Audit Chapter 6 part 2

After obtaining an understanding of an entity's internal control system, an auditor may set control risk at high for some assertions because the auditor

Believes the internal controls are unlikely to be effective.

The purpose of the ______ Framework is to help management better control the organization and to provide boards of directors an added ability to oversee internal control.

COSO

According to COSO, a system of internal controls is designed to provide reasonable assurance about the achievement of entity objectives in which of the following categories?

Compliance with applicable, laws and regulations, Effectiveness and efficiency of operations, Reliability, timeliness and transparency of internal and external financial and non-financial reporting

Assessing control risk below high involves all of the following except

Concluding that controls are ineffective

Assignment of authority and responsibility for operating activities and the establishment of reporting relationships and authorization hierarchies are part of the ______ environment principle.

Control

Based upon its risk assessment, management determines which relevant business processes require ________ ________.

Control activities

For a control system to be considered _____________ , each of the five components and relevant principles must be present and functioning, and the five components must operate together in an integrated manner.

Effective

The integrity and ethical values of management personnel heavily influence the ______ of an entity's internal controls.

Effectiveness

Internal control is a process designed to provide reasonable assurance regarding the achievement of which objective?

Effectiveness and efficiency of operations. Reliability of financial reporting. Compliance with applicable laws and regulations.

The components of internal controls as defined by the COSO Framework are ______.

Entity's risk assessment, control environment, information and communication, monitoring activities, control activities

information that is complete, neutral and free from error has the characteristic of _______ _________.

Faithful representation

The assessment of __________ __________ includes consideration of incentives and pressures, opportunities and how personnel might rationalize or justify inappropriate actions.

Fraud risk

Controls over network operations are included as part of __________ controls which relate to the overall information processing environment.

General

The infrastructure, software, people, procedures and data used to support the functioning of internal control is known as a(n) _______ __________

Information system

The approach to taking and monitoring business risks and attitudes and actions toward financial reporting are characteristics that may signal important information to the auditor about management's ___________ and _________ values.

Integrity and ethical values

The competence level for a particular job should be specified and translated into a job description that details the specific knowledge and skills required. This task should be done by ______.

Management

A direct relationship exists between ____________ which reflect what an entity is trying to achieve, ____________ which represent what the entity needs to do to achieve them, and the ___________ of the entity.

Objectives, components, structure

The highest-quality and most reliable audit evidence that segregation of duties is properly implemented is obtained by

Observation by the auditor of the employees performing control activities.

How authority and responsibility are delegated and monitored and the framework within which the entity's activities for achieving entity wide objectives are planned, executed, controlled and reviewed are defined by the entity's _________ __________.

Organizational structure

The quality of internal control is directly related to the ______ of the personnel operating the system.

Quality

Identify the fraud risk factors that organizations must consider in assessing risks to the achievement of objectives

Rationalization or justify, Opportunities, Incentives and pressures

Which of the following audit techniques would most likely provide an auditor with the most assurance about the effectiveness of the operation of a control?

Reperformance of the control by the auditor.

As it relates to the external financial reporting objective, the entity's _________ ___________ process should consider internal and external events and circumstances that may arise and adversely affect the entity's ability to initiate, authorize, record, process and report financial data consistent with management's financial statement assertions.

Risk assessment

Allowing the individual who opens mail and receives cash payments to have access to the accounts receivable subsidiary ledger is a violation of the ____ ________ ________ principle.

Segregation of duties

Monitoring is a major component of the COSO Internal Control— Integrated Framework. Which of the following is not correct in how the company can implement the monitoring component?

The independent auditor can serve as part of the entity's control environment and continuous monitoring.

True or False are the following correct in how the company can implement the monitoring component? Monitoring can be an ongoing process. Monitoring can be conducted as a separate evaluation. And Monitoring and other audit work conducted by internal audit staff can reduce external audit costs.

True

People that significantly influence the control consciousness of the entity and must take their fiduciary responsibilities seriously and actively oversee the entity's accounting and reporting policies and procedures include the ______.

board of directors, audit committee

How management identifies risks relevant to the preparation of financial statements, estimates their significance, assesses the likelihood of their occurrence and decides on how to manage them is most directly relevant to the ______

external auditors

Factors that can impact the effectiveness of the board of directors or audit committee include ______.

nature and extent of interactions with auditors, information availability, experience of members, Extent to which difficult questions are raised and pursued with management, and Extent of involvement with and scrutiny of the entity's activities.

Commonly categorized control activities include ______.

performance reviews, segregation of duties, physical controls, and information processing controls

An effective internal control system provides ______ assurance that the risk of not achieving an entity objective is reduced to an acceptable level

reasonable

Information that is capable of making a difference in user decisions has the characteristic of _____________.

relevance

Regardless of the assessed level of control risk, an auditor would perform

some Substantive procedures to restrict detection risk for significant transaction classes.