ACC 450 Chapter 7

Ace your homework & exams now with Quizwiz!

Material weakness

A deficiency in internal control such that there is a reasonable possibility that a material misstatement of the company's financial statements will not be prevented or detected on a timely basis; communication to management and audit committee required

Significant deficiency

A deficiency in internal control that is less severe than a material weakness, yet important enough to merit attention by those responsible for oversight of the company's financial reporting; communication to management and audit committee required

An engagement letter is best described as:

A letter from the auditors to company management that specifies the responsibilities of both the company and the auditors in completing the audit and timing for its completion

At the completion of the audit, the auditors are least likely to know:

Actual control risk

What are the three control risks?

Actual control risk, planned assessed level of control risk, and assessed level of control risk

Completeness refers to:

All assets have been recorded

The accounting information and communication system

An information system

Control activities

An organization will establish policies and procedures to help ensure management directives are carried out

What is an option for nonpublic companies who have not experienced change in their internal controls?

Auditors may be able to rely on evidence of operating effectiveness obtained in previous audits; in these situations, tests of controls must be performed every third audit

Implemented

Auditors must determine that internal controls have been placed in operation

Walk-through

Auditors trace one or two transactions of each major type through the system

What are the segregation of duties?

Authorization, recording, and custody

When a CPA decides that the work performed by internal auditors may have an effect on the nature, timing, and extent of the CPA's procedures, the CPA should consider the competence and objectivity of the internal auditors. Relative to objectivity, the CPA would:

Consider the organizational level to which the internal auditors report the results of their work

What are the 5 components of Internal Control?

Control environment, risk assessment, the accounting information and communication system, control activities, monitoring

Why would an auditor have a planned assessed level of control risk at the maximum level?

Controls look weak; controls appear to be correct but too costly to test

What are the 3 deficiency types in IC?

Deficiency, Significant deficiency, material weakness

What would be least likely to be considered an objective of internal control?

Detecting management fraud

Effective internal control in a small company that has an insufficient number of employees to permit proper separation of responsibilities can be improved by:

Direct participation by the owner in key record keeping and control activities of the businesses

Inquiries

Discuss with the appropriate client personnel the manner in which the control functions

Which of the following is not an advantage of establishing an enterprise risk management system within an organization?

Eliminates all risks

To have an adequate basis to issue a management report on internal control under Section 404(a) of the Sarbanes-Oxley Act, management must all, except:

Establish internal control with no material weakness

Operating effectiveness

Evaluated by performing tests of controls; determines how a control was applied, the consistency with which it was applied, and by whom it was applied

Tests of controls do not address:

How controls were originated

Planned and assessed control risk below maximum level requires:

Identifying IC procedures relevant to account or assertion and tests of controls

What are the four types of tests of controls?

Inquiries, inspection, observation, re-performance

Inspection

Inspect invoices and determine whether evidence exists that the procedures have been performed

What audits is the PCAOB finding the most problems in?

Internal control audits

Monitoring

Internal controls need to be monitored over time to determine whether they continue to be relevant and able to address new risks of the organization

A primary objective of procedures performed to obtain an understanding of internal control is to provide the auditors with:

Knowledge necessary to determine the nature, timing, and extent of further audit procedures

Who should be communicated to about control related matters?

Management and audit committee

Audits of internal control over financial reporting (ICFR)

Management is to perform an assessment and evaluation of ICFR and issue its own report; The company's external auditors are to audit and report on ICFR

An entity's ongoing monitoring activities often include:

Management review of weekly performance reports

Control environment

Management's and directors' attitudes, awareness, and actions

Adverse opinion

Material weakness

What is the assessed level of control risk if no tests of controls are performed?

Maximum

What is the assessed level of control risk if tests of control performed, system found not to be operating effectively?

Maximum

If no tests of control have been performed, control risk must be assessed at:

Maximum level

Unqualified opinion

May be issued when there have been no identified material weaknesses an when there have been no restrictions on the scope of the auditor's work

What can break down internal controls?

Misunderstandings, mistakes of judgment, carelessness, and collusion/management override

What is the assessed level of control risk if tests of controls performed, system operating as anticipated?

Moderate

What is the assessed level of control risk if tests of controls performed, system operating somewhat effectively, but not as well as anticipated?

Moderate

What areas are difficult to control in IC?

Non-routine transactions and accounting estimates

What is least likely to be a test of controls?

Observation of confirmations

Observation

Observe application of the procedures being applied to the invoices several times during the year

What is the path of auditors consideration of internal control?

Obtain understanding of IC (risk assessment procedures), document understanding of IC, assess risks of material misstatement (risk assessment), design further audit procedures

Tests of controls ordinarily are designed to provide evidence of:

Operating effectiveness

What are the control activities?

Performance reviews, Information processing controls, physical controls, segregation of duties

Controls over financial reporting are often classified as preventative, detective, or corrective. What is an example of a detective control?

Preparing bank reconciliations

Re-performance

Re-perform the procedure by comparing quantities shown on each invoice to the quantities listed on the related shipping documents and by comparing unit prices to the client's price lists

As one step in testing sales transactions a CPA traces a random sample of sales journal entries to debits in the accounts receivable subsidiary ledger. This test provides evidence as to whether:

Recorded sales have been properly posted to customer accounts

Internal Control

Reliability of financial reporting, effectiveness and efficiency of operations, compliance wit applicable laws and regulations

No opinion/qualified opinion

Scope limitation

Management of Warren Company has decided to respond to a particular risk by hedging the risk with futures contracts. This is an example of:

Sharing

What is the primary focus of audits of ICFRs?

Significant accounts and disclosures and relevant assertions

What is meant by tests being cost-justified?

Spending a little money now will prevent the risk of losing more money in the long run

Which portion of an audit is most likely to be completed after the balance sheet date?

Substantive procedures

An auditor may compensate for a weakness in internal control by increasing the extent of:

Substantive tests of details

When the auditors are performing a first-time internal control audit in accordance with the Sarbanes-Oxley Act and PCAOB standards, they must:

Test controls for all significant accounts

Actual control risk

The actual, unknown, risk that a material misstatement could occur in an assertion and will not be prevented or detected on a timely basis by an entity's internal control

The audit of ICFR should be integrated with:

The audit of the F/S

The planned assessed level of control risk is at the maximum unless:

The auditor plans to perform tests of controls to obtain evidence on whether internal control operates effectively

What are the current auditors' responsibilities with regard to contacting a client's predecessor's auditors?

The current auditors should attempt communications with the predecessor auditors and ask if they had any accounting policy disagreements with the client

Assessed level of control risk

The level at which control risk is assessed for purposes of determining the scope of substantive procedures

Risk assessment

The organization's process of identifying potential risks to its financial reporting objectives and developing actions to address those risk

The preliminary assessments of control risk are often referred to as:

The planned assessed level of control risk

What factor most likely would cause a CPA to not accept a new audit engagement?

The prospective client is unwilling to make financial records available to the CPA

Control risk

The risk that the internal control will fail to prevent, or detect and correct, material misstatement

What is true about the testing direction of tests for unrecorded assets?

They typically involve tracing from source documents to journal entries

Planned assessed level of control risk

This level is lower than the maximum level when the assessed level of the risk of material misstatement presumes that controls operate effectively

Why do auditors consider internal control?

To assess the risk of material misstatement and to assess control risk and then determine the nature, timing, and extent of further audit procedures

What is the purpose of audits of ICFR?

To obtain reasonable assurance that deficiencies that would represent material weaknesses are identified

What approach should be used to identify controls to test?

Top-down approach; start at F/S level and work down to forming an opinion on effectiveness of ICFR

What symbol indicates that a file has been consulted?

Trapezoid <-> Triangle

Opinions on audits of ICFRs

Unqualified opinion, adverse opinion, disclaimer of opinion/no opinion/qualified opinion

When is assessed level of control risk at the maximum level?

When no tests of controls are performed

Deficiency

When the design or operation of a control does not allow management or employees, in a normal course of performing their assigned functions, to prevent or detect material misstatements on a timely basis; communication to management and audit committee not required

When would an auditor perform tests of controls?

When they appear effective and cost-justified


Related study sets

Consumer Math B - Unit 1 - Lesson 2

View Set

Thermodynamics Comment Questions (HW and Exams) & Equations

View Set

Chapter 15: Psychological Disorders

View Set

PERSONAL FINANCE MID, Personal Finance Exam 1

View Set

Exercise 1: The language of anatomy

View Set

NYS Real Estate Broker License Exam Review

View Set

Chem Unit 2- Measurement and Calculations

View Set

CIS 304 Module 1, CIS 304 Questions

View Set