Ch 7 HW
Internal audits of payroll.
Detective
Duplicate controls that achieve a control objective
NA
A procedure in which an auditor follows a transaction from origination through the company's processes, including information systems, until it is reflected in the company's financial records
Walk-through
At the completion of the audit, the auditors are least likely to know: -The planned assessed level of control risk. -Actual control risk. -The assessed level of control risk. -The scope of tests of controls.
Actual control risk.
A control that reduces the risk that an existing or potential control weakness will result in a failure to meet a control objective
Compensating control
A control that functions together with another control to achieve the same control objective
Complementary control
Which of the following is not ordinarily a procedure for documenting an auditor's understanding of internal control for planning purposes? -Confirmation -Flowchart -Questionnaire -Checklist
Confirmation
When a CPA decides that the work performed by internal auditors may have an effect on the nature, timing, and extent of the CPA's procedures, the CPA should consider the competence and objectivity of the internal auditors. Relative to objectivity, the CPA should: -Review the training program in effect for the internal audit staff. -Consider the organizational level to which the internal auditors report the results of their work. -Consider the qualifications of the internal audit staff. -Review the internal auditors' work.
Consider the organizational level to which the internal auditors report the results of their work.
Adjustment of perpetual inventory records to physical counts.
Corrective
Select the term for each closest definition (or portion of a definition) in the first column. Each term may be used only once or not at all. A control established to remedy misstatements that are discovered
Corrective Control
A situation in which a control does not allow management or employees, in the normal course of performing their functions, to prevent or detect misstatements on a timely basis
Deficiency in internal control
Which of the following would be least likely to be considered an objective of internal control? -Detecting management fraud. -Checking the accuracy and reliability of accounting data. -Safeguarding assets. -Encouraging adherence to managerial policies.
Detecting management fraud.
Management review of budget/actual information.
Detective
Monthly reconciliation of bank accounts.
Detective
You are performing an audit of Systex Corporation and evaluating various controls. Classify the following controls as being primarily preventive, detective, or corrective. Annual physical inventory.
Detective
Effective internal control in a small company that has an insufficient number of employees to permit proper separation of responsibilities can be improved by: -Employment of temporary personnel to aid in the separation of duties. -Direct participation by the owner in key record-keeping and control activities of the business. -Engaging a CPA to perform monthly write-up work. -Delegation of full, clear-cut responsibility for a separate major transaction cycle to each employee.
Direct participation by the owner in key record-keeping and control activities of the business.
Which of the following is not an advantage of establishing an enterprise risk management system within an organization? -Identifies opportunities. -Provides integrated responses to multiple risks. -Eliminates all risks. -Reduces operational surprises.
Eliminates all risks.
To have an adequate basis to issue a management report on internal control under Section 404(a) of the Sarbanes-Oxley Act, management must do all of the following, except: -Evaluate the effectiveness of internal control using suitable control criteria. -Establish internal control with no material weakness. -Accept responsibility for the effectiveness of internal control. -Support the evaluation with sufficient evidence.
Establish internal control with no material weakness.
Tests of controls do not address: -How controls were originated. -By what means the controls were applied. -The consistency with which controls were applied. -How controls were applied.
How controls were originated.
A primary objective of procedures performed to obtain an understanding of internal control is to provide the auditors with: -Knowledge necessary to determine the nature, timing, and extent of further audit procedures. -Audit evidence to use in reducing detection risk. -A basis for modifying tests of controls. -An evaluation of the consistency of application of management policies.
Knowledge necessary to determine the nature, timing, and extent of further audit procedures.
An entity's ongoing monitoring activities often include: -Periodic audits by internal auditors. -The audit of the annual financial statements. -Approval of cash disbursements. -Management review of weekly performance reports.
Management review of weekly performance reports.
A deficiency in internal control such that there is a reasonable possibility that a material misstatement will not be prevented or detected on a timely basis
Material weakness in internal control
A control that reduces the risk of misstatement by remediating control deficiencies through automated means
NA
A deficiency in internal control that is less severe than a material weakness, but more severe than a significant deficiency
NA
Procedures cycled periodically through the auditors' internal control deviation analysis
NA
Which of the following is least likely to be a test of controls? -Inspection of documents. -Inquiries of client personnel. -Reperformance of controls. -Observation of confirmations.
Observation of confirmations.
Tests of controls ordinarily are designed to provide evidence of: -Balance correctness. -Disclosure adequacy. -Operating effectiveness. -Control implementation.
Operating effectiveness.
Controls over financial reporting are often classified as preventative, detective, or corrective. Which of the following is an example of a detective control? -Segregation of duties over cash disbursements. -Requiring approval of purchase transactions. -Preparing bank reconciliations. -Maintaining backup copies of key transactions.
Preparing bank reconciliations.
Dual signatures for checks.
Preventive
Segregation of duties over purchasing.
Preventive
Supervisory approval of time cards.
Preventive
An auditor may compensate for a weakness in internal control by increasing the extent of: -Tests of controls. -Detection risk. -Substantive tests of details. -Inherent risk.
Substantive tests of details
When the auditors are performing a first-time internal control audit in accordance with the Sarbanes-Oxley Act and PCAOB standards, they should: -Perform a separate assessment of controls over operations. -Modify their report for any significant deficiencies identified. -Use a "bottom-up" approach to identify controls to test. -Test controls for all significant accounts.
Test controls for all significant accounts.
The preliminary assessments of control risk are often referred to as: -Internal control objectives risk. -The planned assessed level of control risk. -Control risk. -The assessed level of control risk.
The planned assessed level of control risk.
The sequence of procedures applied by the client in processing a particular type of recurring transaction
Transaction cycle