Module 3: Understanding Internal Control and Assessing Control Risk

Where no independent stock transfer agents are employed and the corporation issues its own stocks and maintains stock records, canceled stock certifi cates should a. Be defaced to prevent reissuance and attached to their corresponding stubs. b. Not be defaced but segregated from other stock certifi cates and retained in a canceled certifi cates fi le. c. Be destroyed to prevent fraudulent reissuance. d. Be defaced and sent to the secretary of state.

(a) Canceled stock certifi cates should be defaced and attached to corresponding stubs as is done with voided checks. The objective of the control is to prevent reissuance. Answer (b) is incorrect because failure to deface permits reissuance. Answer (c) is incorrect because destruction of the certifi cates would preclude their control (i.e., their existence after defacing provides assurance that they cannot be reissued). If the certifi cates were destroyed, one or more might be reissued without any proof that such occurred. Answer (d) is incorrect because the Secretary of State has no interest in receiving defaced and canceled stock certifi cates.

Which of the following departments most likely would approve changes in pay rates and deductions from employee salaries? a. Personnel. b. Treasurer. c. Controller. d. Payroll.

(a) The requirement is to determine the department most likely to approve change in pay rates and deductions from employee salaries. Answer (a) is correct because the personnel department, which has the primary objective of planning, controlling and coordinating employees, will determine that proposed salary increases (often recommended by supervisors of employees) are consistent with the company's salary guidelines and will approve changes in deductions. Answers (b) and (c) are incorrect because the treasurer and controller will in general initiate the pay rate change process for only those employees within their departments and will not generally approve changes for employees outside their departments. Answer (d) is incorrect because the payroll functions is a recordkeeping function which will modify employee pay rates based on approved changes from personnel. Payroll should not have authority regarding pay rates and deductions.

An auditor tests an entity's policy of obtaining credit approval before shipping goods to customers in support of management's fi nancial statement assertion of a. Valuation or allocation. b. Completeness. c. Existence or occurrence. d. Rights and obligations.

(a) The requirement is to determine the fi nancial statement assertion being most directly tested when an auditor tests an entity's policy of obtaining credit approval before shipping goods to customers. Answer (a) is correct because testing credit approval helps assure that goods are shipped to customers who are likely to be able to pay; accordingly the valuation assertion for receivables is being directly tested. Answer (b) is incorrect because completeness deals with whether all transactions and accounts are recorded. Answer (c) is incorrect because existence deals with whether assets exist at a given date and whether recorded transactions have occurred during a given period. Answer (d) is incorrect because rights and obligations deal with whether assets are the rights of the entity and liabilities are the obligations of the entity at a given date.

In meeting the control objective of safeguarding of assets, which department should be responsible for Distribution of paychecks //Custody of unclaimed paychecks a. Treasurer// Treasurer b. Payroll// Treasurer c. Treasurer// Payroll d. Payroll// Payroll

(a) The requirement is to determine the individual(s) who should distribute paychecks and have custody of unclaimed paychecks. Answer (a) is correct because these custody functions should not be performed by the payroll department which is a recordkeeping function. Under proper internal control recordkeeping, custody, and authorization of transactions should be segregated.

B.1. Obtain an Understanding of Internal Control An auditor suspects that certain client employees are ordering merchandise for themselves over the Internet without recording the purchase or receipt of the merchandise. When vendors' invoices arrive, one of the employees approves the invoices for payment. After the invoices are paid, the employee destroys the invoices and the related vouchers. In gathering evidence regarding the fraud, the auditor most likely would select items for testing from the file of all a. Cash disbursements. b. Approved vouchers. c. Receiving reports. d. Vendors' invoices.

(a) The requirement is to determine the most likely population from which an auditor would sample when vendors' invoices and related vouchers relating to purchases made by employees have been destroyed. Answer (a) is correct because the disbursement will be recorded and the auditor may thus sample from that population. Answers (b) and (d) are incorrect because the related vouchers and vendors' invoices are destroyed. Answer (c) is incorrect because there is no recording of the receipt of the merchandise.

After obtaining an understanding of internal control and assessing the risk of material misstatement, an auditor decided to perform tests of controls. The auditor most likely decided that a. It would be effi cient to perform tests of controls that would result in a reduction in planned substantive tests. b. Additional evidence to support a further reduction in the risk of material misstatement is not available. c. An increase in the assessed level of the risk of material misstatement is justifi ed for certain fi nancial statement assertions. d. There were many internal control weaknesses that could allow misstatements to enter the accounting system.

(a) The requirement is to identify a circumstance in which an auditor may decide to perform tests of controls. Answer (a) is correct because tests of controls will be performed when they are expected to result in a cost effective reduction in planned substantive tests. Answer (b) is incorrect because tests of controls are only performed when they are likely to support a further reduction in the assessed level of the risk of material misstatement. Answer (c) is incorrect because tests of controls are designed to decrease the assessed level of the risk of material misstatement, not increase it. Answer (d) is incorrect because internal control weaknesses normally result in more substantive testing and less tests of controls.

To obtain audit evidence about control risk, an auditor selects tests from a variety of techniques including a. Inquiry. b. Analytical procedures. c. Calculation. d. Confi rmation.

(a) The requirement is to identify an approach that auditors use to obtain audit evidence about control risk. Answer (a) is correct because auditors test controls to provide evidence for their assessment of control risk through inquiries of appropriate personnel, inspection of documents and records, observation of the application of controls, and reperformance of the application of the policy or procedure. Answers (b), (c), and (d) are incorrect because analytical procedures, calculation, and confi rmation relate more directly to substantive testing and are not primary methods to test controls for purposes of assessing control risk.

C.1. Sales, Receivables, and Cash Receipts Which of the following procedures concerning accounts receivable would an auditor most likely perform to obtain evidence in support of an assessed level of control risk below the maximum? a. Observing an entity's employee prepare the schedule of past due accounts receivable. b. Sending confirmation requests to an entity's principal customers to verify the existence of accounts receivable. c. Inspecting an entity's analysis of accounts receivable for unusual balances. d. Comparing an entity's uncollectible accounts expense to actual uncollectible accounts receivable.

(a) The requirement is to identify the accounts receivable auditing procedure that an auditor would most likely perform to obtain support for an assessed level of control risk below the maximum. Since an auditor uses the results of tests of controls to support an assessed level of control risk below the maximum, we are attempting to identify a test of a control. Answer (a) is correct because observing an entity's employee prepare the schedule of past due accounts receivable is a test of a control to evaluate the effectiveness the process of preparing an accurate schedule of past due accounts; if the process is found to be effective it may lead to a reduction in the assessed level of control risk. Answer (b) is incorrect because the confi rmation of accounts receivable is a substantive test, not a test of a control. Answer (c) is incorrect because the inspection of accounts receivable for unusual balances and comparing uncollectible accounts expense to actual accounts expense is ordinarily an analytical procedure performed as a substantive test. Answer (d) is incorrect because comparing uncollectible accounts expense to actual uncollectible accounts is ordinarily a substantive test.

An auditor generally tests the segregation of duties related to inventory by a. Personal inquiry and observation. b. Test counts and cutoff procedures. c. Analytical procedures and invoice recomputation. d. Document inspection and reconciliation

(a) The requirement is to identify the appropriate procedures for testing the segregation of duties related to inventory. Answer (a) is correct because AU-C 315 suggests that when no audit trail exists (as is often the case for the segregation of duties) an auditor should use the observation and inquiry techniques.

Which of the following controls would an entity most likely use in safeguarding against the loss of marketable securities? a. An independent trust company that has no direct contact with the employees who have recordkeeping responsibilities has possession of the securities. b. The internal auditor verifi es the marketable securities in the entity's safe each year on the balance sheet date. c. The independent auditor traces all purchases and sales of marketable securities through the subsidiary ledgers to the general ledger. d. A designated member of the board of directors controls the securities in a bank safe-deposit box.

(a) The requirement is to identify the best control for safeguarding marketable securities against loss. Answer (a) is correct because use of an independent trust company allows the effective separation of custody and recordkeeping for the securities. Answer (b) is incorrect because a verifi cation of marketable securities at the balance sheet date may have only a limited effect on safeguarding the securities throughout the year. Answer (c) is incorrect because tracing all purchases and sales of marketable securities will not affect securities that have disappeared for which no entries have been made. Also, it is unlikely that an entity will rely upon the independent auditor in this manner. Answer (d) is incorrect because maintenance of control over custody by a member of the board of directors may provide less complete control than the use of an independent trust company.

An auditor suspects that a client's cashier is misappropriating cash receipts for personal use by lapping customer checks received in the mail. In attempting to uncover this embezzlement scheme, the auditor most likely would compare the a. Dates checks are deposited per bank statements with the dates remittance credits are recorded. b. Daily cash summaries with the sums of the cash receipts journal entries. c. Individual bank deposit slips with the details of the monthly bank statements. d. Dates uncollectible accounts are authorized to be written off with the dates the write-offs are actually recorded.

(a) The requirement is to identify the best listed procedure for detecting the lapping of cash receipts by the client's cashier through use of customer checks received in the mail. Answer (a) is correct because lapping will result in a delay in the recording of specifi c remittance credits on the fi nancial records, but the checks will be deposited in the bank as they are received. Answer (b) is incorrect because the daily cash summaries will include the same sums as the cash receipts journal entries. Answer (c) is incorrect because the bank deposit slips will be identical to any details included in the monthly bank statements. Answer (d) is incorrect because while the write-off of a receivable may help the individual involved in the lapping to avoid repayment, no lag is to be expected between authorization of the write-off and the date it is actually recorded.

Which of the following controls most likely would reduce the risk of diversion of customer receipts by an entity's employees? a. A bank lockbox system. b. Prenumbered remittance advices. c. Monthly bank reconciliations. d. Daily deposit of cash receipts.

(a) The requirement is to identify the control most likely to reduce the risk of diversion of customer receipts by an entity's employees. Answer (a) is correct because a bank lockbox system eliminates employee contact with cash receipts, and thereby greatly reduces the risk of diversion by employees. Answer (b) is incorrect because remittance advices are ordinarily prenumbered using the numbering schemes of the various customers and not of the client; also, even if a prenumbering system is instituted, diffi culties remain in assuring that all receipts are recorded. Answer (c) is incorrect because a monthly bank reconciliation is only likely to be effective when receipts are deposited and then abstracted. Answer (d) is incorrect because while the daily deposit of cash receipts may reduce the risk of employee diversion of receipts, the procedure is not as effective as the bank lockbox system, which eliminates employee contact with the receipts

Which of the following is a control that most likely could help prevent employee payroll fraud? a. The personnel department promptly sends employee termination notices to the payroll supervisor. b. Employees who distribute payroll checks forward unclaimed payroll checks to the absent employees' supervisors. c. Salary rates resulting from new hires are approved by the payroll supervisor. d. Total hours used for determination of gross pay are calculated by the payroll supervisor.

(a) The requirement is to identify the control that most likely could help prevent employee payroll fraud. Answer (a) is correct because prompt notifi cation of the payroll supervisor concerning terminations will lead to timely removal of terminated employees from the payroll. Accordingly, no payroll checks will be prepared for such terminated employees. Answer (b) is incorrect because unclaimed payroll checks should not be returned to the supervisors who might inappropriately cash them. Answer (c) is incorrect because since the payroll department is involved in recordkeeping, it should not approve salary rates. Answer (d) is incorrect because calculation of total hours by the payroll supervisor is unlikely to prevent employee payroll fraud

Which of the following controls most likely would assure that all billed sales are correctly posted to the accounts receivable ledger? a. Daily sales summaries are compared to daily postings to the accounts receivable ledger. b. Each sales invoice is supported by a prenumbered shipping document. c. The accounts receivable ledger is reconciled daily to the control account in the general ledger. d. Each shipment on credit is supported by a prenumbered sales invoice.

(a) The requirement is to identify the control that most likely would assure that all billed sales are correctly posted to the accounts receivable ledger. Answer (a) is correct because the daily sales summary will include all "billed" sales for a particular day. Comparing this summary to the postings to the accounts receivable ledger will provide evidence on whether billed sales are correctly posted. Answer (b) is incorrect because comparing sales invoices to shipping documents provides evidence on whether invoiced sales have been shipped. Answer (c) is incorrect because reconciling the accounts receivable ledger to the control account will not provide assurance that all billed sales were posted in that both the receivable ledger and the control account may have omitted the sales. Answer (d) is incorrect because comparing shipments with sales invoices provides evidence on whether all shipments have been invoiced, not on whether all billed sales are correctly posted.

Which of the following statements is correct concerning an auditor's assessment of control risk? a. Assessing control risk may be performed concurrently during an audit with obtaining an understanding of the entity's internal control. b. Evidence about the operation of internal control in prior audits may not be considered during the current year's assessment of control risk. c. The basis for an auditor's conclusions about the assessed level of control risk need not be documented unless control risk is assessed at the maximum level. d. The lower the assessed level of control risk, the less assurance the evidence must provide that the control procedures are operating effectively.

(a) The requirement is to identify the correct statement concerning an auditor's assessment of control risk. Answer (a) is correct because AU-C 315 indicates that assessing control risk may be performed concurrently during an audit with obtaining an understanding of internal control. Answer (b) is incorrect because evidence about the operation of internal control obtained in prior audits may be considered during the current year's assessment of control risk. Answer (c) is incorrect because the basis for an auditor's conclusions about the assessed level of control risk needs to be documented when control risk is assessed at levels other than the maximum level. Answer (d) is incorrect because a lower level of control risk requires more assurance that the control procedures are operating effectively

In obtaining an understanding of an entity's internal control relevant to audit planning, an auditor is required to obtain knowledge about the a. Design of the controls pertaining to internal control components. b. Effectiveness of controls that have been implemented. c. Consistency with which controls are currently being applied. d. Controls related to each principal transaction class and account balance.

(a) The requirement is to identify the knowledge that an auditor must obtain when obtaining an understanding of an entity's internal control suffi cient for audit planning. Answer (a) is correct because an auditor must obtain an understanding that includes knowledge about the design of relevant controls and records and whether the client has placed those controls in operation. Answers (b) and (c) are incorrect because auditors may choose not to obtain information on operating effectiveness of controls and their consistency of application. Answer (d) is incorrect because there is no such explicit requirement relating to controls; see AU-C 315 for the necessary understanding of internal control.

A primary objective of procedures performed to obtain an understanding of internal control is to provide an auditor with a. Knowledge necessary to assess the risks of material misstatements. b. Evidence to use in assessing inherent risk. c. A basis for modifying tests of controls. d. An evaluation of the consistency of application of management's policies.

(a) The requirement is to identify the primary objective of procedures performed to obtain an understanding of internal control. Answer (a) is correct because the auditor obtains a suffi cient understanding of internal control to assess the risks of material misstatement and to design the nature, timing, and extent of further audit procedures. Answer (b) addresses inherent risk, the susceptibility of an assertion to material misstatement, assuming that there are no related controls. Answer (b) is incorrect since the concept of inherent risk assumes no internal control and is therefore not the primary objective. Answer (c) is incorrect because answer (a) is more complete and because decisions on modifying tests of controls are often made at a later point in the audit. Answer (d) is incorrect because the consistency of application of management's policies relates more directly to tests of controls than to obtaining an understanding of internal control.

Which of the following procedures would an auditor most likely perform to test controls relating to management's assertion about the completeness of cash receipts for cash sales at a retail outlet? a. Observe the consistency of the employees' use of cash registers and tapes. b. Inquire about employees' access to recorded but undeposited cash. c. Trace deposits in the cash receipts journal to the cash balance in the general ledger. d. Compare the cash balance in the general ledger with the bank confi rmation request.

(a) The requirement is to identify the procedure an auditor most likely would perform to test controls relating to management's assertion about the completeness of cash receipts for cash sales at a retail outlet. Answer (a) is correct because the use of cash registers and tapes helps assure that all such sales are recorded. Answer (b) is incorrect because the cash has already been recorded. Answer (c) is incorrect because the procedure only deals with recorded deposits, and therefore the completeness assertion is not addressed as directly as in answer (a). Answer (d) is incorrect because one would not expect the cash balance in the general ledger to agree with the bank confi rmation request amount due to items in transit and outstanding at the point of reconciliation.

The purpose of segregating the duties of hiring personnel and distributing payroll checks is to separate the a. Authorization of transactions from the custody of related assets. b. Operational responsibility from the recordkeeping responsibility. c. Human resources function from the controllership function. d. Administrative controls from the internal accounting controls.

(a) The requirement is to identify the purpose of segregating the duties of hiring personnel and of distributing payroll checks. Answer (a) is correct because the hiring of personnel is an authorization function while the distribution of checks is a custody function. Thus, in order to properly segregate authorization from custody, these duties should not be performed by the same individual. The combination of these two functions in the same position would create the possibility of the addition of a fi ctitious employee to the payroll and subsequent misappropriation of paychecks. Answer (b) is incorrect because the functions involved are not primarily operational or recordkeeping. Answer (c) is incorrect because the treasury function, and not the controllership function, will normally be responsible for distributing payroll checks. Answer (d) is incorrect because segregation of duties does not directly address administrative controls vs. internal accounting controls.

Which of the following is not a component of an entity's internal control? a. Control risk. b. Control activities. c. Monitoring. d. Control environment.

(a) The requirement is to identify the reply that is not a component of an entity's internal control. Answer (a) is correct because while auditors assess control risk as a part of their consideration of internal control, it is not a component of an entity's internal control. Answers (b), (c), and (d) are incorrect because the control environment, risk assessment, control activities, information and communication, and monitoring are the fi ve components of an entity's internal control (AU-C 315).

A.1. Definition of Internal Control Which of the following most likely would not be considered an inherent limitation of the potential effectiveness of an entity's internal control? a. Incompatible duties. b. Management override. c. Mistakes in judgment. d. Collusion among employees.

(a) The requirement is to identify the reply that most likely would not be considered an inherent limitation of the potential effectiveness of an entity's internal control. Answer (a) is correct because incompatible duties may generally be divided among individuals in such a manner as to control the problem. Answers (b), (c), and (d) are all incorrect because management override, mistakes of judgment, and collusion among employees are all inherent limitations of internal control.

C.6. Investing Which of the following is not a control that is designed to protect investment securities? a. Custody over securities should be limited to individuals who have recordkeeping responsibility over the securities. b. Securities should be properly controlled physically in order to prevent unauthorized usage. c. Access to securities should be vested in more than one individual. d. Securities should be registered in the name of the owner.

(a) The requirement is to identify the reply which is not a control that is designed to protect investment securities. Answer (a) is correct because it is not a control since the custody of securities should be assigned to individuals who do not have accounting responsibility for securities; as with other assets, authorization, recordkeeping, and custody should be separated. Answer (b) is incorrect because securities should be properly controlled physically in order to prevent unauthorized usage. Answer (c) is incorrect because access to securities should ordinarily be vested in two individuals so as to assure their safekeeping. Answer (d) is incorrect because securities should be registered in the name of the owner.

In an audit of fi nancial statements in accordance with generally accepted auditing standards, an auditor is required to a. Document the auditor's understanding of the entity's internal control. b. Search for signifi cant defi ciencies in the operation of internal control. c. Perform tests of controls to evaluate the effectiveness of the entity's internal control. d. Determine whether controls are suitably designed to prevent or detect material misstatements.

(a) The requirement is to identify the statement that represents a requirement when an audit of fi nancial statements in accordance with generally accepted accounting principles is performed. Answer (a) is correct because AU-C 315 requires that the auditor document the understanding of the entity's internal control. Answer (b) is incorrect because while an auditor might fi nd signifi cant defi ciencies in the operation of internal control, no such search is required. Answer (c) is incorrect because an auditor might use a substantive approach in performing an audit and thereby perform few (if any) tests of controls. Answer (d) is incorrect because while auditors must obtain knowledge of internal control suffi ciently to identify types of potential misstatements, they are not required to obtain the detailed knowledge of internal control suggested by this reply

An auditor should obtain suffi cient knowledge of an entity's information system to understand the a. Safeguards used to limit access to computer facilities. b. Process used to prepare signifi cant accounting estimates. c. Controls used to assure proper authorization of transactions. d. Controls used to detect the concealment of fraud

(b) AU-C 315 states that the auditor should obtain suffi cient knowledge of the information (including accounting) system to understand the fi nancial reporting process used to prepare the entity's fi nancial statements, including signifi cant accounting estimates and disclosures. It also states that this knowledge is obtained to help the auditor to understand (1) the entity's classes of transactions, (2) how transactions are initiated, (3) the accounting records and support, and (4) the accounting processing involved from initiat

B.2. Assess Risks of Material Misstatement and Design Further Audit Procedures Which of the following may not be required on a particular audit of a nonissuer (nonpublic) company? a. Risk assessment procedures. b. Tests of controls. c. Substantive procedures. d. Analytical procedures.

(b) Answer (b) is correct because tests of controls are only required when the auditor relies on the controls or substantive tests alone are not suffi cient to audit particular assertions. Answers (a), (c), and (d) are incorrect because these procedures are required on every audit.

Decision tables differ from program fl owcharts in that decision tables emphasize a. Ease of manageability for complex programs. b. Logical relationships among conditions and actions. c. Cost benefi t factors justifying the program. d. The sequence in which operations are performed.

(b) Decision tables include various combinations of conditions that are matched to one of several actions. In an internal control setting, the various important controls are reviewed and, based on the combination of answers received, an action such as a decision on whether to perform tests of controls is determined. Program fl owcharts simply summarize the steps involved in a program. Answer (a) is incorrect because decision tables do not emphasize the ease of manageability for complex programs. Answer (c) is incorrect because while decision tables may be designed using various cost benefi t factors relating to the various conditions and actions, they do not justify the program. Answer (d) is incorrect because program fl owcharts, not decision tables, emphasize the sequence in which operations are performed.

In obtaining an understanding of an entity's internal control, an auditor is required to obtain knowledge about the Operating effectiveness of controls// Design of controls a. Yes// Yes b. No //Yes c. Yes// No d. No// No

(b) In obtaining an understanding of internal control, the auditor should perform procedures to provide suffi cient knowledge of the design of the relevant controls and whether they have been implemented. Information on operating effectiveness need not be obtained unless control risk is to be assessed at a level below the maximum

The objectives of internal control for a production cycle are to provide assurance that transactions are properly executed and recorded, and that a. Production orders are prenumbered and signed by a supervisor. b. Custody of work in process and of fi nished goods is properly maintained. c. Independent internal verifi cation of activity reports is established. d. Transfers to fi nished goods are documented by a completed production report and a quality control report.

(b) The requirement is to determine an objective of internal control for a production cycle in addition to providing assurance that transactions are properly executed and recorded. Answer (b) is correct because, in addition to providing assurance as to proper execution and recording, an objective for the production cycle (as well as other cycles) is the safeguarding of assets, here work in process and fi nished goods. Answers (a), (c), and (d) are incorrect because they represent detailed controls established to help achieve the overall objectives. They are all much more specifi c than the overall objectives.

In assessing control risk for purchases, an auditor vouches a sample of entries in the voucher register to the supporting documents. Which assertion would this test of controls most likely support? a. Completeness. b. Existence or occurrence. c. Valuation or allocation. d. Rights and obligations.

(b) The requirement is to determine the fi nancial statement assertion that a test of controls of vouching a sample of entries in the voucher register to the supporting documents most directly addresses. Answer (b) is correct because the existence or occurrence assertion addresses whether recorded entries are valid and the direction of this test is from the recorded entry in the voucher register to the supporting documents. Answer (a) is incorrect because completeness addresses whether all transactions and accounts are included and would involve tests tracing from support for purchases to the recorded entry. Answers (c) and (d) are incorrect because vouching the entries provides only limited evidence on valuation and rights.

Tracing shipping documents to prenumbered sales invoices provides evidence that a. No duplicate shipments or billings occurred. b. Shipments to customers were properly invoiced. c. All goods ordered by customers were shipped. d. All prenumbered sales invoices were accounted for

(b) The requirement is to determine the type of evidence obtained when tracing shipping documents to prenumbered sales invoices. Answer (b) is correct because the shipping documents relate to shipments to customers, and tracing them to sales invoices will provide evidence on whether sales invoices were prepared. Answer (a) is incorrect because duplicate shipments or billings will not in general be detected by tracing individual shipping documents to prenumbered sales invoices. Answer (c) is incorrect because an auditor will trace from customer orders to shipping documents to determine whether all goods ordered were shipped. Answer (d) is incorrect because an auditor will account for the sequence of sales invoices to determine whether all sale invoices were accounted for.

Internal control is strengthened when the quantity of merchandise ordered is omitted from the copy of the purchase order sent to the a. Department that initiated the requisition. b. Receiving department. c. Purchasing agent. d. Accounts payable department

(b) The requirement is to determine which copy of the purchase order should omit indication of the quantity of merchandise ordered. Answer (b) is correct because if the receiving department personnel are unaware of the quantities ordered, they will provide an independent count of quantities received. Answer (a) is incorrect because the department that initiated the requisition needs the merchandise, and therefore, should know what has been ordered. Answer (c) is incorrect because the purchasing agent is involved with purchasing the items and therefore must be aware of the quantity involved. Answer (d) is incorrect because the accounts payable department must reconcile the quantity received and the quantity billed to the quantity that was authorized to be purchased per the purchase order

When a customer fails to include a remittance advice with a payment, it is common practice for the person opening the mail to prepare one. Consequently, mail should be opened by which of the following four company employees? a. Credit manager. b. Receptionist. c. Sales manager. d. Accounts receivable clerk.

(b) The requirement is to determine who should prepare a remittance advice when the customer fails to include one with a remittance. Remittances should be opened by an individual such as a receptionist who is independent of the sales function. That individual will prepare any needed remittance advices. The credit manager [answer (a)], and the sales manager [answer (c)], are incorrect because they perform an authorization function related to sales. Answer (d) is incorrect because the accounts receivable clerk performs a recordkeeping function for sales.

When obtaining an understanding of an entity's internal control, an auditor should concentrate on the substance of controls rather than their form because a. The controls may be operating effectively but may not be documented. b. Management may establish appropriate controls but not enforce compliance with them. c. The controls may be so inappropriate that no reliance is contemplated by the auditor. d. Management may implement controls whose costs exceed their benefi ts.

(b) The requirement is to determine why an auditor should concentrate on the substance of procedures rather than their form when obtaining an understanding of an entity's controls. Answer (b) is correct because management may establish appropriate controls but not act on them, thus creating a situation in which the form differs from the substance. Answer (a) is incorrect because documentation is not directly related to the issue of substance over form. Answer (c) is incorrect because inappropriate controls is only a part of an auditor concern; for example, a control may be appropriate, but it may not be operating effectively. Answer (d) is incorrect because while an auditor might suggest to management that the cost of certain controls seems to exceed their likely benefi t, this is not the primary r

C.4. Personnel and Payroll An auditor vouched data for a sample of employees in a payroll register to approved clock card data to provide assurance that a. Payments to employees are computed at authorized rates. b. Employees work the number of hours for which they are paid. c. Segregation of duties exist between the preparation and distribution of the payroll. d. Controls relating to unclaimed payroll checks are operating effectively.

(b) The requirement is to identify a purpose of vouching data for a sample of employees in a payroll register to approved clock card data. Answer (b) is correct because the clock card data provides the auditor with evidence on whether employees worked the number of hours for which the payroll register indicates they were paid. Answer (a) is incorrect because clock card data often does not include authorized pay rates. Answer (c) is incorrect because the procedure does not directly address the segregation of duties since no information is provided concerning the distribution of the payroll. Answer (d) is incorrect because unclaimed payroll checks are not being analyzed.

Employers bond employees who handle cash receipts because fidelity bonds reduce the possibility of employing dishonest individuals and a. Protect employees who make unintentional misstatements from possible monetary damages resulting from their misstatements. b. Deter dishonesty by making employees aware that insurance companies may investigate and prosecute dishonest acts. c. Facilitate an independent monitoring of the receiving and depositing of cash receipts. d. Force employees in positions of trust to take periodic vacations and rotate their assigned duties.

(b) The requirement is to identify a reason that employers bond employees who handle cash receipts. Answer (b) is correct because employee knowledge that bonding companies often prosecute those accused of dishonest acts may deter employees' dishonest acts. Answer (a) is incorrect because bonding protects the employer from dishonest acts, not the employee from unintentional errors. Answer (c) is incorrect because the bonding company does not serve the role of independent monitoring of cash. Answer (d) is incorrect because while rotation of positions and forcing employees to take periodic vacations are effective controls for preventing fraud, they are not accomplished through bonding.

Which of the following audit procedures would an auditor most likely perform to test controls relating to management's assertion concerning the completeness of sales transactions? a. Verify that extensions and footings on the entity's sales invoices and monthly customer statements have been recomputed. b. Inspect the entity's reports of prenumbered shipping documents that have not been recorded in the sales journal. c. Compare the invoiced prices on prenumbered sales invoices to the entity's authorized price list. d. Inquire about the entity's credit granting policies and the consistent application of credit checks.

(b) The requirement is to identify the audit procedure an auditor most likely would perform to test controls relating to management's assertion concerning the completeness of sales transactions. Answer (b) is correct because inspection of shipping documents that have not been recorded in the sales journal will possibly reveal items that have been sold (as evidenced by a shipping document) but for some reason have not been recorded as sales. Answers (a), (c), and (d) are all incorrect because verifi cation of extension and footings, comparing invoiced prices, and inquiring about credit granting policies all relate more directly to the valuation assertion than to the completeness assertion.

C.2. Purchases, Payables, and Cash Disbursements To provide assurance that each voucher is submitted and paid only once, an auditor most likely would examine a sample of paid vouchers and determine whether each voucher is a. Supported by a vendor's invoice. b. Stamped "paid" by the check signer. c. Prenumbered and accounted for. d. Approved for authorized purchases.

(b) The requirement is to identify the audit procedure relating to paid vouchers that will provide assurance that each voucher is submitted and paid only once. Answer (b) is correct because when the check signer stamps vouchers "paid" it is unlikely to be paid a second time since that individual will notice the stamp on the voucher the second time it is submitted for payment.

A client erroneously recorded a large purchase twice. Which of the following internal control measures would be most likely to detect this error in a timely and effi cient manner? a. Footing the purchases journal. b. Reconciling vendors' monthly statements with subsidiary payable ledger accounts. c. Tracing totals from the purchases journal to the ledger accounts. d. Sending written quarterly confi rmations to all vendors

(b) The requirement is to identify the audit procedure which would most likely detect a client error in recording a large purchase. Answer (b) is correct because reconciling the vendors' monthly statements with the subsidiary ledger for payables should disclose a difference in the month following the error. Answer (a), footing the purchases journal, is unlikely to detect the error since the journal's totals will have been mathematically accumulated properly. Answer (c) is incorrect because the incorrect total will be refl ected in both the purchases journal and in the ledger accounts. Answer (d) is incorrect because such confi rmations will only d

Which of the following controls would a company most likely use to safeguard marketable securities when an independent trust agent is not employed? a. The investment committee of the board of directors periodically reviews the investment decisions delegated to the treasurer. b. Two company offi cials have joint control of marketable securities, which are kept in a bank safedeposit box. c. The internal auditor and the controller independently trace all purchases and sales of marketable securities from the subsidiary ledgers to the general ledger. d. The chairman of the board verifi es the marketable securities, which are kept in a bank safe-deposit box, each year on the balance sheet date.

(b) The requirement is to identify the best control for safeguarding marketable securities when an independent trust agent is not employed. Answer (b) is correct because requiring joint control over securities maintained in a safe-deposit box assures that, absent collusion, assets are safeguarded. Answer (a) is incorrect because a review of investment decisions by the investment committee will have a very limited effect on safeguarding marketable securities. Answer (c) is incorrect because the simple tracing of marketable securities from the subsidiary ledgers to the general ledger does not directly safeguard marketable securities since, for example, unrecorded transactions may occur. Answer (d) is incorrect because, even if the chairman of the board did verify marketable securities on the balance sheet date, the control will only be effective at that point in time.

Management philosophy and operating style most likely would have a signifi cant infl uence on an entity's control environment when a. The internal auditor reports directly to management. b. Management is dominated by one individual. c. Accurate management job descriptions delineate specifi c duties. d. The audit committee actively oversees the fi nancial reporting process

(b) The requirement is to identify the circumstance in which management philosophy and operating style would have a signifi cant infl uence on an entity's control environment. Answer (b) is correct because management philosophy and operating style, while always important, is particularly so when management is dominated by one or a few individuals because it may impact numerous other factors. Answer (a) is incorrect because the impact of the internal auditor reporting directly to management is likely to be less than that of answer (a). Answer (c) is incorrect because while accurate management job descriptions are desirable, they do not have as signifi cant of an effect on management philosophy and operating style as does domination by an individual. Answer (d) is incorrect because an active audit committee might temper rather than lead to a more signifi cant infl uence of management philosophy and operating style.

Which of the following controls would an entity most likely use to assist in satisfying the completeness assertion related to long-term investments? a. Senior management verifi es that securities in the bank safe-deposit box are registered in the entity's name. b. The internal auditor compares the securities in the bank safe-deposit box with recorded investments. c. The treasurer vouches the acquisition of securities by comparing brokers' advices with canceled checks. d. The controller compares the current market prices of recorded investments with the brokers' advices on file.

(b) The requirement is to identify the control that would be most likely to assist an entity in satisfying the completeness assertion related to long-term investments. Answer (b) is correct because completeness deals with whether all transactions are recorded, and the comparison of securities in the bank safe-deposit box with recorded investments may reveal securities which are in the safedeposit box but are not recorded. Answer (a) is incorrect because verifi cation of security registration helps establish the rights assertion not the completeness assertion. Answer (c) is incorrect because vouching the acquisition of securities by comparing brokers' advices with canceled checks helps to establish the existence assertion not the completeness assertion. Answer (d) is incorrect because a comparison of the current market prices of recorded investments with brokers' advices addresses the valuation assertion not the completeness assertion

Which statement is correct concerning the relevance of various types of controls to a fi nancial audit? a. An auditor may ordinarily ignore a consideration of controls when a substantive audit approach is taken. b. Controls over the reliability of fi nancial reporting are ordinarily most directly relevant to an audit, but other controls may also be relevant. c. Controls over safeguarding of assets and liabilities are of primary importance, while controls over the reliability of fi nancial reporting may also be relevant. d. All controls are ordinarily relevant to an audit.

(b) The requirement is to identify the correct statement relating to the relevance of various types of controls to a fi nancial statement audit. Answer (b) is correct because, generally, controls that are relevant to an audit pertain to the entity's objective of preparing fi nancial statements for external purposes. Answer (a) is incorrect because AU-C 315 makes clear that an auditor may not ignore consideration of controls under any audit approach. Answer (c) is incorrect because control over fi nancial reporting are of primary importance. Answer (d) is incorrect because many operational and comp

With properly designed internal control, the same employee most likely would match vendors' invoices with receiving reports and also a. Post the detailed accounts payable records. b. Recompute the calculations on vendors' invoices. c. Reconcile the accounts payable ledger. d. Cancel vendors' invoices after payment.

(b) The requirement is to identify the function that is consistent with matching vendors' invoices with receiving reports. Answer (b) is correct because while matching invoices and receiving reports, the employee might effectively recompute the calculations on the vendors' invoices to determine that the amounts are proper. Answers (a) and (c) are incorrect. The individual who matches the invoices and receiving reports will often also approve them for payment. Therefore, this individual should not also post accounts payable records or reconcile the accounts payable ledger. Answer (d) is incorrect because the individual who controls the signing of the checks should cancel the invoices after payment.

Proper segregation of functional responsibilities calls for separation of the functions of a. Authorization, execution, and payment. b. Authorization, recording, and custody. c. Custody, execution, and reporting. d. Authorization, payment, and recording.

(b) The requirement is to identify the functions that should be segregated for effective internal control. Answer (b) is correct because authorizing transactions, recording transactions, and maintaining custody of assets should be segregated

In assessing control risk, an auditor ordinarily selects from a variety of techniques, including a. Inquiry and analytical procedures. b. Reperformance and observation. c. Comparison and confi rmation. d. Inspection and verifi cation.

(b) The requirement is to identify the most appropriate procedures for assessing control risk. Auditors perform tests of controls to obtain evidence on the operating effectiveness of controls to assess control risk. Answer (b) is correct because tests of controls include inquiries of appropriate entity personnel, inspection of documents and reports, observation of the application of the policy or procedure, and reperformance of the application of the policy or procedure

A.2. Major Components of Internal Control An entity's ongoing monitoring activities often include a a. Periodic audits by the audit committee. b. Reviewing the purchasing function. c. The audit of the annual financial statements. d. Control risk assessment in conjunction with quarterly reviews

(b) The requirement is to identify the most likely type of ongoing monitoring activity. Answer (b) is correct because ongoing monitoring involves assessing the design and operation of controls on a timely basis and taking necessary corrective actions and such an approach may be followed in reviewing the purchasing function. Answer (a) is incorrect because periodic audits are not ordinarily performed by the audit committee, a subcommittee of the Board of Directors. Answer (c) is incorrect because the audit of the annual fi nancial statements is not ordinarily considered monitoring as presented in the professional standards. Answer (d) is incorrect because the meaning of the reply, control risk assessment in conjunction with quarterly reviews, is uncertain

An entity's internal control requires for every check request that there be an approved voucher, supported by a prenumbered purchase order and a prenumbered receiving report. To determine whether checks are being issued for unauthorized expenditures, an auditor most likely would select items for testing from the population of all a. Purchase orders. b. Canceled checks. c. Receiving reports. d. Approved vouchers.

(b) The requirement is to identify the population from which items should be selected to determine whether checks are being issued for unauthorized expenditures. Answer (b) is correct because a sample of canceled checks should be selected and compared with the approved vouchers, a prenumbered purchase order and prenumbered receiving reports. A canceled check that does not have such support may have been unauthorized. Answers (a), (c), and (d) are all incorrect because selecting items from purchase orders, receiving reports, or approved vouchers will not reveal circumstances in which a check was issued without that supporting document. For example, when selecting a sample from purchase orders, one would not discover a situation in which a check had been issued without a purchase order.

Proper internal control over the cash payroll function would mandate which of the following? a. The payroll clerk should fill the envelopes with cash and a computation of the net wages. b. Unclaimed pay envelopes should be retained by the paymaster. c. Each employee should be asked to sign a receipt. d. A separate checking account for payroll be maintained.

(c) If payment of wages were to be in cash, each employee receiving payment should be required to sign a receipt for the amount of pay received. Thus, there would be control over the total amount disbursed as well as amounts disbursed to each individual employee. Answer (a) is incorrect because if a signed receipt is not received from each employee paid, there would be no proof of payment. Even though the pay envelopes include both cash and a computation of net wages, the employees should have the opportunity to count the cash received before signing a payroll receipt. Answer (b) is incorrect because unclaimed pay envelopes should not be retained by the paymaster, but rather deposited in a bank account by the cashier. Answer (d) is incorrect because the wage payment will be made in cash and not by check. Accordingly, a receipt must be obtained for each cash payment.

When an auditor increases the assessed level of control risk because certain control activities were determined to be ineffective, the auditor would most likely increase the a. Extent of tests of controls. b. Level of detection risk. c. Extent of tests of details. d. Level of inherent risk.

(c) Increases in the assessed level of the risk of material misstatement lead to decreases in the acceptable level of detection risk. Accordingly, the auditor will need to increase the extent of substantive tests such as tests of details. Answer (a) is incorrect because tests of controls are performed to reduce the assessed level of control risk only when controls are believed to be effective. Answer (b) is incorrect because the level of detection risk must be decreased, not increased. Answer (d) is incorrect because the level of inherent risk pertains to the susceptibility of an account to material misstatement independent of related controls.

When there are numerous property and equipment transactions during the year, an auditor who plans to assess control risk at a low level usually performs a. Tests of controls and extensive tests of property and equipment balances at the end of the year. b. Analytical procedures for current year property and equipment transactions. c. Tests of controls and limited tests of current year property and equipment transactions. d. Analytical procedures for property and equipment balances at the end of the year

(c) The requirement is to determine the appropriate combination of audit tests when there are numerous property and equipment transactions during the year and the auditor plans to assess control risk at a low level. Answer (c) is correct because, to justify an assessment of control risk at a low level, tests of controls will be required. This will allow auditors to perform only limited tests of current year property and equipment transactions. Answer (a) is incorrect because tests of controls will be performed to allow the auditor to perform limited, not extensive, tests of property and equipment balances at the end of the year. Answers (b) and (d) are incorrect because analytical procedures on either year-end balances or transactions will not justify a low assessed level of control risk.

To minimize the opportunities for fraud, unclaimed cash payroll should be a. Deposited in a safe-deposit box. b. Held by the payroll custodian. c. Deposited in a special b

(c) The requirement is to determine the best method to minimize the opportunities for fraud for unclaimed cash in a cash payroll system. For a cash payroll the best control is to get the unclaimed cash out of the fi rm's physical control and into the bank. Answer (a) is incorrect because maintaining the accountability for cash which is in a safe-deposit box is diffi cult. Answers (b) and (d) are incorrect because the cash need not be kept by the fi rm.

Regardless of the assessed level of control risk, an auditor would perform some a. Tests of controls to determine the effectiveness of internal control policies. b. Analytical procedures to verify the design of internal control. c. Substantive tests to restrict detection risk for signifi cant transaction classes. d. Dual-purpose tests to evaluate both the risk of monetary misstatement and preliminary control risk.

(c) The requirement is to determine the correct statement concerning the assessed level of control risk. Answer (c) is correct because ordinarily the assessed level of control risk cannot be suffi ciently low to eliminate the need to perform any substantive tests to restrict detection risk for signifi cant transaction classes. Answer (a) is incorrect because tests of controls are unnecessary when control risk is assessed at the maximum level. Answer (b) is incorrect because analytical procedures are not designed to verify the design of internal control. Answer (d) is incorrect because dual-purpose tests (i.e., those that serve as both substantive tests and tests of controls) are not required to be performed, and because the term "preliminary control risk" is unclear.

Upon receipt of customers' checks in the mailroom, a responsible employee should prepare a remittance listing that is forwarded to the cashier. A copy of the listing should be sent to the a. Internal auditor to investigate the listing for unusual transactions. b. Treasurer to compare the listing with the monthly bank statement. c. Accounts receivable bookkeeper to update the subsidiary accounts receivable records. d. Entity's bank to compare the listing with the cashier's deposit slip.

(c) The requirement is to determine the individual or organization to which a list of remittances should be forwarded to in addition to the cashier. Answer (c) is correct because the accounts receivable bookkeeper will use the listing to update the subsidiary accounts receivable records. Answer (a) is incorrect because internal auditors will not normally investigate each day's listing of remittances for unusual transactions. Answer (b) is incorrect because the treasurer will not in general compare daily listings to the monthly bank statement. Answer (d) is incorrect because the list will not be sent to the bank.

Sound internal control dictates that defective merchandise returned by customers should be presented initially to the a. Salesclerk. b. Purchasing clerk. c. Receiving clerk. d. Inventory control clerk.

(c) The requirement is to determine the proper internal control for handling customer returns of defective merchandise. Answer (c) is correct because the receiving department can count the goods, and list them on a sales return notice to determine that all such returns are properly recorded. This serves as a control because the normal procedures of the receiving function include establishing the original accountability and recordkeeping for items received. Answers (a), (b), and (d) all represent functions not typically involved in the receiving function and thus involve a higher risk relating to establishing accountability.

The auditor may observe the distribution of paychecks to ascertain whether a. Pay rate authorization is properly separated from the operating function. b. Deductions from gross pay are calculated correctly and are properly authorized. c. Employees of record actually exist and are employed by the client. d. Paychecks agree with the payroll register and the time cards.

(c) The requirement is to identify a reason why an auditor may observe the distribution of paychecks. Answer (c) is correct because an employee's presence to collect the paycheck provides evidence that the employee actually exists and is currently employed by the client. Answer (a) is incorrect because the distributions of payroll checks would not reveal whether payrate authorization is properly separated from the operating function. Answer (b) is incorrect because the paycheck distribution does not provide information on whether deductions from gross pay have been calculated properly. Answer (d) is incorrect because observation of the paycheck distribution process does not of itself provide assurance that the paychecks agree with the related payroll register and time cards

Which of the following controls most likely would prevent direct labor hours from being charged to manufacturing overhead? a. Periodic independent counts of work in process for comparison to recorded amounts. b. Comparison of daily journal entries with approved production orders. c. Use of time tickets to record actual labor worked on production orders. d. Reconciliation of work-in-process inventory with periodic cost budgets.

(c) The requirement is to identify the control most likely to prevent direct labor hours from being charged to manufacturing overhead. Answer (c) is correct because time tickets may be coded as to whether direct labor on various projects was involved. Accordingly, using time tickets will help identify direct labor costs. Answer (a) is incorrect because while periodic counts of work in process may provide a control over physical units of production, the counts will not in general provide assurance that direct labor hours are properly charged to the product rather than to manufacturing overhead. Answer (b) is incorrect because comparing daily journal entries with production orders will not in general identify costs that have been omitted from direct labor due to the level of aggregation of the entries. Answer (d) is incorrect because the reconciliation of work in process inventory with budgets will provide only very limited detection ability relating to the charging of direct labor to manufacturing overhead.

Which of the following controls most likely would be effective in offsetting the tendency of sales personnel to maximize sales volume at the expense of high bad debt write-offs? a. Employees responsible for authorizing sales and bad debt write-offs are denied access to cash. b. Shipping documents and sales invoices are matched by an employee who does not have authority to write off bad debts. c. Employees involved in the credit-granting function are separated from the sales function. d. Subsidiary accounts receivable records are reconciled to the control account by an employee independent of the authorization of credit.

(c) The requirement is to identify the control that will be most effective in offsetting the tendency of sales personnel to maximize sales volume at the expense of high bad debt write-offs. Answer (c) is correct because segregation of the authorization of credit from the sales function will allow an independent review of the creditworthiness of customers. Answer (a) is incorrect because while denying access to cash by employees responsible for sales and bad debt write-offs may deter embezzlements, the problem of high bad debt write-offs is likely to remain. Answer (b) is incorrect because while so segregating the matching of shipping documents and sales invoices may help assure that items are shipped properly and subsequently recorded, it will not signifi cantly affect bad debts. Answer (d) is incorrect because while independent reconciliation of control and subsidiary accounts receivable records may defer embezzlements, bad debt write-offs will not be affected.

During the consideration of a small business client's internal control, the auditor discovered that the accounts receivable clerk approves credit memos and has access to cash. Which of the following controls would be most effective in offsetting this weakness? a. The owner reviews errors in billings to customers and postings to the subsidiary ledger. b. The controller receives the monthly bank statement directly and reconciles the checking accounts. c. The owner reviews credit memos after they are recorded. d. The controller reconciles the total of the detail accounts receivable accounts to the amount shown in the ledger.

(c) The requirement is to identify the control which would offset a weakness that allowed the accounts receivable clerk to approve credit memos and to have access to cash. Note that such a weakness may lead to a fraud in which the accounts receivable clerk receives and keeps cash payments while issuing a fraudulent credit memo as the basis for a credit to the customer's account. Answer (c) is correct because the owner's review of credit memos could help establish that fraudulent memos had not been issued for receivables which had in actuality been collected by the clerk; for example, when reviewing credit memos the owner would expect to see a receiving report for sales returns for which credit memos have been generated. Answer (a) is incorrect because the bookkeeper may be able to maintain the records in such a manner as to avoid billing errors related to the fraud, and therefore a review of billings and postings may not reveal such fraud. Answer (b) is incorrect because month-end reconciliation of checking accounts with the monthly bank statement will not refl ect cash that has been improperly diverted by the accounts receivable clerk. Answer (d) is incorrect because the accounts receivable clerk should be able to maintain the detail and ledger amount in balance and thereby avoid detection

Alpha Company uses its sales invoices for posting perpetual inventory records. Inadequate controls over the invoicing function allow goods to be shipped that are not invoiced. The inadequate controls could cause an a. Understatement of revenues, receivables, and inventory. b. Overstatement of revenues and receivables, and an understatement of inventory. c. Understatement of revenues and receivables, and an overstatement of inventory. d. Overstatement of revenues, receivables, and inventory

(c) The requirement is to identify the effect on revenues, receivables, and inventory of inadequate controls over the invoicing function that allows goods to be shipped without being invoiced. Items shipped without invoicing will result in a situation in which the accounting department is unaware of the sale. Therefore, debits to accounts receivable and credits to sales will not be recorded, resulting in an understatement of both revenues and receivables. Similarly, because accounting is unaware of the sale, no entry to reduce inventory will be made, resulting in an overstatement of inventory.

Which of the following is least likely to be evidence the auditor examines to determine whether controls are operating effectively? a. Records documenting usage of computer programs. b. Canceled supporting documents. c. Confi rmations of accounts receivable. d. Signatures on authorization forms.

(c) The requirement is to identify the least likely type of evidence the auditor will examine to determine whether controls are operating effectively. Answer (c) is correct because confi rmation of accounts receivable is a substantive test, not a test of a control. Answer (a) is incorrect because records documenting the usage of computer programs may be tested to determine whether access is appropriately controlled. Answer (b) is incorrect because examining canceled supporting documents may help the auditor to determine that the structure will not allow duplicate billing to result in multiple payments. Answer (d) is incorrect because proper signatures will help the auditor to determine whether the authorization controls are functioning adequately

Sound internal control dictates that immediately upon receiving checks from customers by mail, a responsible employee should a. Add the checks to the daily cash summary. b. Verify that each check is supported by a prenumbered sales invoice. c. Prepare a duplicate listing of checks received. d. Record the checks in the cash receipts journal.

(c) The requirement is to identify the proper procedure to be performed immediately upon receipt of checks by mail. Sound internal control requires the use of adequate documentation to ensure that all transactions are properly recorded. This helps the company attain the fi nancial statement assertion of completeness. Answer (c) is correct because the preparation of a duplicate listing of checks received provides the company with a source document of all the checks received that day. One list is then forwarded to the employee responsible for depositing the checks at the end of the day and the other list is sent to the accounting department so that they can post the amount to the cash receipts journal. Answer (a) is incorrect because the daily cash summary will ordinarily be prepared at the end of the day when all checks have been received. Answer (b) is incorrect because checks need not be compared to a sales invoice. Answer (d) is incorrect because the employee opening the mail should not also perform the recordkeeping function of recording the checks in the cash receipts journal

Which of the following is a question that the auditor would expect to find on the production cycle section of an internal control questionnaire? a. Are vendors' invoices for raw materials approved for payment by an employee who is independent of the cash disbursements function? b. Are signed checks for the purchase of raw materials mailed directly after signing without being returned to the person who authorized the invoice processing? 200 c. Are all releases by storekeepers of raw materials from storage based on approved requisition documents? d. Are details of individual disbursements for raw materials balanced with the total to be posted to the appropriate general ledger account?

(c) The requirement is to identify the question that an auditor would expect to fi nd on the production cycle section of an internal control questionnaire. Answer (c) is correct because approved requisitions will help maintain control over raw materials released to be used in the production cycle. Answers (a), (b), and (d) are all incorrect because approval of vendors' invoices for payment, mailing of checks after signing, and comparing individual disbursements to totals all pertain more directly to the disbursement cycle.

An auditor most likely would assess control risk at a high level if the payroll department supervisor is responsible for a. Examining authorization forms for new employees. b. Comparing payroll registers with original batch transmittal data. c. Authorizing payroll rate changes for all employees. d. Hiring all subordinate payroll department employees

(c) The requirement is to identify the situation in which it is most likely that an auditor would assess control risk for payroll at a high level. Answer (c) is correct because the payroll department, which is essentially a recordkeeping function, should not also authorize payroll rate changes. Under strong internal control recordkeeping, authorization, and custody over assets should be segregated. Answer (a) is incorrect because examining authorization forms for new employees is consistent with the payroll department's recordkeeping function. Answer (b) is incorrect because comparing payroll registers with original batch transmittal data is a control relating to recordkeeping. Answer (d) is incorrect because while the actual hiring of employees is normally done in the personnel department, allowing the payroll department supervisor to hire subordinates, with proper approval, is not as inconsistent with payroll's recordkeeping function as is authorizing rate changes for all employees.

Control risk should be assessed in terms of a. Specifi c controls. b. Types of potential fraud. c. Financial statement assertions. d. Control environment factors.

(c) The requirement is to identify the terms in which control risk should be assessed. Answer (c) is correct because AU-C 315 requires that control risk be assessed in terms of fi nancial statement assertions.

The overall attitude and awareness of an entity's board of directors concerning the importance of internal control usually is refl ected in its a. Computer-based controls. b. System of segregation of duties. c. Control environment. d. Safeguards over access to assets

(c) The requirement is to identify where the overall attitude and awareness of an entity's board of directors concerning the importance of internal control is normally refl ected. Answer (c) is correct because the control environment refl ects the overall attitude, awareness, and actions of the board of directors, management, owners, and others concerning the importance of control and its emphasis in the entity.

Assessing control risk at a low level most likely would involve a. Performing more extensive substantive tests with larger sample sizes than originally planned. b. Reducing inherent risk for most of the assertions relevant to signifi cant account balances. c. Changing the timing of substantive tests by omitting interim-date testing and performing the tests at year-end. d. Identifying specifi c controls relevant to specifi c assertions.

(d) Assessing control risk at a low level involves (1) identifying specifi c controls relevant to specifi c assertions that are likely to prevent or detect material misstatements in those assertions, and (2) performing tests of controls to evaluate the effectiveness of such controls. Answer (a) is incorrect because assessing control risk at a low level may lead to less extensive, not more extensive substantive tests. Answer (b) is incorrect because the actual level of inherent risk is not affected by the level of control risk. Also, one would not expect a change in the assessed level of control risk to result in a change in the assessed level of inherent risk. Answer (c) is incorrect because assessing control risk at a low level may lead to interim-date substantive testing rather than year-end testing.

A.3. Related Topics Which of the following is a provision of the Foreign Corrupt Practices Act? a. It is a criminal offense for an auditor to fail to detect and report a bribe paid by an American business entity to a foreign official for the purpose of obtaining business. b. The auditor's detection of illegal acts committed by officials of the auditor's publicly held client in conjunction with foreign officials should be reported to the Enforcement Division of the Securities and Exchange Commission. c. If the auditor of a publicly held company concludes that the effects on the financial statements of a bribe given to a foreign official are not susceptible to reasonable estimation, the auditor's report should be modified. d. Every publicly held company must devise, document, and maintain internal control sufficient to provide reasonable assurances that internal control objectives are met

(d) The Foreign Corrupt Practices Act makes payment of bribes to foreign offi cials illegal and requires publicly held companies to maintain systems of internal control suffi cient to provide

A client maintains perpetual inventory records in both quantities and dollars. If the assessed level of control risk is high, an auditor would probably a. Insist that the client perform physical counts of inventory items several times during the year. b. Apply gross profi t tests to ascertain the reasonableness of the physical counts. c. Increase the extent of tests of controls of the inventory cycle. d. Request the client to schedule the physical inventory count at the end of the year.

(d) The requirement is to determine a likely effect on the audit of inventory if the assessed level of control risk is high. Answer (d) is correct because a high assessed level of control risk may result in changing the timing of substantive tests to year-end rather than at an interim date. If the assessed level of control risk is low, the auditor could perform interim substantive tests and rely upon internal control to provide valid year-end records. However, because the assessed level of control risk is high, the controls cannot be relied upon. Also, the nature of substantive tests may change from less effective to more effective procedures (e.g., use of independent parties outside the entity rather than internal) and an increase in the extent of procedures (e.g., larger sample sizes). Answer (a) is incorrect because, as indicated, an auditor will generally seek a year-end count of inventory. Answer (b) is incorrect because gross profi t tests will not in general have the required precision when control risk is high. Answer (c) is incorrect because tests of controls are likely to substantiate an auditor's view that control risk is high, and it is therefore unlikely that their performance will be costeffective.

60. In testing controls over cash disbursements, an auditor most likely would determine that the person who signs checks also a. Reviews the monthly bank reconciliation. b. Returns the checks to accounts payable. c. Is denied access to the supporting documents. d. Is responsible for mailing the checks.

(d) The requirement is to determine the appropriate responsibility for the person who signs checks. Answer (d) is correct because the individual who signs checks should be responsible for mailing them so as to avoid a variety of fraud in which the checks are improperly converted into cash by company employees. Answer (a) is incorrect because the individual who reconciles the bank accounts should have no other responsibilities with respect to cash. Answer (b) is incorrect because accounts payable does not need the checks and, if they receive them, those checks may be converted into cash which is then stolen. Answer (c) is incorrect because the person who signs the checks should determine that proper supporting documents exist and should cancel that documentation after the payment is made.

Which of the following controls is not usually performed in the vouchers payable department? a. Matching the vendor's invoice with the related receiving report. b. Approving vouchers for payment by having an authorized employee sign the vouchers. c. Indicating the asset and expense accounts to be debited. d. Accounting for unused prenumbered purchase orders and receiving reports.

(d) The requirement is to determine the control that is not usually performed in the vouchers payable department. Answer (d) is correct because the vouchers payable department will not in general have access to unused prenumbered purchase orders and receiving reports. Answer (a) is incorrect because the vouchers payable department will match the vendor's invoice with the related receiving report to determine that the item for which the company has been billed has been received. Answer (b) is incorrect because the vouchers payable department will approve vouchers for payment when all documentation is proper and present. Answer (c) is incorrect because the vouchers payable department will code the voucher with accounts to be debited.

Which of the following statements regarding auditor documentation of the client's internal control is correct? a. Documentation must include fl owcharts. b. Documentation must include procedural write-ups. c. No documentation is necessary although it is desirable. d. No one particular form of documentation is necessary, and the extent of documentation may vary.

(d) The requirement is to determine the correct statement with respect to the auditor's required documentation of the client's internal control. An auditor may document his/ her understanding of the structure and his/her conclusions about the design of that structure in the form of answers to a questionnaire, narrative memorandums, fl owcharts, decision tables, or any other form that the auditor considers appropriate in the circumstances. Answers (a) and (b) are, thus, incorrect because they suggest restrictions which do not exist in practice. Answer (c) is incorrect since at a minimum a list of reasons for nonreliance must be provided.

55. Proper authorization of write-offs of uncollectible accounts should be approved in which of the following departments? a. Accounts receivable. b. Credit. c. Accounts payable. d. Treasurer.

(d) The requirement is to determine the department that should approve bad debt write-offs. The department responsible for bad debt write-offs should be independent of the sales, credit, and the recordkeeping for that function, and should have knowledge relating to the accounts. Answer (d) is correct because, in addition to being independent of the various functions, the treasurer's department is likely to have knowledge to help make proper decisions of this nature. Answers (a) and (b), accounts receivable and the credit department, are incorrect because neither department is independent of this function. Answer (c) is incorrect because while accounts payable is independent of the function, its personnel are less likely than those of the treasurer's department to have the necessary information relating to the accounts that should be written off.

C.5. Financing Which of the following questions would an auditor most likely include on an internal control questionnaire for notes payable? a. Are assets that collateralize notes payable critically needed for the entity's continued existence? b. Are two or more authorized signatures required on checks that repay notes payable? c. Are the proceeds from notes payable used for the purchase of noncurrent assets? d. Are direct borrowings on notes payable authorized by the board of directors?

(d) The requirement is to determine the most likely question that would be included on an internal control questionnaire for notes payable. Answer (d) is correct because companies frequently require that direct borrowings on notes payable be authorized by the board of directors; accordingly, auditors will determine whether proper policy has been followed. Answer (a) is incorrect because internal control questionnaires do not in general include questions on whether assets that collateralize notes payable are critically needed. Answer (b) is incorrect because the internal control questionnaire for disbursements is more likely to address the required authorized signatures on checks than will the internal control questionnaire for notes payable. Answer (c) is incorrect because while it is often good business practice to use proceeds from long-term notes to purchase noncurrent assets, this is not required and is not included on an internal control questionnaire.

An auditor uses the knowledge provided by the understanding of internal control and the assessed level of the risk of material misstatement primarily to a. Determine whether procedures and records concerning the safeguarding of assets are reliable. b. Ascertain whether the opportunities to allow any person to both perpetrate and conceal fraud are minimized. c. Modify the initial assessments of inherent risk and preliminary judgments about materiality levels. d. Determine the nature, timing, and extent of substantive tests for fi nancial statement assertions

(d) The requirement is to determine the primary purpose for which an auditor uses the knowledge provided by the understanding of internal control and the assessed level of the risk of material misstatement. Answer (d) is correct because the auditor uses such knowledge in determining the nature, timing, and extent of substantive tests for fi nancial statement assertions. Answer (a) is incorrect because it is incomplete. For example, while auditors are concerned with the safeguarding of assets, they also need to determine whether the fi nancial statement information is accurate. Answer (b) is incorrect for reasons similar to (a) in that determining whether opportunities are available for committing and concealing fraud is incomplete since this knowledge is also used to ascertain whether the chance of errors is minimized. Answer (c) is incorrect because knowledge provided by the understanding of internal control and the assessed level of control risk is not used to modify initial assessments of inherent risk and preliminary judgments about materiality levels. This knowledge is unrelated to those processes.

Which of the following factors are included in an entity's control environment? Audit committee// Integrity and ethical values// Organizational a. Yes //Yes// No b. Yes// No// Yes c. No //Yes// Yes d. Yes //Yes //Yes

(d) The requirement is to determine which of the factors listed are included in an entity's control environment. Answer (d) is correct because the audit committee, integrity and ethical values, and organization structure are all included.

Which of the following questions would most likely be included in an internal control questionnaire concerning the completeness assertion for purchases? a. Is an authorized purchase order required before the receiving department can accept a shipment or the vouchers payable department can record a voucher? b. Are purchase requisitions prenumbered and independently matched with vendor invoices? c. Is the unpaid voucher file periodically reconciled with inventory records by an employee who does not have access to purchase requisitions? d. Are purchase orders, receiving reports, and vouchers prenumbered and periodically accounted for?

(d) The requirement is to determine which question would most likely be included in an internal control questionnaire concerning the completeness assertion for purchases. Answer (d) is correct because prenumbering and accounting for purchase orders, receiving reports, and vouchers will allow a company to determine that purchases are completely recorded. For example, in examining a receiving report the client might discover that the purchase was not recorded. Answer (a) is incorrect because requiring a purchase order before a shipment is accepted will address whether or not the shipment has been ordered. Answer (b) is incorrect because matching purchase requisitions with vendor invoices does not directly address whether the purchase is recorded. Answer (c) is incorrect because the unpaid voucher fi le represents items that have already been recorded, and thus will not directly address the completeness of the recording of purchases

A company holds bearer bonds as a short-term investment. Responsibility for custody of these bonds and submission of coupons for periodic interest collections probably should be delegated to the a. Chief Accountant. b. Internal Auditor. c. Cashier. d. Treasurer

(d) The requirement is to determine who should have responsibility for custody of short-term bearer bond investments and the submission of coupons for periodic collections of interest. The treasurer authorizes such transactions. Answer (a) is incorrect because the chief accountant, who is in charge of the recordkeeping function, should not also maintain custody of the bonds. Answer (b) is incorrect because the internal auditor should not be directly involved as such involvement would make an independent review of the system impossible. Answer (c) is incorrect because the cashier function is more directly involved with details such as endorsing, depositing, and maintaining records of cash receipts

An auditor assesses control risk because it a. Is relevant to the auditor's understanding of the control environment. b. Provides assurance that the auditor's materiality levels are appropriate. c. Indicates to the auditor where inherent risk may be the greatest. d. Affects the level of detection risk that the auditor may accept.

(d) The requirement is to determine why an auditor assesses control risk. Answer (d) is correct because the assessed levels of control risk and inherent risk are used to determine the acceptable level of detection risk for fi nancial statement assertions.

With well-designed internal control, employees in the same department most likely would approve purchase orders, and also a. Reconcile the open invoice fi le. b. Inspect goods upon receipt. c. Authorize requisitions of goods. d. Negotiate terms with vendors

(d) The requirement is to identify a function that is compatible with the approval of purchase orders. Answer (d) is correct because the purchases department will normally approve purchase orders (generated from user departments or stores) and negotiate terms of purchase with vendors. Answer (a) is incorrect because while the purchases department may reconcile the open invoice fi le, this is primarily a recordkeeping function that will often be performed by the accounting department. Answer (b) is incorrect because most frequently the receiving department will inspect goods upon receipt. Answer (c) is incorrect because user groups or stores will authorize requisitions of goods. Keep in mind the principle of segregation of functions. Recordkeeping, authorization, and custodial functions should all be segregated.

After assessing control risk, an auditor desires to seek a further reduction in the assessed level of control risk. At this time, the auditor would consider whether a. It would be effi cient to obtain an understanding of the entity's information system. b. The entity's controls have been implemented. c. The entity's controls pertain to any fi nancial statement assertions. d. Additional audit evidence suffi cient to support a further reduction is likely to be available.

(d) The requirement is to identify a situation in which an auditor may desire to seek a further reduction in the assessed level of control risk. Answer (d) is correct because such a reduction is only possible when additional evidence, evaluated by performing additional tests of controls, is available. Answer (a) is incorrect because auditors at this point will ordinarily already have obtained the understanding of the information system to plan the audit. Furthermore, an understanding of internal control is needed on all audits. Answer (b) is incorrect because auditors must determine that controls have been implemented in all audits. Answer (c) is incorrect because a signifi cant number of controls always pertain to fi nancial statement assertions.

An auditor may compensate for a weakness in internal control by increasing the a. Level of detection risk. b. Extent of tests of controls. c. Preliminary judgment about audit risk. d. Extent of analytical procedures.

(d) The requirement is to identify a way that an auditor may compensate for a weakness in internal control. Answer (d) is correct because increasing analytical procedures decreases detection risk in a manner which may counterbalance the condition in internal control. In effect, the weakness in internal control is compensated for by increased substantive testing. See the outline of AU-C 200 in Appendix A for the relationships among audit risk and its component risks— inherent risk, control risk, and detection risk. Answer (a) is incorrect because increasing both control risk (through a weakness in internal control) and detection risk increases audit risks. In addition, control risk and detection risk do not compensate for one another. Answer (b) is incorrect because increasing the extent of tests of controls is unlikely to be effective since the condition is known to exist. Answer (c) is incorrect because it is not generally appropriate to increase the judgment as to audit risk based on the results obtained

B.3. Perform Tests of Controls How frequently must an auditor test operating effectiveness of controls that appear to function as they have in past years and on which the auditor wishes to rely in the current year? a. Monthly. b. Each audit. c. At least every second audit. d. At least every third audit.

(d) The requirement is to identify how frequently controls that the auditor wishes to rely upon must be tested. Answer (d) is correct because the professional standards require auditors to test controls at least every third year. Answer (a) is incorrect because controls need not be tested monthly. Answer (b) is incorrect because ordinarily controls need not be tested with each audit. Answer (c) is incorrect because auditors may test such controls every third year, not every second year

A weakness in internal control over recording retirements of equipment may cause an auditor to a. Inspect certain items of equipment in the plant and trace those items to the accounting records. b. Review the subsidiary ledger to ascertain whether depreciation was taken on each item of equipment during the year. c. Trace additions to the "other assets" account to search for equipment that is still on hand but no longer being used. d. Select certain items of equipment from the accounting records and locate them in the plant

(d) The requirement is to identify the best audit procedure when a weakness in internal control over reporting of retirements exists. Answer (d) is correct because selecting certain items of equipment from the accounting records and attempting to locate them will reveal situations in which the accounting records still have them recorded subsequent to their retirement. Answer (a) is incorrect because inspecting items that still exist is not likely to lead to discovery of unrecorded retirements. Answer (b) is incorrect because depreciation may continue to be taken on equipment that has been retired, but not recorded. Answer (c) is incorrect because it is doubtful that such retirements have been reclassifi ed as "other assets."

Which of the following controls most likely would be used to maintain accurate inventory records? a. Perpetual inventory records are periodically compared with the current cost of individual inventory items. b. A just-in-time inventory ordering system keeps inventory levels to a desired minimum. c. Requisitions, receiving reports, and purchase orders are independently matched before payment is approved. d. Periodic inventory counts are used to adjust the perpetual inventory records.

(d) The requirement is to identify the control that most likely would be used to maintain accurate inventory records. Answer (d) is correct because periodic inventory counts will assure that perpetual inventory records are accurate and, because employees will know that inventory differences are investigated, they will be less likely to steal any inventory. Answer (a) is incorrect because comparing the perpetual inventory records with current costs of items will reveal situations in which costs have changed, but is unlikely to help in the maintenance of accurate inventory records. Answer (b) is incorrect because while a just-in-time inventory ordering system may help assure that inventory records are accurate (as well as kept at low levels), such a system generally also requires periodic inventory counts to maintain accurate inventory records. Answer (c) is incorrect because matching requisitions, receiving reports, and purchase orders only helps assure that items received are paid for; the matching process does not assure accurate inventory records.

Which of the following controls most likely would help ensure that all credit sales transactions of an entity are recorded? a. The billing department supervisor sends copies of approved sales orders to the credit department for comparison to authorized credit limits and current customer account balances. b. The accounting department supervisor independently reconciles the accounts receivable subsidiary ledger to the accounts receivable control account monthly. c. The accounting department supervisor controls the mailing of monthly statements to customers and investigates any differences reported by customers. d. The billing department supervisor matches prenumbered shipping documents with entries in the sales journal.

(d) The requirement is to identify the control that most likely would help ensure that all credit sales transactions are recorded. Answer (d) is correct because the matching of shipping documents with entries in the sales journal will provide assurance that all shipped items (sales) have been completely recorded. Answer (a) is incorrect because comparison of approved sales orders to authorized credit limits and balances will help ensure that customer credit limits are not exceeded, rather than the complete recording of credit sales. Answer (b) is incorrect because reconciliation of the accounts receivable subsidiary ledger to the accounts receivable control account will provide only a limited amount of control over the complete recording of sales. The control is incomplete since, for example, a sale that has not been recorded in either the subsidiary or control accounts will not be detected. Answer (c) is incorrect because monthly statements generally will not be sent to customers to whom no sales have been recorded

Which of the following controls would be most effective in assuring that the proper custody of assets in the investing cycle is maintained? a. Direct access to securities in the safe-deposit box is limited to only one corporate officer. b. Personnel who post investment transactions to the general ledger are not permitted to update the investment subsidiary ledger. c. The purchase and sale of investments are executed on the specific authorization of the board of directors. d. The recorded balances in the investment subsidiary ledger are periodically compared with the contents of the safe-deposit box by independent personnel.

(d) The requirement is to identify the control that would be most effective in assuring that the proper custody of assets in the investing cycle is maintained. Answer (d) is correct because comparing recorded balances in the investment subsidiary ledger with physical counts will help assure that recorded assets are those over which the company has custody. This is an example of the control activity of comparison of assets with recorded accountability. Answer (a) is incorrect because internal control is improved when two individuals, not one, must be present for entry to the safe-deposit box. Answer (b) is incorrect because while the segregation of duties within the recordkeeping may in certain circumstances be desirable, it does not directly address custody over assets. Answer (c) is incorrect because only extremely major investments generally need be authorized by the board of directors.

When considering internal control, an auditor should be aware of the concept of reasonable assurance, which recognizes that a. Internal control may be ineffective due to mistakes in judgment and personal carelessness. b. Adequate safeguards over access to assets and records should permit an entity to maintain proper accountability. c. Establishing and maintaining internal control is an important responsibility of management. d. The cost of an entity's internal control should not exceed the benefi ts expected to be derived.

(d) The requirement is to identify the meaning of the concept of reasonable assurance. Answer (d) is correct because reasonable assurance recognizes that the cost of internal control should not exceed the benefi ts expected to be derived.

The objective of tests of details of transactions performed as tests of controls is to a. Monitor the design and use of entity documents such as prenumbered shipping forms. b. Determine whether controls have been implemented. c. Detect material misstatements in the account balances of the fi nancial statements. d. Evaluate whether controls operated effectively

(d) The requirement is to identify the objective of tests of details of transactions performed as tests of controls. Answer (d) is correct because the purpose of tests of controls is to evaluate whether internal control operates effectively. Answer (a) is incorrect because while monitoring the design and use of entity documents may be viewed as a test of controls, it is not the objective. Answer (b) is incorrect because determining whether internal control is implemented is not directly related to tests of controls; see AU-C 315 for the distinction between "implemented" and "operating effectiveness." Answer (c) is incorrect because substantive tests, not tests of controls, are focused on detection of material misstatements in the account balances of the fi nancial statements.

The primary responsibility of a bank acting as registrar of capital stock is to a. Ascertain that dividends declared do not exceed the statutory amount allowable in the state of incorporation. b. Account for stock certifi cates by comparing the total shares outstanding to the total in the shareholders subsidiary ledger. c. Act as an independent third party between the board of directors and outside investors concerning mergers, acquisitions, and the sale of treasury stock. d. Verify that stock is issued in accordance with the authorization of the board of directors and the articles of incorporation

(d) The requirement is to identify the primary responsibility of a bank acting as registrar for capital stock. Answer (d) is correct because the primary responsibility of the stock registrar is to prevent any overissuance of stock, and thereby verify that the stock is issued properly. Answer (a) is incorrect because registrar will not in general determine that the dividend amounts are proper. Answer (b) is incorrect because the transfer agent will maintain records of total shares outstanding as well as detailed stockholder records, and carry out transfers of stock ownership. Answer (c) is incorrect because registrars do not perform the role described relating to mergers, acquisitions, and the sale of treasury stock.

Which of the following procedures most likely would provide an auditor with evidence about whether an entity's internal control activities are suitably designed to prevent or detect material misstatements? a. Reperforming the activities for a sample of transactions. b. Performing analytical procedures using data aggregated at a high level. c. Vouching a sample of transactions directly related to the activities. d. Observing the entity's personnel applying the activities.

(d) The requirement is to identify the procedure an auditor would perform to provide evidence about whether an entity's internal control activities are suitably designed to prevent or detect material misstatements. Answer (d) is correct because AU-C 315 indicates an auditor will observe the entity's personnel applying the procedures to determine whether controls have been implemented. Answer (a) is incorrect because reperforming the activities is a test of control to help assess the operating effectiveness of a control. Answer (b) is incorrect because analytical procedures are not performed to determine whether controls are suitably designed. Answer (c) is incorrect because vouching a sample of transactions is a substantive test not directly aimed at determining whether controls are suitably designed. See AU-C 315 for a discussion of an auditor's responsibility for determining whether controls have been implemented vs. their operating effectiveness.

Which of the following procedures most likely would not be a control designed to reduce the risk of misstatements in the billing process? a. Comparing control totals for shipping documents with corresponding totals for sales invoices. b. Using computer programmed controls on the pricing and mathematical accuracy of sales invoices. c. Matching shipping documents with approved sales orders before invoice preparation. d. Reconciling the control totals for sales invoices with the accounts receivable subsidiary ledger.

(d) The requirement is to identify the procedure that most likely would not be a control designed to reduce the risk of errors in the billing process. Answer (d) is correct because the reconciliation of the control totals for sales invoices with the accounts receivable subsidiary ledger will follow billing; thus billing errors will have already occurred. Answer (a) is incorrect because identifi cation of differences in shipping documents and sales invoices will allow for a correction of any errors and proper billing. Answer (b) is incorrect because computer programmed controls will assure the accuracy of the sales invoice. Answer (c) is incorrect because the matching of shipping documents with the approved sales orders will allow the preparation of a correct invoice

For effective internal control, the accounts payable department generally should a. Stamp, perforate, or otherwise cancel supporting documentation after payment is mailed. b. Ascertain that each requisition is approved as to price, quantity, and quality by an authorized employee. c. Obliterate the quantity ordered on the receiving department copy of the purchase order. d. Establish the agreement of the vendor's invoice with the receiving report and purchase order

(d) The requirement is to identify the proper control pertaining to the accounts payable department. Answer (d) is correct because the accounts payable department should establish the agreement of the vendor's invoice with the purchase order and receiving report to provide assurance that the item was both ordered and received. Answer (a) is incorrect because the individual signing the check (e.g., the treasurer), not the accounts payable department, should stamp, perforate, or otherwise cancel supporting documentation after a check is signed. Answer (b) is incorrect because purchase requisitions will not normally include detailed price information. Answer (c) is incorrect because the quantity ordered on the receiving department copy of the purchase order will already be obliterated when the purchase order is completed by the purchasing department.

Which of the following questions would an auditor least likely include on an internal control questionnaire concerning the initiation and execution of equipment transactions? a. Are requests for major repairs approved at a higher level than the department initiating the request? b. Are prenumbered purchase orders used for equipment and periodically accounted for? c. Are requests for purchases of equipment reviewed for consideration of soliciting competitive bids? d. Are procedures in place to monitor and properly restrict access to equipment?

(d) The requirement is to identify the question that is least likely to be included on an internal control questionnaire concerning the initiation and execution of equipment transactions. Answer (d) is correct because procedures to monitor and properly restrict access to equipment do not relate directly to the initiation and execution of equipment transactions. Answer (a) is incorrect because requests for major repairs relate to initiation of a transaction which should be controlled. Answer (b) is incorrect because prenumbered purchase orders may be used to control all purchases, including purchases of equipment. Answer (c) is incorrect because the signifi cant amounts of money involved with purchases of equipment suggest the need for the solicitation of competitive bids

Before assessing control risk at a level lower than the maximum, the auditor obtains reasonable assurance that controls are in use and operating effectively. This assurance is most likely obtained in part by 196 a. Preparing flowcharts. b. Performing substantive tests. c. Analyzing tests of trends and ratios. d. Inspection of documents.

(d) The requirement is to identify the type of audit test most likely to provide assurance that controls are in use and operating effectively. Answer (d) is correct because inspection of documents is a form of a test of controls, and such tests are used to obtain reasonable assurance that controls are in use and operating effectively. Answer (a) is incorrect because auditors prepare fl owcharts to document a company's internal control, not to obtain assurance that controls are in use and operating effectively. Answer (b) is incorrect because substantive tests relate to the accuracy of accounts and assertions rather than testing controls directly. Answer (c) is incorrect because analyzing tests of trends and ratios is an analytical procedure that does not directly test controls

Which of the following types of evidence would an auditor most likely examine to determine whether controls are operating as designed? a. Confi rmations of receivables verifying account balances. b. Letters of representations corroborating inventory pricing. c. Attorneys' responses to the auditor's inquiries. d. Client records documenting the use of computer programs.

(d) The requirement is to identify the type of evidence an auditor most likely would examine to determine whether controls are operating as designed. Answer (d) is correct because inspection of client records documenting the use of computer programs will provide evidence to help the auditor evaluate the effectiveness of the design and operation of internal control; the client's control over use of its computer programs in this case is documentation of the use of the programs. In order to test this control, the auditor will inspect the documentation records. See AU-C 330 for information on the nature of tests of controls. Answer (a) is incorrect because the confi rmation process is most frequently considered a substantive test, not a test of a control. Answer (b) is incorrect because letters of representations provide corroborating information on various management representations obtained throughout the audit and therefore only provides limited evidence on internal control. Answer (c) is incorrect because attorneys' responses to auditor inquiries most frequently pertain to litigation, claims, and assessments.

In determining the effectiveness of an entity's controls relating to the existence or occurrence assertion for payroll transactions, an auditor most likely would inquire about and a. Observe the segregation of duties concerning personnel responsibilities and payroll disbursement. b. Inspect evidence of accounting for prenumbered payroll checks. c. Recompute the payroll deductions for employee fringe benefi ts. d. Verify the preparation of the monthly payroll account bank reconciliation.

a) The requirement is to determine the best procedure for determining the effectiveness of an entity's controls relating to the existence or occurrence assertion for payroll transactions. Answer (a) is correct because proper segregation of duties between personnel and payroll disbursement eliminates many frauds in which "phantom" employees are being paid. Answer (b) is incorrect because accounting for the prenumbered payroll checks addresses completeness more directly than it does existence or occurrence. Answer (c) is incorrect because recomputing payroll deductions for employee fringe benefi ts, without additional analysis, provides only a very limited test of existence or occurrence. Answer (d) is incorrect because verifying the preparation of the monthly payroll account bank reconciliation is unlikely to provide evidence on the existence or occurrence assertion, although some possibility does exist if signatures on checks are analyzed in detail.

C.3. Inventories and Production In obtaining an understanding of a manufacturing entity's internal control over inventory balances, an auditor most likely would a. Analyze the liquidity and turnover ratios of the inventory. b. Perform analytical procedures designed to identify cost variances. c. Review the entity's descriptions of inventory policies and procedures. d. Perform test counts of inventory during the entity's physical count.

c) The requirement is to identify the most likely procedure an auditor would perform in obtaining an understanding of a manufacturing entity's internal control for inventory balances. Answer (c) is correct because a review of the entity's descriptions of inventory policies and procedures will help the auditor to obtain the necessary understanding about the design of relevant policies, procedures, and records, and whether they have been implemented by the entity. Answers (a) and (b) are incorrect because analyses of liquidity and turnover ratios are analytical procedures designed to identify cost variances that will help the auditor primarily to determine the nature, timing and extent of auditing procedures that will be used to obtain evidence for specifi c account balances or classes of transactions. Answer (d) is incorrect because test counts of inventory are generally obtained as a substantive procedure.

Which of the following is not a step in an auditor's assessment of control risk? a. Evaluate the effectiveness of internal control with tests of controls. b. Obtain an understanding of the entity's information system and control environment. c. Perform tests of details of transactions to detect material misstatements in the fi nancial statements. d. Consider whether controls can have a pervasive effect on fi nancial statement assertions.

is not a step in an auditor's assessment of control risk. Answer (c) is correct because performing tests of details of transactions to detect material misstatements pertains more directly to detection risk rather than inherent or control risk. Answer (a) is incorrect because auditors evaluate the effectiveness of internal control with tests of controls. Answer (b) is incorrect because obtaining an understanding of the entity's information system and control environment is a preliminary step for considering control risk. Answer (d) is incorrect because auditors will consider the effect of in

Which of the following controls most likely addresses the completeness assertion for inventory? a. Work in process account is periodically reconciled with subsidiary records. b. Employees responsible for custody of fi nished goods do not perform the receiving function. c. Receiving reports are prenumbered and periodically reconciled. d. There is a separation of duties between payroll department and inventory accounting personnel.

likely to address the completeness assertion for inventory. Answer (c) is correct because by prenumbering receiving reports and by reconciling them with inventory records, one is able to test completeness by determining whether all receipts have been recorded. Answer (a) is incorrect because reconciling the subsidiary records with the work in process will only identify discrepancies between the records, it will not identify whether all transactions that should be in the inventory records are represented in the records. Answer (b) is incorrect because while the segregation of receiving from custody of fi nished goods is important, it less directly addresses completeness than does answer (a). Answer (d) is incorrect because separating the duties between the payroll department and inventory accounting personnel does not directly address completeness of inventory.

During the consideration of internal control in a fi nancial statement audit, an auditor is not obligated to a. Search for signifi cant defi ciencies in the operation of the internal control. b. Understand the internal control and the information system. c. Determine whether the control activities relevant to audit planning have been implemented. d. Perform procedures to understand the design of internal control.

required to be included in an auditor's consideration of internal control. Answer (a) is correct because the auditor need not obtain evidence relating to operating effectiveness when control risk is to be assessed at the maximum level. Answer (b) is incorrect because an auditor must obtain an understanding of the internal control environment and the information system. Answers (c) and (d) are incorrect because an auditor is obligated to obtain information on the design of internal control and on whether control activities have been implemented.