Audit Exam 2

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

___________: -> The cutoff test attempts to determine whether all revenue transactions and related accounts receivable are recorded in the proper period --> Test a few shipping documents just PRIOR to year-end --> Test a few shipping documents just after year-end

Cutoff

Data Validation Controls: ___________ Test: -> A check on a field to ensure that it contains either all numeric or all alphabetical characters

Field

________ Risks in Revenue Recognition: -> Side agreements -> Channel stuffing -> Related party transactions -> Bill and hold sales

Fraud

_____________ of the Revenue Process: -> Order entry -> Credit authorization -> Shipping -> Billing -> Cash receipts -> Accounts Receivable -> General Ledger

Functions

Controls in an IT Environment: _________ Controls: -> Relate to the overall info processing environment and have a pervasive effect on the entity's computer operations: ---> Data center and network operations ---> System software acquisition, change, and maintenance ---> Access security ---> Application system acquisition, development, and maintenance

General

________ __________: -> Proper accumulation, classification, and summarization of revenues, collections, and receivables in financial statement account

General Ledger

Controls in an IT Environment: What are the 2 Types?

General and Application

__________: When an auditor traces a transaction from each major class of transactions from origination through the entity's information system until it is reflected in the entity's financial reports.

Walkthroughs

Audit Procedures for Identifying Contingent Liabilities: -> Read minutes of meeting of the BOD, committees of the board, and stockholders -> Review contracts, loan agreements, leases, and correspondence from government agencies -> Review tax returns, IRS reports, and schedules supporting the entity's income tax liability -> Confirm or otherwise document guarantees and letters of credit -> Inspect other documents for ________ __________ or other similar arrangements

possible guarantees

_________: -> Issuance of sales invoices to customers for goods shipped or services provided; and, processing of billing adjustments for allowances, discounts, and returns

Billing

Type _____ Report: -> A report on Mgmt's description of a service org's systems and the suitability of the design of controls

1

The 2 types of decision errors due to sampling risk: -> Type _____ -> Type _____

1 2

Statistical Sampling Techniques: 1) _________ Sampling 2) _______-_______ Sampling 3) ________ ________ Sampling

1) Attribute 2) Monetary-Unit 3) Classical Variables

Types of Evidence/If audit sampling is commonly used: 1) Inspection of tangible assets/______ 2) Inspection of records or documents/ ________ 3) Reperformance/__________ 4) Recalculation/ ________ 5) Confirmation/ _________ 6) Analytical Procedures/ ___________ 7) Scanning/ ________ 8) Inquiry/ _________ 9) Observation/ __________

1) Yes 2) Yes 3) Yes 4) Yes 5) Yes 6) No 7) No 8) No 9) No

Circumstances that require explanatory language to be added to the Standard Unqualified/Unmodified Report: -> 1) The auditor performs an ____________ audit and issues separate reports on the company's financial statements and internal control over financial reporting -> 2) The auditor decides to refer to the report of ____-__-- auditors as the basis, in part, for the auditor's own report -> 3) Substantial doubt about the company's ability to continue as a _______ ______ -> 4) The financial statements are not ____________ (e.g. changes in the use of accounting principles between periods or corrections a material misstatement in previously issued financial statements) -> 5) Management is required to report on the company's internal controls over financial reporting but such report is not required to be audited, and the auditor has not been engaged to perform an audit of management's assessment of the _____________ of the company's internal control over financial reporting -> 6) Circumstances in which the auditor wishes to _____________ a matter

1) integrated 2) other 3) going concern 4) comparable 5) effectiveness 6) emphasize

An auditor may reduce control risk below high ONLY on the basis of a service auditor's Type ______ report

2

Type _____ Report: -> Goes further by providing assurance on the operating effectiveness of there service org's controls based on the auditor's tests of controls

2

Type 2 Decision Error: Risk of Incorrect ___________: -> Risk that the sample supports a conclusion that the control is operating effectively when, in fact, it IS NOT operating effectively (risk of overreliance or of assessing control risk TOO LOW and having an UNEFFECTIVE audit) -> In substantive testing, it is the risk that the sample supports the recorded balance when its is, in fact, materially misstated

Acceptance

_______ _________: -> Recording of all sales invoices, collections, and credit memoranda in individual customer accounts

Accounts Receivable

__________ Control Activities: -> Internal verification of amounts and calculations -> Monthly reconciliation of subsidiary records by an independent person

Accuracy

___________: -> Amounts and other data relating to recorded revenue and cash receipt transactions and events have been recorded appropriately and related disclosures have been appropriately measures and described

Accuracy

__________ of Statistical Sampling: 1) Design an efficient sample 2) Measure the sufficiency of evidence obtained 3) Quantify sampling risk

Advanatages

IFCR Report Types: ________: There is a material weakness

Adverse

__________: "because of the effects of the matters discussed in the following paragraph, the financial statements referred to above do not present fairly, in conformity with accounting principles generally accepted. . . "

Adverse

___________ ____________ __________ _________: -> The difference between the expected and tolerable deviation rate

Allowance for Sampling Risk

Controls in an IT Environment: _________ Controls: -> Apply to the processing of specific computer application and are part of the computer programs used in the accounting system: ---> Data capture controls ---> Data validation controls ---> Processing controls ---> Output controls ---> Error controls

Application

___________ about Classes of Transactions and Events, and Related Disclosures: -> Occurence -> Completeness -> Authorization -> Accuracy -> Cutoff -> Classification -> Presentation

Assertions

_________ Sampling: -> Used to estimate the proportion of a population that possesses a specified characteristic. The most common use of this is for TEST OF CONTROLS Ex.: -> The entity's controls require that all checks have 2 independent signatures -> The auditors plan a test of that control using attribute sampling

Attribute

________ __________: -> Used to estimate the proportion of a population that possesses a certain characteristic

Attribute Sampling

Letters of _________ ________: -> A letter of audit inquiry sent to the entity's attorneys is the primary means of obtaining or corroborating info about litigation, claims, and assessments. Possible types of litigation: ---> Breach of contract ---> Patent infringement ---> Product liability

Audit Inquiry

__________ Control Activities: -> General and specific authorization of transactions at important control points by approved authorizers

Authorization

____________: -> all revenue and cash receipt transactions and events have been properly authorized

Authorization

___________ and _______ ________: -> Sales where the customer agrees to purchase goods but the seller retains possession until the customer requests shipment. Lack of delivery generally indicates no sale

Bill and Hold Sales

Types of _______ _______: -> General cash account -> Imprest cash accounts -> Branch accounts

Bank Accounts

8 Elements for a Public Company: 1. Report Title 2. Addressee 3. The "opinion" section (including a reference to the opinion on the audit of internal control over financial reporting when that report is presented separately) 4. The "______ _______ ________" section 5. The "Critical Audit Matters" section 6. The name/signature of the audit firm 7. An indication of how long the auditor has served as the company's auditor 8. The audit report location and date

Basis for Opinion

__________ ________: -> Processing of the receipt of cash from customers

Cash Receipts

Cash and Cash Equivalents: -> "Cash" reported: in the financial statements represent currency on hand on deposit in bank accounts, including certificates of deposit, time deposits, and savings accounts -> "______ ________" are frequently combined with cash for presentation in the financial statements: --> Definition: Short-term highly liquid investments that are readily convertible to cash or so near their maturity that there is little risk of change in their value

Cash equivalents

__________ _________: -> Inducing distributors to buy substantially more inventory than they call promptly sell

Channel Stuffing

Data Validation Controls: ___________-__________ Verification: -> A numerical value computed to provide assurance that the original value was not altered

Check-Digit

Tests of Details - Investments: ____________ and Presentation: -> Debt needs to be properly classified as held-to-maturity, trading, and available-for-sale -> All trading securities should be classified as current assets -> Held-to-maturity securities and individual available-for-sale securities should be classified as current or non-current assets based on whether management expects to convert them to cash within 12 mo.

Classification

___________ Control Activities: -> Secure chart of accounts

Classification

___________: -> All revenue and cash receipt transactions and events have been recorded in the proper accounts

Classification

Data Validation Controls: ___________ __________ Verification: -> A process that takes data entered into the system to find and present other related info, thus enabling the user to verify the correctness of the original data entry

Closed Loop

_______________: -> Long-term contracts to purchase raw materials or sell their products at a fixed price -> To obtain a favorable or predictable pricing arrangement -> To secure the availability of raw materials -> Commitments can apply to various types of assets

Commitments

AR ________________: -> The auditor's primary concern is whether all AR have been included in the AR subsidiary ledger and general ledger AR account -> Reconciliation of the aged trial balance to the general ledger account should detect an omission of a receivable from either the subsidiary of general ledger

Completeness

__________ Control Activities : -> Prenumbered documents that are accounted for -> Segregation of duties -> Daily or monthly reconciliation of subsidiary records w independent review

Completeness

__________: -> All revenue and cash receipt transactions and events that should have been recorded have been recorded and all related disclosures that should have been included in the financial statements have been included

Completeness

____________ of AR: -> Audit evidence that is direct written repose from third parties about the account receivable balance -> Good source of evidence about the existence of the AR -> The process should be controlled by the auditor

Confirmation

__________ __________: Potential obligations to outside parties that arose from past events but for which the final resolution is uncertain, depending on the outcome of future events

Contingent Liability

________ ________: -> Actions established by policies and procedures to help ensure that management directives to mitigate risks to the achievement of objectives are carried out -> Performed at all levels of the entity and at various stages within business processes, and over the technology environment

Control Activities

________ _________: -> Appropriate approval of customer order for creditworthiness

Credit Authorization

New Changes: -> The Opinion section of the report is now presented first, followed by the Basis for Opinion section, which explains the rationale for the opinion -> The respective responsibilities of management and the auditor are more clearly described -> The requirement that the auditor be independent of the entity is explicitly stated -> The key features of an audit are more clearly laid out, including the fact that amounts and disclosures are examined "on a test basis," and that "the accounting principles used and significant estimates made by management" are evaluated by the auditor -> ________ ________ _______ that involve especially challenging, subjective, or complex auditor judgement are explicitly disclosed and described in a separate section of the report

Critical audit matters

_________: -> All revenue and cash receipt transactions and events have been recorded in the correct accounting period

Cutoff

__________ Control Activities: -> Procedures for checking prompt recording of transactions -> Internal review and verification

Cutoff

___________ Bank Statement: -> A cutoff bank statement normally covers the 7 to 20 day period after the date on which the bank account is reconciled -> For reconciliation purposes, any item should have cleared the entity's bank account during the 7 to 20 day period (sometimes longer)

Cutoff

Deficiencies in the ___________ of Controls: -> Inadequate design of internal control over a significant account -> Inadequate documentation of the components of internal control -> Inadequate segregation of duties within a significant account or process -> The absence of an internal process to report deficiencies

Design

________ ________ _______: -> The probability that the true but unknown measure of the characteristic of interest is within specified limits

Desired Confidence Level

__________ of Statistical Sampling: 1) Cost of training auditors in proper use 2) Cost to design and conduct sampling application 3) Lack of consistent application across audit teams

Disadvanatges

IFCR Report Types: ________: A serious (more than minor) scope limitation

Disclaimer

Scope Limitation: ______________: -> "We do not express an opinion on these financial statements"

Disclaimer

_________ Issues for Cash: 1) Accounting policy for defining cash and cash equivalents 2) Any restrictions on cash such as a sinking fund requirement for funds allocated by the entity's BOD for special purposes 3) Contractual obligations to maintain compensating balances 4) Cash balances restricted by foreign exchange controls 5) Letters of credit

Disclosure

Circumstances in which the auditor wishes to emphasize a matter: -> If the auditor wishes to draw special attention to a particular matter other than the ones discussed previously and the matter is properly presented or disclosed in the financial statements, the auditor may choose to include an __________ ____________ in the auditor's report Ex.: -> Significant transactions with related parties -> Important subsequent events -> Accounting matters that affect the comparability of the financial statements with those of the preceding period (other than those involving a change in accounting principles) -> Uncertainty relating to the future outcome of significant litigation or regulatory actions

EMPHASIS PARAGRAPH

Examples of ______-Level Controls: -> Controls within the control environment (e.g., tone at the top, assignment of authority and responsibility, consistent policies and procedures, and entity wide programs, such as codes of conduct and fraud prevention, that apply to all locations and business units) -> Controls over management override -> The entity's risk assessment process -> Centralized processing and controls, including shared service environments -> Controls to monitor results of operations -> Controls to monitor other controls, including activities of the internal audit function, the audit committee, and self-assessment programs -> Controls over period-end financial reporting process -> Policies that address significant business control risk management practices

Entity

Auditing Investments: -> ________ Securities: --> Common stock --> Preferred stock -> ________ Securities: --> Notes --> Bonds -> _________ Securities: --> Convertible Bonds --> Convertible Stocks

Equity Debt Hybrid

Data Validation Controls: _________ (Validity) Test: -> A test of an ID number or code by comparison to a file or table containing valid ID numbers or code

Existence

___________: Auditing Standards state that the auditor should perform one of the following procedures when gathering evidence for existence: --> Physical examination --> Confirmation with the issuer --> Confirmation with the custodian --> Confirmation of unsettled transactions with the broker-dealer --> Confirmation with the counter-party --> Reading executed partnership or similar agreements

Existence

Subsequent Discovery of _________ Existing at the Date of the Auditor's Report -> Notify the entity that the auditor's report must no longer be associated with the financial statements. -> Notify any regulatory agency that have jurisdiction over the entity that the auditor's report can no longer be relied upon. -> Notify each person known to the auditor to be relying on the financial statements.

Facts

_______ and ________:: -> Info is necessary for the entity to carry out internal control responsibilities in support of achievement of its objectives -> Communication occurs both internally and externally and provides the org w the information needed to carry out day-to-day internal control activities -> Communication enables personnel to understand internal control responsibilities and their importance to the achievement of objectives and allows for upward flow of operating info to mgmt

Information Communication

Reliance on Internal Controls: -> Assess control risk and identify specific controls that will be relied upon (identify "key controls") -> Perform tests of controls: ---> __________ of appropriate entity personnel (inquiry alone is insufficient) ---> ___________ of documents indicating the performance of the control ---> ____________ of the application of the control ---> ____________ of the application of the control by the auditor -> Conclude and document achieved level of control risk

Inquiry Inspection Observation Reperformance

_______ _______ Method: -> Assesses income statement errors based on the amount by which the income statement would be misstated if the accumulated amount of the errors that remain in the BS at the end of the period were corrected through the income statement during that period

Iron curtain

_________: -> Practice of covering a cash shortage resulting from theft by an employee -> The employee covers the cash shortage by transferring money from one bank account to another and recording transactions improperly on the entity's books -> Done by preparing a check on one account before year-end but not recording it as a cash disbursement in the account until the next period (paper checks are still commonly used, particularly by small businesses) -> The check is deposited and recorded as a cash receipt in a 2nd account before year-end -> The employee makes this deposit close enough to year-end that the check will not clear the first bank account before the end of the year

Kiting

Evaluating the Audit Findings: -> When the auditor has completed the planned substantive procedures, the likely misstatement (projected misstatement plus an allowance for sampling risk) for AR is determined -> Aggregate misstatement __________ THAN tolerable misstatement ---> Accept the account as fairly presented -> Aggregate misstatement __________ THAN tolerable misstatement: ---> Account is not fairly presented

LESS GREATER

Data Validation Controls: _________ Test: -> A test to ensure that a numerical value does not exceed some predetermined value

Limit

__________ ________: -> A deficiency, or combination of deficiencies, in internal control, such that there is a reasonable possibility that a material misstatement of the entity's financial statements will not be prevented, or detected and corrected, on a timely basis

Material Weakness

________-_______ Sampling: -> Uses attribute sampling theory and techniques to estimate the dollar amount of misstatement for a class of transactions or an account balance -> Used extensively because it has a number of advantages over classical variables sampling

Monetary-Unit

___________ __________: -> Ongoing evaluations, separate evaluations, or some combo of the 2 are used to ascertain whether each of the 5 components of internal control, including control to affect the principles within each component, are present and functioning -> Findings are evaluated and deficiencies are communicated in a timely manner, w serious matters reported to senior mgmt and to the board -> Monitoring of controls is a process that assesses the quality of internal control performance over time

Monitoring Activities

Documenting the Understanding of Internal Control: -> Procedure manuals and organizational charts -> Flowcharts -> Internal control questionnaires -> _______ ________

Narrative description

Specific Audit Procedures Conducted _________ __________ of Audit: -> Inquire and discuss with mgmt about its policies and procedures for identifying, evaluating, and accounting for litigation, claims and assessments -> Obtain from management a description and evaluation of any relevant litigation, claims, or assessments, including matters the entity has referred to legal counsel -> Examine documents in the entity's records concerning litigation, claims, and assessments, including legal expenses and any correspondence and invoices from attorneys -> Obtain a written representation from management affirming that all relevant matters, including asserted claims and any unasserted claims that are probable of assertion, have been disclosed in accordance with FASB ASC 450

Near Completion

_________ (Judgmental) Sampling: -> Auditor does not use statistical techniques to determine either -> the sample size, OR -> the sample selection technique AND It does not statistically measure sampling risk when evaluating results

Nonstatistical

__________ __________: -> Relies on the auditor's judgement to determine sample size, select the sample, or evaluate results

Nonstatistical Sampling

__________ Control Activities: -> Segregation of duties -> Pre-numbered documents that are accounted for -> Daily or monthly reconciliation of subsidiary records with independent review

Occurence

___________: -> All revenue and cash receipt transactions and events that have been recorded or disclosed have occurred, and such transactions and events pertain to the entity

Occurence

Failures in the _________ of Internal Control: -> Failure in the operation of effectively designed controls over a significant account or process -> Failure of controls designed to safeguard assets from loss, damage, or misappropriation -> Failure to perform reconciliations of significant accounts

Operation

_________ ________: -> Acceptance of customer orders for goods and services into the system in accordance with management criteria

Order Entry

Limitations of Internal Control: -> Management __________ of Internal Control -> Human Errors or Mistakes -> Collusion

Override

Effect of Materiality: ____________: Pervasive effects on the financial statements are those that: 1) Are not confined to specific elements, accounts, or items of the financial statements; 2) If so confined, represent or could represent a substantial proportion of the financial statements, OR 3) With regard to disclosures, are fundamental to users' understanding of the financial statements

Pervasiveness

Type of Confirmation Request: -> ___________: Requests that customers indicate whether they agree with the amount due to the client. A response is expected whether the customer agrees or disagrees with the balance indicated -> ____________: Requests that the customer respond only when they disagree with the amount due to the client. Used when the client has many small account balances and the control risk is assessed as low

Positive Negative

Indicators of __________ __________ ________: -> Financial Conditions: ---> Recurring operating losses ---> Accumulated deficits ---> Negative net worth ---> Negative working capital/cash flow ---> Inability to meet interest payments -> Other Financial Difficulties: ---> Default on loans ---> Dividends in arrears ---> Restructuring of debt ---> Denial of trade credit by suppliers ---> Lack of additional sources of financing -> Internal Matters: ---> Work stoppages ---> Uneconomic long-term commitments ---> Dependence on the success of one particular project -> External Matters: ---> Legal proceedings ---> Loss of major customer or supplier ---> Loss of key franchise, license, or patent

Potential Financial Distress

____________ Control Activities: -> Internal review and verification

Presentation

_____________: -> All revenue and cash receipt transactions and events are appropriately aggregated or disaggregated and clearly described, and related disclosures are relevant and understandable in the context of the requirements of the applicable financial reporting framework

Presentation

Scope Limitation: ___________: "except for"

Qualified

Engagement ________ ________ Procedures -> Discussing with the audit team any significant matters related to the financial statements and internal controls, including the audit team's identification of material weaknesses and audit procedures to address significant risks. -> Evaluating judgments about materiality and the disposition of corrected and uncorrected identified misstatements. -> Reviewing the engagement team's evaluation of the firm's independence in relation to the engagement . -> Reviewing the related audit documentation to determine its sufficiency -> Reading the financial statements, management's report on internal control, and auditor's report. -> Confirming with the lead audit partner that there are no significant unresolved matters. -> Determining if appropriate consultations have taken place on difficult or contentious matters. -> Evaluating whether the auditor documentation supports the conclusions reached by the engagement team with respect to the matters reviewed. -> Assessing whether appropriate matters have been communicated to audit committee members, management, and other appropriate parties. -> Evaluating whether appropriate levels of supervision and reviews of individual audit tasks were completed adequately during the audit.

Quality Reviewer

Data Validation Controls: _________ Test: -> A check to ensure that the value in a field falls within an allowable range of values

Range

__________ used for comparative purposes include: 1) Receivables turnover and days outstanding in AR 2) Aging categories on aged trial balance of AR 3) Bad-debts expense as a percent of revenue 4) Allowance for uncollectible accounts as a percent of AR or credit sales 5) Large customer account balances compared to last period

Ratios

5 Step Approach to Revenue ___________: 1) Identify the contract(s) with a customer 2) Identify the performance obligations in the contract 3) Determine the transaction price 4) Allocate the transaction price to the performance obligations in the contract 5) Recognize revenue when the entity satisfies a performance obligation

Recognition

Type 1 Decision Error: Risk of Incorrect ___________: -> Risk that the sample supports conclusion that control is operating effectively, when IT IS operating effectively (risk of under-reliance, or risk of assessing control risk TOO HIGH and being INEFFICIENT)

Rejection

_______ _______ _______: -> Transactions that are not arms-length

Related Party Transactions

COSO's Internal Control Integrated Framework: -> A system of internal control is designed and carried out by an entity's BOD, mgmt and other personnel to provide reasonable assurance abt the achievement of the entity's objectives in the following categories: ----> ___________, timeliness, and transparency of internal and external Financial and Nonfinancial Reporting ----> Effectiveness and Efficiency of Operations ----> Compliance with Laws and Regulations

Reliability

Factors Affecting the ____________ of AR Confirmations: -> Type of confirmation request -> Prior experience with the client or similar engagements (response rate, accuracy of returned confirmations, misstatements identified) -> The intended respondent (competence, knowledge, ability, and objectivity)

Reliability

_________ Approach: -> Obtain understanding of internal control to develop a preliminary or "planned" assessment of control risk -> Plan to rely on internal control and assess control risk at a LOWER level -> From a practical standpoint, the level of control risk is normally set in terms of the assertion abt classes of transactions and events, and related disclosures, for the period under audit

Reliance

___________: -> The process of correcting a material weakness in the ICFR

Remediation

Indicators of Material Weaknesses: -> Identification of fraud, whether or not material, committed by senior management -> __________ of previously issued financial statements to reflect the correction of a material misstatement -> Identification by the auditor of a material misstatement of financial statements in the current period in circumstances that indicate that the misstatement would not have been detected by the entity's ICFR -> Ineffective oversight of the entity's external financial reporting and ICFR by the entity's audit committee

Restatement

3 Types of Transactions Typically Processed through the ___________ Process: -> Sales Transactions -> Cash receipts transactions -> Sales return and allowance transactions

Revenue

__________: Inflows or other enhancements of assets of an entity or settlements of its liabilities (or a combination of both) from delivery or producing goods, rendering services, or other activities that constitute the entity's major or central operations

Revenue

The 4 Inherent ______ _______ that may Affect the Revenue Process Are: 1) Industry-related factors 2) The complexity and contentiousness of revenue recognition issues 3) The difficulty of auditing transactions and account balances 4) Misstatements detected in prior audits

Risk Factors

Evaluation of current year misstatements is to be under both the: -> __________ approach, and -> Iron Curtain approach

Rollover

_________ Method: -> Assesses income statement errors based on the amount by which the income statement for the period is misstated - including the reversing effect of any prior period errors. Identified misstatements in the previous period that were not corrected need to be considered to determine any "carryover effects"

Rollover

Audit __________: The selection and evaluation of less than 100% of the items in a population of audit relevance selected in such a way that the auditor expects the sample to be representative of the population and thus likely to provide a reasonable basis for conclusions about the population

Sampling

_________ __________: -> All or a subset of the items that constitute the class of transactions

Sampling Population

_________ _________: -> The possibility that the sample drawn is not representative of the population

Sampling Risk

__________ ____________: The possibility that the sample drawn is not representative of the population and leads to an incorrect conclusion

Sampling Risk

Conditions for Departure from Unqualified/Unmodified Report: -> _________ ________: ---> Results from an inability to obtain sufficient appropriate evidence about some component of the financial statements ---> Issue a qualified opinion or a disclaimer -> ___________ from __________: ---> Results when financial statements are materially affected by a departure from GAAP ---> Issue a qualified opinion or adverse opinion -> ________ of ________ ________ ---> Issue disclaimer

Scope Limitation Departure from GAAP Lack of Auditor Independence

Data Validation Controls: _________ Check: -> A check to determine if input data are in proper numerical or alphabetical sequence

Sequence

____________: Shipping of goods that has been authorized

Shipping

____________ ____________: -> Arrangements used to alter the terms and conditions of recorded sales to entice customers to accept delivery of goods/services

Side Agreements

Data Validation Controls: ___________ Test: -> A check to ensure that the data in a field have the proper arithmetic sign

Sign

________ _________: -> A deficiency, or a combination of deficiencies, in internal control that is less severe than a material weakness yet important enough to merit attention by those charged with governance

Significant Deficiency

____________ Sampling: -> Uses the laws of probability to compute sample size, select the sample and evaluate the results. The auditor is able to use the most efficient sample size and quantify sampling risk.

Statistical

Types of _____________ Events: -> Type I Event -> Type II Event

Subsequent

__________ Approach: -> After obtaining an understanding of internal control, an auditor may choose to follow a substantive strategy and set control risk at HIGH for some or all assertions bc of one or all of the following factors ----> Controls do not pertain to an assertion ----> Controls are assessed as ineffective ----> Testing the effectiveness of controls is inefficient ----> Reporting on internal control is not required

Substantive

2 Approaches to Audit

Substantive Approach Reliance Approach

Control Environment: -> The set of standards, processes and structures that provides the basis for carrying out internal control across the organization -> The BOD and senior mgmt establish the ___ ____ ____ ____ regarding the importance of internal control and expected standards of conduct

TONE AT THE TOP

_________ ___________ ___________: The maximum deviation rate from a prescribed control that an auditor is willing to accept

Tolerable Deviation Rate

Types of Financial Statement Audit Reports: -> Unqualified/____________ -> Qualified ("except for") -> Adverse -> Disclaimer

Unmodified

IFCR Report Types: ________: ICFR is designed and operating effectively (no material weaknesses)

Unqualified

Alternative Procedures: When the auditor does not receive responses to positive confirmations, ____________ audit procedures are used. These alternative procedures include: 1) Examination of specific subsequent cash receipts 2) Examination of shipping documentation 3) Examination of other client documentation

alternative

Control Activities Principles: -> The org selects and develops control activities that contribute to the mitigation of risks to the achievement of objectives to __________ levels: ----> Performance Reviews, Physical Controls, Segregation of Duties, Info Processing Controls -> The org selects and develops general control activities over technology to support the achievement of objectives -> The org deploys control activities through policies that establish what is expected and procedures that put policies into action

acceptable

Management Responsibilities under Section 404: -> Requires mgmts of publicly traded companies to: ----> Issue a report that accepts responsibility for establishing and maintaining "___________" internal control over financial reporting (ICFR) and ----> Assert whether ICFR is effective as of the end of the fiscal year

adequate

Type I Event: -> Conditions existed at the BS date and affect estimates that are part of financial statements ---> Requires __________ of the financial statements

adjustment

AR Accuracy, Valuation, and Allocation: -> AR should be shown on the BS at net realizable value (gross amount less allowance for uncollectible accounts) -> The auditor must verify the adequacy of the allowance for uncollectible accounts -> The first step is to prepare an _______ _______ _______ and discuss results with the credit manager -> Next, a comparison with last year's results should be examined

aged trial balance

Risk Assessment (The Entity's Process): -> Risk assessment involves a dynamic and iterative process for identifying and analyzing risks to achieving the entity's objectives, thereby forming a basis for determining how risks should be managed -> Management considers possible changes in the external environment and within its own _______ _________ that may impede its ability to achieve its objectives

business model

Factors to Consider in Determining if an IT Specialist is Necessary: -> The ___________ of the entity's IT systems and controls and the manner in which they are used in conducting the entity's business -> The significance of changes made to existing systems, or the implementation of new systems -> The extent to which data are shared among systems -> The extent of the entity's participation in e-commerce -> The entity's use of emerging tech, such as blockchain, robotics, or AI -> The significance of audit evidence that is available only in electronic form

complexity

Evaluate financial statement presentation and disclosure: -> Auditor reviews the financial statements to ensure ____________ with GAAP, proper presentation of accounts, and inclusion of all necessary disclosures

compliance

Special Reports: Financial statements prepared on a _____________ basis of accounting other than GAAP: -> Regulatory basis -> Tax basis -> Cash (or modified cash) basis -> Contractual basis Specified elements, accounts, or items of a financial statement Compliance with aspects of contractual agreements or regulatory requirements related to audited financial statements

comprehensive

Final Evidential Evaluation Processes: -> Perform final analytical procedures: ---> The objective of conducting analytical procedures near the end of the engagement is to help the auditor assess the ___________ reached on the financial statement components and evaluate the overall financial statement _____________

conclusions presentation

3 Important Factors in Determining Sample Size: 1) The desired level of assurance in the results (or _______ ________) 2) Acceptable defect rate (or _____ _______), AND 3) The historical defect rate (or _______ _______)

confidence level tolerable error expected error

AR Existence and Rights and Obligations: -> Existence is one of the more important assertions for AR because the auditor wants assurance that this account balance is not overstated through the inclusion of fictitious customer accounts or amounts. ___________ is the major audit procedure used for testing this assertion -> The auditor must determine that all AR are owned by the entity. This is usually not a problem; however, in some cases, AR may be sold or factored with or without recourse

confirmation

Other Information in Documents Containing Audited Financial Statements: -> The auditor has no responsibility beyond the financial info contained in the report, and he or she has NO OBLIGATION to perform any audit procedures to corroborate the other info -> However, the auditor is required to read the other info and consider whether It is ____________ with the info contained in the audited financial statements

consistent

A _____ _______ is when it is REASONABLY POSSIBLE OR PROBABLE that the control will cause a misstatement that is not material or significant A _____ _______ is when it is REASONABLY POSSIBLE OR PROBABLE that the control will cause a misstatement that is not material but significant A _____ _______ is when it is REASONABLY POSSIBLE OR PROBABLE that the control will cause a misstatement that is material All are REASONABLY POSSIBLE OR PROBABLE

control deficiency significant deficiency material weakness

A ______ _______ is reported to management A _____ _______ is reported to the audit committee and to management A _____ ______ is reported externally, to the audit committee, and to management

control deficiency significant deficiency material weakness

Substantive analytical procedures have either limited or no use. This limited applicability of substantive analytical procedures is normally offset by: 1) Extensive tests of ____________ and/or substantive tests of transactions for cash receipts and disbursements, OR 2) Extensive tests of the entity's bank reconciliations

controls

Lack of Comparability: Can happen when there is a change in accounting principle or method of application, OR When there is a ___________ of a material misstatement in previously issued financial statements, OR -> A change from the INAPPROPRIATE use or application of accounting principles in prior years to an ACCEPTABLE accounting principle in the current year -> A change from an incorrect to a correct classification of transactions or balances on the financial statements -> An adjustment to account balances to correct a material error in previously issued financial statements

correction

Monitoring Activities Principles: -> The org selects, develops, and performs ongoing and/or separate evaluations to ascertain whether the components of internal control are present and functioning -> The org evaluates and communicates internal control deficiencies in a timely manner to those parties responsible for taking ___________ action, including senior mgmt and the BOD, as appropriate

corrective

Kiting typically looks like: Recording the transfer to the receiving bank account in the _________ year and recording the transfer from the disbursing bank account in the _________ year, correct?

current following

Control Deficiency: -> When the _______ or ________ of a control does not allow management or employees, in the normal course of performing their assigned function, to prevent or detect and correct, misstatements on a timely basis

design operation

Type II Event: -> Conditions did not exist at the BS date and do not affect the accuracy of the financial statements ---> Requires ___________ and possibly pro forma financial statements

disclosure

Key Audit Matters (KAMs): -> Those matters that, in the auditor's professional judgement, were of most significance in the audit of the financial statements of the current period. The basics of communicating KAM 1. why the auditor judged a matter to be of most significance in the audit, 2. how that matter was addressed in the audit, AND 3. whether there is reference to any related financial statement ___________

disclosures

The auditor should also inquire about and examine, for this subsequent period, the following: -> Relevant internal audit reports issued during the subsequent period -> Regulatory agency reports on ICFR -> Info about the ____________ of ICFR obtained from other engagements

effectiveness

Auditing Revenue Related Accounts: -> The auditor's testing of control for revenue processing impacts the detection risk and therefore the level of substantive procedures -> Substantive analytical procedures are used to examine plausible relationships among revenue related accounts -> Tests of details focus on transactions, account balances, or disclosures: ---> Tests of details concentrate on the ________ __________ for accounts receivable and related accounts as well as related disclosures

ending balance

Testing All Items with a Particular Characteristic: -> When an account or class of transaction is made up of a _____ ______ ______, the auditor may examine all the items in the account or class of transaction -> When a small number of large transactions make up a relatively large recent of an account or class or transactions, auditors will typically test all the transactions _______ ________ a particular dollar amount

few large items GREATER THAN

2 Major Types of Material Misstatements: 1) Sales to ___________ customers 2) Recording revenue when goods have not been shipped or services have not been performed

fictitious

Usually, firms' nonstat guidelines seek to provide 2 benefits: 1) simplify the judgements required by field auditors - experts at firm HQ make _________ judgements 2) improve consistency in sampling applications within and across engagement teams

firmwide

To understand likely sources of potential misstatements, auditor must: -> Understand the. ________ of transactions related to the relevant assertions -> Identify the _______ within the entity's processes at which a misstatement could arise that would be material -> Identify the controls that management has ___________ to address these potential misstatements -> Identify the controls that management has implemented over the prevention or timely detection of ___________ acquisition, use, or disposition of the company's assets that could result in a material misstatement of the financial statements

flow points implemented unauthorized

Testing Only One or a Few Items: -> Automated info systems process transactions consistently unless the system or programs are changed -> The auditor may test the _______ _______ over the system and any program changes, but test only a few transactions processed by the IT system

general controls

Completing the Audit Engagement: The following areas are addressed by the auditor in connection with completing an audit: -> Contingent liabilities -> Commitments -> Subsequent events -> Going-concern considerations -> Evaluating misstatements -> Communications with those charged with __________ (audit committee) and management

governance

SELECTING THE SAMPLE ITEMS: Nonstatistical sampling allows the use of random or systematic selection, but also permits the use of other methods such as __________ sampling

haphazard

When ___________ sample selection is used, sampling units are selected without any conscious bias (no special reason for including or omitting items from the sample)

haphazard

The Role of Risk Assessment and the Risk of Fraud: -> The auditor should devote more attention to areas that have a _______ risk of material weakness -> A major part of risk assessment is assessing the ______ of fraud

high risk

Omitting Confirmations: -> AR balance is ____________ -> External confirmations would be ineffective (based on prior experience) -> The auditor's assessed level of risk of material misstatement at the relevant assertion level is low, and the other planned substantive procedures adress the assessed risk

immaterial

If there is a lack of comparability that DOES NOT involve _______________ in the use of accounting principles or correction of material misstatements in previously issued financial statements: Ex. Change in accounting estimate Ex. Reclassification from an acceptable classification to another THESE DO NOT REQUIRE AN EXPLANATORY PARAGRAPH IN THE AUDITOR'S REPORT They are disclosed in the NOTES to the financial statements

inconsistency

Archiving and Retention: Sarbanes-Oxley Act and PCAOB's Documentation Standard: -> Require audit firms to archive their public-company audit files for retention not more than 45 days after the report release date. -> Require audit firms to retain audit documentation for 7 years from the date of completion of the engagement, as indicated by the date of the auditor's report, except in cases in which a longer period of time is required by law. -> Require audit firms to retain all documents that "form the basis for the conclusion reached." -> Require audit firms to include in the audit file for significant matters any document created, sent, or received, including documents that are _____________ with a final conclusion. Significant changes in audit plans or conclusions must also be documented.

inconsistent

Control Environment Principles: -> (1) The organization demonstrates a commitment to integrity and ethical values -> (2) The BOD demonstrates ___________ from management and exercises oversight of the development and performance of internal control -> (3) Mgmt establishes, with board oversight, structures, reporting lines, and appropriate authorities and responsibilities in the pursuit of objectives -> (4) The organization demonstrates a commitment to attract, develop, and retain competent individuals in alignment with objectives -> (5) The org holds individuals accountable for their internal control responsibilities in the pursuit of objectives

independence

Auditor Responsibilities under Section 404 and Auditing Standard 5: -> The entity's independent auditor must audit and report on the effectiveness of ICFR. The auditor is required to conduct an ______ ________ of the entity's ICF and its financial statements

integrated audit

Auditors of public companies are responsible to report on any changes in ________ _________ that might adversely affect financial reporting between the end of the reporting period and the date of the auditor's report

internal control

The results of substantive procedures are considered in the evaluation of ______ ________

internal control

An integrated audit is composed of: -> The audits of ______ _______ and the ________ ________

internal controls financial statements

Control Risk Assessment - Investments: -> Some of the more important assertions for ____________: ---> Occurrence and authorization ---> Completeness ---> Accuracy and Classification

investments

Critical Audit Matters (CAMs): -> Any matters arising from the audit of the financial statements that are communicated, or required to be communicated, to the audit committee and that: 1. relate to accounts or disclosures that are material to the financial statements, AND 2. involved especially challenging, subjective, or complex auditor _________

judgement

Scaling the Audit: -> Size and complexity of the company, its business processes, and business units may affect the way in which the company achieves many of its control objectives -> The auditor should recognize that the concepts behind achieving effective internal control can be scaled for companies of different size and complexity consistent with the risk-based approach -> A small, _______-_______ entity might achieve its control objectives differently from a large, complex entity

less-complex

Dual Dating: -> When a subsequent event is recorded or disclosed in the financial statements after sufficient, appropriate audit evidence has been obtained but before the issuance of the financial statements, the auditor considers the following options for dating the auditor's report: 1) "Dual date" the report (original date of report plus date of subsequent event - _________ liability) 2) Change the date of the auditor's report to the date of the subsequent event - _________ liability

limits extends

Mgmt's Assessment Process: -> Mgmt must follow a top-down, risk-based approach: ---> 1) Identify financial reporting risks and related controls ---> 2) Consider which _________ to include in the evaluation ---> 3) Evaluate evidence about the operating effectiveness of ICFR

locations

Controls include procedure that: 1) Pertain to the ___________ of records that accurately and fairly reflect the transactions and dispositions of the assets of the company 2) Provide reasonable assurance that transactions are properly __________ and recorded in accordance with GAAP 3) Provide reasonable assurance regarding prevention or timely ___________ of unauthorized acquisition, use or disposition of the company's assets

maintenance authorized detection

The auditor uses risk assessment procedures to: ---> Obtain an understanding of the entity's internal control ---> Identify key controls ---> Recognize the types of potential ___________ ---> Design tests of controls and substantive procedures

misstatements

Auditor Documentation Requirements 1) The auditor's understanding and evaluation of the design of each of the components of ICFR 2) The process used to determine the points at which misstatements could occur within significant accounts and disclosures 3) The extent to which the auditor relied upon the work of others 4) The scope of testing 5) The evaluation of any deficiencies discovered or other findings which could result in a report __________

modification

Factors to consider when identifying controls to test: -> Points at which errors or fraud could occur -> The ________ of the controls implemented by mgmt -> The significance of each control in achieving the objectives of the control criteria and whether more than one control achieves a particular objective -> The risk that the controls might not be operating __________

nature effectively

Risk Assessment Principles: -> The org specifics __________ w sufficient clarity to enable the identification and assessment of risks relating to objectives -> The org identifies risks to the achievement of its objectives across the entity and analyzes risks as a basis for determining how the risks should be managed -> The org considers the potential for _______ in assessing risks to the achievement of objectives -> The org identifies and assesses changes that could significantly impact the system of internal control

objectives fraud

To ____________ cash flow, an entity implements procedures for: -> Accelerating the collection of cash receipts, AND -> Delaying the pmt of cash disbursements, to the extent delay is appropriate

optimize

Final Evidential Evaluation Processes: -> Obtain a management representation letter: ---> Auditing standards require that auditor obtain REPRESENTATION LETTER from management. The purpose of this letter is to document, in writing, significant ________ representations made to auditor by management

oral

Examples of Audit Procedures: -> Inquire of management -> Read minutes of meetings -> Read interim financial statements -> Inquire of legal counsel -> Examine the books of ______ ________ for the subsequent events period and look for unusual transactions or information

original entry

Tests of Details - Investments: Accuracy, Valuation, and Allocation: -> The auditor must also determine if there has been any "______ ______ ______" or permanent decline in the value of an investment security

other than temporary

Communicating Results of the Audit: -> Share the auditor's views about ___________ aspects of the entity's significant and critical accounting practices, including accounting policies, estimates, and financial statement disclosures, and communicate the auditor's conclusions about the quality of accounting policies and practices -> Discuss critical estimates and significant unusual transactions, and considerations relating to assessment of going concern -> Disclose disagreements with management, if any

qualitative

Auditing Fair Value Measurements: -> Obtain an understanding of how management makes the fair value measurements -> Consider whether specialized skills or knowledge are required -> Test the entity's fair value measurements -> Evaluate the _____________ of the fair value measurements

reasonableness

Control Risk - Cash: -> The reliability of the entity's controls over cash affects the nature and extent of the auditor's test of details: ---> Controls for cash receipts ---> Controls for cash disbursements -> A major control that directly affects the audit of cash is the completion of a monthly bank ____________ by entity personnel who are independent of the handling and recording of cash receipts and cash disbursements

reconciliation

Info and Communication Principles: -> The org obtains or generates and uses ________ quality info to support the functioning of internal control -> The org internally communicates info, including ___________ and responsibilities for internal control, necessary to support the functioning of internal control -> The org communicates w _________ parties regarding matters affecting the functioning of internal control

relevant objectives external

ICFR: -> A process designed to provide reasonable assurance regarding the _________ of financial reporting and the preparation of financial statements in accordance with GAAP.

reliability

Mgmt must comply with the following requirements in order for the external auditor to complete an audit of ICFR: -> Accept ___________ for effectiveness of the entity's ICFR -> Evaluate the __________ of the entity's ICFR using suitable control criteria -> Support the evaluation with sufficient __________, including documentation -> Present a written ___________ regarding the effectiveness of the entity's ICFR as of the end of the entity's most recent fiscal year

responsibility effectiveness evidence assessment

Planning the Audit of ICFR: -> The planning process is performed in conjunction with the audit of financial statements -> Consider the following: ---> Role of ______ ________ and the risk of fraud ---> Using the work of others ---> Scaling the audit

risk assessment

Internal Control - Management: -> Mgmt has the responsibility to design and maintain controls that provide reasonable assurance that: ---> The entity's assets and records are properly __________ ---> The info system generates reliable info for decision making ---> The auditor needs assurance about the reliability of the data generated by the info system

safeguarded

Auditing Accounting Applications Processed by Service Organizations: -> In some instances, an entity may have some or all of its acctg transactions processed by an outside service org -> Bc the entity's transactions are subjected to the controls of the service go, one of the auditor's concerns is the internal control system in place at the ________ org -> It is not uncommon for service orgs to have an auditor issue one of 2 types of reports on their operations: ---> TYPE 1 ---> TYPE 2

service

Use of Service Organizations: -> Management and the auditor should perform the following procedures with respect to the activities performed by the service org: 1) Obtain an understanding of the nature and _________ of the services provided by the service org and their effect on the user entity's internal control relevant to the audit, sufficient to identify and assess the risks of material misstatement; and 2) Design and perform audit procedures responsive to those risks 3) Use of Type.1 or Type 2 reports

significance

Assess the following risk factors in order to identify ____________ accounts and disclosures and their relevant assertions: -> Size and composition of the account -> Susceptibility to misstatement due to errors or fraud -> Volume of activity, complexity, and homogeneity of the individual transactions processed through the account or reflected in the disclosure -> Accounting and reporting complexities associated with the account or disclosure -> Exposure to losses in the account -> Possibility of significant contingent liabilities arising from the activities reflected in the account or disclosure -> Existence of related party transactions in the account -> Changes from the prior period in account or disclosure characteristics

significant

2 General Approaches to Audit Sampling: -> __________ sampling -> __________ sampling

statistical non statistical

The auditor's understanding of the internal control is a major factor in determining the overall audit ________.

strategy

Going Concern: There needs to be a going concern paragraph if there is ________ _________ about the entity's ability to continue as a going-concern

substantial doubt

Steps in the Auditor's Going Concern Evaluation: -> Independently evaluate whether the results of audit procedures performed during the planning, performance, and completion stages of the audit indicate whether there is _______ ________ about the entity's ability to continue as a going concern for a reasonable period of time (defined as one year from the issuance of the financial statements) -> If there is substantial doubt, obtain info about management's plans to mitigate the going concern problem and assess the likelihood that such plans will be successfully implemented -> Conclude, in light of management's plans, whether it is probable that the entity will be able to continue as going concern; if not, consider the adequacy of the entity's disclosures about its ability to continue and include an explanatory paragraph with an appropriate title in the auditor's report, immediately following the opinion paragraph -> Assess management's going concern evaluation and related disclosures

substantial doubt

Control testing impacts planned _______ procedures

substantive

Final Evaluation of Audit Results: -> Concerned primarily with 2 issues: ---> the ______________ of the audit evidence, AND ---> the effects of detected misstatements in the financial statements

sufficiency

For a public company, the standard unqualified report is issued when: -> the auditor has gathered ___________ appropriate evidence -> the audit has been performed in accordance with PCAOB standards, AND -> the financial statements conform to GAAP

sufficient

If a material weakness is corrected before the "as of" date: -> There must be sufficient _______ for both management and the auditor to test the operating effectiveness of the control (if not, neither management or the auditor can conclude that ICFR is effective)

time

Confirmation Procedures: -> The auditor should mail confirmation requests outside the entity's facilities -> A record should be maintained of the confirmations mailed and those returned -> A second request may be necessary in some cases -> For each exception received, the auditor should examine the reasons for the difference between the balance on the client's book and the balance indicated by the customer ---> In many cases, exceptions result from what are referred to as _______ ________. Such differences occur because of delays in recording transactions in either the client's or the customer's records

timing differences

Obtain an Understanding of Internal Control: -> The auditor should obtain an understanding of each of the 5 components of internal control in order to plan the audit. This knowledge is used to: ---> Identify ________ of potential misstatement ---> Pinpoint controls meant to ________ the risk of material misstatement ---> Design tests of controls (unless not necessary) and substantive procedures to reduce the risk of misstatement to an acceptably low level

types mitigate

The auditor has a responsibility to: -> Obtain an ____________ of internal control, AND -> Assess control risk

understanding

Controls that are critically important in terms of fraud deterrence and detection are controls . . . : -> Over significant, ________ transactions, particularly those that result in late or unusual JEs -> Over JEs and adjustments made in the period-end financial reporting process -> Over ________ party transactions -> Related to significant management ________ -> That mitigate __________ for, and pressures on, management to falsify or inappropriately manage financial results

unusual related estimates incentives

Factors that affect whether the control might not be operating effectively include: -> Whether there have been changes in the ________ or nature of transactions that might adversely affect control design or operating effectiveness -> Whether there have been changes in the __________of controls -> The degree to which the control _________ on the effectiveness of other controls -> Whether there have been changes in key _________ who perform the control or monitor its performance -> Whether the control relies on performance by an individual or is ___________; and -> The complexity of the control

volume design relies personnel automated

Control Risk Assessment: -> Understand the design of controls by performing __________ -> Document the revenue process based on a reliance strategy -> Plan and perform tests of controls on revenue transactions -----> The auditor systematically examines the entity's revenue process to identify relevant risks of material misstatement and controls that help to prevent, or detect and correct, those misstatements -> Set and document the control risk for the revenue process

walkthroughs

The auditor performs "___________" of the business processes to obtain an understanding of internal controls

walkthroughs

Obtain an independent review of the engagement: -> An engagement quality review for publicly traded companies and for privately held companies whose financial statements are expected to be ________ __________ -> Engagement quality reviewer is a partner who is associated with the details of the engagement and thus can provide an independent, objective review

widely distributed

Final Evidential Evaluation Process: -> Review __________ ________: ---> All audit work should be reviewed by an audit team member who is senior to person preparing the WORKING PAPERS

working papers


Ensembles d'études connexes

Nursing Informatics midterm Chap 1

View Set

Chapter 31 Patients with Hypertension, MedSurg Chapter 31, Patho Test 1 - ATI questions

View Set

MRKT 3011 ch 1, 2, 3, & 4 quizzes

View Set

Aging and the Family: Final Exam

View Set

HESI Dosage Calculations Practice Exam, Hesi Pharmacology Review

View Set