Auditing Ch7

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

audit procedures used to test effectiveness of IC include: 4

1) inquiries of client personnel 2) inspection of documents and reports 3) observation of the application of controls 4) reperformance of the controls

Definition of IC

A process, effected by the entity's board, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objective relating to operations, reporting, and compliance

service auditor report types Type 1 Type 2

Type 1: a report on management's description of a service organization's system and the suitability of the design controls Type 2: type1 and operating effectiveness of controls

policies and procedures that help mitigate the risk that the organization's objectives are not met are called control ______

activities

if one or more material weaknesses in IC are found an _____ ____ should be issued

adverse opinion

for the control environment component, professional standards require auditors should obtain sufficient knowledge about the company's ______

antifraud progam

the major difference between control objectives and management assertions is that control objectives

are broader in scope because they relate to reporting, operations, and compliance

_____ is a checklist, standard form, or computer program that helps the auditors make a particular decision by ensuring that they consider all relevant information or by assisting them in combining the information to make the decision

audit decision aid

organizational structure should separate responsibilities for

authorization of transactions record keeping for transactions custody of assets

reduces the risk that an existing or potential control waekness will result in a misstatement

compensating control (Ex: owner of small business examines FS extra carefully because they can't hire more personnel in accounting)

when assessing work of internal auditors, external auditors should look at _____ and ____

competency and objectivity

function together to achieve the same control objective

complementary controls

what is of particular significance to corporate governance

control environment

one major difference between control objectives and assertions:

control objectives are broader in that they relate not only to financial reporting, but also to operations and compliance

not only concerned with the effectiveness of financial reporting, but it also encompasses ethical treatment of all major stakeholders, compliance with laws, regulations, customary business practices, and effective risk management

corporate governance

a _________ over financial reporting exists when the design or operation of a control does not allow management or employees, in the normal course of performing their assigned functions, to prevent or detect material misstatements on a timely basis.

deficiency in internal control; only communicated if they think it deserves management's attention (put in management letter)

risks at the fs level are those that relate to the overall ____ _____ and potentially affect many individual assertions

financial statements Ex: accounting estimates, preparation of notes, accounting policies applied, control environment

transaction-level controls may be broken down into two categories: ______ control activities and ____ controls

general; application

enterprise risk management system

includes internal control but includes focusing beyond that

allow an individual to both perpetrate an conceal errors or fraud in the normal course of his or her duties

incompatible duties

example of work that should not be assigned to internal auditors

making required inquiries of management related to identification of fraud risks and determining procedures to respond to such risks

operate through management review of info for evidence of errors, fraud, or breakdowns in other controls

management review controls (ex: reviewing unusual transactions or reviewing calcs of estimates)

a _____ is a deficiency in IC over financial reporting such that there is a reasonable possibility that material misstatement of the company's fs will not be prevented or detected on a timely basis

material weakness; must be communicated IN WRITING

management needs to assess risks that threaten their ability to meet their objectives in the area of ______, ______, and _______

operations, reporting, and compliance

preliminary assessments of control risk are often referred to as

planned assessed level of control risk

controls over financial reporting are often classified as ____ _____ Or _____

preventative, detective, or corrective

if they address the same fs assertion or control objective

redundant controls

three category objectives of IC set by COSO

reporting, operations, and compliance

auditors use ______ ______ _____ to obtain an understanding of internal control

risk assessment procedures

the acceptable level of variation in performance relative to the achievement of objectives

risk tolerance

a ________ is a deficiency in internal control over financial reporting that is less sever than a material weakness, yet important enough to merit attention by those responsible for oversight of the company's financial reporting

significant deficiency; must be communicated IN WRITING

controls that assess whether other transaction control activities are operating properly and are usually focused on high-risk transactions are called _______ controls

supervisory

refers to tracing one or two transactions through each step in the cycle

walk-through

controls over the authorization and processing of payroll are ______ controls

application

controls over the authorization and processing of payroll are _______ controls

application

fives stages of internal control audit

1) Plan the engagement 2) Use a top-down approach to identify controls to test 3) test and evaluate design effectiveness of IC 4) test and evaluate operating effectiveness of IC 5) Form an opinion on the effectiveness of IC over financial reporting

Five components of IC; auditor should develop understanding of each

1) control environment 2) risk assessment process 3) control activities 4) Information system relevant to financial reporting and communication 5) Monitoring activities


Ensembles d'études connexes

Ch. 15 - Working with Command-Line Interface

View Set

Principles of Marketing - Chapter 8

View Set

Network+ Chapter 10 Command-Line Tools

View Set

Chapter 3: Collecting Objective Data: The Physical Examination

View Set

Chapter 37: Nursing Care of the Child With an Infectious or Communicable Disorder

View Set

APR Exam Practice Questions Set 01

View Set

10- PROJECT COMMUNICATIONS MANAGEMENT

View Set

Parallel and Perpendicular Slopes and Equations

View Set

PSYCH 11: Week 3 Infancy and Toddlerhood

View Set

AP Human Geography Chapter 10/11

View Set

EXAM III: Chapter 12 - Adaptive Immunity

View Set