486 Exam 2

Ace your homework & exams now with Quizwiz!

Assignment of authority and responsibility for operating activities in the establishment of reporting relationships and authorization hierarchies are part of the _________ environment principal

Control

Based upon his risk assessment, management determines which relevant business procedures require _________ _________

Control activities

These exist in internal controls when the design or operation of a control does not allow management or employees to prevent, detect, or correct Misstatements on a timely basis

Control deficiency

This exists in internal controls when the design or operation of a control does not allow management or employees to prevent, detect, or correct Misstatements on a timely basis

Control deficiency

Samples to test internal controls are intended to provide a basis for an auditor to conclude whether _________

Controls are operating effectively.

_________ maybe used to mitigate the risk of unauthorized changes to computer programs

Controls over access

All of the following controls may mitigate the risk of fraud and management override except _________

Controls related to executive compensation.

Which of the following controls would most likely be tested during an interim period

Controls that operate on a continuous basis.

_________ controls come into play when a misstatement is found

Corrective

Inventory can be observed as it is _________ by client personnel

Counted

Important information on the ability of the entity to continue as it going concern are provided by _________ ratios

Coverage

The _________ ratio is usually considered acceptable if it is 2 to 1 or better

Current

If control risk is mistakenly set at a low level blank

Detection risk will be set too high

The goal to find a Misstatement that has already been made is a type of _________ control

Detective

Which of the following primary assertions is satisfied when an auditor observes the entities physical count of inventory

Existence

Fair values can be evaluated by comparing to prices on _________ markets

Existing

Which of the following audit techniques would most likely provide an auditor with the least assurance about the effectiveness of the operation of a control

Inquiry of entity personnel

The sample size is blank related to the tolerable deviation rate

Inversely

Which of the following statements concerning audit evidence is correct

The measure of the reliability of audit evidence lies in the auditor's judgment.

Which of the following statements regarding the auditor documentation of the entities internal control is correct

No one particular form of documentation is necessary, and the extent of documentation Mayberry

The two general approaches to audit sampling are _________ and _________

Non-statistical, statistical

A direct relationship exists between _________ trying to achieve, _________ which represent what the entity needs to do to achieve them, and the _________ of the entity

Objectives, components, structure

The highest-quality and most reliable audit evidence that segregation of duties is properly implemented is obtained by _________

Observation by the auditor of the employees performing control activities.

Organizational structure provides the basis for planning, directing, and controlling

Operations

If the misstatement is detected by substantive procedures, the auditors should consider whether the control deficiency might affect the _________ on the audit of ICFR

Opinion

When an entity has a material weakness, it should take steps to correct it, which is referred to as _________

Remediation

If the financial reporting risks for a location are low and the entity has good entity-level controls, management may rely on which of the following for its assessment?

Self-assessment processes in conjunction with entity-level controls.

_________ should develop a statement of ethical values

Senior management

_________ auditors are the auditors of a service organization

Service

If the auditor is interested in examining the effectiveness of a control designed to ensure that all shipments to customers are build, the correct population to test is the population of _________

Shipping records

An entities ability to meet its current obligations can be evaluated using _________ _________ _________ ratios

Short term liquidity

The auditor must report the following to the audit committee or others charged with governance

Significant deficiencies and material weaknesses.

When the auditor has decided to not rely on the entities controls and instead use procedures as the main source of evidence about the assertions in the financial statements, the auditor will choose a _________ audit strategy

Substantive

When the auditors sets control risk at high, he or she documents that control risk assessment and performs _________ procedures

Substantive

Regardless of the assessed level of control risk, an auditor would perform some _________

Substantive procedures to restrict detection risk for significant transaction classes

Audit effectiveness is impacted when the auditor doesn't do enough _________

Testing

A cut off test That relates to plant assets typically affects

The balance sheet

When the auditor has decided to rely on controls, the confidence level is set at 90 or 95%, meaning that the auditors willing to except a 10 or 5% risk of accepting

The control as effective when in fact it is not

Which of the following statements about internal control is correct

The cost-benefit relationship is a primary criterion that should be considered in designing an internal control system.

As a result of sampling procedures applied as tests of controls, an auditor incorrectly assesses control risk lower than appropriate. The most likely explanation for this situation is that _________

The deviation/failure rate in the auditors sample is less than the TDR, but the deviation/failure rate in the population exceeds the TDR

True or false: auditing standards base the need for substantive procedures for significant account balances on the assessed risk of material Misstatement

false

An audit document that reflects the major components of an amount reported in the financial statements is referred to as a

lead schedule

Audit sampling for tests of controls is generally appropriate when the completion of a control procedure _________

leaves documentary evidence

The primary source of evidence about pending litigation is the attorney

letter

he difference between a control deficiency, a significant deficiency, and a material weakness is determined solely based on _________

magnitude

Reports accepting responsibility for establishing and maintaining adequate ICFR are issued by _____ of public companies

management

According to the reliability hierarchy by evidence type as presented in the text, an example of audit evidence with a low level of reliability is:

observation

Unrestricted random sampling without replacement means Blank

once an item is selected, it cannot be selected a second time

A type _________ report assesses the controls and their suitability

1

Place the following steps in the top-down, risk-based approach to the audit of ICFR in their proper order

1. Identify entity-level controls 2. Identify significant accounts and disclosures and their relevant assertions 3. Understand likely sources of misstatement 4. Select controls to test

A type _________ report assesses the controls, their suitability, and effectiveness

2

An auditors primary consideration regarding an entities internal controls is whether they _________

Affect the financial statement assertions

A control issue does not rise to the level of control deficiency if the likelihood is ______.

remote

The substantive analytical procedure known as trend analysis is best described by

the examination of changes in an account over time

Sample size varies indirectly with which of the following

tolerable deviation rate

To effectively help the auditor determine if asset accounts contain material Misstatements, _________ ratios maybe used

Activity

Misstatements in the entities records are corrected with _________ entries

Adjusting

A company generated total sales of $1,500,000 and has accounts receivable of $14,550. If 85% of sales are made on credit, the days outstanding in accounts receivable is

4.17 days (you take $1,500,000 times 85% equals $1,275,000 divided by $14,550 equals 87.6 receivables turnover then take 365 days divided by 87.6 equals 4.17)

Unless a longer period of time is required, PCAOB standards require the auditor to retain audit documentation for the ICFR and financial statement audit for _________ years

7

How effectively the entity's assets are managed is indicated by _________ ratios

Activity

The current file of the auditors working papers should generally include

A copy of the financial statements.

AnnaLisa, an auditor for N. M. Neal & Associates, is prevented by the management of Lileah Company from auditing controls over inventory. Lileah is a public company. Management explains that controls over inventory were recently implemented by a highly regarded public accounting firm that the entity hired as a consultant and insists that it is a waste of time for AnnaLisa to evaluate these controls. Inventory is a material account, but procedures performed as part of the financial statement audit indicate the account is fairly stated. AnnaLisa found no material weaknesses in any other area of the entity's internal control relating to financial reporting. What kind of report should AnnaLisa issue on the effectiveness of Lileah's internal control?

A disclaimer of opinion

Which of the following best illustrates the concept of sampling risk

A randomly chosen sample may not be representative of the population as a whole on the characteristic of interest.

Using a systematic selection approach to select a sample means _________

A starting number is selected first and then every Nth item is selected

In verifying the existence in for an asset, and auditor ordinarily works from the

Accounting records to the supporting documents

After obtaining an understanding of an entities internal control system, and auditor may set control risk at high for summer sessions because the auditor

Believes the internal controls are unlikely to be effective

A reliance strategy is chosen when the auditor _________

Both a and C

Understanding each of the components of internal control provides knowledge about _________

Both a and C

If a material weakness cannot be corrected and/or properly tested before the "as of" date _________

Both management and the auditors should issue a report that the ICFR is not operating affectively

Because the auditor does not know the true deviation right, he or she calculate a _________

Computed upper deviation rate

The purpose of the _________ framework is to help management better control the organization and to provide boards of directors and added ability to oversee internal control

COSO

A controlled deviation Caused by an employee performing a control procedure that he or she is not authorized to perform is always considered a _________

Deficiency in operation

Once key controls have been identified, the auditors starts with evaluating their _________ effectiveness, which may also provide some evidence about _________ effectiveness

Design, operating

Backup copies maybe used to mitigate the risk of _________

Destruction of data

Most of the steps for planning and carrying out a nonstatistical Test of controls are the same as those for a statistical test of controls. Which of the following represent the steps that could difference between non-statistical and statistical sampling as discussed in the text

Determining the sample size, selecting the sample items, calculating the computed upper deviation rate

For test of controls, a departure from adequate performance of the internal control is called a _________

Deviation

The auditor _________ need to test all controls

Does not

The role of the registered independent auditing firm relative to its clients internal controls under the Sarbanes-Oxley act of 2002 is to

Express an opinion on the effectiveness of the entity's internal control.

Information that is complete, neutral, and free from error has the characteristic of _________ _________

Faithful representation

The effectiveness of internal control is reduced by _________

Human errors or mistakes.

Which of the following is not one of the five major components of internal control

Human resource background checks.

In order to be able to set control risk at a lower level, the auditor must do all of the following except

Identify all general IT controls

Generalized Audit Software (GAS) Would likely be used in the audit of accounts receivable for all of the following except

Identifying weaknesses in the documentation of entity controls

In substantive testing, the risk that the sample supports a material Misstatement does not exist when immaterial Misstatement actually does exist is the risk of _________ _________

Incorrect acceptance

In substantive testing, the risk that the sample supports a material Misstatement when it does not exist is the risk of _________ _________

Incorrect rejection

Differences identified by substantive analytical procedures indicate an _________ likelihood of Misstatements

Increased

If detection risk is set to high, the risk of the auditor will fail to detect an actual Misstatement Blank

Increases

Audit documentation is the property of the _________

Independent auditors

In order to evaluate profitability ratios, it should be interpreted by comparison to _________ data

Industry

The primary purpose of sampling is to draw a _________ about the whole population based on the results of testing only a subset of the population

Inferences

The infrastructure, software, people, procedures, and data used to support the functioning of internal control is known as an

Information system

When assessing the tolerable deviation rate, the auditors should consider that while deviations from control procedures increase the risk of material Misstatements, search deviations may not necessarily result in errors. This explains why _________

It recorded dispersement that is not properly authorize me nonetheless be recorded properly in the cash disbursements journal

Management's assessment of the entity's ICFR must be based on

a recognized control framework

Confirmations would normally be most likely used as a type of audit evidence in connection with which of the following

accounts receivable

Management asserts that ICFR is effective _________

as of the end of the fiscal year

Which of the following types of evidence is most likely to utilize sampling

confirmation

Understanding the nature and cause of a deviation helps the auditor better assess control risk and evaluate whether the deviations represent _________

control deficiencies

Analytical procedures are the primary way to test data

interrelationships

A company generated total sales of $1,500,000 and has inventory of $134,680 if cost of good sold is 47% of sales the inventory turnover ratio is

1.69 (you take $1,500,000 times 47% equals $705,000 divided by $134,680 = 5.23)

There are _________ types of reports that auditors of a service organization can provide

2

Authorization requirements for access to computer programs in periodic counting and comparison with amount shown on control records are examples of _________

Physical controls

_________ may be used to mitigate the risk of unauthorized access in computer operations

Physical controls

In conducting a statistical sample for a test of controls, auditing standards require the auditor to properly _________ the sampling application

Plan, performance, and evaluate

If the auditor believes that the expected Blank deviation rate exceeds the blank deviation rate, statistical testing should not be performed

Population, tolerable

The quality of an expectation is referred to as the _________ of the expectation

Precision

Which of the following types of audit evidence is the least reliable

Prenumbered purchase order forms prepared by the entity.

Segregation of duties is a control aimed at _________ Misstatement

Preventing

Statistical sampling uses the laws of _________ to compute sample size and evaluate the sample results

Probability

Random number selection is used in many statistical sampling applications because the auditor is required to be able to measure the _________ of selecting the sample units selected

Profitability

The entities success or failure for a given period is measured by _________ ratios

Profitability

Which of the following types of audit reports would not be appropriate for an auditor to issue on the effectiveness of an entities internal controls

Qualified (A significant deficiency exists)

The quality of internal control is directly related to the _________ of the personnel operating system

Quality

A material weakness is a deficiency or combination of deficiencies in ICFR such that there is a _________ possibility that a material financial statement misstatement will not be prevented or detected on a timely basis

Reasonable

An unqualified opinion regarding the effectiveness of the entities ICFR provides _________ assurance that the entities controls are designed and operating effectively in all material respects as of the balance sheet date

Reasonable

And effective internal control system provides _________ assurance that the risk of not achieving an entity's objective is reduced to an acceptable level

Reasonable

The COSO definition of ICFR is designed to provide _________ assurance regarding the reliability of financial reporting and GAAP financial statement presentation

Reasonable

Audit evidence supporting effective internal control must be obtained at the level of _________

Reasonable assurance

According to the reliability hierarchy by evidence type as presented in the text, an example of audit evidence with a high level of reliability is:

Recalculation

To properly present information on the financial statements a _________ entry that affects either in the income statement or the balance sheet must be made

Reclassification

Which of the following is not considered a general control

Reconciliation of payroll record count with the number of active employees.

Preparing _________ _________ can help detect Misstatements that have been made

Reconciliations

Assessing the control risk to low represents an inappropriate _________ of the extent of substantive procedures

Reduction

Internal controls are designed to achieve company objectives in all of the following areas except

Reduction of debt financing costs.

An auditor would be least likely to use confirmations in connection with the examination of

Refundable income taxes.

Information that is capable of making a difference in user decisions has the characteristic of _________

Relevance

The extent of an auditors understanding of control activities as a function of _________

The audit strategy

Which of the following statements is true in an attribute sampling plan Where the tolerable deviation rate is 7%, the computed upper deviation rate is 6.5%, the sample deviation rate is 2%, and the risk of assessing control risk too low is 5%

The auditor is likely to determine that the results do support reliance on the control because the computed upper deviation rate is less than the tolerable deviation rate.

The likelihood of assessing control risk too high is the risk that the sample selected to test controls _________

does not support the auditor's planned assessed level of control risk when the true operating effectiveness of internal control justifies such an assessment.

The best way to identify potential sources of misstatements is often _________

Performing walkthroughs

An auditor desired to test credit approval on 10,000 sales invoices processed during the year. The auditor designed a statistical sample that would provide 1 percent risk of assessing control risk too low for the assertion that not more than 7 percent of the sales invoices lacked approval. The auditor estimated from previous experience that about 2½ percent of the sales invoices lacked approval. A sample of 200 invoices was examined, and 7 of them were lacking approval. The auditor then determined the computed upper deviation rate to be 8 percent. Based on the information above, the plan allowance for sampling risk was _________

4.5%

A company generated total sales of $1,500,000 and has accounts receivables of $14,550. If 85% of sales are made on credit, the receivables turnover ratio is

87.6 (you take $1,500,000 times 85% equals $1,275,000 divided by 14,550 equals 87.6)

When assessing the tolerable deviation rate, the auditors should consider that, while deviations from control procedures increase the risk of material Misstatements, search deviations do not necessarily result in Misstatements. This explains why:

A recorded disbursement that does not show evidence of required approval me nevertheless be a transaction that is properly authorized and recorded

Which of the following is true regarding technological advances and auditing

A well-controlled, automated accounting system that processes routine transactions with few errors can reduce the number of times auditors need to utilize sampling techniques in an audit.

In auditing ICFR for a public company, Emily finds that the entity has a significant subsidiary located in a foreign country. Emily's accounting firm has no offices in that country, and the entity has thus engaged another reputable firm to conduct the audit of internal control for that subsidiary. The other auditor's report indicates that there are no material weaknesses in the foreign subsidiary's ICFR. What should Emily do?

Accept the other auditor's opinion after evaluating the auditor's work, and make reference to the other auditor's report in her audit opinion.

Which of the following represents the correct sequence of audit steps that come after first obtaining an understanding and documenting the entities internal control

Access control risk, test of controls, reassess control risk, determine extent of substantive testing

A primary advantage of using generalized audit software packages to audit the financial statements of an entity that uses an IT system is that the entity may

Access information stored on computer files while having a limited understanding of the entities hardware and software features

If one or more unremediated material weaknesses as identified, the auditor issues an _________ opinion on the entities internal control

Adverse

when considering financial reporting risks, management should generally include _________ business units

All

Audit documentation provided the principal support for which of the following

All of the above

Internal control is a process designed to provide reasonable assurance regarding the achievement of which objective

All of the above are correct

Which of the following presumptions is least likely to relate to the reliability of audit evidence

An auditor's opinion is formed within a reasonable time to achieve a balance between benefit and cost.

Which of the following presumptions is correct regarding the reliability of audit evidence

An effective internal control system provides increased assurance with regard to the reliability of audit evidence.

In auditing a public company, Natalie, an auditor for N. M. Neal & Associates, identifies four deficiencies in ICFR. Three of the deficiencies are unlikely to result in financial misstatements that are material. One of the deficiencies is reasonably likely to result in misstatements that are not material but significant. What type of audit report should Natalie issue?

An unqualified report.

Which of the following is not a requirement for management under section 404 of the Sarbanes Oxley act of 2002

Guarantee effectiveness of the entity's ICFR.

Ensuring the completeness and accuracy of transaction processing, authorization, and validity is the goal of _________ controls

Application

These apply to the processing of individual applications and help ensure the occurrence, completeness and accuracy of transaction processing

Application controls

The requirement to _________ journal entries is an example of a preventive control

Approve

SOC one, type 2 reports issued by the service organizations auditor typically _________

Assess whether the service organizations controls are suitably designed an operating effectively

The process of evaluating the effectiveness of an entities internal control in preventing, or detecting, incorrect and material Misstatements in the financial statements is called _________ control risk

Assessing

The primary objective of final analytical procedures is to

Assist the auditor in assessing the validity of the conclusions reached on the audit.

Which of the following types of statistical testing is likely to be used for a test of controls

Attribute sampling

Which of the following is true regarding audit evidence

Audit evidence is gathered to determine whether each relevant financial statement assertion is being supported.

The document that outlines the auditors understanding of the entity and potential risks as well as the strategy to be followed by the auditor is called the _________ _________

Audit plan

Specific acts performed by the auditors to gather evidence about whether specific assertions are being met are referred to as _________ _________

Audit procedures

Which of the following statements is correct

Audit procedures to test and evaluate the design effectiveness of controls might also provide some evidence about operating effectiveness

The audit procedures that will be conducted by the auditor are contained in the _________ _________

Audit program

Representation letters are dated as of the date of the

Audit report

The selection and evaluation of less than 100% of the items in a population that is expected to be representative of the population to provide a reasonable basis for a conclusion is the definition of _________ _________

Audit sampling

The basic framework for the auditors understanding of audit evidence and it's use in supporting the auditors opinion on the financial statements is _________

Auditing standards

How management identifies risks relevant to the preparation of financial statements, estimates their significance, assesses the likelihood of their occurrence and decides on how to manage them is most directly relevant to the _________

Auditors

Which of the following statements concerning control deficiencies is true

Auditors are required to report all control deficiencies to the audit committee

Which of the following statements best describes how the requirements under Sarbanes-Oxley changed the auditors responsibility for issuing an opinion in connection with the audits of most public companies

CPA firms are now required to issue a second opinion related to their evaluation of the effectiveness of internal controls in addition to an opinion on the overall fairness of the financial statements.

If the computed upper deviation rate is less than or equal to the tolerable deviation rate, the auditor concludes that the control tested _________ be relied upon

Can

If the auditor fails to obtain written representations from management, the auditor _________ opinion of ICFR

Cannot issue an unqualified

Which of the following items is generally not included as part of audit documentation

Client review notation.

Professional standards indicate that sample sizes for non-statistical applications should be _________ sample sizes for statistical applications

Comparable to

Which of the following procedures would an auditor most likely rely on to verify management assertion of completeness

Comparing a sample of shipping documents to related sales invoices

For non-public companies with preliminary control risk assessment set at high, auditors are likely to

Complete little or no tests of controls

Discussions with the owner - manager of an entity under audit reveal to the auditor that the company is more concerned with minimizing its income tax payments then maximizing income. Based on this information which management assertion will the auditor be most concerned about verifying with regard to sales revenue

Completeness

Audit evidence can come in different forms with different degrees of reliability. Which of the following is the most persuasive type of evidence

Computations made by the auditor.

Assessing control risk below high involves all of the following except

Concluding that controls are Ineffective

Entity-level controls can have a pervasive effect on the entity's ability to meet the control criteria. Which one of the following is not an entity-level control?

Controls to monitor the inventory taking process.

In regards to applying the audit testing hierarchy , starting with tests of _________ is generally more effective and efficient than starting with tests of _________

Controls, details

"Remediation" refers to _________

Corrective actions taken by management to eliminate a material weakness.

Auditors obtain an understanding of a non-public entities internal control for the primary purpose of

Determining the nature, extent, and timing of subsequent audit procedures to be performed

One of the most difficult steps of an auditing sampling application is generally blank

Determining the sample size

Management may include additional information in its report on ICFR, in regards to such information the auditors should _________

Disclaim an opinion

If the auditor believes that additional management information in its report of ICFR contains a material Misstatement of fact the auditor should immediately _________

Discuss the matter with management

For a control system to be considered _________ each of the five components and relevant principles must be present and functioning, and the five components must operate together in an integrated Manner

Effective

An audit needs to have the correct balance of efficiency and _________

Effectiveness

The integrity and ethical values of management personnel heavily influence the _________ of an entities internal controls

Effectiveness

Type two reports address operating _________. type one do not

Effectiveness

In applying attribute sampling two tests of controls, the auditor normally attempts to determine the operating _________ of a control in terms of _________ from a prescribed internal control

Effectiveness, deviations

Audit _________ is affected when too much substantive testing is done

Efficiency

If you examine a sample of 100 transactions and find eight with errors, this suggests a transaction error rate of _________ percent

Eight

The audit committee should be composed of directors who are not _________ of the organization

Employees

Which of the following steps or procedures is least likely to be performed as part of management's assessment of the effectiveness of internal controls

Engaging the external auditors to conduct cut off tests

Systematic selection provides a sample where _________

Every sampling unit has an equal chance of being selected

For which of the following audit tests would an auditor most likely use attribute sampling

Examining supporting documentation for purchases for evidence of proper authorization

_________ maybe used to mitigate unauthorized access to programs

Password systems

True or false: a control deficiency is defined as an existing control that is not properly designed to meet control objectives even if it operates as designed.

False

True or false: in planning an integrated audit, the auditor should design separate tests of controls to accomplish the objectives of the audit of ICFR and the audit of financial statements

False

True or false: the auditor is required to obtain corroborative evidence for planned analytical procedures

False

The working papers document the auditors compliance with auditing standards and particularly compliance with the standards of _________

Fieldwork

_________ maybe used to mitigate the risk of viruses in electronic commerce

Firewalls

If three deviations are found in a sample of 60, the Sample deviation rate is _________ percent

Five

The auditor may document the achieved level of control risk using all of the following Except

Flow charts

The physical representation of the population is referred to as the _________

Frame

The assessment of _________ _________ includes consideration of incentives and pressures, opportunities and how personnel might rationalize or justify inappropriate actions

Fraud risk

Controls over network operations are included as part of _________ controls which relate to the overall information processing environment

General

An auditor anticipates assessing control risk at a low level in an IT environment. Under these circumstances on which of the following controls with the auditor initially focus

General controls

The approach to taking and monitoring business risk and attitudes and actions toward financial reporting are characteristics that make signal important information to the auditor about management _________ and _________ values

Integrity, ethical

Auditors may test controls at an _________ date because the assertion being tested may not be significant, the control has been effective in prior audits, or it may be more efficient to conduct the tests at that time

Interim

The phrase "all material respects" means that the entities ICFR _________

Is free of any material weakness

If the computed upper deviation rate exceeds the tolerable deviation rate, the auditor will normally conclude that the control _________

Is not operating at an acceptable level

Which of the following is true relating to audit work paper documentation

It serves as the basis of review for audit supervisors to determine if sufficient, appropriate evidence has been gathered.

An auditor may need to obtain a service auditors report when an entity receives accounting services such as payroll from a service organization. Which of the following statements is true regarding this service audit report

It should include an opinion.

All else being equal, the less risk that the auditors willing to accept, the blank the sample size must be

Larger

If they computed upper deviation rate is _________ the tolerable deviation rate, the auditor can conclude that the control tested can be relied upon

Less than or equal to

The severity of a control deficiency depends on the _________

Likelihood and magnitude

Auditors must carefully control the risk of assessing risk too high or _________ when performing tests of controls

Low

When audit risk is low and the risk of material Misstatement is high, detection risk will be set at _________

Low

The blank the tolerable deviation rate, the blank the sample size

Lower, larger

Interim tests of controls give auditors time to inform the _________ so that likely Misstatements can be located in corrected before the rest of the audit is performed

Management

The competence level for a particular job should be specified and translated into a job description that details the specific knowledge and skills required. This task should be done by _________

Management

Who is responsible for the fair presentation of the financial statement

Management

When audit evidence supports _________ _________, the auditor can issue an unqualified report

Managements assertions

A deficiency in ICFR, such that there is a reasonable possibility that a material misstatement of the financial statements will not be prevented or detected on a timely basis is defined as a ___________ __________ by the PCAOB

Material weakness

Deficiency or combination of deficiencies in internal controls, such that there is a reasonable possibility that a material Misstatement of the entities financial statement will not be prevented, or detected and corrected on a timely basis is a

Material weakness

If the frame and the population differ, the auditor blank

May draw the wrong conclusion about the population

And advantage of statistical sampling over non-statistical sampling is that statistical sampling helps an auditor to _________

Measure the sufficiency of the evidential matter obtained

When compared to automated controls, manual controls should be subjected to _________ testing

More extensive

The _________ precise the expectation, the _________ the likelihood that the difference is actually a Misstatement

More, greater

Determining the sample size is typically one of the _________ steps of an audit sampling application

Most difficult

The requirements of section 404 of the Sarbanes-Oxley act of 2002 apply to _________

Most publicly-held companies.

With regard to entities that have locations for business units that are judged to have financial reporting risks, the auditor _________

Must first determine whether those risks are adequately addressed by entity level controls

The permanent file section of the working papers that is kept for each audit client most likely contains

Narrative descriptions of the entity's accounting system and control procedures.

The _________ of the audit evidence refers to the form or type of information, which includes accounting records and other available information

Nature

Because documents like checks, shipping documents, and receiving reports are usually _________ it is easier for auditors to verify cut off

Numbered

How authority and responsibility are delegated and monitored and the framework within which the entities activities for achieving entity wide objectives are planned, executed, controlled and reviewed are defined by the entities _________ _________

Organizational structure

Reporting distribution logs, transmittal sheets, reasonableness reviews and reconciliations to control or batch totals are examples of _________ controls

Output

The main concern of _________ controls is that computer reports, checks, documents, or other printed or displayed information may be distributed or displayed to unauthorized users

Output

The _________ issues statements on attestation on the effectiveness of ICFR

PCAOB

As it relates to the external financial reporting objective, the entities _________ _________ process should consider internal and external events and circumstances that may arise and adversely affect the entities ability to initiate, authorize, record, process and report financial data consistent with management financial statement assertions

Risk assessment

Which of the following best illustrates the components that make up the upper deviation rate

Sample Deviation rate + allowance for sampling risk

The number of deviations found in the sample divided by the number of items in the sample is the _________ rate

Sample deviation

Which of the following statements is true regarding non-statistical sampling

Sample sizes for non-statistical sampling should be comparable to statistical sampling

Auditors will tolerate deviation and still consider a control to be effective because there is a risk that the blank deviation rate differs from the blank deviation rate

Sample, population

Significant deficiencies and Material weaknesses must be communicated to an entities audit committee because they represent

Significant deficiencies in the design or operation of internal control

Less severe than a material weakness, a _________ _________ is still important enough to Merit attention by those charged with governance

Significant deficiency

Significant deficiencies are matters that come to an auditors attention that should be communicated to entities audit committee because they represent _________

Significant deficiency in the design or operation of the internal control

If employees lack _________ they may be ineffective in performing their duties

Skills

The amount appearing as an asset on a financial statement is usually the accumulation of many _______ items

Smaller

Auditors may use audit _________ to test clerical accuracy

Software

Coverage ratios provide information on the long term _________ of the entity

Solvency

_________ may be involved in some testing of calculations

Specialists Specialist

If a large number of deviations are detected early in the tests of controls, the auditors should consider _________

Stopping the test as soon as it is clear that they results of the test will not support the plant assessed level of control risk

The last step in the decision process is performing _________ procedures

Substantive

Which of the following statements is false concerning the audit requirements of the Sarbanes-Oxley act of 2002 and AS5 related to internal controls

The auditor should provide recommendations to the audit committee for improving internal control as part of the auditor's assessment.

Which of the following statements is correct with regard to the quality or appropriateness of evidential matter

The auditor's direct personal knowledge, obtained through observation and inspection, is more persuasive than information obtained indirectly from independent outside sources.

Which of the following statements concerning control deficiency is true

The auditors should communicate to management, in writing, all control deficiencies in internal control identified during the audit

The Sarbanes-Oxley act of 2002 requires management To include a report on the effectiveness of ICFR in the entities annual report. And also requires auditors to report on the effectiveness of ICFR. Which of the following statements concerning these requirements is false

The auditors should provide recommendations for improving internal control in the audit report

Which of the following is not a factor that might affect the likelihood that a control deficiency could result in a Misstatement in an account balance

The financial statement amounts exposed to the deficiency.

Monitoring is a major component of the COSO Internal control integrated framework. Which of the following is not correct and how the company can implement the monitoring component

The independent auditor conserve as part of the entities control environment and continuous monitoring

Assume an auditor is evaluating a statistical attribute sample of 50 items that resulted in three deviations. What should the auditor conclude if the tolerable deviation rate is 7 percent, the expected population deviation rate is 5 percent, and the allowance for sampling risk is 2 percent?

The planned assessed level of control risk should be modified because the sample deviation rate plus the allowance for sampling risk exceeds the tolerable deviation rate.

Which of the following is a proper reason for not conducting tests of controls for non-public companies

The procedures require more audit effort than the projected benefits to be obtained from lowering the control risk.

Which of the following most likely represents a weakness in internal control of an IT system

The systems analyst reviews output and controls the distribution of output from the IT department.

Which of the following statements is false regarding the use of the test data approach in the evaluation of an accounting system

The test data should consist of only valid conditions.

One of the main objectives of performing analytical review procedures during planning phase of the audit is to identify

Unusual changes that may signal possible account misstatements.

Which of the following audit procedures would most likely be used to test the mathematical accuracy of a 500 page inventory listing

Use computer-assisted audit techniques to foot, or sum, the entire listing

All of the following factors should be considered by the auditor when deciding on the extent of controls testing except _________

The time the auditor has to test controls before a report must be issued.

When auditors report on the effectiveness of internal control "as of" a Specific date and obtain evidence about the operating effectiveness of controls at an interim day, which of the following items would be the least helpful and evaluating the additional evidence to gather for the remaining period

The walk-through of the control system conducted at interim

Which of the following statements is correct concerning statistical sampling in tests of controls

There is an inverse relationship between the sample size and the tolerable deviation right

According to the text, each of the following is a main purpose for performing audit procedures except

To develop recommendations for the control system

The second step in the analytical procedures decision process is to define a _________ difference

Tolerable

The amount of difference that can be excepted will always generally be lower than _________ _________

Tolerable Misstatements

The maximum deviation rate for my prescribe controlled of the auditor is willing to accept and still consider the control effective is called the blank rate

Tolerable deviation

An auditor desired to test credit approval on 10,000 sales invoices processed during the year. The auditor designed a statistical sample that would provide 1 percent risk of assessing control risk too low for the assertion that not more than 7 percent of the sales invoices lacked approval. The auditor estimated from previous experience that about 2½ percent of the sales invoices lacked approval. A sample of 200 invoices was examined, and 7 of them were lacking approval. The auditor then determined the computed upper deviation rate to be 8 percent. In the evaluation of this sample, the auditor decided to increase the level of the preliminary assessment of control risk because the _________

Tolerable deviation rate (7%) was less than the computed upper deviation rate (8%)

True or false: a substantive strategy requires the auditor to have a sufficient understanding of the entities internal controls to know whether they are designed and implemented properly

True

True or false: although the auditor owns the audit documents, they cannot be shown to outside parties without the entities consent, except under certain circumstances

True

True or false: audit evidence includes information developed by the auditor that permits him or her to reach conclusions through valid reasoning

True

True or false: sample results can only be projected to the population from which the sample was selected

True

true or false: the COSO definition of ICFR includes reasonable assurance regarding the safeguarding of assets

True

This type of report includes managements description of the service organizations system and the auditors opinion as to whether the service organizations controls are suitably designed to achieve management control objectives as of the end of the period

Type one report

This type of report provides assurance on the operating effectiveness of the service organizations controls based on the auditors test of those controls

Type two report

An auditors flow chart of an entity's accounting system is a diagrammatic representation that depicts the auditors

Understanding of the system

After auditing the effectiveness of an entities internal control, and auditor issues an _________ _________ if the entities internal control is designed and operating effectively in all material respects

Unqualified opinion

The reliability of inspection of records and documents depends primarily on ______

Weather the document is internal or external

Audit documentation is referred to as _________ _________ or the audit file

Working papers

The focal point for reviewing the work of subordinates and for quality control reviewers are the _________ _________

Working papers

to provide reasonable assurance, a control system _________

allows for a remote likelihood of material misstatement

The assurance bucket is filled with all of the following types of evidence except

audit report

To enhance the control environment, management develops job _________

descriptions

When a control necessary to meet the relevant control objective is missing, a(n) _________ __________ exists.

design deficiency

The computed upper deviation rate is the sum of the _________

sample deviation rate and an appropriate allowance for sampling risk

The risk of incorrect rejection is associated with _________

sampling risk

As a result of sampling procedures applied as tests of controls, an auditor incorrectly assesses control risk lower than appropriate. The most likely explanation for this situation is that _________

the deviation rate in the auditor's sample is less than the tolerable deviation rate, but the deviation rate in the population exceeds the tolerable deviation rate.

A walk through is one procedure used by an auditor as part of the internal control audit. A walk through requires an auditor to _________

trace a transaction from each major class of transactions from origination through the entity's information system until it is reflected in the entity's financial reports.

To perform a(n) _________ the auditor traces a transaction from an organization all the way to its reflection in the entity's financial statements

walkthrough


Related study sets

Business Law 1- Chapter 10 Contract Performance, Breach, and Remedies

View Set

Module 2, 2.1.3 Python Operators

View Set

Combo with "Patient Management: Dental Boards Mastery II" and 6 others

View Set

#1: Information and Communication Technology

View Set