Auditing Exam 2 Study Guide
According to COSO, a system of internal controls is designed to provide reasonable assurance about the achievement of entity objectives in which of the following categories?
- Reliability, timeliness and transparency of internal and external financial and nonfinancial reporting -Effectiveness and efficiency of operations, including safeguarding of assets -Compliance with applicable laws and regulations.
The components of internal controls as defined by the COSO Framework are ______.
-Control environment -Entity's risk assessment process -Control activities -Information and communication -Monitoring activities
Under current auditing standards, management assertions fall into categories of assertions about_____.
1) Assertions about classes of transactions and events, and related disclosures, for the period under audit 2) Assertions about account balances, and related disclosures, at the period end
Important components of effective internal controls for an entity include ______.
A strong internal audit function, removing performance-dependent rewards, and having an effective board of directors.
Checks, invoices, contracts, ledgers, worksheets and spreadsheets are all part of auditing evidence referred to as_____ _____.
Accounting records
Whether amounts and other data relating to recorded transactions and events have been recorded appropriately is addressed by the ______ assertions.
Accuracy
Expressed or implied representations by management regarding the recognition, measurement, presentation and disclosure of information in the financial statements and related disclosures are referred to as
Assertions
Specific acts performed by the auditor to gather evidence about whether specific assertions are being met are referred to as _____ _____.
Audit Procedures
People that significantly influence the control consciousness of the entity and must take their fiduciary responsibilities seriously and actively oversee the entity's accounting and reporting policies and procedures include the ______.
Audit committee and board of directors
The basic framework for the auditor's understanding of audit evidence and its use in supporting the auditor's opinion on the financial statements is (are) ______.
Auditing Standards
The purpose of the ______Framework is to help management better control the organization and to provide boards of directors an added ability to oversee internal control.
COSO
When an employee who receives cash receipts from customers conspires with another employee who records those receipts in the customers' records to steal cash from the entity, this is known as ______.
Collusion
Whether all transactions and events that occurred during the period have been recorded relates to the ______assertion.
Completeness
In deciding on the nature and extent of the understanding of internal control needed for the audit, the auditor should consider the entity's operations and systems ______.
Complexity and sophistication
To understand management's and the board of directors' attitudes, awareness, and actions concerning it, the auditor should gain sufficient knowledge about the
Control environment
An auditor examines shipping documents to ensure that no prior period sales have been recorded in the current year to test the_____ assertion
Cutoff
This assertion relates to whether transactions and events have been recorded in the correct accounting period.
Cutoff
The integrity and ethical values of management personnel heavily influence the ______ of an entity's internal controls.
Effective
Knowledge of the information system is important to understand the related accounting records when they are ______.
Electronic or manual
A management statement that the inventory shown on the balance sheet was available for sale at the balance sheet date is an example of the _____ assertion.
Existence
A management statement that the property, plant and equipment shown on the balance sheet was owned and available for sale at the balance sheet date is an example of the ______ assertion.
Existence
Large public companies are required to engage a(n) ______ auditor to express an opinion as to the effectiveness of their systems of internal control over financial reporting.
External
How management identifies risks relevant to the preparation of financial statements, estimates their significance, assesses the likelihood of their occurrence and decides on how to manage them is most directly relevant to the ______.
External auditors
True or false: The auditor is concerned with the completeness assertion because failure of this assertion always leads to an overstatement of income.
FALSE
Information that is complete, neutral and free from error has the characteristic of
Faithful representation
True or false: Inspecting tangible assets provides significant assurance for the rights and obligations assertion.
False
The accuracy assertion is based on ______.
GAAP
The extent of an entity's use of _____ _____ can affect internal controls because this function affects the way transactions are initiated, authorized, recorded, processed and reported.
Information Technology
The infrastructure, software, people, procedures and data used to support the functioning of internal control is known as a(n)
Information system
Counting cash on hand and examining inventory are examples of _____ of tangible assets.
Inspection
The approach to taking and monitoring business risks and attitudes and actions toward financial reporting are characteristics that may signal important information to the auditor about management's _____ and _____ values.
Integrity & Ethical
Duplicate copies of invoices and shipping remittances are examples of ______ documents.
Internal
An important role in how management meets its stewardship or agency responsibilities is played by
Internal Control
There is a(n) ______ relationship between the sufficiency and appropriateness of audit evidence.
Inverse
Monitoring of internal controls ______.
Is intended to assess quality of performance over time, should be done to determine operating effectiveness, and may identify the need for control redesign.
When audit evidence supports _____ _____ the auditor can issue an unqualified report.
Management assertions
Assessing the quality of internal control performance over time is the intention of ______ of controls.
Monitoring
Evidence obtained from a source outside the entity is generally considered ______ evidence obtained solely from within the entity
More reliable
A direct relationship exists between _____, which reflect what an entity is trying to achieve, _____, which represent what the entity needs to do to achieve them, and the ______ of the entity.
Objectives Components Structure
Looking at a process or procedure being performed by others is referred to as _____.
Observation
This is useful in helping auditors understand the entity's processes but is generally not considered very reliable.
Observation
Because the entity's personnel might have incentives to record fictitious transactions, the _______ assertion is relevant for revenue transactions.
Occurrence
The ______ assertion relates to whether all recorded transactions and events have happened and pertain to the entity.
Occurrence
Controls that may be relevant to the audit when they have an impact on data the auditor uses to apply audit procedures include ______ controls.
Operations, compliance, and other types of reporting
Authorization requirements for access to computer programs and periodic counting and comparison with amounts shown on control records are examples of
Physical controls
Footing, crossfooting, reconciling subsidiary ledgers and testing postings are all examples of
Recalculation
Information that is capable of making a difference in user decisions has the characteristic of
Relevance
The relationship of audit evidence to the assertion being tested is called the _____ of the evidence.
Relevance
If the auditor relies on evidence that is unrelated to the assertion, an incorrect conclusion may be reached because the evidence used was not ______.
Relevant
A management statement that the entity is making payments and has control of a leased asset is an example of the ______ assertion.
Rights & Obligations
Assertions about _____ and _____ address whether the entity owns or controls the assets included on the financial statements, and that liabilities are debts of the entity.
Rights and Obligations
To obtain an understanding of the entity's internal controls which helps identify key controls, recognize types of potential misstatements and design test of controls and substantive procedures, auditors use_____assessment procedures.
Risk
As it relates to the external financial reporting objective, the entity's _____ _____ process should consider internal and external events and circumstances that may arise and adversely affect the entity's ability to initiate, authorize, record, process and report financial data consistent with management's financial statement assertions.
Risk assessment
Allowing the individual who opens mail and receives cash payments to have access to the accounts receivable subsidiary ledger is a violation of the _____ principle.
Segregation of duties
Small to midsize entities ______.
Sometimes use alternative approaches to achieve effective internal control
Assume an entity has 2,500 customer. If the audit mails confirmation to 25 of the largest customers and only 20 respond the auditor must ______.
Still gather sufficient evidence on each of the 25 accounts
The measure of the quantity of audit evidence is referred to as _____.
Sufficiency
True or false: An entity's mix of manual and automated controls varies with the nature and complexity of the entity's use of IT.
TRUE
When a reliance strategy is chosen, ______.
Tests of controls are used to assess the achieved level of control risk
The extent of an auditor's understanding of control activities is a function of ______.
The audit strategy
True or false: A substantive strategy requires the auditor to have a sufficient understanding of the entity's internal controls to know whether they are properly designed and implemented
True
True or false: Audit evidence includes information developed by the auditor that permits him or her to reach conclusions through valid reasoning.
True
True or false: Auditors need to understand how management considers risks because many types of risk can impact financial reporting objectives
True
In evaluating audit evidence, the auditor must ______.
a. be unbiased b. remain objective c. understand the types of evidence available d. ALL OF THE ABOVE
Inquiry may ______.
a.provide corroborative audit evidence b. provide new audit evidence c. be formal or informal
Within an entity, there is always a risk of the fraud of _____ between individuals will destroy the effectiveness of segregation of duties.
collusion
Based upon its risk assessment, management determines which relevant business processes require
control activities
The auditor's understanding of an entity's internal control over financial reporting are documented using diagrammatic representation known as a(n)
flowchart
If the auditor determines that internal controls are properly designed and implemented and the auditor intends to rely on those controls, the auditor will
make an assessment of control risk based on the results of the tests of controls
When the auditor intends to depend on the entity's controls, a(n) _____ strategy is chosen.
reliance
The auditor should obtain sufficient information about the entity's_____ _____ process to understand how management considers risks relevant to financial reporting and decides on appropriate actions to address those risks.
risk assessment
When an auditor decides to follow a(n) ______ strategy, little work is done on understanding specific control activities
substantive
Factors that can impact the effectiveness of the board of directors or audit committee include ______.
· Experience and stature of members and independence from management · Extent of involvement with and scrutiny of the entity's activities · Information availability and willingness/ability to act on information · Extent to which difficult questions are raised and pursued with management. · Nature and extent of interactions with internal and external auditors.
An effective accounting system establishes methods and records that will ______.
· Identify and record all valid transactions · Describe on a timely basis the transactions in sufficient detail to permit proper classification for financial reporting. · Measure the value of transactions in a manner that permits recording their proper monetary value in the financial statements · Determine the time period in which transactions occurred to permit recording of transactions in the proper accounting period · Properly present the transactions ad related disclosures in the financial statements
To obtain an understanding of an entity's internal controls auditors may use ______.
· Inquiry of appropriate management, supervisory, and staff personnel · Inspection of entity documents and reports · Observation of entity activities and operation · Tracing transactions through the information system
An internal control questionnaire ______.
· Is one of many types of questionnaires used by auditors · Provides systematic means to investigate internal control · Contains questions about the five internal control components
Commonly categorized control activities include ______.
· Performance reviews aka independent checks or management review controls · Physical controls · Segregation of duties · Information processing controls
The auditor may decide to follow a substantive strategy for some or all assertions because ______.
· The implemented controls do not pertain to the assertion the auditor is considering · The implemented controls are assessed as ineffective · Testing the operating effectiveness of the controls would be inefficient