Ch. 7 Internal Control

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Auditors should have an understanding of the various terms that relate to their consideration of internal control of an organization. For each term presented below, select the category that most clearly defines or includes the term. The categories may be selected once, more than once, or not at all. Performance review

Comparison of actual performance to expectations

Select the term for each closest definition (or portion of a definition) in the first column. Each term may be used only once or not at all. (Select "NA" if there is no term for the "Definition (or Portion)".) A control that functions together with another control to achieve the same control objective

Complementary control

Which of the following is not ordinarily a procedure for documenting an auditor's understanding of internal control for planning purposes?

Confirmation Explanation A confirmation is designed to obtain evidence from a third-party. It is not used to document internal control.

When a CPA decides that the work performed by internal auditors may have an effect on the nature, timing, and extent of the CPA's procedures, the CPA should consider the competence and objectivity of the internal auditors. Relative to objectivity, the CPA should:

Consider the organizational level to which the internal auditors report the results of their work. Explanation The internal auditors' objectivity refers to their relative independence from the organizational units they have been evaluating. This may best be determined by considering the organizational level to which the internal auditors report. The other answers address the issues of the internal auditors' competence, not objectivity.

Select the term for each closest definition (or portion of a definition) in the first column. Each term may be used only once or not at all. (Select "NA" if there is no term for the "Definition (or Portion)".) A control established to remedy misstatements that are discovered

Corrective control

During financial statement audits, the auditors' consideration of their clients' internal control is integral to both assessing the risk of material misstatement and:

Design further audit procedures.

Which of the following would be least likely to be considered an objective of internal control?

Detecting management fraud. Explanation Detecting management fraud is generally not considered to be an objective of internal control. In fact, one of the inherent limitations of internal control is that it is subject to override by management. All of the other answers represent valid objectives of internal control.

You are performing an audit of Western Electronics Corporation and evaluating various controls. Classify the following controls as being primarily preventive, detective, or corrective. Internal audits of payroll.

Detective Internal audits of payroll would serve to detect errors and fraud in payroll after they have occurred. Therefore, it is a detective control.

Auditors should have an understanding of the various terms that relate to their consideration of internal control of an organization. For each term presented below, select the category that most clearly defines or includes the term. The categories may be selected once, more than once, or not at all. Walk-through

Determine implementation

Auditors should have an understanding of the various terms that relate to their consideration of internal control of an organization. For each term presented below, select the category that most clearly defines or includes the term. The categories may be selected once, more than once, or not at all. Flowchart

Documentation

Which of the following is not an advantage of establishing an enterprise risk management system within an organization?

Eliminates all risks. Explanation An enterprise risk management system cannot eliminate all risks.

When tests of controls reveal that controls are operating as anticipated, it is most likely that the assessed level of control risk will:

Equal the preliminary assessed level of control risk

Which of the following symbols indicate that a file has been consulted?

Explanation: The symbol on the left indicates a manual function; the symbol on the right represents a file. When the file has been consulted it forms a symbol as trapezoid to a triangle with a <-> sign in between it.

Select each of the following terms with the appropriate attributes. No reply is used more than once. Substantive procedures and tests of controls

Further audit procedures

Tests of controls do not address:

How controls were originated. Explanation Auditors are not in general concerned with how controls originated.

After obtaining an understanding of internal control and arriving at a preliminary assessed level of control risk, an auditor decided to perform additional tests of controls. The auditor most likely decided that:

It would be efficient to perform tests of controls that would result in a reduction in planned substantive procedures.

A primary objective of procedures performed to obtain an understanding of internal control is to provide the auditors with:

Knowledge necessary to determine the nature, timing, and extent of further audit procedures. Explanation Because the auditors' purposes are for considering internal control, and to obtain the necessary knowledge to (a) assess the risks of material misstatement, and (b) to determine the nature, timing, and extent of the tests to be performed, Knowledge necessary to determine the nature, timing, and extent of further audit procedures is correct.

An entity's ongoing monitoring activities often include:

Management review of weekly performance reports. Explanation Management review of weekly performance reports is an ongoing monitoring activity that may detect errors or fraud. Periodic audits by internal auditors is incorrect because while periodic audits by internal audit represent a monitoring activity, they are best classified as separate evaluations, and not ongoing monitoring activities. The audit of the annual financial statements is incorrect because the audit of the annual financial statements is the function of the external auditors. Approval of cash disbursements is incorrect because approvals of cash disbursements represent a control activity.

Select the term for each closest definition (or portion of a definition) in the first column. Each term may be used only once or not at all. (Select "NA" if there is no term for the "Definition (or Portion)".) A deficiency in internal control such that there is a reasonable possibility that a material misstatement will not be prevented or detected on a timely basis

Material weakness internal control

Select the term for each closest definition (or portion of a definition) in the first column. Each term may be used only once or not at all. (Select "NA" if there is no term for the "Definition (or Portion)".) Duplicate controls that achieve a control objective

N/A

Select the term for each closest definition (or portion of a definition) in the first column. Each term may be used only once or not at all. (Select "NA" if there is no term for the "Definition (or Portion)".) Procedures cycled periodically through the auditors' internal control deviation analysis

N/A

Which of the following is least likely to be a test of controls?

Observation of confirmations. Explanation While tests of controls involve, inquiry, inspection, observation and re-performance, "observation of confirmations" doesn't have a clear meaning.

Auditors should have an understanding of the various terms that relate to their consideration of internal control of an organization. For each term presented below, select the category that most clearly defines or includes the term. The categories may be selected once, more than once, or not at all. Monitoring

Ongoing and separate evaluations

Tests of controls ordinarily are designed to provide evidence of:

Operating effectiveness. Explanation Tests of controls address operating effectiveness of controls.

Auditors should have an understanding of the various terms that relate to their consideration of internal control of an organization. For each term presented below, select the category that most clearly defines or includes the term. The categories may be selected once, more than once, or not at all. Control activities

Policies and procedures to mitigate risk

Controls over financial reporting are often classified as preventative, detective, or corrective. Which of the following is an example of a detective control?

Preparing bank reconciliations. Explanation Preparing bank reconciliations will detect a variety of misstatements related to cash and is a detective control in the sense that it does not prevent the misstatement from occurring, but may detect it. Segregation of duties over cash disbursements and requiring approval of purchase transactions are incorrect because segregating duties and requiring approvals are primarily designed to prevent misstatements. Maintaining backup copies of key transactions is incorrect because the primary purpose of keeping backup copies of key transactions (or all transactions) is prevent loss of information in the event of an information system failure.

You are performing an audit of Western Electronics Corporation and evaluating various controls. Classify the following controls as being primarily preventive, detective, or corrective. Dual signatures for checks.

Preventive Requiring dual signatures for checks is a preventative control because it would serve to prevent errors and fraud with respect to cash disbursements.

You are performing an audit of Western Electronics Corporation and evaluating various controls. Classify the following controls as being primarily preventive, detective, or corrective. Segregation of duties over purchasing.

Preventive Segregation of duties over purchasing would serve to prevent errors and fraud relating to purchase transactions. Segregation of duties prevents individuals from perpetrating errors and fraud and covering them up in the course of performing their assigned duties.

Auditors should have an understanding of the various terms that relate to their consideration of internal control of an organization. For each term presented below, select the category that most clearly defines or includes the term. The categories may be selected once, more than once, or not at all. Reasonable assurance

Relationship of costs and benefits

Auditors should have an understanding of the various terms that relate to their consideration of internal control of an organization. For each term presented below, select the category that most clearly defines or includes the term. The categories may be selected once, more than once, or not at all. Risk assessment

Risk responses

Auditors should have an understanding of the various terms that relate to their consideration of internal control of an organization. For each term presented below, select the category that most clearly defines or includes the term. The categories may be selected once, more than once, or not at all. Less severe than a material weakness

Significant deficiency

Select each of the following terms with the appropriate attributes. No reply is used more than once. Merits attention, less than a material weakness

Significant deficiency

An auditor may compensate for a weakness in internal control by increasing the extent of:

Substantive tests of details. Explanation An increase in the substantive procedures will decrease detection risk, and thereby compensate for the increased level of control risk due to a weakness in internal control. Tests of controls is incorrect because if the weakness exists, increasing the extent of tests will only provide more evidence on the weakness—not evidence that compensates for the weakness. Detection risk and Inherent risk are incorrect because a decrease in detection risk or inherent risk, not an increase, would compensate. Also, in the case of inherent risk, it may not be possible to change the assessment since it is a function of the firm's environment.

Select each of the following terms with the appropriate attributes. No reply is used more than once. GAAP

Suitable criteria

When the auditors are performing a first-time internal control audit in accordance with the Sarbanes-Oxley Act and PCAOB standards, they should:

Test controls for all significant accounts. Explanation In an audit of internal control performed under PCAOB standards the auditors must test controls for all significant accounts.

Select each of the following terms with the appropriate attributes. No reply is used more than once. Inquire, inspect, observe, reperform

Tests of controls

Which of the following comes closest to outlining the auditors' responsibility for considering internal control in all financial statement audits?

The auditor must obtain an understanding of each of the five internal control components sufficient to assess the risks of material misstatement for the audit.

The preliminary assessments of control risk are often referred to as:

The planned assessed level of control risk. Explanation The planned assessed level of control risk is determined during planning.

Auditors should have an understanding of the various terms that relate to their consideration of internal control of an organization. For each term presented below, select the category that most clearly defines or includes the term. The categories may be selected once, more than once, or not at all. Control environment

Tone at the top

Select the term for each closest definition (or portion of a definition) in the first column. Each term may be used only once or not at all. (Select "NA" if there is no term for the "Definition (or Portion)".) The sequence of procedures applied by the client in processing a particular type of recurring transaction

Transaction cycle

Select the term for each closest definition (or portion of a definition) in the first column. Each term may be used only once or not at all. (Select "NA" if there is no term for the "Definition (or Portion)".) A procedure in which an auditor follows a transaction from origination through the company's processes, including information systems, until it is reflected in the company's financial records

Walk-through

Select each of the following terms with the appropriate attributes. No reply is used more than once. Likelihood of misstatement assuming no controls

inherent risk

Listed below are controls that have been developed by the management of Centex Manufacturing Company. For each of the controls, identify the internal control component and, if applicable, the subcomponent or principle to which it relates. Control components may be selected more than once: Entry into the warehouse is strictly controlled by security personnel.

Control Component: Control Activities Sub-control component: Physical controls

To have an adequate basis to issue a management report on internal control under Section 404(a) of the Sarbanes-Oxley Act, management must do all of the following, except:

Establish internal control with no material weakness. Explanation Management may issue a report on internal control regardless of whether the system has a material weakness.

If the auditors do not perform tests of controls for certain assertions:

They must assess control risk at the maximum level for those assertions

Tests of controls do not ordinarily address:

Whether the control is effectively designed.

Select the term for each closest definition (or portion of a definition) in the first column. Each term may be used only once or not at all. (Select "NA" if there is no term for the "Definition (or Portion)".) A control that reduces the risk of misstatement by remediating control deficiencies through automated means

N/A

Select the term for each closest definition (or portion of a definition) in the first column. Each term may be used only once or not at all. (Select "NA" if there is no term for the "Definition (or Portion)".) A deficiency in internal control that is less severe than a material weakness, but more severe than a significant deficiency

N/A

Select the term for each closest definition (or portion of a definition) in the first column. Each term may be used only once or not at all. (Select "NA" if there is no term for the "Definition (or Portion)".) A control that reduces the risk that an existing or potential control weakness will result in a failure to meet a control objective

Compensating control

Listed below are controls that have been developed by the management of Centex Manufacturing Company. For each of the controls, identify the internal control component and, if applicable, the subcomponent or principle to which it relates. Control components may be selected more than once: The internal auditors periodically evaluate the controls in the various departments of the company.

Control Component: Monitoring Sub-control component: Separate Evaluations

You are performing an audit of Western Electronics Corporation and evaluating various controls. Classify the following controls as being primarily preventive, detective, or corrective. Supervisory approval of time cards.

Preventive Supervisory approval of time cards is a preventative control because it would serve to prevent errors and fraud with respect to payroll transactions. The supervisor approval would help to prevent errors or fraud in the time records.

Auditors should have an understanding of the various terms that relate to their consideration of internal control of an organization. For each term presented below, select the category that most clearly defines or includes the term. The categories may be selected once, more than once, or not at all. Operating effectiveness

Test of controls

Listed below are controls that have been developed by the management of Centex Manufacturing Company. For each of the controls, identify the internal control component and, if applicable, the subcomponent or principle to which it relates. Control components may be selected more than once: The accounting department uses a manual of accounting policies and procedures.

Control Component: Accounting information and communication system. Sub-control component: N/A

Listed below are controls that have been developed by the management of Centex Manufacturing Company. For each of the controls, identify the internal control component and, if applicable, the subcomponent or principle to which it relates. Control components may be selected more than once: Management compares actual performance with budgets and forecasts.

Control Component: Control Activities Sub-control component: Performance reviews

Listed below are controls that have been developed by the management of Centex Manufacturing Company. For each of the controls, identify the internal control component and, if applicable, the subcomponent or principle to which it relates. Control components may be selected more than once: Invoices are reviewed for accuracy before they are mailed to customers.

Control Component: Control Activities Sub-control component: Transaction processing (or application) control.

Listed below are controls that have been developed by the management of Centex Manufacturing Company. For each of the controls, identify the internal control component and, if applicable, the subcomponent or principle to which it relates. Control components may be selected more than once: The human resources department investigates the educational background of prospective employees.

Control Component: Control Environment Sub-control component: Commitment to attract, develop and retain competent employees.

Listed below are controls that have been developed by the management of Centex Manufacturing Company. For each of the controls, identify the internal control component and, if applicable, the subcomponent or principle to which it relates. Control components may be selected more than once: Management has developed and distributed a code of conduct.

Control Component: Control Environment Sub-control component: Integrity and ethical values.

Listed below are controls that have been developed by the management of Centex Manufacturing Company. For each of the controls, identify the internal control component and, if applicable, the subcomponent or principle to which it relates. Control components may be selected more than once: Management has prepared and distributed an organizational chart.

Control Component: Control environment Sub-control component: Effective structure, reporting lines, and authority and responsibility.

Listed below are controls that have been developed by the management of Centex Manufacturing Company. For each of the controls, identify the internal control component and, if applicable, the subcomponent or principle to which it relates. Control components may be selected more than once: Management surveys customers about their satisfaction with the company's service.

Control Component: Monitoring Sub-control component: ongoing

Listed below are controls that have been developed by the management of Centex Manufacturing Company. For each of the controls, identify the internal control component and, if applicable, the subcomponent or principle to which it relates. Control components may be selected more than once: Management periodically evaluates the threats to preparing reliable financial statements.

Control Component: Risk Assessment Sub-control component: N/A

You are performing an audit of Western Electronics Corporation and evaluating various controls. Classify the following controls as being primarily preventive, detective, or corrective. Adjustment of perpetual inventory records to physical counts.

Corrective Adjustments of perpetual inventory records to physical counts would serve to correct the inventory records.

Select the term for each closest definition (or portion of a definition) in the first column. Each term may be used only once or not at all. (Select "NA" if there is no term for the "Definition (or Portion)".) A situation in which a control does not allow management or employees, in the normal course of performing their functions, to prevent or detect misstatements on a timely basis

Deficiency in internal control

You are performing an audit of Western Electronics Corporation and evaluating various controls. Classify the following controls as being primarily preventive, detective, or corrective. Management review of budget/actual information.

Detective Management review of budget versus actual performance would serve to highlight potential errors and fraud after they have occurred. Therefore, it is a detective control.

You are performing an audit of Western Electronics Corporation and evaluating various controls. Classify the following controls as being primarily preventive, detective, or corrective. Annual physical inventory.

Detective The annual physical inventory is a detective control because it would serve to detect misstatements of inventory after they have occurred.

You are performing an audit of Western Electronics Corporation and evaluating various controls. Classify the following controls as being primarily preventive, detective, or corrective. Monthly reconciliation of bank accounts.

Detective The monthly reconciliation of bank accounts is a detective control because it would serve to detect misstatements of cash after they have occurred.

Effective internal control in a small company that has an insufficient number of employees to permit proper separation of responsibilities can be improved by:

Direct participation by the owner in key record-keeping and control activities of the business. Explanation Involvement of the owner in key control functions should be a major step toward preventing material errors or defalcations. Employment of temporary personnel to aid in the separation of duties would not be cost-effective. Engaging a CPA to perform monthly write-up work would provide some measure of control, but not as much as would daily participation by the owner. If it were feasible to hire additional employees, it would be cheaper to hire permanent employees rather than temporary. The need for internal control is permanent. Delegation of full, clear-cut responsibility for a separate major transaction cycle to each employee would weaken, not strengthen internal control.


Ensembles d'études connexes

WIS2040 test 1 reading, Wis 2040 Topics 1-9, Exam 1 answers, Wildlife Issues, Exercise 2 WIS2040, Exam 1, Moulton Wis2040 lecture guide study questions

View Set

History of Sport UNL Exam 1 Spring 2021

View Set

Law Chapter 6, Law chapter 6 Criminal law and business

View Set

Day 1 P.6-8 - Author's Purpose (Activity)

View Set