Audit 1 - Exam 2 - Chapters 5,6,7
Which of the following is not an advantage of establishing an enterprise risk management system within an organization? A) Reduces operational surprises. B) Provides integrated responses to multiple risks. C) Eliminates all risks. D) Identifies opportunities.
C) Eliminates all risks. Explanation: An enterprise risk management system cannot eliminate all risks.
Tests of controls ordinarily are designed to provide evidence of: A) Balance correctness. B) Control implementation. C) Disclosure adequacy. D) Operating effectiveness.
D) Operating effectiveness. Explanation: Tests of controls address operating effectiveness of controls.
Which of the following is not a financial statement assertion made by management? A) Existence of recorded assets and liabilities. B) Completeness of recorded assets and liabilities. C) Valuation of assets and liabilities. D) Effectiveness of internal control.
D) Effectiveness of internal control. Explanation: The effectiveness of internal control is not a financial statement assertion made by management.
Tests of controls do not address: A) How controls were applied. B) How controls were originated. C) The consistency with which controls were applied. D) By what means the controls were applied.
B) How controls were originated. Explanation: Auditors are not in general concerned with how controls originated.
In what section of the audit working papers would a long-term lease agreement be filed? A) Current working paper file. B) Permanent working paper file. C) Lead schedule file. D) Corroborating documents file.
B) Permanent working paper file. Explanation: Relatively unchanging data, such as a long-term lease agreement, is placed in the permanent working paper file.
Which of the following is not a function of audit working papers? A) Assist management in illustrating that the financial statements are in accordance with generally accepted accounting principles. B) Assist audit team members responsible for supervision in reviewing the work. C) Assist auditors in planning future engagements. D) Assist peer reviewers and inspectors in performing their roles.
A) Assist management in illustrating that the financial statements are in accordance with generally accepted accounting principles. Explanation: The audit working papers are not prepared to assist management in illustrating that the financial statements are in accordance with generally accepted accounting principles. The other three replies are functions of audit working papers.
When a CPA decides that the work performed by internal auditors may have an effect on the nature, timing, and extent of the CPA's procedures, the CPA should consider the competence and objectivity of the internal auditors. Relative to objectivity, the CPA should: A) Consider the organizational level to which the internal auditors report the results of their work. B) Review the internal auditors' work. C) Consider the qualifications of the internal audit staff . D) Review the training program in effect for the internal audit staff .
A) Consider the organizational level to which the internal auditors report the results of their work. Explanation: The internal auditors' objectivity refers to their relative independence from the organizational units they have been evaluating. This may best be determined by considering the organizational level to which the internal auditors report. The other answers address the issues of the internal auditors' competence, not objectivity.
In using the work of a specialist, the auditors referred to the specialist's findings in their report. This would be an appropriate reporting practice if the: A) Client is not familiar with the professional certification, personal reputation, or particular competence of the specialist. B) Auditors, as a result of the specialist's findings, give a qualified opinion on the financial statements. C) Client understands the auditors' corroborative use of the specialist's findings in relation to the representations in the financial statements. D) Auditors, as a result of the specialist's findings, decide to indicate a division of responsibility with the specialist.
B) Auditors, as a result of the specialist's findings, give a qualified opinion on the financial statements. Explanation: The work of a specialist is only referred to in circumstances in which those findings do not support the representations made by management in the financial statements, thus causing the auditors to modify their report.
Which of the following would be least likely to be considered an objective of internal control? A) Checking the accuracy and reliability of accounting data. B) Detecting management fraud. C) Encouraging adherence to managerial policies. D) Safeguarding assets.
B) Detecting management fraud. Explanation: Detecting management fraud is generally not considered to be an objective of internal control. In fact, one of the inherent limitations of internal control is that it is subject to override by management. All of the other answers represent valid objectives of internal control.
Effective internal control in a small company that has an insufficient number of employees to permit proper separation of responsibilities can be improved by: A) Employment of temporary personnel to aid in the separation of duties. B) Direct participation by the owner in key record keeping and control activities of the business. C) Engaging a CPA to perform monthly write-up work. D) Delegation of full, clear-cut responsibility for a separate major transaction cycle to each employee.
B) Direct participation by the owner in key record keeping and control activities of the business. Explanation: Involvement of the owner in key control functions should be a major step toward preventing material errors or defalcations. Answer (1) would not be cost-effective. Answer (3) would provide some measure of control, but not as much as would daily participation by the owner. If it were feasible to hire additional employees, it would be cheaper to hire permanent employees rather than temporary. The need for internal control is permanent. Answer (4) would weaken, not strengthen internal control.
Analytical procedures are most likely to detect: A) Weaknesses of a material nature in internal control. B) Unusual transactions. C) Noncompliance with prescribed control activities. D) Improper separation of accounting and other financial duties.
B) Unusual transactions. Explanation: Analytical procedures are effective in isolating unusual transactions because such transactions may represent a change in a relationship being investigated. Analytical procedures are not typically considered to be tests of internal control, although in certain circumstances they might reveal errors caused by weaknesses in the internal control.
Which of the following is not a primary approach to auditing an accounting estimate? A) Review and test management's process for developing the estimate. B) Review subsequent transactions. C) Confirm the amounts. D) Develop an independent estimate.
C) Confirm the amounts. Explanation: Auditors use three basic approaches for auditing accounting estimates—reviewing management's process, reviewing subsequent transactions, and developing an independent estimate. Confirmation is not a basic approach for auditing most accounting estimates.
Which of the following is least likely to be a test of controls? A) Inquiries of client personnel. B) Inspection of documents. C) Observation of confirmations. D) Reperformance of controls.
C) Observation of confirmations. Explanation While tests of controls involve, inspection, observation and reperformance, "observation of confirmations" doesn't have a clear meaning.
Controls over financial reporting are often classified as preventative, detective, or corrective. Which of the following is an example of a detective control? A) Segregation of duties over cash disbursements. B) Requiring approval of purchase transactions. C) Preparing bank reconciliations. D) Maintaining backup copies of key transactions.
C) Preparing bank reconciliations. Explanation: Preparing bank reconciliations will detect a variety of misstatements related to cash and is a detective control in the sense that it does not prevent the misstatement from occurring, but may detect it. Answers (1) and (2) are incorrect because segregating duties and requiring approvals are primarily designed to prevent occurrence of misstatements. Answer (4) is incorrect because the primary purpose of keeping backup copies of key transactions (or all transactions) is to prevent loss of information in the event of an information system failure and hence a corrective control.
Which portion of an audit is least likely to be completed before the balance sheet date? A) Tests of controls. B) Issuance of an engagement letter. C) Substantive procedures. D) Assessment of control risk.
C) Substantive procedures. Explanation: Substantive procedures substantiate the account balances as of the balance sheet date and therefore cannot be completed prior to that date. The other items pertain to the operation of the system during the year under audit and could be completed in the interim period.
Three conditions generally are present when fraud occurs. Select the one below that is not one of those conditions. A) Incentive or pressure. B) Opportunity. C) Supervisory position. D) Attitude or rationalization.
C) Supervisory position. Explanation: AICPA AU 240 (PCAOB 316) outlines the three functions generally necessary for fraud as (1) incentive or pressure, (2) opportunity, and (3) attitude. Being in a supervisory position is not one of those conditions, although it may provide the individual an opportunity to commit fraud.
When the auditors are performing a first-time internal control audit in accordance with the Sarbanes-Oxley Act and PCAOB standards, they must: A) Modify their report for any significant deficiencies identified. B) Use a "bottom-up" approach to identify controls to test. C) Test controls for all significant accounts. D) Perform a separate assessment of controls over operations.
C) Test controls for all significant accounts. Explanation: In an audit of internal control performed under PCAOB standards, the auditors must test controls for all significant accounts.
Which of the following business characteristics is not indicative of high inherent risk? A) Operating results that are highly sensitive to economic factors. B) Large likely misstatements detected in prior audits. C) Substantial turnover of management. D) A large amount of assets.
D) A large amount of assets. Explanation: A large amount of assets by itself is not indicative of high inherent risk. Operating results highly sensitive to economic factors, large past misstatements, and turnover of management all represent characteristics that may indicate high inherent risk.
Which of the following should not normally be included in the engagement letter for an audit? A) A description of the responsibilities of client personnel to provide assistance. B) An indication of the amount of the audit fee. C) A description of the limitations of an audit.. D) A listing of the client's branch offices selected for testing.
D) A listing of the client's branch offices selected for testing. Explanation: Management should not be informed about which branches were selected for testing at all or at least not until just before testing is to be done.
Management of Warren Company has decided to respond to a particular risk by hedging the risk with futures contracts. This is an example of: A) Avoidance. B) Acceptance. C) Reduction. D) Sharing.
D) Sharing. Explanation: Hedging the risk is an example of risk sharing in that it involves reducing risk likelihood or impact by transferring or sharing a portion of the risk.
A primary purpose of the audit working papers is to: A) Aid the auditors by providing a list of required procedures. B) Provide a point of reference for future audit engagements. C) Support the underlying concepts included in the preparation of the basic financial statements. D) Support the auditors' opinion.
D) Support the auditors' opinion. Explanation: A primary purpose of audit working papers is to provide documented evidence that the auditors had a firm basis for their report.
You are performing an audit of Systex Corporation and evaluating various controls. Classify the following controls as being primarily preventive (P), detective (D), or corrective (C). a .Annual physical inventory. b. Monthly reconciliation of bank accounts. c. Segregation of duties over purchasing. d. Supervisory approval of time cards. e. Dual signatures for checks. f. Adjustment of perpetual inventory records to physical counts. g. Management review of budget/actual information. h. Internal audits of payroll.
a. D b. D c. P d. P e. P f. C g. D h. D Explanation: a. The annual physical inventory is a detective control because it would serve to detect misstatements of inventory after they have occurred. D b. The monthly reconciliation of bank accounts is a detective control because it would serve to detect misstatements of cash after they have occurred. D c. Segregation of duties over purchasing would serve to prevent errors and fraud relating to purchase transactions. Segregation of duties prevents individuals from perpetrating errors and fraud and covering them up in the course of performing their assigned duties. P d. Supervisory approval of time cards is a preventative control because it would serve to prevent errors and fraud with respect to payroll transactions. The supervisor approval would help to prevent errors or fraud in the time records. P e. Requiring dual signatures for checks is a preventative control because it would serve to prevent errors and fraud with respect to cash disbursements. P f. Adjustments of perpetual inventory records to physical counts would serve to correct the inventory records. C g. Management review of budget versus actual performance would serve to highlight potential errors and fraud after they have occurred. Therefore, it is a detective control. D h. Internal audits of payroll would serve to detect errors and fraud in payroll after they have occurred. Therefore, it is a detective control. D
In planning and performing an audit, auditors are concerned about risk factors for two distinct types of fraud: fraudulent financial reporting and misappropriation of assets. Which of the following is a risk factor for misappropriation of assets? A) Generous performance-based compensation systems. B) Management preoccupation with increased financial performance. C) An unreliable accounting system. D) Strained relationships between management and the auditors.
C) An unreliable accounting system. Explanation: An unreliable accounting system provides an opportunity for an individual to misappropriate assets. The other items create risks of fraudulent financial reporting.
A difference of opinion concerning accounting and auditing matters relative to a particular phase of the audit arises between an assistant auditor and the auditor responsible for the engagement. After appropriate consultation, the assistant auditor asks to be disassociated from the resolution of the matter. The working papers would probably: A) Remain silent on the matter since it is an internal matter of the auditing firm. B) Note that the assistant auditor is completely dissociated from responsibility for the auditors' opinion. C) Document the additional work required, since all disagreements of this type will require expanded substantive procedures. D) Document the assistant auditor's position and how the difference of opinion was resolved.
D) Document the assistant auditor's position and how the difference of opinion was resolved. Explanation: When a difference of opinion cannot be resolved, the working papers should be expanded to document the various positions and to describe how the difference of opinion was resolved.
To have an adequate basis to issue a management report on internal control under Section 404(a) of the Sarbanes-Oxley Act, management must do all of the following, except: A) Establish internal control with no material weakness. B) Accept responsibility for the effectiveness of internal control. C) Evaluate the effectiveness of internal control using suitable control criteria. D) Support the evaluation with sufficient evidence.
A) Establish internal control with no material weakness. Explanation: Management may issue a report on internal control regardless of whether the system has a material weakness.
Which of the following best describes what is meant by the term "fraud risk factor"? A) Factors that, when present, indicate that risk exists. B) Factors often observed in circumstances where frauds have occurred. C) Factors that, when present, require modification of planned audit procedures. D) Weaknesses in internal control identified during an audit.
B) Factors often observed in circumstances where frauds have occurred. Explanation: Fraud risk factors are factors that have been observed in circumstances in which fraud has occurred. The fraud risk factors were identified by researchers and practitioners through analyses of many past frauds. Yet, none of the factors was always present in the various individual cases included in the analyses. Answer (1) is incorrect because in any particular circumstance, the existence of a fraud risk factor may or may not indicate that in that circumstance the risk of fraud is high. Answer (3) is incorrect because the existence of a fraud risk factor may not require modification of planned audit procedures (e.g., the audit program may already have audit procedures that consider the factor). Answer (4) is incorrect because a fraud risk factor may or may not be a significant deficiency.
Which of the following is most likely to be an overall response to fraud risks identified in an audit? A) Supervise members of the audit team less closely and rely more upon judgment. B) Use less predictable audit procedures. C) Use only certified public accountants on the engagement. D) Place increased emphasis on the audit of objective transactions rather than subjective transactions.
B) Use less predictable audit procedures. Explanation: Less predictable audit procedures are likely to be used when fraud risks are high. SAS 99 also suggest that the auditors have increased skepticism, assign more skilled staff, and consider further management's selection and application of accounting principles. Answer (1) is incorrect because supervision of members of the audit team will be more close, not less. Answer (3) is incorrect because team members may or may not be CPAs (e.g., a fraud specialist who is not a CPA might be added to the team). Answer (d) is incorrect because subjective, rather than objective transactions may often be emphasized—depending upon the nature of the fraud risks identified.
Of the following, which is the least reliable type of audit evidence? A) Confirmations mailed by outsiders to the auditors. B) Correspondence between the auditors and suppliers. C) Copies of sales invoices inspected by the auditors. D) Canceled checks returned in the year-end bank statement directly to the client.
C) Copies of sales invoices inspected by the auditors. Explanation: Copies of sales invoices represent internally generated evidence, which is considered least reliable. Confirmations mailed by outsiders and correspondence between the auditor and suppliers represent more reliable externally generated evidence. Canceled checks, although internally generated, are considered reliable because they bear the endorsement of the payee and a perforation or stamp indicating payment by the bank.
The risk that the auditors will conclude, based on substantive procedures, that a material misstatement does not exist in an account balance when, in fact, such misstatement does exist is referred to as A) Business risk. B) Engagement risk. C) Control risk. D) Detection risk.
D) Detection risk. Explanation: Detection risk is the risk that the auditor will conclude, based on substantive procedures, that a material misstatement does not exist in an account balance, when, in fact, such misstatement does exist.
Which of the following should the auditors obtain from the predecessor auditors before accepting an audit engagement? A) Analysis of balance sheet accounts. B) Analysis of income statement accounts. C) All matters of continuing accounting significance. D) Facts that might bear on the integrity of management.
D) Facts that might bear on the integrity of management. Explanation: Before accepting an engagement the possible successor should ask questions about the integrity of management, disagreements with management, and the reasons for the change in auditors. All of the other replies are incorrect because they represent information that the successor may wish to obtain after accepting the engagement.
An entity's ongoing monitoring activities often include: A) Periodic audits by internal auditors. B) The audit of the annual financial statements. C) Approval of cash disbursements. D) Management review of weekly performance reports.
D) Management review of weekly performance reports. Explanation: Management review of weekly performance reports is an ongoing monitoring activity that may detect errors or fraud. Answer (1) is incorrect because while periodic audits by internal audit represent a monitoring activity, they are best classified as separate evaluations, and not ongoing monitoring activities. Answer (2) is incorrect because the audit of the annual financial statements is the function of the external auditors. Answer (3) is incorrect because approvals of cash disbursements represent a control activity.
The audit committee of a public company must be made up of: A) Representatives from the client's management, investors, suppliers, and customers. B) The audit partner, the chief financial officer, the legal counsel, and at least one outsider. C) Representatives of the major equity interests, such as preferred and common stockholders. D) Members of the board of directors who are not officers or employees.
D) Members of the board of directors who are not officers or employees. Explanation: Members of the audit committee should be independent of management. Therefore, the individuals should be board members who are not employees or officers, have no other relationship that might impair their independence.
An auditor may compensate for a weakness in internal control by increasing the extent of: A) Tests of controls. B) Detection risk. C) Substantive tests of details. D) Inherent risk.
Explanation An increase in the substantive procedures will decrease detection risk, and thereby compensate for the increased level of control risk due to a weakness in internal control. Answer (1) is incorrect because if the weakness exists, increasing the extent of tests will only provide more evidence on the weakness—not evidence that compensates for the weakness. Answers (2) and (4) are incorrect because a decrease in detection risk or inherent risk, not an increase, would compensate. Also, in the case of inherent risk, it may not be possible to change the assessment since it is a function of the firm's environment.
A primary objective of procedures performed to obtain an understanding of internal control is to provide the auditors with: A) Knowledge necessary to determine the nature, timing, and extent of further audit procedures. B) Audit evidence to use in reducing detection risk. C) A basis for modifying tests of controls. D) An evaluation of the consistency of application of management policies.
A) Knowledge necessary to determine the nature, timing, and extent of further audit procedures. Explanation: Because the auditors' purposes for considering internal control are to obtain the necessary knowledge to (a) assess the risks of material misstatement, and (b) to determine the nature, timing, and extent of the tests to be performed, answer (1) is correct.
The primary objective of tests of details of transactions performed as substantive procedures is to: A) Comply with generally accepted auditing standards. B) Attain assurance about the reliability of the accounting system. C) Detect material misstatements in the financial statements. D) Evaluate whether management's policies and procedures are operating effectively.
C) Detect material misstatements in the financial statements. Explanation: The objective of tests of details of transactions performed as substantive procedures is to detect material misstatements in the financial statements as transactions are tested to determine whether they have been properly recorded.