ACG 4651
Tests of details are categorized into what two items?
(1) Substantive tests of transactions (2) tests of details of account balances and actions
Identify the 7 major phases of an audit
(1) client acceptance/continuance (2) preliminary engagement activities (3) plan the audit (4) consider and audit internal control (5) audit business processes and related accounts (6) complete the audit (7) evaluate results and issue audit report
Internal control as defined by COSO includes 5 components:
(1) control environment (2) entity's risk assessment (3) control activities (4) information and communication (5) monitoring activities
What are the three steps in applying materiality in an audit?
(1) determine overall materiality (2) determine tolerable misstatement (3) evaluate audit findings
What are the three preliminary engagement activities?
(1) determine the audit engagement team requirements (2) ensure the independence of the auditing team and audit firm (3) establish an understanding with the client regarding the services to be performed and the other terms of the engagement
What four steps does an auditor follow to detect the risks of material misstatements due to fraud?
(1) discussion among the audit team (2) Inquiries of management and others (3) consider any unusual or unexpected relationships discovered in the audit (4) understand the period-end closing process and any unexpected adjustments
Management's internal control assessment process has what three steps?
(1) identify financial reporting risks and related controls (2) consider which locations to include in the evaluation (3) evaluate evidence about the operating effectiveness of ICFR
From management's perspective, what are the steps of the financial statement auditing process?
(1) implement internal controls (2) conduct transactions (3) accumulate transactions into account balances (4) prepare financial statements (5) issue financial statements to users (with audit report)
What are some limitations of an entity's internal control?
(1) management override (2) human errors or mistakes (3) collusion
From an auditor's perspective, what are the steps of the financial statement auditing process?
(1) obtain evidence (2) test management's assertions against criteria (GAAP) (3) determine overall fairness of financial statements (4) issue audit report to accompany financial statements
What are the three general types of audit tests?
(1) risk assessment procedures (2) tests of controls (3) substantive procedures
Management's internal control assessment process also involves special consideration of what two topics:
(1) service organizations (2) safeguarding assets
What are the two key descriptors of audit evidence?
(1) sufficient and (2) appropriate
What are the three main goals of the audit documentation (work papers)?
(1) support the audit report (2) document the planning, performance, and supervision of the audit (3) to provide a basis for review
The GAAS have been replaced in ______ standards.
ASB
To enable an external auditor to complete an audit of the ICFR, management must __________ for the effectiveness of the entity's ICFR.
Accept responsibility
Tests of details of account balances and actions entail verifying financial statement __________ by sending ________ to a sample of informants/customers/etc.
Account balances / confirmations
FASB is responsible for creating the ________, which is recognized as the source of U.S. GAAP by the SEC, PCAOB, and the AICPA.
Accounting Standards Codification (ASC)
The records of initial entries and supporting records, such as checks and records of electronic funds transfers; invoices; contracts; the general and subsidiary ledgers, journal entries and other adjustments to financial statements that are not reflected in formal journal entries; and records such as work sheets and spreadsheets supporting cost allocations, computations, reconciliations, and disclosures.
Accounting records
Which assertion relates to whether amounts and other data relating to recorded transactions and events have been recorded appropriately?
Accuracy
A ________ opinion indicates that the financial statements are not fairly stated and should not be relied upon.
Adverse
If a misstatement is considered so material that it pervasively effects the interpretation of the financial statements, the auditor will issue a ________ opinion.
Adverse
Evaluations of financial information through analysis of plausible relationships among both financial and nonfinancial data.
Analytical procedures
Controls that apply to the processing of specific computer applications and are part of the computer programs used in the accounting system.
Application controls
Measure of the quality of audit evidence
Appropriateness
Expressed or implied representations by management regarding the recognition, measurement, presentation, and disclosure of information in the financial statements and related disclosures.
Assertions
In the phase called "consider audit and internal control," the auditor seeks to obtain an understanding of internal control to help ___________.
Assess risk and identify areas where financial statements might be misstated.
What are the four levels of the auditing team, from lowest to highest?
Associate/staff, senior/in-charge, manager, partner
Encompasses attest services and financial statement audits
Assurance services
Independent professional services that improve the quality of information, or its context, for decision makers.
Assurance services
A service when a practitioner is engaged to issue or does issue a report on subject matter, or an assertion about subject matter, that is the responsibility of another party.
Attest
Encompasses financial statement audits
Attest
A committee consisting of members of the BOD, charged with overseeing the entity's system of internal control over financial reporting, internal and external auditors, and the financial reporting process.
Audit committee
Significant deficiencies should be reported to the ________ and ______ only, not externally.
Audit committee and management
Proper heading, indexing, cross referencing, and tick marks are all part of proper format of _________.
Audit documentation
The auditor's principal record of the work performed and the basis for the conclusions in the auditor's report.
Audit documentation (work papers)
All the information used by the auditor in arriving at the conclusions on which the audit opinion is based.
Audit evidence
Includes information contained in the accounting records underlying the financial statements, as well as other information.
Audit evidence
When an auditor documents a description of the nature, timing, and extent of the planned audit procedures to be used in order to comply with auditing standards, this is part of the ________.
Audit plan
Assessing business risks, establishing materiality, and considering multilocations are part of the ________.
Audit plan/strategy
Assessing the need for specialists, considering violations of laws and regulations, and identifying related parties are part of the _______.
Audit plan/strategy
Specific acts performed by the auditor in gathering evidence to determine if specific assertions are being met
Audit procedures
Detection risk is lowered by performing additional ________.
Audit procedures.
The risk that an auditor expresses an inappropriate audit opinion when the financial statements are materially misstated.
Audit risk
Specific acts performed as the auditor gathers evidence to determine if specific audit objectives are being met.
Audit strategy
When an auditor determines the scope of the engagement, ascertains the reporting objectives to plan the timing of the audit, and considers the factors that will determine the focus of the auditing team's efforts, this is part of the ________.
Audit strategy
The systematic process of (1) objectively obtaining and evaluating evidence regarding assertions about economic actions and events to ascertain the degree of correspondence between those assertions and established criteria and (2) communicating the results to interested users.
Auditing
A subcommittee of the board of directors that is responsible for the financial reporting and disclosure process.
Auditing committee
Audit documentation is the property of the _________.
Auditor
Which assertion relates to whether all transactions have been properly authorized?
Authorization
Processes implemented by management to achieve entity objections.
Business processes
___________ are organized into the following categories: revenue, purchasing, HR management, inventory management, and financial.
Business processes
An auditor might try to understand an entity's nature, industry, regulations, objectives/strategies, performance measures, and internal controls as part of the process to assess ___________.
Business risks
Risks resulting from significant conditions, events, circumstances, and actions or inactions that could adversely affect management's ability to execute the strategies and to achieve its objectives, or through the setting of inappropriate objectives or strategies.
Business risks
To sign an audit opinion on an entity's financial statements, an external auditor must be a ________.
CPA
Which assertion relates to whether transactions and events have been recorded in the proper accounts?
Classification
Determining if the auditing firm is independent, has the necessary technical skills, and if the engagement would violate applicable regulatory agency requirements or the Code of Professional Conduct is part of the __________ process.
Client acceptance/continuance
Obtaining available financial information, inquiring third parties and considering whether there may be items that require special attention are part of the __________ process.
Client acceptance/continuance
A range of acceptable amounts or a precisely determined point estimate for an estimate (e.g., uncollectible receivables) if that is a better estimate than any other amount.
Closest reasonable estimate
A set of principles, rules, and interpretations that establish guidelines for acceptable behavior for accountants and auditors.
Code of Professional Conduct
What code may govern communications with predecessor auditor?
Code of Professional Conduct
Which assertion relates to whether all assets, liabilities, and equity interests that should have been included as ending balances on the financial statements have been included?
Completeness
Which assertion relates to whether all transactions and events that occurred during the period have been recorded?
Completeness
A _________ audit determines the extent to which rules, policies, laws, covenants, or government regulations are followed by the entity.
Compliance
Computer programs that allow auditors to test computer files and databases.
Computer-assisted audit techniques (CAAT)
Audit evidence obtained by the auditor as a direct written response to the auditor from a third party in paper form or by electronic or other media.
Confirmation
The design or operation of an internal control does not allow management or employees to prevent, detect and correct, misstatements.
Control deficiency
The tone of an organization, which reflects the overall attitude, awareness, and actions of the BOD, management, and owners influencing the control consciousness of its people.
Control environment
The risk that a misstatement that could occur in an assertion about an account or disclosure and that could be material, either individually or in combination with other misstatements, will not be prevented, or detected and corrected, on a timely basis by the entity's internal control
Control risk (CR)
Tests of _____ can be performed to provide evidence to support lower levels of ______ risk.
Controls; control
The oversight mechanisms in place to help ensure the proper stewardship over an entity's assets
Corporate governance
The financial statements, auditor's report, audit plan, audit programs, minutes of meetings, working trial balance, adjusting journal entries, and working papers would be part of the audit's _________ file.
Current
Which assertion relates to whether transactions and events have been recorded in the correct accounting period?
Cutoff
The risk that the procedures performed by the auditor will not detect a misstatement that exists and that could be material, either individually or in combination with other misstatements.
Detection risk (DR)
There is a ________ relationship between sample size and assurance.
Direct
Audit evidence is more reliable when it is exists in a ________ form versus an oral representation.
Documentable
Tests of transactions that evaluate the effectiveness of controls and detect monetary errors.
Dual purpose tests
An auditor that plans and performs his or her duties with the skill and care that is commonly expected of accounting professionals is exercising ______.
Due professional care
To enable an external auditor to complete an audit of the ICFR, management must evaluate the _________ of the ICFR and have sufficient ___________.
Effectiveness ; evidence
Any additional services to be performed outside of the audit should be disclosed in the __________.
Engagement letter
Arrangements involving specialists or internal auditors should be disclosed in the __________.
Engagement letter
Limitation of the liability of the auditor or client should be disclosed in the __________.
Engagement letter
The risk that the auditor is exposed to financial loss or damage to his or her professional reputation from litigation, adverse publicity, or other events arising in connection with financial statements audited and reported on.
Engagement risk
Controls that have a pervasive effect on the entity's system of internal controls, such as controls related to the control environment; controls over mgmt override; risk assessment process; controls to monitor results of operations; etc.
Entity-level controls
Unintentional misstatements or omissions of amounts or disclosures.
Errors
A system or code of conduct based on moral duties and obligations that indicates how an individual should behave.
Ethics
What is the purpose of an audit?
Evaluate the fairness of the agent's financial reports to the principal (absentee owner). The audit opinion adds credibility to the reports and reduces the principal's information risk.
Which assertion relates to whether ending balances of assets, liabilities, and equity interests included in the financial statements exist at the date of the financial statements?
Existence
In an auditor's report, the ___________ paragraph contains explanatory language.
Explanatory (4th)
In an auditor's report, the ___________ paragraph refers to the audit of internal control.
Explanatory (4th)
Material weaknesses should be reported to the audit committee, management, and ______.
Externally
A privately funded body whose mission is to establish standards for financial accounting and reporting.
FASB
GAAP standards are currently issued by ______ with oversight by ______.
FASB; the SEC
Misstatements about which there is no doubt.
Factual misstatements
The requirements that work is adequately planned, assistants are supervised, an understanding of internal control, and sufficient appropriate evidential matter is obtained are part of the _______ standards of the 10 GAAS.
Field Work
The risk that a misstatement could result in a material misstatement of the financial statements.
Financial reporting risks
Expressed or implied representations by management that are reflected in the financial statement components.
Financial statement assertions
A ________ audit seeks to detect or deter fraudulent activities.
Forensic
An intentional act by one or more among management, those charged with governance, employees, or third parties, involving the use of deception that results in a misstatement in the financial statements.
Fraud
Accounting principles that are generally accepted for the preparation of financial statements in the U.S.
GAAP
The requirements that the auditors have adequate training, maintain independence, and exercise due professional care are part of the _______ standards of the 10 GAAS.
General
Controls that relate to the overall information processing environment and have a pervasive effect on the entity's computer operations.
General controls
Statements that guide the conduct of financial statement auditing
Generally accepted accounting standards (GAAS)
If the auditor determines a low level of audit risk is appropriate, and risk of material misstatement is low, a ______ level of detection risk should be tolerated.
High
To set the control risk at any level other than ______, the auditor must identify controls to be relied upon, perform tests of the controls, and conclude on the achieved level of control risk.
High
When an auditor determines controls are not properly designed or implemented, the auditor will set control risk at ______ and use substantive procedures to _______ the risk of material misstatement.
High ; lower
If inherent risk and control risk are low, the auditor would accept a _____ level of detection risk in order to achieve the planned level of audit risk,
Higher
Inspection of tangible assets, reperformance, and recalculation is the _____ level of reliability of evidence.
Highest
The ______ is the international counterpart to FASB.
IASB
The ______'s standards, called IFRS, are the predominantly recognized accounting standards outside the U.S.
IASB's
The use of ________ can affect internal control because it affects the way transactions are initiated, recorded, processed, and reported.
IT
Violations of laws or governmental regulations
Illegal acts
Conducting substantive procedures ONLY at an interim date may __________ the risk that material misstatements are present in the financial statements.
Increase
The purpose of client acceptance/continuance policies is to minimize the likelihood that an auditor will be associated with clients who lack integrity, which _______ the risk that material misstatements exist.
Increases
A state of objectivity in fact and in appearance, including the absence of any significant conflicts of interest.
Independence
Substantive tests of transactions test for errors or fraud in __________.
Individual transactions
The concept that the manager generally has more information about the true financial position and results of operations of the entity than the absentee owner does.
Information assymetry
The susceptibility of an assertion in an account or disclosure to a misstatement due to error or fraud that could be material before consideration of any related controls.
Inherent risk (IR)
What is the formula for the risk of material misstatement (RMM)?
Inherent risk (IR) x Control risk (CR)
What three techniques might an auditor use to assess risk?
Inquiries, analytical procedures, and observation/inspection
Seeking information of knowledgable persons, both financial and nonfinancial, within the entity or outside the entity.
Inquiry
Examination of internal or external records or documents
Inspection
An audit of both financial statements and internal control over financial reporting (ICFR).
Integrated audit
_________ audits are required for public companies.
Integrated audits
What might an auditor ask a former auditor?
Integrity of management, Disagreements about accounting policies, communications to higher ups about fraud and noncompliance with laws, communications about deficiencies in internal controls, and the reason to change auditors
The method by which an entity's BOD, management, and other personnel provide reasonable assurance about the reliability of financial reporting, effectiveness and efficiency of operations; and compliance with applicable laws and regulations.
Internal control
A process designed by the entity's principal executive and financial officers to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements in accordance with GAAP.
Internal controls over financial reporting
Statements issued by IFAC's International Auditing and Assurance Standards Board.
International Standards on Auditing (ISA)
The International Auditing and Assurance Standards Board (IAASB) issues ________ and is the predominately recognized international auditing standards setter outside the U.S.
International Standards on Auditing (ISA)
In an auditor's report, the ___________ paragraph indicates which financial statements are covered by the report.
Introductory
In an auditor's report, the ___________ paragraph states that the auditor has responsibility to state an opinion.
Introductory
In an auditor's report, the ___________ paragraph states that the statements are the responsibility of management.
Introductory
Detection risk has a _______ relationship to inherent risk and control risk.
Inverse
There is an _________ relationship between sample size and materiality.
Inverse
Misstatements that arise from differences between the auditor's accounting estimates and management's estimates.
Judgemental misstatements
If an auditor assesses materiality for an account to be a large amount, a _______ sample will be needed.
Larger
What are the two dimensions of control deficiency?
Likelihood and magnitude of misstatements
The auditor has ______ control over inherent and control risks of an entity.
Little or no
If the auditor determines a low level of audit risk is appropriate, and risk of material misstatement is high, a ______ level of detection risk should be tolerated.
Low
When an auditor determines controls are properly designed or implemented, the auditor will set control risk at ______ and use tests of controls to obtain _________ that the controls are operating effectively.
Low ; audit evidence
If inherent risk and control risk are high, the auditor would accept a _____ level of detection risk in order to achieve the planned level of audit risk,
Lower
Observation or inquiry is the _____ level of reliability of evidence.
Lowest
Members of the audit committee must be independent of _________.
Management
Consulting services that may provide advice and assistance concerning an entity's organization, personnel, finances, operations, systems, or other activities.
Management advisory services
In corporate governance, __________ play primary roles and ________ play a key facilitating role.
Management and BOD / Independent auditors
Which level of the auditing team is responsible for ensuring that the audit is properly planned, schedules team members, and deals with invoicing?
Manager
Which type of deficiency in internal controls is the worst?
Material deficiency
A BAD deficiency, or combination of deficiencies, in internal control, such that there is a reasonable possibility that a material misstatement of the entity's financial statements will not be prevented, or detected and corrected, in a timely basis.
Material weakness
If a control deficiency has a high magnitude and high likelihood of misstatements, it is a _________.
Material weakness
The maximum amount by which the auditor believes the financial statements could be misstated and still not affect the decisions of users.
Materiality
The audit committee is formed of __________.
Members of the BOD
Inspection of records and documents, confirmation, analytical procedures, and scanning is the _____ level of reliability of evidence.
Middle
An instance where a financial statement assertion is not in accordance with the criteria against which it is audited (e.g., GAAP).
Misstatement
May be classified as fraud (intentional) or other illegal acts such as noncompliance with laws and regulations (intentional or unintentional), and errors (unintentional)
Misstatements
If the auditor determines a low level of audit risk is appropriate, and risk of material misstatement is moderate, a ______ level of detection risk should be tolerated.
Moderate
A process that assesses the quality of internal control performance over time.
Monitoring of controls
A cancelled check from the bank is ______ reliable than a duplicate copy of the check
More
A confirmation of the entity's bank balance received directly by the auditor is ______ reliable than the cash balance listed on the G/L.
More
Evidence obtained directly by the auditor is considered ____ reliable (e.g., a physical inspection of inventory where the auditor is experienced)
More
Evidence obtained from an independent source outside the entity is usually viewed as _______ reliable than evidence obtained solely from within an entity.
More
Original documents are ______ reliable than copies or faxes.
More
________ refers to the type of evidence
Nature
Is it normally the auditor's responsibility to disclose fraud to outside parties?
No
Process of watching a process or procedure being performed by others
Observation
Which assertion relates to whether all recorded transactions and events have occurred and pertain to the entity?
Occurrence
A _______ audit involves a systematic review of part of or all of an organization's activities to evaluate whether resources are being used effectively and efficiently.
Operational
In an auditor's report, the ___________ paragraph contains the auditor's opinion concerning the fairness of the financial statements based on audit evidence.
Opinion (3rd)
The phrase "in all material respects" and an emphasis on materiality will be found in the __________ paragraph of the auditor's report.
Opinion (3rd)
The phrase "presents fairly....in conformity with GAAP" will be found in the __________ paragraph of the auditor's report.
Opinion (3rd)
What are the three components of the fraud risk triangle?
Opportunity, incentive, rationalization
Data that is audit evidence but NOT accounting records, including minutes of meetings, confirmations from third parties, analyst reports, etc, are called _______.
Other information
SOX effectively transferred authority to set and enforce auditing standards for public company audits to the ________.
PCAOB
The GAAS are still found in ______ standards.
PCAOB
While this entity is a nonprofit, it is in reality a quasi-governmental regulatory agency overseen by the SEC
PCAOB
The ______ creates auditing standards for public companies, while the _______ creates standards for private companies
PCAOB; AICPA
Which level of the auditing team is responsible for assembling the auditing team?
Partner
Which level of the auditing team is responsible for concluding on the adequacy of the evidence and signing the audit report?
Partner
Which level of the auditing team is responsible for ensuring that the audit is properly planned and conducted in accordance with GAAS?
Partner
Which level of the auditing team is responsible for reaching an agreement with auditee on the scope of the service to be provided?
Partner
What are the four main steps of assessing business risk and the risk of material misstatement?
Perform risk assessment procedures, identify business risks that could result in material misstatements, evaluate the entity's risk assessment and response, assess the risk of material misstatement at the financial statement and assertion levels.
The corporate charter, chart of accounts, organizational chart, contracts, internal control documentation, terms of stock and bond issues, and prior years' procedure results would be part of the audit's __________ file.
Permanent
In most cases, the auditor relies on evidence that is ________ rather than convincing.
Persuasive
Security of assets, authorization requirements, and periodic counting of cash and inventory are examples of __________.
Physical controls
Audit _______ includes assessing business risks, establishing materiality, and considering multilocations.
Planning
Audit _______ includes assessing the need for specialists, considering violations of laws/regulations, and identifying related parties.
Planning
Audit _______ includes considering other value-added services.
Planning
Audit _______ includes preparing audit programs
Planning
The auditing team would make a preliminary assessment of the client's business risks and determine materiality during the ________ phase.
Planning
The ASB replaced the 10 GAAS with _____________.
Principles Underlying an Audit Performed in Accordance with GAAS
An attitude that includes a questioning mind and a critical assessment of audit evidence.
Professional skepticism
Due professional care requires that the auditor exercise ___________.
Professional skepticism
Auditor's best estimate of misstatements in populations, applying misstatements in an audit sample to the entire population from which the sample was drawn.
Projected misstatements
Public accounting firms are typically formed as _________ or _______.
Proprietorship or form of partnership
An organization created to provide professional accounting related services, including auditing.
Public accounting firm
A ________ opinion indicates that the financial statements are fairly stated except for the misstatement identified by the auditor.
Qualified
An audit done in accordance with GAAS by an INDEPENDENT auditor WITH significant limitations imposed on the auditor that finds the financial statements are free of material departures from GAAP, would receive a ________ report.
Qualified
An audit done in accordance with GAAS by an INDEPENDENT auditor with NO significant limitations imposed on the auditor but that finds the financial statements are NOT free of material departures from GAAP, would receive a ________ report.
Qualified
If a client's financial statements contain a misstatement that the auditor considers material and the client refuses to correct the misstatement, the auditor will issue a _______ report.
Qualified
At the end of an audit, if the auditor assesses the achieved audit risk as greater than the planned level of audit risk, it can issue an ________ opinion or perform more _______.
Qualified ; Audit work
The sufficiency of audit evidence refers to the __________ of evidence the auditor obtains.
Quantity
A high but not absolute level of assurance
Reasonable assurance
The concept that an audit done in accordance with auditing standards may fail to detect a material misstatement in a client's financial statements.
Reasonable assurance
Auditor's checking the mathematical accuracy of documents or records
Recalculation
The relationship of evidence to the assertion or to the objective of the control being tested.
Relevance
The appropriateness of audit evidence refers to the ______ and _____ of evidence the auditor obtains.
Relevance and reliability
Evidence is considered appropriate when it provides information that is both ________ and ________.
Relevant and reliable
A financial statement assertion that has a reasonable possibility of containing a misstatement that would cause the financial statements to be materially misstated.
Relevant assertion
The _____ of evidence refers to whether a particular type of evidence can be relied upon to signal the true state of an assertion.
Reliability
The diagnosticity of evidence--whether the evidence can be depended on
Reliability
The controls that are of most direct relevance to a financial statement audit are those that contribute to the ________, _________, and ________ of external financial reporting.
Reliability; timeliness; and transparency
The auditor's decision to rely on the entity's controls, test those controls, and reduce the direct tests of the financial statement accounts.
Reliance strategy
The process of correcting a material weakness as part of management's assessment of the effectiveness of ICFR.
Remediation
The auditor's independent execution of procedures and controls that were originally performed as part of the entity's internal control
Reperformance
The end product of the auditor's work, indicating the auditing standards followed and expressing an opinion as to whether an entity's financial statements are fairly presented in accordance with agreed-upon criteria (e.g., GAAP).
Reporting
The requirements that the report states whether the financial statements are in accordance with GAAP, identifies deviations from GAAP, ensures financial statement disclosures are adequate unless otherwise noted, and expression of an opinion are part of the _______ standards of the 10 GAAS.
Reporting
Which assertion relates to whether the entity holds or controls the rights to assets included on the financial statements, and that the liabilities are the obligation of the entity?
Rights and obligations
An auditor must understand internal controls to pinpoint the factors that affect ______ of material misstatement.
Risk
The identification, analysis and management of risks relevant to the preparation of financial statements that are fairly presented in conformity with GAAP.
Risk assessment
The preaudit risk that the entity's financial statements contain a material misstatement whether caused by error or fraud
Risk of material misstatement
What is the formula for audit risk (AR)?
Risk of material misstatement (RMM) x detection risk (DR) OR IR x CR x DR
The FASB, ASB, and PCAOB work closely with the ______ when formulating accounting and auditing standards.
SEC
When service organizations engage an auditor to issue an attestation report regarding the controls they have in place over transactions that might materially impact customers' financial report, it is called a ________.
SOC1 report
Which act requires public companies to obtain an integrated audit?
SOX
______ transferred authority for standard setting, inspection, investigation and enforcement for public company audits from the profession (AICPA) to the PCAOB.
SOX
___________ required auditors of public companies to provide an opinion on the effectiveness of internal controls.
SOX
Policies and procedures that provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use, or disposition of the entity's assets that could have a material effect on the financial statements
Safeguarding of assets
Reviewing accounting data to identify significant or unusual items
Scanning
In an auditor's report, the ___________ paragraph communicates to users in general terms what an audit entails.
Scope (2nd)
In an auditor's report, the ___________ paragraph emphasizes the fact that the audit provides only reasonable assurance.
Scope (2nd)
In an auditor's report, the ___________ paragraph states that the audit was conducted in accordance with applicable auditing standards.
Scope (2nd)
Refers to the nature, timing, and extent of audit procedures
Scope of the audit
Regulates disclosure of material information in a registration statement for an IPO
Securities Act of 1933
Regulates ongoing reporting by companies whose securities are listed and traded on a stock exchange or that possess assets > $10 million and with equity securities held by 500 or more persons.
Securities Exchange Act of 1934
Separating the custody of assets (C), authorization (A) of transactions, and recording (R) of transactions
Segregation of duties
Which level of the auditing team is responsible for developing the auditing plan, and preparing budgets?
Senior/in-charge
What major topics should an engagement letter cover?
Services to be performed, the auditor's responsibilities and limitations, management's responsibilities
The PCAOB requires audit documentation to be maintained for ____ years.
Seven
The last details of the auditor's report include a ________ and a _________.
Signature and date
An account or disclosure is _________ if there is a reasonable possibility that it could contain a misstatement that has a material effect on the financial statements.
Significant
A deficiency, or combination of deficiencies, in internal control that is less severe than a material weakness yet important enough to merit attention by those charged with governance.
Significant deficiency
If a control deficiency has a significant magnitude and reasonable likelihood of misstatements, it is a _________.
Significant deficiency
A risk of material misstatement that is important enough to require special audit consideration.
Significant risk
If an auditor assesses materiality for an account to be a small amount, a _______ sample will be needed.
Smaller
The reliability of evidence is influenced by its ________ and by its ________.
Source and nature
Standards regarding the conduct of financial statement audits for public companies.
Standards of the PCAOB
Statements issued by the AICPA's Auditing Standards Board (ASB)
Statements on Auditing Standards (SAS)
This procedure evaluates financial information by analyzing plausible relationships (e.g., trends and ratios) among both financial and nonfinancial data.
Substantive analytical procedures
The auditor's decision not to rely on the entity's controls and to audit the related financial statement accounts by relying more on substantive procedures.
Substantive strategy
Audit procedures performed to test material misstatements in an account balance or disclosure component of the financial statements.
Substantive test
Tests to detect errors or fraud in individual transactions
Substantive tests of transactions
The measure of the quantity of audit evidence.
Sufficiency
Audit procedures performed to test the operating effectiveness of controls in preventing, or detecting and correcting, material misstatements at the relevant assertion level.
Tests of controls
________ check the operating effectiveness of controls, while ______ are concerned with monetary misstatements.
Tests of controls / substantive tests of transactions
When an auditor determines that an assessed risk of material misstatement is a significant risk, the auditor should perform __________ that mitigate the significant risk or _________ that directly respond to the significant risk.
Tests of controls ; substantive procedures
An auditor must understand internal controls to design __________ and _________.
Tests of controls and substantive procedures
Substantive tests that concentrate on the details of items contained in the account balance and disclosure.
Tests of details
What are the two types of substantive procedures?
Tests of details / Substantive analytical procedures
International financial reporting standards (IFRS) are set by __________.
The International Accounting Standards Board
If fraud involves senior management, the auditor should report the fraud to _________.
The audit committee
If a control deficiency is determined to be a material weakness, the disclosure should include
The nature of the material weakness Its impact on financial reporting and its ICFR Management's plans for remediation
In evaluating evidence, the auditor should be _______ in searching for evidence and _______ in its evaluation.
Thorough; unbiased
The amount of the overall materiality that is used to establish a scope for the audit procedures for the individual account balances or disclosures.
Tolerable misstatement
Taking a source document and following it to the journal or ledger is called ________ and evaluates the _________ assertion.
Tracing ; completeness
TRUE / FALSE - When evaluating audit test results, the auditor should attempt to obtain evidence to determine if fraud occurred and consider the implications for other aspects of the audit.
True
TRUE / FALSE - When evaluating audit test results, the auditor should report the fraud to one level above those involved and with senior management.
True
TRUE / FALSE - When evaluating audit test results, the auditor should suggest that management consult with legal counsel.
True
TRUE OR FALSE - Documentation of ICFR can be paper or electronic, and can include policy manuals, process models, flowcharts, job descriptions, documents, forms, etc.
True
TRUE/FALSE - To assess risk, an auditor might make inquiries of individuals inside and outside of the organization.
True
A report on management's description of a service organization's system and the suitability of the design of controls
Type 1 report
An auditor may reduce control risk below high for a client that uses a service organization if they provide a ______ report.
Type 2
Includes the auditor's opinion on the suitability of the design of the service organization's controls and on the effectiveness of those controls
Type 2 report
Procedure manuals, organizational charts, internal control questionnaires, flowcharts, and narrative descriptions are used to document the ___________ of internal control.
Understanding
An audit done in accordance with GAAS by an INDEPENDENT auditor with NO significant limitations imposed on the auditor that finds the financial statements are free of material departures from GAAP, would receive a ________ report.
Unqualified
At the end of an audit, if the auditor assesses the achieved audit risk as being at or lower than the planned level of audit risk, it can issue an ________ opinion.
Unqualified
A "clean" audit report, indicating the auditor's opinion that a client's financial statements are fairly presented in accordance with agreed-upon criteria (GAAP).
Unqualified audit report
If internal control is assessed as ineffective (high control risk), the evidence from the accounting system would be considered.
Unreliable
Which assertion relates to whether assets, liabilities, and equity interests are at appropriate amounts and that any resulting valuation or allocation adjustments are appropriately recorded?
Valuation and allocation
Selecting an item from the journal or ledger and going back to source documents is called ________ and evaluates the _________ assertion.
Vouching ; occurance
A transaction being traced by an auditor from origination through the entity's information system until it is reflected in the entity's financial reports.
Walkthrough
Encompasses the entire process of initiating, authorizing, recording, processing, and reporting individual transactions and controls for each of the significant processes identified.
Walkthrough
To enable an external auditor to complete an audit of the ICFR, management must present a _________ regarding the effectiveness of the entity's ICFR.
Written assessment
Does an auditor need permission to talk to a former auditor?
Yes
Management's documentation of the internal control assessment process should include the _______ of the controls in place to address the entity's financial reporting risks.
design
In addition to evaluating controls that address financial reporting risks, management should also evaluate whether there are controls to address _______ controls and other pervasive elements of ICFR.
entity level
What are the five main business processes around which auditors organize a financial statement audit?
financing process, purchasing process, HR management process, inventory management process, and the revenue process
Another name for an external auditor is an __________.
independent auditor
Performance reviews, physical controls, segregation of duties, and information processing controls are examples of ____________.
internal control processes
An auditor must understand internal controls to ______ an audit.
plan
An auditor must understand internal controls to identify the types of ____________.
potential misstatements
This type of audit test includes inquiries of management and others, preliminary analytical procedures, and observation and inspection.
risk assessment procedures
This type of audit test is used to obtain an understanding of the entity and its environment, including its internal control.
risk assessment procedures
When may an auditor have to disclose fraud to outside parties?
subpoena, to comply with legal and regulatory requirements, successor auditor, funding agency for entities that receive governmental assistance
This type of audit test includes inquiries of management and staff, inspection of documents, observing application of specific controls, walkthroughs, and reperformance of the application of the control by the auditor.
tests of controls
Tracing a transaction from its origination to its inclusion in the financial statements through a combination of audit procedures, including inquiry, observation, and inspection.
tests of controls