ACCT320 Chapter 3
What is the primary benefit of effective internal control in an organization? a. Obtaining profitability and financial strength. b. Achieving certain organizational goals. c. Maximizing value for shareholders. d. Completing a successful audit for the entity.
b. Achieving certain organizational goals.
Which of the following COSO components is the foundation for all other components of internal control? a. Monitoring. b. Control environment. c. Control risk assessment. d. Information and communication.
b. Control environment.
In a financial statement audit, what is the external auditor's primary concern? a. Determining whether the internal controls promote efficiency. b. Determining whether the internal controls are effective. c. Detecting all errors. d. Determining the effectiveness of operations.
b. Determining whether the internal controls are effective.
A control designed to ensure that the number of sales transactions recorded in the accounting records matches the number of sales invoices entered during processing is known as which type of control? a. Input control. b. Output control. c. Processing control. d. Edit control.
b. Output control.
Which of the following is a major component of an organization's internal control structure? a. Telecommunication equipment. b. Risk assessment. c. Major new financing. d. The financial environment.
b. Risk assessment.
The information and communication component of internal control includes which of the following? a. The organization deploys control activities through policies that establish what is expected and in procedures that put policies into action. b. The organization obtains or generates and uses relevant, quality information to support the functioning of other components of internal control. c. The organization identifies and assesses changes that could significantly impact the system of internal control. d. All of the above.
b. The organization obtains or generates and uses relevant, quality information to support the functioning of other components of internal control.
As part of monitoring, an organization will select either ongoing evaluations or separate evaluations, but not both. a. True b. False
b. False
Only organizations in high-risk industries face a risk that they will not achieve their objective of reliable financial reporting. a. True b. False
b. False
The purpose of internal control is to provide absolute assurance that an organization will achieve its objective of reliable financial reporting. a. True b. False
b. False
Which of the following is not part of management's fraud risk assessment process? a. Fraud risk assessments serve as an important basis for determining the control activities needed to mitigate fraud risks. b. The assessment considers the role of the external auditor in preventing fraud. c. The assessment considers pressures that might lead to fraud in the financial statements. d. The assessment considers ways the fraud could occur.
b. The assessment considers the role of the external auditor in preventing fraud.
Assume that an organization sells software. The sales contracts with the customers often have nonstandard terms that impact the timing of revenue recognition. Thus, there is a risk that revenue may be recorded inappropriately. To mitigate that risk, the organization has implemented a policy that requires all nonstandard contracts greater than $1 million to be reviewed on a timely basis by an experienced and competent revenue accountant for appropriate accounting, prior to the recording of revenue. Management tested this control and found several instances in which the control was not working. Management has classified this deficiency as a material weakness. Which of the following best describes the conclusion made by management? a. There is more than a remote possibility that a misstatement could occur. b. There is a reasonable possibility that a material misstatement could occur. c. There is more than a remote possibility that a material misstatement could occur. d. There is a reasonable possibility that a misstatement could occur. e. The likelihood of misstatement is reasonably possible.
b. There is a reasonable possibility that a material misstatement could occur.
Which of the following services does the PCAOB require auditors of public companies to perform? a. A financial statement audit and an attest audit. b. A financial statement audit and agreed upon procedures. c. A financial statement audit and an examination of the effectiveness of internal controls. d. A financial statement audit and an assurance audit.
c. A financial statement audit and an examination of the effectiveness of internal controls.
Which of the following is not part of management's report on internal controls? a. An assessment of the effectiveness of the company's internal control. b. The framework used to evaluate internal control. c. A statement indicating the extent of tests performed to assess controls. d. A statement that management is responsible for internal control.
c. A statement indicating the extent of tests performed to assess controls.
Internal control is a process effected by the organization's board of directors, management, and other personnel to provide reasonable assurance of achieving certain objectives. Which of the following does not fit into one of these categories of objectives? a. Reliability of financial reporting. b. Compliance with laws and regulations. c. Continuing existence. d. Effectiveness and efficiency of operations.
c. Continuing existence.
Which COSO component of internal control concerns the process of identifying, capturing, and exchanging information in a timely fashion to enable accomplishment of the organization's objectives? a. Control activities. b. Control environment. c. Information and communication. d. Monitoring.
c. Information and communication.
A control designed to ensure that no employee is paid for more than 80 hours of sick pay is an example of which type of control? a. Entity-wide control. b. Output control. c. Input control. d. Processing control.
c. Input control.
Which of the following is an example of a physical control to safeguard assets? a. Hiring only trustworthy cashiers. b. Separation of duties. c. Locks on the warehouse doors. d. Safety audits on the production line.
c. Locks on the warehouse doors.
Which of the following statements is false regarding the risk assessment component of internal control? a. Risk assessment includes assessing internal and external sources of risk. b. Risk assessment includes the identification and analysis of significant changes. c. Economic changes would not be considered a risk that needs to be analyzed as part of the risk assessment process. d. Risk assessment includes assessing fraud risk.
c. Economic changes would not be considered a risk that needs to be analyzed as part of the risk assessment process.
The quality of an organization's internal control affects which of the following? a. The reliability of financial data. b. The ability of management to make good decisions. c. The ability to remain in business. d. All of the above.
d. All of the above.
Which of the following groups is interested in an organization's control structure? a. Board members. b. Lenders. c. Auditors. d. All of the above.
d. All of the above.
Which one of the following is not a control activity implemented in most accounting systems? a. Segregation of duties. b. Competent, trustworthy employees. c. Authorization procedures. d. All of these activities are normally implemented.
d. All of these activities are normally implemented.
Which statement is true concerning the documentation of internal control? a. Documentation of disbursements requires paper and electronic documentation. b. Documentation of all transaction controls should be tested on an annual basis. c. Documentation requirements are standardized by the PCAOB. d. Documentation should be sufficient to support the design and operating effectiveness of internal controls.
d. Documentation should be sufficient to support the design and operating effectiveness of internal controls.
With whom does the tone of internal control typically originate? a. Auditors. b. Stockholders. c. Employees. d. Management.
d. Management.
Which of the following is the most severe? a. Significant deficiencies in internal control. b. Each is equally severe because it could result in inaccuracies in financial reporting. c. Operational deficiencies in internal control. d. Material weaknesses in internal control.
d. Material weaknesses in internal control.
Security management practices that limit access to technologies is a function included in which COSO component of internal control structure? a. Control activities. b. Monitoring. c. Control environment. d. Risk assessment.
a. Control activities.
The COSO principle that an organization should identify and assess changes that significantly impact the system of internal control is related to which COSO component? a. Risk assessment b. Monitoring c. Control activities d. Control environment
a. Risk assessment
What are the components of internal control per COSO's Internal Control-Integrated Framework? a. Control environment, risk assessment, control activities, information and communication, and monitoring. b. Organizational structure, management philosophy, planning, risk assessment, and control activities. c. Risk assessment, control structure, backup facilities, responsibility accounting, and natural laws. d. Legal environment of the firm, management philosophy, organizational structure, control activities, and control assessment.
a. Control environment, risk assessment, control activities, information and communication, and monitoring.
Which one of the following components of internal control over financial reporting sets the tone for the organization? a. Control environment. b. Information and communication. c. Risk assessment. d. Monitoring.
a. Control environment.
An organization's accounting system is part of its information and communication component of internal control. a. True b. False
a. True
The auditor needs to understand a client's internal controls in order to anticipate the types of material misstatements that may occur in the financial statements and then develop sufficient audit procedures to determine whether those misstatements exist in the financial statements. a. True b. False
a. True