Auditing & Assurance Chapter 5
If a control total were to be computed on each of the following data items, which would best be identified as a hash total for a payroll IT application?
Department numbers
Which of the following should an auditor do when control risk is assessed at the maximum level?
Document the assessment
Once the auditor detects a control deficiency, which of the following steps must he or she take first?
Evaluate the severity of the deficiency on the auditor's control risk assessment for that assertion.
Auditors of public companies do not need to determine the quality of a client's internal control; they only need to know enough to plan the audit work.
False
Evaluation of internal control systems of a nonpublic entity should not be subject to cost-benefit considerations.
False
The audit team is responsible for the client's internal control.
False
Nonroutine
Financial statement close Depreciation Physical inventory LIFO calculation
Which of the following is not a component of internal controls?
Inherent risk
Corrective Control
Maintaining backups of data
Attracting, Developing, and Retaining Competent Employees
Management is committed to hiring employees with appropriate levels of education, experience, and evidence of integrity and ethical behavior
Which of the following is a factor in the control environment?
Management's philosophy and operating style
Generally accepted auditing standards (GAAS) give auditors considerable discretion to decide the amount of work required to satisfy auditing standards guiding internal control evaluation and related audit planning. Which of the descriptions below best expresses the minimum amount of work permitted by GAAS for nonpublic companies?
Obtain an understanding of client environment, accounting, and control activities. Document the decision to assess control risk at maximum. Perform an extensive but not 100% substantive audit on financial statement transactions and balances.
Recorded sales must be supported by invoices, shipping documents, and customer orders.
Occurrence Invalid transactions are recorded
Which of the following payroll control activities would most effectively ensure that payment is made only for work performed?
Require employees to have their direct supervisors approve their time cards.
Which of the following areas can external auditors rely on internal auditors' work in auditing internal controls?
Testing of low-risk internal control activities
Individual Accountability
The organization must hold individuals accountable for their internal control responsibilities
Which of the following is a definition of control risk?
The risk that a material misstatement will not be prevented or detected on a timely basis by the client's internal controls
Which of the following is the least important audit reason for the auditor's obtaining an understanding of a company's internal control?
To serve as a basis for constructive suggestions
Auditors can stop the assessment of control risk for nonpublic entities for either effectiveness or efficiency reasons.
True
Auditors perform tests of control activities to determine how the company's controls actually functioned during the period under audit.
True
Credit sales over $1,000 require prior approval by the credit manager.
Valuation Unauthorized transactions are executed and recorded
An audit team's responsibility would not include
designing client's internal controls.
The goal to find a misstatement that has already been made is a type of ________ control.
detective
After obtaining an understanding of a client's financial reporting control activities, the auditor would next
document the understanding obtained.
When the audit team increases the planned assessed level of control risk because certain control activities were determined to be ineffective, the audit team would most likely increase the
extent of substantive tests of details.
Preparing bank ___________ can help detect misstatements that have been made.
reconciliations
When completing the audit of internal controls for a public company, AS 5 requires auditors to test
Both operating and design effectiveness.
Commitment to Integrity and Ethical Values
A clearly articulated statement of ethical values
Detective Control
A requirement to prepare bank reconciliations
Effective Organizational Structure
A well-designed structure provides a basis for planning, directing, and controlling operations
Sales invoices must be reviewed for correct quantities and mathematical accuracy.
Accuracy Transaction amounts are inaccurate
Which of the following client internal control activities is not usually performed in the treasurer's department?
Approving vendors' invoices for payment
In most audits of large entities, control risk assessment contributes to audit efficiency, which means that
Auditors will be able to reduce the cost of substantive procedures by an amount more than the control evaluation costs.
Estimate
Bad debt expense
Routine
Cash receipts Payroll Cash disbursements Inventory costing
All sales on credit must be charged to customers' individual accounts.
Classification Transaction accounting is incomplete
_______controls come into play when a misstatement is found.
Corrective
The primary purpose for obtaining an understanding of a nonpublic audit client's internal control is to
Determine the nature, timing, and extent of further audit tests to be performed in the audit.
Effectiveness of audit procedures would be reduced by
Performing procedures during the interim period as opposed to at the fiscal year-end date.
Preventive Control
Segregation of duties
______should develop a statement of ethical values.
Senior management
Which of the following is an information technology general control
Separation of duties in the IT department
Effective Board of Directors
The extent of independence of this group is critical
Management's report on internal controls must include each of the following except
a statement providing management's evaluation of the company's control environment.
The requirement to _________ journal entries is an example of a preventive control.
approve
After determining significance, the financial statement _______ come into determination.
assertions
Control activities intended to ensure that transactions are recorded in the right period are designed to achieve the ASB assertion of
cutoff.
The appropriate separation of duties does not include
data preparation.
To enhance the control environment, management develops job __________.
descriptions
The audit committee should be composed of directors who are not _______of the organization.
employees
Accounting ______ involve management's judgment or assumptions.
estimates
Sound internal control can be described as separating all of the following duties and responsibilities except for
hiring of employees.
As part of understanding the internal control, an auditor is not required to
obtain knowledge about the operating effectiveness of the client's internal control activities.
Organizational structure provides a basis for planning, directing, and controlling _________.
operations
The internal control in small business is highly dependent on the
owner-manager's competence, as well as his/her ethics and integrity.
Segregation of duties is a control aimed at _______ misstatement.
preventing
In computer systems, the information technology general controls (ITGC) would not include
processing control activities.
Routine transactions are for _____ activities.
recurring
The ultimate purpose of assessing control risk is to contribute to the auditor's evaluation of the
risk that material misstatements exist in the financial statements.
An account is ________ if there is a reasonable possibility that it could contain a misstatement that has a material effect on the financial statements.
significant
If employees lack ________, they may be ineffective in performing their duties.
skills
A set of characteristics that helps to define a seriousness about employees' attitudes about the control activities in a company is referred to as
the control environment.
The significance of accounts should be considered ______ regard to internal control.
without
All shipping documents must be prenumbered and matched with sales invoices daily.
Completeness Valid transactions are omitted from the accounts
