Grad Audit

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

wells fargo fraud: amount of fines

$185mm

wells fargo fraud: settlment amount

$3b

A financial statement audit client uses newly implemented custom software for several accounting systems. The auditor might consider using an information technology (IT) auditor to assist in which of the following? Understanding the designof internal controlsTesting the operating effectivenessof internal controls A. YesYes B. YesNo C. NoYes D. NoNo

A

According to the COSO integrated framework, policies and procedures that assist in achieving management directives would be examples of which element of internal control? A. Control activities. B. Control environment. C. Monitoring. D. Information and communication

A

An auditor discovered that a client's accounts receivable turnover is substantially lower for the current year than for the prior year. This may indicate that A. Fictitious credit sales have been recorded during the year. B. Employees have stolen inventory just before the year end. C. The client recently tightened its credit-granting policies. D. An employee has been lapping receivables in both years

A

An auditor has determined that a client has implemented well-designed internal controls over financial reporting. As a result, the auditor will most likely: A. Perform tests of controls and, if the results are satisfactory, reduce the reliance on substantive procedures. B. Reduce the reliance on substantive procedures without performing additional tests of controls. C. Perform substantive tests to determine whether the controls have been effective during the period being audited. D. Perform tests of controls to determine if there are control deficiencies that should be communicated to those charged with governance

A

Which of the following is an example of how specific internal controls in a database environment may differ from controls in a non-database environment? A. Controls should exist to ensure that users have access to and can update only the data elements that they have been authorized to access. B. Controls over data sharing by diverse users within an entity should be the same for every user. C. The employee who manages the computer hardware should also develop and debug the computer programs. D. Controls can provide assurance that all processed transactions are authorized, but cannot verify that all authorized transactions are processed

A

Which of the following procedures would an auditor most likely perform when planning an audit? A. Make a preliminary judgment about materiality. B. Confirm a sample of the entity's accounts payable with known creditors. C. Obtain written representations from management that there are no unrecorded transactions.

A

Deficiency

A deficiency in ICFR exists when the design or operation of a control does not allow management or employees, in the normal course of performing their assigned functions, to prevent or detect misstatements on a timely basis.

material weakness

A material weakness is a deficiency, or a combination of deficiencies, in ICFR, such that there is a reasonable possibility that a material misstatement of the company's annual or interim financial statements will not be prevented or detected on a timely basis.

Significant Deficiency

A significant deficiency is a deficiency, or a combination of deficiencies, in ICFR that is less severe than a material weakness, yet important enough to merit attention by those responsible for oversight of the company's financial reporting.

Koss case: red flags of fraud

AR turnover AR high in June low customer payments in June money sent to AE reclass

what AS deals with output of risk assessment

AS 2110

responsibility for illegal acts

AS 2405 consider laws that have direct and material effect not auditors responsibility to report to investors unless changes our opinion

Which of the following procedures would an auditor most likely perform before the balance sheet date? A. Confirm with client's lawyer that all litigation probable of assertion has been disclosed to the auditor. B. Obtain an understanding of the client's internal control activities. C. Determine whether there are any liens or encumbrances on assets that have been pledged as collateral. D. Consider the client's plans and ability to meet imminent purchase commitments and cash flow obligations

B

Which of the following procedures would an auditor most likely perform in planning a financial statement audit? A. Inquire of the client's legal counsel concerning pending litigation. B. Compare the financial statements with anticipated results. C. Examine computer-generated exception reports to verify the effectiveness of internal control. D. Search for unauthorized transactions that may aid in detecting unrecorded liabilities

B

Which of the following statements is correct concerning analytical procedures used in planning an audit engagement? A. They often replace the tests of controls that are performed to assess control risk. B. They usually use financial and nonfinancial data aggregated at a high level. C. They usually involve the comparison of assertions developed by management to ratios calculated by an auditor. D. They are often used to develop an auditor's preliminary judgment about materiality

B

An auditor is performing an audit data analytic as a risk assessment procedure for all active sales divisions. The auditor determined that the results of the analysis were significantly different from the expected results because the data included a discontinued division for which other risk assessment procedures had already been planned. The auditor should A. Exclude the discontinued operation and reperform the analytic procedures. B. Raise the risk of material misstatement for the discontinued division. C. Include additional audit procedures related to the discontinued division. D. Obtain an explanation from the client about the significant difference

A

An auditor's primary consideration regarding an entity's internal control structure policies and procedures is whether the policies and procedures A. Affect the financial statements. B. Prevent management override. C. Relate to the control environment. D. Reflect management's philosophy and operating style.

A

Analytical procedures are required for which of the following? A. Audit planning. B. Tests of balances. C. Client retention decision. D. Internal control evaluation

A

Audit data analytics can be used in which of the following types of audit procedures? Risk assessmentTests of details A. YesYes B. YesNo C. NoYes D. NoNo

A

In an audit of a nonissuer's financial statements in accordance with generally accepted auditing standards, an auditor is always required to A. Document the auditor's understanding of the entity's internal control over financial reporting. B. Search for significant deficiencies in internal control over financial reporting. C. Perform tests of controls to evaluate the effectiveness of the entity's accounting system. D. Test to determine control procedures effectively prevent or detect material misstatements

A

Manual controls would most likely be more suitable than automated controls for which of the following? A. Large, unusual, or nonrecurring transactions. B. High-volume transactions that require additional calculations. C. Situations with routine errors that can be predicted and corrected. D. Circumstances that require a high degree of accuracy

A

The audit program usually cannot be finalized until the A. Consideration of the entity's internal control structure has been completed. B. Engagement letter has been signed by the auditor and the client. C. Internal control deficiencies have been communicated to the audit committee. D. Search for unrecorded liabilities has been performed and documented

A

Under which of the following circumstances would an auditor be most likely to assess control risk at the maximum level for certain assertions? A. Control policies and procedures are unlikely to relate to the assertions. B. The entity's control environment, accounting system, and control procedures are interrelated. C. Sufficient evidence to support the assertions is likely to be available. D. More emphasis on tests of controls than substantive tests is warranted

A

When applying analytical procedures during an audit, which of the following is the best approach for developing expectations? A. Identifying reasonable explanations for unexpected differences before talking to client management. B. Considering the pattern of several unusual changes without trying to explain what caused them. C. Comparing client data with client-determined expected results to reduce detailed tests of account balances. D. Considering unaudited account balances and ratios to calculate what adjusted balances should be

A

Which of the following analytical procedures most likely would be used during the planning of an audit? A. Comparing current-year to prior-year sales volumes. B. Reading the financial statements and notes and considering the adequacy of evidence. C. Comparing the current-year ratio of aggregate salaries paid to the number of employees to the prior-year's ratio. D. Reading the letter from the client's attorney and considering the threat of litigation

A

Which of the following factors most likely would heighten an auditor's concern about the risk of fraudulent financial reporting? A. Inability to generate cash flows from operations while reporting substantial earnings growth. B. Management's lack of interest in increasing the entity's stock trend. C. Large amounts of liquid assets that are easily convertible into cash. D. Inability to borrow necessary capital without granting debt covenant

A

Which of the following factors would a CPA ordinarily consider in the planning of an audit engagement? Financial statement accountslikely to contain a misstatementConditions that requireextension of audit tests A. YesYes B. YesNo C. NoYes D. NoNo

A

Which of the following is an example of an inherent risk that an auditor should consider? A. Technological developments that may render inventory obsolete. B. Posting of unauthorized journal entries. C. An incorrect formula in a worksheet used to calculate a LIFO inventory reserve. D. Inaccurate physical inventory coun

A

sales cycle - WCGW & co. responses: reported

WCGW: Incorrect amounts on FS Actions: account reconciliation, FS review

sales cycle - WCGW & co. responses: recorded

WCGW: incorrect prices, incorrect JE posting Actions: fixed price list

sales cycle - WCGW & co. responses: authorized

WCGW: sold to unauthorized customer Actions: if sufficent credit, authorized if not, go to credit mgr for approval

sales cycle - WCGW & co. responses: processed

WCGW: unauthorized shipment, premature rev rec Actions: three-way match

opportunities from COVID - Fraud

WFH less supervision budgets decreasing

ITGC: maintenance/operation control

backup, recovery

Koss case: auditor responses to fraud

bank statement review test of cash SURL AR confirmations

how auditors approach risk assessment (video)

be broad change audit procedures based on riskass

what to do if auditor cannot attend inventory count at all

camera systems with live video feeds if risk cannot be reduced, scope limitation

reliance efficiency

can test at interim dual purpose -used as both ToC and subsantive test extent of testing -can use sample size of 1

when do scope limitations for inventory happen

clients cant perform invntory count auditors unable to obtain suff. app. evidence

reel wheel case: company name

coliseum entertainment corp

who is responsible for ITGCs

combo of IT and various business groups within an entity

who established controls

company

examples of bad riskass

comparing invoice to contract w/o receiving shipping docs limiting revenue tests to those greater than certain amount or near YE

mgmt assertion: an invoice for inventory purchased and received was not sent by the vendor. consequentyly a JE was not made to reflect this purchase

completeness

application control

controls relating to procedures used to process transactions help verify trans. ocurred, authorized and completely and accurately recorded

con of audit data analytics

cost of upscaling employees false positives

sales cycle - actions: initiated

customer places order -> captured in sales order database

preventive or detective & corrective: changes to data made by users other than IT are logged and compared with requests and approvals for those changes by ppl without access to make changes

d and c

preventive or detective & corrective: changes to key configs are logged and log is reviewed by knowledgeable pople who cannot change configs being monitored

d and c

preventive or detective & corrective: logs of activities of ppl with access that created seg of duties concerns are reviewed by knowledgeable ppl who do not have such access or the changes are matched to approvals

d and c

preventive or detective & corrective: passwords and other key security settings are verified quarterly for approprite settings as defined by policy

d and c

pros of using drone technology and automated software

decrease time perform from home make it safer in dangerous environments

not material or significant but reasonably possible misstatement

deficiency

test of details

detailed verification of transactions, accts, disclosures

types of substantive procedures

details substantive analytical

SAP steps

develop independent expectation define tolerable difference compare expectation to recorded amount investigate difference

substantive strategy

dont test controls focus on substantive testing

ITGC: access control example

duo mobile

examples of application control

edit checks and validations calculations interfaces authorizations

reliance strategy

efficient test controls required for ICFR audits

Koss case: what was the fraud

embezzlement

audit planning: engagement partner is responsible for

engagement and performance

what do preliminary analytical procedures do

enhance understanding of co. identify areas of specific risk

COVID - auditor considerations

enhancing direction of less experienced increasing involvement of more senior involving specialists

what does control testing encompass

entitys control environment IT architecture and components people processes

PESTLE: economic

exchange rates, eco growth, inflation, interest, cost of living

Rationalizations from COVID - fraud

explore more opps to commit fraud

is PESTLE internal or external

external

where of risk assessment

external -laws and regs, industry, natural disasters internal -nature of co., internal control, activities

COVID - frauds that are heightened

ficticious revenue fraudulent mgmt estimates improper timing of revenue fraudulent federal relief program applications

indirect and material illegal acts example

fine from illegal acts

material weakness indicators

fraud by senior mgmt restatement of FS due to correction or misstatement identificaiton of mat. misstmt in current period ineffective audit committee

wells fargo fraud: what was it

fraudulent sales practices created accounts without customer knowledge

both reliance and substantive strategy require what

gain understanding of IC

challenges of using video for inventory count

hard to see physical condition who should hold camera

controls do what

help an org get it right

Koss case: how did fraud happen/accounts affected

hide it in AR and customer payments in June lower sales increase COGS, decrease inventory

escape room case: industry volatility

high tech advances

auditors objective for understanding business environment

identify and appropriately assess RoMM

what/output of risk assessment

identify business risk that could result in RoMM -industry developments -biz expansion -new accounting requirements -new products -reg. changes -financing requirements

purpose of substantive procedures

identify material misstmts in transactions accts and disclosures

what to do if can't access controls

increase substantive testing scope limitation

what are ITGC

information technology general controls controls that protect an entity's data and IT systems

classes of transactions

initiated approval/authorized processed recorded reported

reel wheel case: what tests to make data more reliable

inspect wheel observe rides vouch purchase orders

test of details example

inspetion of records and tangible assets

other procedures for supporting evidence for inventory

inventory price testing cutoff

PESTLE: legal

labor law, legislation

Pressures from COVID - fraud

layoffs downsizing salary cut

PESTLE: social

lifestyle choices, cultural norms, buying habits, demographics

Banking on Phone: application controls

limits to amount that can be transferred verify amounts entered prompt you to confirm transaction

COVID - companies may need to consider new risks related to

liquidity going concern cybersecurity changes in internal controls asset impairment FV estimates third-party vendor considerations industry considerations (concentration risk) geographic considerations (concentration risk) business interuption

response to fraud

look at internal controls look at JEs do unpredictable procedures heighten skepticism

audit data analytics

look for patterns, trends, info for decision making

why do ITGCs matter

make sure automated functions within application controls continue to operate correctly and that any changes made are properly authorized and tested

type of control: employees count inventory on hand at EoY; perpetual inventory records are updated based on the counts

manual

IC types

manual automated IT dependent manual

material and reasonably possible misstatement

material weakness

wells fargo fraud: how would it affect audit opinion over ICFR

maybe SD, but same opinion

who do you communicate a deficiency to

mgmt

Koss case: what responsibility did mgmt have to prevent fraud

mgmt adop sount policies and implement proper control to prevent, deter, detect fraud

do auditing standards prohibit use of technology for inventory counts

no

wells fargo fraud: was revenue or fines (185mm) material

no

are there standards on audit data analytics

no -AICPA released one -PCAOB has nothing

what type of filer does not have to comply with 404b

non-accelerated filer -bc of cost

indirect and material illegal acts auditor responsibility

none

con of using drone technology and automated software

not always correct - spend time fixing not always clear picture costs money to own and operate

responses involving NET to address RoMM

obtain more persuasive audit evidence take into account risks and their likelihoods design ToC to respond to risks and for opinion on IC

mgmt assertion: inventory for sales occuring at EoY is moved to a separate part of the warehouse where inventory is stored waiting for shipment. the company recognized sales when the goods are moved

ocurrence possibly cutoff

what to do if you cant get account confirmations

other tests scope limitation

preventive or detective & corrective: programs and data are written to backup media at least weekly and stored in a physical location separate from production equip

p

preventive or detective & corrective: programs in test environment are accessible only by a limited number of authorized appropriate people who dont have development responsibilities

p

IT dependent manual control

partially by computer, but requires human intervention to complete

automated control

performed by computer

manual control

performed by people

Banking on Phone: ITGC access control

phone and app passcode face ID

ITGC include

physical and logical ACCESS to controls program CHANGE mgmt controls computer MAINTENANCE controls (OPERATIONS)

Banking on Phone: ITGC operations control

physically operable phone

steps of audit data analytics

plan ada access and prepare data for ada consider relevance and reliability of data used perform ada evaluate results and conclude

PESTLE

political economic social technological legal environmental

PESTLE: political

political stability, trade, regs, tax

asher farms basic facts

poultry processing south US

mgmt assertion: managment doesn't show a current portion of LT debt on the FS, even though the amount is material

presentation and disclosure

fraud risk factors

pressure, opportunity, rationalization

does accounting standard allow use of drones and automated accounting software

probably yes

what activities should occur at beginning of an audit

procedures regarding continuing of client relationsihp determine compliance with independence & ethics establish understanding of terms of audit engagement

why do risk assessment

provide basis for desining and implementing response to risk -need to understand company and what challenges it is facing

Koss case: basic facts

public sold headphones Michael was son of founder -CEO,COO,CFO,Pres., Vice Chariman not accelerated filer (no ICFR audit) sujata went from acct. assistant to VP finance in 2 yrs neither had accounting or CPA background in Milwuakee

how of risk assessment

read public info about co. read transcripts of earnings calls obtain understanding of senior mgmt comp agreements preliminary analytical procedures

responsibility towards fraud

reasonable assurance AS 1001

only report D, SD, or MW if what

reasonably possible do nothing if remotely possible

SAPs most effective when

relationships are in stable environment precise expectation can be developed data is reliable

two audit strategies

reliance substantive

soc 1 type two report

report on the fairness of the presentation of management's description of the service organization's system and the suitability of the design and operating effectiveness of the controls to achieve the related control objectives included in the description throughout a specified period.

escape room case: company industry

retail medical equipment and supplies

mgmt assertion: your client holds inventory on consignment for another company. the consigned inventory is included in the client's inventory balance

rights and obligations

which part of audit deals with risk and response

risk assessment

how can auditors test inventory without a site visit

rollforward and roll back video observation

responsibility for illegal acts vs responsibility for error and fraud

same

PESTLE: environmental

sanctions, move to sustaiinalble, social responsibility

why use SAP

saves time vs ToD data is more readily available, so SAP is used more

Koss case: how did mgmt fail in ICFR

separation of duties michael not reviewing ICFR authorization of checks effectiveness no accounting background

not material, but significant and reasonably possible misstatement

significant deficiency

accelerated filer stats

size: 75>X<700mm days to file 10k: 75 days to file 10Q: 40

non-accelerated filer stats

size: <75mm days to file 10k: 90 days to file 10Q: 45

large accelerated filer stats

size: >700mm days to file 10k: 60 days to file 10Q: 40

how to respond to significant risks

substantive procedures

reliance strategy: required to

test operating effectiveness of IC gain understanding of IC, including IT identify & test IT general controls that address risks (IT and non IT) verify and confirm through walkthrough

datasnipper functionalities

text snip validation snip exception snip sum snip table snip document matching form extraction find all sums

pinning

this refers to the bank's practice of assigning, without customer authorization, Personal Identification Numbers (PINs) to customer ATM card numbers with the intention of impersonating customers on the bank's computers, and enrolling those customers in online banking and online bill paying without their consent.

sandbaggin

this refers to the bank's practice of failing to open accounts when requested by customers, and instead, accumulating a number of account applications to be opened at a later date in the next sales period.

bundling

this refers to the bank's practice of incorrectly informing customers that certain products were only available in packages with other products, such as additional accounts, insurance, annuities, and retirement plans.

reel wheel case: focus of audit

ticket sales revenue

what to do if can't access client records

unable to perform audit

process of risk assessment

understand company identify risk respond to risk

Type of audit opinion: deficiency

unqualified

Type of audit opinion: significant deficiency

unqualified

two types of opinions on ICFR audits

unqualified adverse

other applications for drone tech and automated software

use drones to map hard to reach places surveying land advertise houses deliver packages tax purposes - build an addon vs new property

mgmt assertion: a competitor has introduced a new product that is half the price of one of your clients products

valuation

mgmt assertion: mgmt determines that several recorded AR will not be collected

valuation

should fraud inquiries be by phone or video

video

reliance vs. substantive: controls - what it is vs was it done well

what it is: both was it done well: reliance

ITGC: change control

who can edit code who can change grades

do clients prefer remote audits

yes

do remote audits create a more efficient experience

yes

do remote audits help retain CPAs

yes

do you need to gain an understing of IC in substantive strategy

yes

should riskass be done as a team

yes

Koss case: did GT fail

yes material misstatements

reel wheel case: is it reliable

yes public website

reel wheel case: is it stable

yes - customers and pricing

reel wheel case: is it predictable

yes - uses few key facts to determine total

wells fargo fraud: generated how much revenue

~2.4mm

Which of the following statements is correct regarding the predictability of analytical procedures in a financial statement audit? A. Relationships involving only balance sheet accounts tend to be more predictable than relationships involving income statement accounts. B. Relationships involving income statement accounts tend to be more predictable than relationships involving only balance sheet accounts. C. Relationships involving transactions subject to management discretion tend to be more predictable than automated transactions. D. Relationships in a dynamic environment tend to be more predictable than relationships in a stable environment

B

An auditor's decision whether to apply analytical procedures as substantive tests usually is determined by the A. Availability of documentary evidence that should be verified. B. Extent of accounting estimates used in preparing the financial statements. C. Precision and reliability of the data used to develop expectations. D. Number of transactions recorded just before and just after the year end

C

An entity has implemented a new control that requires the accounting manager to review and sign off on all accounts payable reconciliations. This is an example of which objective under the COSO framework for internal controls? A. Compliance with laws and regulations. B. Effectiveness and efficiency of operations. C. Accurate and reliable financial reporting. D. Access and control of financial records

C

Analytical procedures performed during an audit indicate that accounts receivable doubled since the end of the prior year. However, the allowance for credit losses as a percentage of accounts receivable remained about the same. Which of the following client explanations would satisfy the auditor? A. A greater percentage of accounts receivable are listed in the "more than 120 days overdue" category than in the prior year. B. Internal control activities over the recording of cash receipts have been improved since the end of the prior year. C. The client opened a second retail outlet during the current year and its credit sales approximately equaled the older outlet. D. The client tightened its credit policy during the current year and sold considerably less merchandise to customers with poor credit ratings

C

During the initial planning phase of an audit, a CPA most likely would A. Identify specific internal control activities that are likely to prevent fraud. B. Evaluate the reasonableness of the client's accounting estimates. C. Discuss the timing of the audit procedures with the client's management. D. Inquire of the client's attorney as to whether any unrecorded claims are probable of assertion.

C

For which of the following is an auditor required to use analytical procedures? PlanningSubstantive testingOverall review A. YesYesYes B. YesYesNo C. YesNoYes D. NoYesYes

C

The ultimate purpose of assessing inherent risk is to contribute to the auditor's evaluation of the A. Factors that raise doubts about the auditability of the financial statements. B. Operating effectiveness of internal control policies and procedures. C. Risk that material misstatements exist in the financial statements. D. Risk that a material misstatement in the financial statements will not be detected by the audit.

C

What is the most likely course of action that an auditor would take after determining that performing substantive tests on inventory will take less time than performing tests of controls? A. Assess control risk at the minimum level. B. Perform both tests of controls and substantive tests on inventory. C. Perform only substantive tests on inventory. D. Perform only tests of controls on inventory

C

When companies use information technology (IT) extensively, evidence may be available only in electronic form. What is an auditor's best course of action in such situations? A. Assess the control risk as high. B. Use audit software to perform analytical procedures. C. Use generalized audit software to extract evidence from client databases. D. Perform limited tests of controls over electronic data

C

Which of the following is a complete and accurate list of the walkthrough procedures usually performed in an issuer's integrated audit? A. Inquiry, observation, analytical procedures, testing of controls. B. Inquiry, sampling, analytical procedures, testing of controls. C. Inquiry, observation, inspection of relevant documentation, reperformance of controls. D. Inquiry, inspection of relevant documentation, sampling, reperformance of controls

C

Which of the following is a step in an auditor's decision to assess control risk below the maximum level? A. Apply analytical procedures to both financial data and nonfinancial information to detect conditions that may indicate weak controls. B. Perform tests of details of transactions and account balances to identify potential errors and irregularities. C. Identify specific internal control policies and procedures that are likely to detect or prevent material misstatements. D. Document that the additional audit effort to perform tests of controls exceeds the potential reduction in substantive testing

C

Which of the following is an analytical procedure that an auditor most likely would perform during the final review stage of an audit? A. Comparing each individual expense account balance with the relevant budgeted amounts and investigating any significant variations. B. Testing the effectiveness of internal control procedures that appear to be suitably designed to prevent or detect material misstatements. C. Reading the financial statements and considering whether there are any unusual or unexpected balances that were not previously identified. D. Calculating each individual expense account balance as a percentage of total entity expenses and comparing the results with industry averages

C

Which of the following procedures would an auditor most likely perform on a dataset to identify unrecorded sales invoices? A. Filtering. B. Vouching. C. Sequence checking. D. Variables sampling.

C

Which of the following situations represents a limitation, rather than a failure, of internal control? A. A jewelry store employee steals a small necklace from a display cabinet. B. A bank teller embezzles several hundred dollars from the cash drawer. C. A purchasing employee and an outside vendor participate in a kickback scheme. D. A movie theater cashier sells reduced-price tickets to full-paying customers and pockets the difference

C

Which of the following steps should be performed first in applying analytical procedures? A. Determine whether the difference between the expectation and the recorded amount is reasonable. B. Investigate and evaluate significant differences from the expectation. C. Develop an expectation of a balance or ratio by using relationships that are expected to exist. D. Compare the client's recorded balance or ratio with the expectation

C

Which of the following types of audit techniques would be most useful for assessing the probability of an audit client's ability to continue as a going concern? A. Diagnostic analytics. B. Descriptive analytics. C. Predictive analytics. D. Prescriptive analytics.

C

An auditor has received a file containing sales data extracted from a continuing client's electronic sales journal. Which of the following procedures would be most effective in verifying that all the data were extracted? A. Trace physical sales invoices to the extracted file. B. Compare the extracted sales data with sales data from the prior year. C. Ask the client to explain the steps taken in the extraction process. D. Calculate a financial total in the extracted data and compare it to the source data.

D

An auditor obtains an understanding of an entity's internal controls over the proper approval of new loans. Under which of the following circumstances would an auditor decide to test the controls? A. The control replicates effective controls existing elsewhere in the structure. B. The control is designed in such a way that unauthorized employees can approve loans. C. The effort of testing the controls exceeds the effort of performing only substantive procedures. D. The design of the internal controls appears likely to prevent unauthorized loans

D

An auditor reviews a client's accounting policies and procedures when considering which of the following planning matters? A. Method of sampling to be used. B. Preliminary judgments about materiality levels. C. Nature of reports to be rendered. D. Understanding the client's operations and busines

D

An overall response to address a high assessed risk of material misstatement at the financial statement level of a nonissuer may include A. Increasing reliance on results of internal control testing. B. Emphasizing the need for more accounting staff. C. Incorporating additional predictability into the selection of procedures. D. Providing more supervision of the audit team

D

As part of its system of internal control, a company requires that all sales orders from customers receive approval from the credit department before they are fulfilled. What type of control activity is this? A. Physical control. B. Application control. C. Performance review. D. Segregation of duties

D

Assessing control risk below the maximum level most likely would involve A. Performing more extensive substantive tests with larger sample sizes than originally planned. B. Reducing inherent risk for most of the assertions relevant to significant account balances. C. Changing the timing of substantive tests by omitting intermediate testing and performing the tests at year end. D. Identifying specific internal control policies and procedures relevant to specific assertions

D

Due to a change in the economic environment, the auditor has determined that a client's inherent risk has increased in comparison to the prior year. To maintain an acceptably low level of audit risk this year, the auditor might plan to: A. Rely more on the client's internal control. B. Confirm that changes in inherent risk trend with changes in financial information. C. Reduce the assessed control risk level. D. Enhance the nature, timing, or extent of substantive testing

D

For which of the following purposes would an auditor be least likely to apply analytical procedures? A. Planning the engagement. B. Performing substantive testing. C. Overall engagement review. D. Performing tests of controls

D

If new information becomes available that could require a reevaluation of the quantitative level of materiality applied during an audit of an issuer, then the auditor should A. Not change the materiality level once it has been established. B. Lower the materiality level, but not raise it. C. Raise the materiality level, but not lower it. D. Raise or lower the materiality level as appropriate to the situatio

D

audit data analytics process

ETL

type of control: bank reconciliations are performed monthly

ITDM

type of control: compare this years inventory turnover to last years

ITDM

type of control: exception report generated by the cash disbursement application for invoices, purchase orders and receiving reports that don't match is reviewed by the cash disbursements manager

ITDM

type of control: perpetual inventory records are reconciled to the GL each month

ITDM

ITGC vs Application Controls

ITGC at entity level application at assertion level

wells fargo fraud: auditor

KPMG

reel wheel case: location

Las Vegas Strip

order from most severe to least of MW, SD, D

MW>SD>D

Koss case: describe mgmt responsibility in implementing effective IC

404a-document and assess IC 302-senior execs sign off on FS

sox 404 requirements

404a-mgmt documents controls and assess effectivene 404b-external auditors test IC over financail reporting

After testing an issuer client's internal control activities, an auditor discovers significant deficiencies in the operation of the client's internal controls. Under these circumstances, the auditor most likely would A. Issue a disclaimer of opinion about the internal controls as part of the auditor's report. B. Increase the assessment of control risk and increase the extent of substantive tests. C. Issue a qualified opinion of this finding as part of the auditor's report. D. Withdraw from the audit because the internal controls are ineffective

B

An auditor concludes that there is a heightened risk of a material misstatement. Which of the following is an appropriate action that an auditor can take? Decrease materialityIncrease acceptable detection risk level A. YesYes B. YesNo C. NoYes D. NoNo

B

Analytical procedures used in planning an audit should focus on: A. Identifying material weaknesses in internal control. B. Enhancing the auditor's understanding of the client's business. C. Testing individual account balances that depend on accounting estimates. D. Evaluating the adequacy of the evidence gathered concerning unusual balances.

B

Audit data analytics is the process of transforming large amounts of raw data into useful information for the purpose of identifying patterns and irregularities in the audit. Audit data analytics would be least useful in A. Planning the audit for a new client. B. Performing substantive procedures when the reliability of internal data is questionable. C. Performing risk assessment procedures when inherent risks are high. D. Forming a conclusion on the audit of a client that operates in a volatile industry

B

When an auditor increases the assessed level of control risk because certain control activities were determined to be ineffective, the auditor most likely would increase the A. Level of detection risk. B. Extent of tests of details. C. Level of inherent risk. D. Extent of tests of controls

B

Which of the following audit data analytic techniques would most likely be used to compare information from different sources, such as invoices, purchase orders, and shipping documents, to detect errors or other unanticipated variances? A. Sorting. B. Matching. C. Trend analysis. D. Ratio analysis.

B

Which of the following is an inherent limitation of internal controls? A. Auditors using judgment sampling rather than statistical sampling. B. Employees working together to circumvent a control. C. Warehouse employees not performing timely inventory counts. D. Lacking reviews and reconciliations for department expenditures

B

A primary objective of analytical procedures used in the final review stage of an audit is to A. Identify account balances that represent specific risks relevant to the audit. B. Gather evidence from tests of details to corroborate financial statement assertions. C. Detect fraud that may cause the financial statements to be misstated. D. Assist the auditor in evaluating the overall financial statement presentatio

D

In performing interviews and examining documents related to preliminary work in a financial statement audit of a nonissuer, an auditor identifies a business risk associated with plans for a new product line. What should the auditor do as a result? A. Modify the scope of the engagement to include an analysis of the budget for the new product line and consider the new risk in conjunction with other risks after the budget items have been analyzed. B. Analyze the newly identified risk in conjunction with economic circumstances related exclusively to the new product line and consider whether there is an immediate consequence for the risk of material misstatement for affected classes of transactions. C. Modify the financial statement disclosures to include the newly identified risk if it is likely that the new product line will have an adverse effect on the company's profitability. D. Analyze the newly identified risk in conjunction with other known business risks and consider whether there is an immediate consequence for the risk of material misstatement at various levels of the audit.

D

Inherent risk and control risk differ from detection risk in that inherent risk and control risk are A. Elements of audit risk while detection risk is not. B. Changed at the auditor's discretion while detection risk is not. C. Considered at the individual account-balance level while detection risk is not. D. Functions of the client and its environment while detection risk is not

D

When planning audit data analytics to identify and assess an entity's risks of material misstatement, the auditor should consider all the following factors, except A. The availability of data. B. The reliability of data available. C. The relevance of data available. D. The confidentiality of data available

D

Which of the following constitutes a potential risk associated with the use of information technology in an entity's internal control structure? A. A reduction in the ability to monitor the entity's activities. B. The facilitation of additional analyses. C. A reduction in the circumvention of controls. D. Unauthorized changes to systems

D

Which of the following factors most likely would heighten an auditor's concern about the risk of fraudulent financial reporting? A. The audit committee's approval of the initial selection of accounting principles. B. A lack of competition in the entity's industry, accompanied by increasing profit margins. C. Management's disclosure of unresolved litigation and contingent liabilities. D. Year-end adjustments by the entity that significantly affect financial results

D

Which of the following statements is correct concerning materiality in a financial statement audit? A. Analytical procedures performed during an audit's review stage usually decrease materiality levels. B. If the materiality amount used in evaluating audit findings increases from the amount used in planning, the auditor should apply additional substantive tests. C. The auditor's materiality judgments generally involve quantitative, but not qualitative, considerations. D. Materiality levels are generally considered in terms of the smallest aggregate level of misstatement that could be considered material to any one of the financial statements.

D

Which of the following would an auditor most likely consider in evaluating the control environment of an audit client? A. Overall employee satisfaction with assigned duties. B. The number of CPAs in the accounting department. C. Management reviews of monthly financial statements. D. Management's operating style

D

tidbits from auditors approaching riskass video

Mike Mowchen (accounting prof) was there south african accent

audit plan should include

NET of risk ass NET of ToD and substantive procedures other planned audit procedures

preventive or detective & corrective: access rights no longer needed by users who are leaving entity or changed job responsibilities are ended timely based on notificaiton from HR

P

when can you use audit data anlytics

RA ToC substantive

SAP vs riskass and final review analytics

SAP you develop indepdent expection and tolerable difference

type of control: purchases are immediately processed when they are made with vendors on the approved vendor list

automated

escape room case: company

Time

higher risk areas use SAP or ToD

ToD -can still use SAP in combo

Koss case: how much was stolen

about 32mm

mgmt assertion: the AR clerk mistakenly recorded a sale as 21 instead of 12

accuracy

mgmt assertion: the cost accountant undercalculated direct labor costs. consequently, the manufactured inventory balance did not include enough direct labor costs

accuracy and allocation possibly completeness

objective of risk response

address RoMM through appropriate audit responses

PESTLE: technological

advancements, automation, AI

Type of audit opinion: material weakness

adverse

what to do if auditor cannot attend year-end inventory count

alternative date observe rescheduled counts perform additonal prcedures -rollforward -review

audit data analytics benefit

analyze large datasets or entire pops

substantive analytical prcoedures

analyzing plausible relationships in financial and nonfinancial data

to whom are ITGCs important

anyone who engages with an entity in a substantial way

Banking on Phone: ITGC change control

appropriate software

overall responses to address RoMM

assign engagement responsibilities appropriately provide supervision that is appropriate incorporate elements of unpredictability evaluate company's application of sig. acct. principles

who do you communicate material weakness to

audit committe mgmt externally

who do you communicate significant deficiency to

audit committee and management

what is the third substantive test

audit data analytics

who tests controls

auditors

type of control: overhead costs are systematically applied to the cost of inventory produced

automated

type of control: prepaid customer orders are processed without credit approval

automated


Ensembles d'études connexes

AP Art History Period 5 Americas

View Set

Protection- Anaphylaxis and melanoma (CA)

View Set

Ch. 24: The Pediatric Examination

View Set

"The Ghost in Your Genes" Video Questions

View Set