ADT CH5

Ace your homework & exams now with Quizwiz!

COSO internal control categories include ______ and ______ of operations.

Effectiveness Efficiency

True or false: To achieve the specific objectives of each of the three goals, the COSO framework defines five components of a properly designed internal control system that work independently of each other to support the system's overall effectiveness.

False (The components work in an integrated manner)

True or false: For audits of internal control, the audit team must understand and evaluate internal controls for the entire period.

False (This is true for financial statement audits. Internal control audits are as of the end of the fiscal year.)

Section 302 of the Sarbanes-Oxley Act ______.

allows managers to make their own judgments about the necessity of specific controls makes management responsible for monitoring, supervising and maintaining control activities is designed to ensure the proper "tone at the top"

According to professional standards, the audit team's evaluation of the sufficiency of management's control activities is ______.

always required

Common monitoring controls include ______.

analysis of and follow up items that might by indicative of a control failure self-assessments by management regarding the tone they set quality assurance review of the internal audit department

Internal control questionnaires ______.

are somewhat unique for each organization can be useful in detecting internal control weaknesses help the auditing team obtain evidence about the control environment

All entities recognize the need for a formalized process to identify, assess and manage factors, events and conditions, known as ______, that can prevent the organization from achieving it objectives.

business risk

Flowcharts ______.

can be helpful in identifying missing controls are easy to evaluate after they are completed are time-consuming to construct

Two or more people working together to circumvent the internal control system is called ______ and it cannot be prevented by separation of duties.

collusion

AS 2201 encourages the audit team to use the work of internal auditors but the audit team must evaluate their ______ and ______ and perform some tests of their work. (Enter only one word per blank.)

competence objectivity

Specific actions a client's management and employees take to help ensure management's directives are carried out are called ______

control activities

Integrity, ethical values and competence of the entity's people are all ______ factors.

control environment

The foundation for all other components of internal control is the

control environment

When either the design or operation of the control under consideration does not allow the entity's management or employees to detect or prevent misstatements in a timely fashion an internal control ______ exists.

deficiency

An employee knowingly doing something to bypass the internal control system is an act of ______.

deliberate circumvention

A problem relating to either a necessary control that is missing or an existing control so poorly constructed that it fails to satisfy the control's objective is called a(n) ______.

design deficiency

COSO developed a(n) ______ framework to facilitate the assessment and mitigation of business risks a company faces.

enterprise risk management

Controls that are pervasive to the internal control system and the reliability of the financial statements as a whole are called ______ - level controls.

entity

For all relevant assertions for each significant account and disclosure, the audit team begins by examining ______ controls that are pervasive to the internal control system and reliability of the financial statements as a whole.

entity-level

Comparing all customers' credit limits to the sum of their outstanding credit balance plus a potential sales transaction as a means of checking for potential over-limit conditions is an example of ______ testing.

exception

Using an automated test procedure designed to test all items in a population as a means to identify a violation of control activities is an example of ______ testing.

exception

Procedures related to internal control in an integrated audit performed under AS 2201 are ______ than those in a GAAS audit for a nonpublic entity.

far more extensive

The higher the assessment of control risk, the ______ the assessment of risk of material misstatement.

higher

The preliminary assessment of control risk ______.

includes identifying activities explicitly designed to support reliable financial statement reporting may be made after understanding and documenting internal control

Combinations of duties that place a single person in a position to create and conceal misstatements due to errors or frauds in their normal job are ______ responsibilities.

incompatible

An account's significance is based on its ______ risk.

inherent

The risk of material misstatement is composed of ______risk and ______risk.

inherent control

When testing controls, the audit team often uses ______ about the existence of the activity and then corroborate the evidence by observing the control activities are actually being performed.

inquiry

The four methods of testing controls are ______, ______, document examination and ______

inquiry observation reperformance

After understanding and documenting internal control, the audit team should be able to ______.

make a preliminary assessment of control risk

A deficiency that results in a reasonable possibility that a material misstatement would not be prevented or detected on a timely basis is a(n) ______.

material weakness

The focus of AS 2201 is to determine whether a(n) ______ exists at the end of the year being reported on. If it does, the entity's internal control over financial reporting cannot be considered effective.

material weakness

The magnitude of the potential misstatement that could occur and would not be detected on a timely basis is the primary difference between a(n) ______.

material weakness and significant deficiency

Under Sarbanes-Oxley, an audit of the internal control system over financial reporting is required and ______.

must be integrated with the financial statement audit

Flowcharts ______.

must be understandable to an audit supervisor should include narrative explanations should flow from left to right and top to bottom

The assessment of risk of material misstatement at the assertion level is completed to give the audit team a basis for planning the audit and determining the ______, ______, and ______ of further audit procedures to be conducted for the financial statement audit.

nature timing extent

When gaining an understanding of internal controls, assertions should ______.

only be considered if they are relevant

When a properly designed control is either ignored or inappropriately applied, a(n) ______ has occurred.

operating deficiency

Separation of duties ______.

prevents incompatible responsibilities forces different people or departments to deal with different facets of transactions prevents fraud that do not involve collusion

The COSO definition states that internal control is designed to provide ______ regarding the achievement of objectives in three categories.

reasonable assurance

A material weakness is a deficiency that results in a(n) ______ that a material misstatement would not be prevented or detected on a timely basis.

reasonable possibility

An assertion that has a reasonable possibility of containing a material misstatement is considered to be a(n) ______ assertion.

relevant

COSO internal control categories include ______ of financial reporting and ______ with applicable laws and regulations.

reliability compliance

A key factor in audit sampling is that, for a sample to be considered ______, all items in a population must have an opportunity to be selected.

representative

Section 302 of the Sarbanes-Oxley Act ______.

requires management to assess the risks it wishes to control makes managers responsible for establishing a control environment

The five basic components of a properly designed internal control system as defined by COSO are: (1) control environment, (2) ______ assessment, (3) ______ activities, (4) ______ and (5) information and ______

risk control monitoring communication

When control activities do not lend themselves to automated testing, the audit team is likely to use audit ______ to test the population.

sampling

Common monitoring controls include ______.

self-assessments by boards regarding the effectiveness of their oversight supervisory review of controls periodic evaluation of controls by internal audit

Gaining an understanding of internal controls should start by identifying ______ accounts and disclosures and their ______.

significant relevant assertions

A deficiency in internal controls that is less severe than a material weakness yet important enough to merit attention from those charged with governance is a(n) ______.

significant deficiency

Internal control questionnaires ______.

tend to be inflexible make it less likely for the audit team to forget to cover an important point should be used in combination with other methods

Obtaining an understanding of the information system relevant to financial reporting includes understanding ______.

the nature of the underlying accounting records, information and accounts used to execute a transaction how the information system captures events and conditions other than transactions significant to the financial statements

Professional standards recognize that to make effective decisions, managers must have access to ______, ______, and ______ information.

timely reliable relevant

The audit team's focuses on threats to the integrity of the external financial reporting process by taking a ______ approach to evaluating the effectiveness of the internal control system over financial reporting.

top-down


Related study sets

Chapter 23: Cells and Tissues of the Plant Body

View Set

fahmy 100 ( bible ) arabic & french 14

View Set

Ch 8: Florida Statutes the surplus lines law

View Set

Chapter 32: All Forms of Partnerships

View Set

MUSCLES THAT ACT ON EACH DIGIT: Digit 5 (Pinky)

View Set