank reconciliations

An auditor may compensate for a weakness in internal control by increasing the extent of:

Substantive tests of details

When the auditors are performing a first-time internal control audit in accordance with the Sarbanes_Oxley Act and PCAOB standards, they should:

Test controls for all significant accounts.

The preliminary assessments of control risk are often referred to as:

The planned assessed level of control risk

At the completion of the audit, the auditor are least likely to know:

actual control risk