Auditing Chapter 7

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

As-of date

A concept applied to internal control reporting by the Sarbanes-Oxley Act of 2002 and PCAOB Standard No. 5. The internal control reports of both management and the auditors are as of the final day of the reporting period—the "X."

Corrective Control

A control established to remedy control problems (e.g., misstatements) that are discovered through detective controls.

Compensating control

A control that reduces the risk that an existing or potential control weakness will result in a failure to meet a control objective (e.g., avoiding misstatements). "X" are ordinarily controls performed to detect, rather than prevent, the original misstatement from occurring.

Material weakness

A deficiency in internal control over financial reporting (or a combination of deficiencies) such that there is a reasonable possibility that a material misstatement of the company's financial statements will not be prevented or detected on a timely basis.

Significant deficiency

A deficiency in internal control over financial reporting (or combination of deficiencies) that is less severe than a material weakness, yet important enough to merit attention by those responsible for oversight of the company's financial reporting.

Fidelity Bonds

A form of insurance in which a bonding company agrees to reimburse an employer for losses attributable to theft or embezzlement by bonded employees.

Service Auditor

A practitioner that reports on the internal controls at a service organization.

Walk-through

A procedure in which an auditor follows a transaction from origination through the company's processes, including information systems, until it is reflected in the company's financial records, using the same documents and information technology that company personnel use. Walk-through procedures usually include a combination of inquiry, observation, inspection of relevant documentation, and reperformance of controls.

Internal Control

A process, effected by the entity's board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the categories of (1) operations, (2) reporting, and (3) compliance.

Management letter

A report to management containing the auditors' recommendations for correcting any deficiencies disclosed by the auditors' consideration of internal control. In addition to providing management with useful information, a management letter may also help limit the auditors' liability in the event a control weakness subsequently results in a loss by the client.

Integrated Audit

An audit where auditors, in addition to an opinion on the financial statements, express an opinion on the effectiveness of a company's internal control over financial reporting, in accordance with PCAOB Auditing Standard No. 5 . Public companies with a market capitalization of $75,000,000 or more are required to undergo integrated audits.

User auditor

An auditor that audits and reports on the financial statements of a user entity.

User entity

An entity that uses the services of a service organization and whose financial statements are being audited.

Service organization

An organization or segment of an organization that provides services to user entities that are relevant to the user entities' internal control over financial reporting.

Relevant assertions

Assertions that have a meaningful bearing on whether an account balance, class of transaction, or disclosure is fairly stated. For example, valuation may not be relevant to the cash account unless currency translation is involved; however, existence and completeness are always relevant.

Incompatible duties

Assigned duties that place an individual in a position to both perpetrate and conceal errors or fraud in the normal course of job performance.

Risk assessment procedures

Audit procedures performed to obtain an understanding of the client and its environment, including its internal control. Some of the information obtained by performing these procedures may be used by the auditor as audit evidence to support assessments of the risks of material misstatement. Risk assessment procedures include ( a ) inquiries of management and others within the entity, ( b ) analytical procedures, and ( c ) observation and other procedures, including inquiries of others outside the entity.

Detective Controls

Controls designed to discover control problems soon after they occur.

Preventive controls

Controls that deter control problems before they occur.

Complementary controls

Controls that function together to achieve the same control objective.

Internal Auditors

Corporation employees who design and execute audit programs to test the effectiveness and efficiency of all aspects of internal control. The primary objective of internal auditors is to evaluate and improve the effectiveness and efficiency of the various operating units of an organization rather than to express an opinion as to the fairness of financial statements.

Suitable criteria

Criteria are the standards or benchmarks used to measure and present the subject matter and against which the CPA evaluates the subject matter. Suitable criteria are established or developed by groups composed of experts that follow due process procedures, including exposure of the proposed criteria for public comment. Suitable criteria must have each of the following attributes: objectivity, measurability, completeness, and relevance.

Redundant controls

Duplicate controls that achieve a control objective.

Foreign Corrupt Practices Act

Federal legislation prohibiting payments to foreign officials for the purpose of securing business. The act also requires all companies under SEC jurisdiction to maintain a system of internal control providing reasonable assurance that transactions are executed only with the knowledge and authorization of management.

Internal control questionnaire

One of several methods of describing internal control in audit working papers. "X" are usually designed so that "no" answers prominently identify weaknesses in internal control.

Substantive procedures (tests)

Procedures performed by the auditor to detect material mis-statements in account balances, classes of transactions, and disclosures.

Test of controls

Procedures performed by the auditor to test the operating effectiveness of controls in preventing or detecting material misstatements at the relevant assertion level. These tests are performed when the auditor's risk assessment includes an expectation of the operating effectiveness of controls, including circumstances in which planned substantive procedures alone do not provide sufficient appropriate audit evidence.

Further audit procedures

Substantive procedures for all relevant assertions and tests of controls when the auditors' risk assessment includes an expectation that controls are operating effectively. The auditors perform risk assessment procedures to obtain an understanding of the client and its environment, including internal control. They then conduct a risk assessment and determine the appropriate further audit procedures.

Control Risk

The possibility that a material misstatement due to error or fraud in a financial statement assertion will not be prevented or detected by the client's internal control.

Inherent Risk

The risk of material misstatement of a financial statement assertion, assuming there are no related controls.

Transaction cycle

The sequence of procedures applied by the client in processing a particular type of recurring transaction. The auditors' working paper description of internal control often is organized around the client's major transaction cycles.

Deficiency in internal control

A situation in which the design or operation of a control does not allow management or employees, in the normal course of performing their functions, to prevent or detect misstatements on a timely basis. A deficiency in design exists when either a control necessary to meet a control objective is missing or the existing control is not designed to operate effectively. A deficiency in operation exists when a properly designed control does not operate as designed, or when the person performing the control does not possess the necessary authority or qualifications to perform the control effectively.

Audit decision aid

A standard checklist, form, or computer program that assists auditors in making audit decisions by ensuring that they consider all relevant information or that aids them in weighting and combining the information to make a decision.

Systems flowcharts

A symbolic representation of a system or series of procedures with each procedure shown in sequence. "X" are a widely used method of describing internal control in audit working papers.

Written narrative of internal control

A written summary of internal control for inclusion in audit working papers. Written narratives are more flexible than questionnaires, but by themselves are practical only for describing relatively small, simple systems.

Risk Tolerance

The acceptable level of variation in performance relative to the achievement of objectives. For example, a company may expect staff to respond to all customer complaints within 24 hours, but accept that up to 10% of complaints receive a response within 36 hours.

Organizational structure

The division of authority, responsibility, and duties among members of an organization.

Planned assessed level of control risk

The level of control risk the auditors assume in designing further audit procedures, which include an appropriate combination of tests of controls and substantive procedures.

Assessed level of control risk

The level of control risk used by the auditors in determining the acceptable detection risk for a financial statement assertion and, accordingly, in deciding on the nature, timing, and extent of substantive procedures.


Ensembles d'études connexes

chapter 2 early us history; The Rise of the Atlantic World, 1400-1625

View Set

Canterbury Tales Positive, Negative and Neutral Characters

View Set

Chapter 37: Cardiac Glycosides, Antianginals, and Antidysrhythmics

View Set

ALAT Chapter 2 - The Animal Research Environment

View Set

Cardiology and Sudden Cardiac Death - Chap. 8

View Set

Опасное порно: проблемы PornHub теперь и у OnlyFans?

View Set

Chapter 11 - Pricing with Market Power

View Set