ACC 431 - Exam 2
Although it is common to assess inherent and control risks for each balance-related audit objective, it is not common to allocate materiality to those objectives.
Although it is common to assess ineh
Auditors consider these risks by applying the audit risk model: ______
PDR=AAR/IRxCR
There are 5 components in understanding client's business industry: - Industry and external _____ - Business _____ and processes - Management and _____ - _____ and strategies - _____ and performance
environment; operations; governance; objectives; measurement
Risk of material misstatement: The risk that the financial statements contain a _____ due to fraud or error prior to the audit.
material misstatement
Three main reasons that the auditor should properly plan the audit engagement: • Enable the auditor to obtain _____ for the circumstances. • Help keep _____ reasonable. • Avoid _____ with the client.
sufficient appropriate evidence; audit costs; misunderstandings
Relationship between tests of controls and substantive tests - When _____ show deviations that lead the auditor to believe that there may be material misstatements, the auditors then perform ______ to determine whether a material misstatement actually occurred.
test of controls; substantive tests
The audit program will include procedures to satisfy all audit objectives, but here we focus on designing audit programs to satisfy _____.
transaction-related and balance-related audit objectives
Initial audit planning involves four things: 1. The auditor decides whether to _____ 2. The auditor identifies _____ => Help auditors find out the goals of their clients 3. To avoid misunderstandings, the auditor obtains an understanding with the client about the _____. => We want to make sure what the clients know what we are doing 4.The auditor develops the _____ for the audit, including engagement staffing and any required audit specialist
accept a new client or continue serving an existing client; why the client wants or needs an audit; terms of the engagement; overall strategy
Besides the risk assessment procedures, the _____ is designed in three additional parts: - Tests of controls and substantive tests of transactions - Substantive analytical procedures - Tests of details of balances
audit program
_____ - the risk that a material misstatement that could occur in an assertion will not be prevented or detected on a timely basis by the entity's internal controls.
control risk
Auditors need to understand _____ that are relevant to financial statement audits in order to identify and assess the _____
controls; risks of material misstatements
Business operations and processes - The auditor should understand factors such as major sources of revenue, key _____, sources of _____, and information about related parties that may increase client business risk. • Tour client facilities and operations - Touring facilities is helpful in obtaining an understanding of the client's ______. • Identify related parties - Because related party transactions may not be at arm's length, auditing standards require that related parties and related party transactions be _____ in the financial statements.
customers and suppliers; financing; operations; disclosed
_____ is the risk that the auditor (or firm) will suffer harm after the audit is finished, even though the report was correct. Engagement risk is closely related to _____ because the risk that the auditor will be sued is often related to business failure after the audit is finished.
engagement risk; client business risk
Client objectives and strategies - The auditor should understand the client objectives related to: 1. Reliability of _____ 2. Effectiveness and efficiency of _____ 3. _____ with laws and regulations Business risks can arise that threaten management's _____. Knowledge of management's objectives and strategies help the auditor to assess client business risk and the risk of misstatements.
financial reporting; operations; compliance; objectives
Preliminary material judgment usually focuses on _____ level rather than account balance one
financial statement
The auditor ______ risks of material misstatement, whether due to fraud or error, based on an understanding of the ______, including the entity's internal control
identifies and assesses; entity and its environment
Relative costs - The auditor must decide which type of test to select for obtaining sufficient appropriate evidence and the cost of the evidence is an important consideration. Types of tests _____: - Substantive analytical procedures - Risk assessment procedures - Tests of controls - Substantive tests of transactions - Tests of details of balances.
in order of increasing cost
Substantive analytical procedures - Because substantive analytical procedures are relatively _____, many auditors perform them on all audits.
inexpensive
Section 404 reporting requirements - The auditor is required to _____ over financial reporting for public companies.
issue an audit report on internal control
Auditors must evaluate whether _____ in the design of internal control over financial reporting. Auditing standards define three levels of the absence of internal controls: 1. _____ —The design or implementation of internal controls does not permit company personnel to prevent or detect misstatement. 2. _____—A deficiency that is less severe than a material weakness, but important enough to merit attention. 3. _____—Exists if a significant deficiency, or combination of significant deficiencies, result in a reasonable possibility that internal control will not prevent or detect material financial statement misstatement.
key controls are absent; control deficiency; significant deficiency; material weakness
_____ are not required by auditing standards, but auditors usually provide them when less significant internal control-related issues exist.
management letters
Factors affecting acceptable audit risk: - The auditor's evaluation of _____ - The degree to which _____ rely on the statements based on these factors: •Client size •Distribution of ownership •Nature and amount of liabilities -The likelihood that a client will have _____ after the audit based on these factors: •Liquidity position •Profits (losses) in previous years •Method of financing growth •Nature of the client's operations •Competence of management
management's integrity; external users; financial difficulties
Extent of procedures: If the auditor wants a lower control risk, _____ are applied, both in number and extent of tests.
more extensive tests of controls
- _____, including related-party transactions, often represent significant risk. - Account balances or transactions that require _____ for which significant measurement uncertainty exists also may require more attention. - All _____ risks are normally considered to be significant risks.
nonroutine transactions; estimates; fraud
Auditors are responsible for having appropriate competence and capabilities to _____
perform the audit
AICPA auditing standards state: the auditor must ______ and properly ______ any assistants. Planning the audit therefore is in the rule and you have to do it - thin
plan the work; supervise
______ - the risk that the auditor will not detect a material misstatement that exists in an assertion.
planned detection risk
The extent of tests of controls is also dependent on the following: - Reliance on evidence from the _____ audit - Testing of controls related to ______ - Testing _____
prior year's; significant risks; less than the entire audit period
Tests of controls - To obtain sufficient appropriate evidence to support a _____, the auditor: - Make inquiries of appropriate client personnel - Examine documents, records, and reports - Observe control-related activities - _____ client procedures
reduced assessment of control risk; reperform
Factors affecting preliminary materiality judgment: • Materiality is a ______ rather than an absolute concept. • _____ are needed for evaluating materiality (such as what percentage of sales, etc). • _____ factors also affect materiality (including our evaluation of client's management integrity or footnotes).
relative; benchmarks; qualitative
Qualified or disclaimer of opinion - A _____ requires the auditor to express a qualified or disclaimer of opinion.
scope limitation
The auditor must communicate _____ to those charges with governance as soon as the auditor becomes aware of their existence.
significant deficiencies and material weaknesses in writing
The CPA firm must select staff for the engagement who are knowledgeable about _____. If the CPA firm lacks expertise, they may need to hire _____.
the client's business; outside specialists
PCAOB standards refer to performance materiality as _____. _____ materiality for an account is often set at 50-75 percent of overall materiality.
tolerable misstatement; performance
Types of opinions on internal control are _____, _____ and qualifier or disclaimer of opinions
unqualified; adverse
_____ - the risk that the auditor may unknowingly fail to appropriately modify his or her opinion on financial statements that are materially misstated.
acceptable audit risk
Auditors must decide appropriate _____.Auditors must first decide _____ risk and use it to modify acceptable audit risk.
acceptable audit risk; engagement
There is significant overlap between tests of controls and procedures to obtain an understanding. However, there are two primary differences: 1. In obtaining an understanding of internal control, the procedures are applied to ______ during that phase. _____ are applied only when the assessed control risk has not been satisfied. 2. Procedures to obtain an understanding are performed on only _____ transactions. Tests of controls are performed on _____ and often at more than one point in time.
all controls identified; tests of controls; one or a few; larger samples
Auditors follow a four-step approach to reduce assessed control risk: 1. _____ to the class of transactions being tested, such as sales. 2. _____ that should reduce control risk for each transaction-related audit objective. 3. _____ for all internal controls that are used to reduce the preliminary assessment of control risk below maximum (key controls). 4. For potential types of misstatements related to each transaction-related audit objective, _____, considering deficiencies in internal control and expected results of the tests of controls in step 3.
apply the transaction-related audit objectives; identify key controls; develop appropriate tests of controls; design appropriate substantive tests of transactions
Tests of details of balances - The primary emphasis of tests of balances is on the ______.
balance sheet
Trade-off between tests of controls and substantive tests - During planning, auditors decide whether to assess control risk _____. If they do, they must test the controls. This is shown in Figure 13-3.
below the maximum
Client _____ risk: The risk that the entity fails to achieve its objectives or execute its strategies.
business
Availability of types of evidence for further audit procedures - Each of the four types of further audit procedures involves only _____
certain types of evidence
Three risk terms relevant to audit planning: - _____ - ______ - Risk of material misstatement
client business risk; acceptable audit risk
Industry and external environment — There are three primary reasons for obtaining a good understanding of the client's industry and external environment: 1. Risks associated with specific industries may affect the auditor's assessment of _____. 2. Many risks are _____ to all clients in certain industries. 3. Many industries have unique _____ that the auditor must understand to evaluate whether the financial statements are in accordance with accounting standards.
client business risk; common; accounting requirements
New client investigation: CPA firms must take care in accepting new clients. The new (successor) auditor is required by auditing standards to _____ - Due to confidentiality requirements, the client must _____ this communication. - The purpose is to determine if the client lacks ______ or if there were ______ about accounting principles
communicate with the predecessor auditor; consent to; integrity; disputes
One major limitation in the application of the audit risk model is the _____. It is a highly subjective process, so most auditors use broad categories such as low, medium, and high.
difficulty of measuring the components of the model
Auditors _____ all misstatements found for each audit segment. These might be _____ misstatements or ______ misstatements. Known misstatements are those that the auditor can ______ the amount of misstatement in the account.
document; known; likely; determine
Audit risk for segments is the risk of material misstatement, control risk and inherent risk are assessed for _____ of the audit
each audit objective in each segment
Risk assessment procedures include assessing the risk of material misstatement due to fraud or _____. The auditor's consideration of fraud risk is made at both the •_____ level and •_____ level for classes of transactions, account balances, and presentation and disclosures.
error; financial statement; assertion
There are two types of likely misstatements: 1. Differences between management's and the auditor's judgment about ______ 2. _____ based on the auditor's tests of a sample
estimates of account balances; projections of misstatements
Risk assessment procedures (_____ in the PLANNING phase of the audit) include the following: 1. Inquiries of management and others within the entity 2. _____ 3. Observation and _____ 4. Discussion among engagement team members 5. Other risk assessment procedures
evidence collection; analytical procedures; inspection
Assessing inherent risk is an attempt by the auditor to predict where misstatements are most and least likely in the _____. •This affects the _____ that the auditor needs to accumulate. •This consideration takes place during the _____ phase and is updated throughout the audit process.
financial statement segments; amount of audit evidence; planning
Steps in applying materiality: 1. Set materiality for the _____ as a whole 2. Determine _____ materiality => Planning the extent of tests 3. Estimate total misstatement in _____ 4. Estimate the combined misstatement 5. Compare combined estimate with preliminary or revised _____ about materiality => Evaluating results
financial statement; performance; segment; judgement
Risk of material misstatement at the overall _____ level: Refers to the risks that relate pervasively to the financial statements as a whole and potentially affect a number of different ______.
financial statement; transactions and accounts
You must involve the clients during the planning but can not let them _____ (e.g what evidence to test)
influence your decisions
_____ - the susceptibility of an assertion to a material misstatement, assuming that there are no controls.
inherent risk
The risk of material misstatement at the assertion level consists of two components: _____.
inherent risk and control risk
Risk of material misstatement at the assertion level: There are two components to risk at the assertion level: 1. ______ - susceptibility of an assertion to material misstatement. 2. ______ - risk that internal controls will not prevent or detect material misstatement. They are multiplied by each other to find the risk at the assertion level
inherent risk; control risk
Measurement and performance - A client's performance measurement system includes ______ (KPIs) that management uses to evaluate progress toward its ______. Examples include: • Market share • Sales per employee • Unit sales growth • Web site visitors • Same-store sales • Sales/square foot
key performance indicators; objectives
Relationship between substantive analytical procedures and other substantive tests - Analytical procedures only indicate the _____ of misstatement. Unusual fluctuations indicate an _____ in the likelihood.
likelihood; increase
Identifying client's reasons for audit: risk factors associated with the client's reasons for an audit include the _____ and the _____.
likely statement users; intended uses of the statements
Auditing standards define materiality as the ______ that individually, or when aggregated with other misstatements, could reasonably be expected to _____ the economic decision of users.
magnitude of misstatements; influence
Procedures for tests of controls - The auditor uses four types of procedures to test controls: 1. _____ of appropriate client personnel. 2. _____ documents, records, and report. 3. _____ control-related activities. 4. _____ client procedures
make inquiries; examine; observe; reperform
Although it is common to assess inherent and control risks for each balance-related audit objective, it is not common to allocate _____ to those objectives.
materiality
Acceptable audit risk: A measure of how willing the auditor is to accept that the financial statements may be _____ after the audit is completed and an ______ has been issued.
materially misstated; unmodified opinion
Auditors have three major difficulties when allocating materiality to balance sheet accounts: 1. Auditors expect certain accounts to have more _____ than others. 2. Both _____ and understatements must be considered. 3. Relative _____ affect the allocation.
misstatements; overstatements; audit costs
Auditors use the following techniques to obtain and document understanding of internal control (design and implementation): - _____— written description of client's internal controls including: 1. The origin of every document and record in the system 2. All processing that takes place 3. The disposition of every document and record in the system 4. An indication of the controls relevant to the assessment of control risk - _____ is a diagram of the client's documents flow in the organization. - _____ questionnaire
narrative; flowchart; internal control
Management and governance - The auditor needs to assess management's _____ and its ability to identify and respond to risk. Governance includes the _____ as well as operations of the board of directors and the audit committee. • Code of ethics- Public companies must disclose whether they have adopted a code of ethics that applies to senior management. Auditors should have an understanding of the _____ and investigate any changes. • ______ of meetings— Corporate minutes are the official record of the meetings of the board of directors. They include key authorizations and summaries of important topics discussed. The auditor should read the minutes to identify matters relevant to the audit.
philosophy and operating style; organizational structure; code of conduct; minutes
Because several high-profile cases of financial statement fraud involve misstatements in revenue recognition, auditing standards require the auditor to presume that risks of fraud exist in _____
revenue recognition
Auditing standards require the auditor to perform _____ to obtain an understanding of the client's business and its environment to assess risk of ______. Risk assessment procedures mean it is in the _____ phase that go with evidence collection
risk assessment procedures; material misstatements; planning
Continuing Clients: CPA firms evaluate existing clients to determine whether a continuing client presents _____ due to lack of _____.
risks; integrity
Auditor must determine whether any of the risks identified are a _____. A significant risk is any risk that the auditor deems to require _____.
significant risk; special attention
Substantive tests of transactions - used to determine whether all _____ have been satisfied for each class of transactions.
six transaction-related audit objectives
Obtain an understanding with the client: A clear understanding of the ______ should exist between the auditor and the client. Auditing standards require that there be an _____ which includes the engagement's objectives
terms of the engagement; engagement letter
Further audit procedures include: - Tests of controls - Substantive tests • Substantive _____ • Substantive _____ • Substantive _____ (Tests of the details of balances)
test of transactions; analytical procedures; tests of balances
Purpose of tests of controls is to test _____ in support of a reduced control risk for the audit
the effectiveness of controls
Tests of controls and substantive tests of transactions - When designing these tests, auditors emphasize satisfying the _____.
transaction-related audit objectives
Risk assessment procedures - Auditors use the results of risk assessment procedures to determine the ______ of further audit procedures necessary to form an opinion on the fairness of the financial statements.
type and amount
The concepts of materiality and risk in auditing are closely related and inseparable. Risk is a measure of _____. Materiality is a measure of _____ .
uncertainty; magnitude
The amount of evidence needed for tests of controls depends on two things: 1. The extent of evidence obtained in gaining the _____ 2. The planned reduction in control risk
understanding of internal control;
There are four steps in the process of understanding controls: - Obtain and document _____. => Risk assessment procedure - Assess control risk. - Design, perform, and evaluate _____ (evidence). - Decide _____ and substantive tests. (detection risk)
understanding of internal control; tests of controls; planned detection risk
The auditor will issue an _____ on internal control over financial reporting when two conditions are met: - There are no identified _____ as of the end of the fiscal year. - There have been _____ on the scope of the auditor's work.
unqualified opinion; material weaknesses; no restrictions
The auditor will express an _____ on the effectiveness of internal control over financial reporting when one or more material weaknesses exist.
adverse opinion
The auditor uses risk assessment procedures to determine the _____ on each of the other four types of test, and design the specific audit procedures for each type of test. These audit procedures are combined to form the _____.
appropriate emphasis; audit program
Substantive analytical procedures - Although not required, substantive analytical procedures may be used to ______. The two most important purposes of substantive analytical procedures are: 1. Indicate _____ in the financial statements 2. Provide _____
audit an account balance; possible misstatements; substantive evidence
In addition to understanding the _____, the auditor must also evaluate whether the designed controls are implemented. Auditors use the following methods to evaluate implementation: - Update and evaluate auditor's previous experience with the entity. - Make _____ of client personnel. - Examine _____. - Observe entity activities and operations. - Perform walkthroughs of the accounting system.
design of the internal controls; inquiries; documents and records
Most of the concepts in this chapter apply equally to audits of companies of all sizes, both public and nonpublic. The differences for smaller companies that are not subject to Section 404(b): 1. Reporting — no requirement for a report on _____ 2. Extent of internal controls — may be _____, e.g. adequate separation of duties is difficult in smaller companies 3. Extent of understanding needed - sufficient to assess risk for the audit 4. Assessing control risk - the auditor will assess control risk at maximum when controls are ineffective or nonexistent for any audit objectives 5. Extent of tests of controls needed - the auditor will _____ when control risk is assessed at maximum
internal control; less extensive; not perform tests of controls
Revising risks and evidence — The audit risk model is primarily a _____ and is of limited use in _____. If audit evidence suggests that the risk is higher than originally thought, the auditor must _____ and consider the effect of the revision on evidence requirements.
planning model; evaluating results; revise the original assessment
Develop overall audit strategy: After understanding the client's reason for an audit, the auditor should develop and document a ______.
preliminary audit strategy
The fourth step in audit planning is to make a _____ for the audit.
preliminary judgment about materiality
If the client has set _____, especially when employees are incentivized to meet performance goals, there may be an _____, which increases the risk of financial statement misstatement.
unreasonable objectives; incentive for aggressive accounting
The types of evidence chosen and the extent of use by the auditor _____ from audit to audit, based on levels of internal control effectiveness and inherent risks. The combination of the types and amounts of evidence needed in an audit is referred to as the ______.
varies widely; evidence mix