Audit ch 1
To do an audit, it is necessary for information to be in a verifiable form and some criteria by which the auditor can evaluate the information. Detail the information and criteria that would be used for: (A) an independent CPA firm audits a company's historical financial statements. (B) an Internal Revenue Service auditor who audits that same company's tax return. (C) an internal auditor use when performing an operational audit to evaluate whether the company's computerized payroll processing system is operating efficiently and effectively.
(A) The information used by a CPA firm in a financial statement audit is the financial information in the company's financial statements. The most commonly used criteria are applicable U.S. generally accepted accounting standards or International Financial Reporting Standards (IFRS). (B) The information used by an IRS auditor is the financial information in the company's federal tax return. The criteria are the internal revenue code and interpretations. (C) The information used by an internal auditor when performing an operational audit of the payroll system could include various items such as the number of errors made, costs incurred by the payroll department, and number of payroll records processed each month. The criteria would consist of company standards for departmental efficiency and effectiveness.
Which of the following services provides the lowest level of assurance on a financial statement? A) A review. B) An audit. C) Neither service provides assurance on financial statements. D) Each service provides the same level of assurance on financial statements
A) A review.
A) IRS agents' examinations of taxpayer returns. B) GAO auditor's evaluation of the computer operations of governmental units. C) An internal auditor's review of a company's payroll authorization procedures. D) A CPA firm's audit of a public company.
A) IRS agents' examinations of taxpayer returns.
An examination of part of an organization's procedures and methods for the purpose of evaluating efficiency and effectiveness is what type of audit? A) Operational audit. B) Compliance audit. C) Financial statement audit. D) Production audit
A) Operational audit
Most public companies' audited financial statements are available on the SEC's EDGAR database. A) True B) False
A) True
Results of compliance audits are typically reported to someone within the organizational unit being audited rather than to a broad spectrum of outside users. A) True B) False
A) True
Section 404 of the Sarbanes-Oxley Act requires public companies to have an external auditor attest to their internal control over financial reporting.
A) True
Three common types of attestation services are: A) audits, reviews, and attestations regarding internal controls. B) audits, verifications, and attestations regarding internal controls. C) reviews, verifications, and attestations regarding internal controls. D) audits, reviews, and verifications
A) audits, reviews, and attestations regarding internal controls.
In "auditing" financial accounting data, the primary concern is with: A) determining whether recorded information properly reflects the economic events that occurred during the accounting period. B) determining if fraud has occurred. C) determining if taxable income has been calculated correctly. D) analyzing the financial information to be sure that it complies with government requirements
A) determining whether recorded information properly reflects the economic events that occurred during the accounting period.
Which of the following are required to have a written report regarding the assertion of another party?
B) Financial Statement Audit YES Operational Audit YES Compliance Audit YES Attestation Engagement YES Assurance Engagement NO
CPA firms are never allowed to provide bookkeeping services for clients. A) True B) False
B) False
The primary purpose of a compliance audit is to determine whether the financial statements are prepared in compliance with generally accepted accounting principles. A) True B) False
B) False
The primary role of the United States General Accounting Office is the enforcement of the federal tax laws as defined by Congress and interpreted by the courts. A) True B) False
B) False
________ risk reflects the possibility that the information upon which the business decision was made was inaccurate. A) Client acceptance B) Information C) Business D) Control
B) Information
Attestation services on information technology include WebTrust services and SysTrust services. Which of the following statements most accurately describes SysTrust services?
B) SysTrust services provide assurance on system reliability in critical areas such as security and data integrity.
Any service that requires a CPA firm to issue a report about the reliability of an assertion that is made by another party is a(n): A) accounting and bookkeeping service. B) attestation service. C) assurance service. D) tax service.
B) attestation service.
An audit to determine whether an entity is following specific procedures or rules set down by some higher authority is classified as a(n): A) audit of financial statements. B) compliance audit. C) operational audit. D) production audit.
B) compliance audit
The use of the Certified Public Accountant title is regulated by: A) the federal government. B) state law through a licensing department or agency of each state. C) the American Institute of Certified Public Accountants through the licensing departments of the tax and auditing committees. D) the Securities and Exchange Commission.
B) state law through a licensing department or agency of each state.
The three requirements for becoming a CPA include all but which of the following? A) Uniform CPA examination requirement. B) Educational requirements. C) Character requirements. D) Experience requirement.
C) Character requirements.
Which one of the following is more difficult to evaluate objectively? A) Presentation of financial statements in accordance with generally accepted accounting principles. B) Compliance with government regulations. C) Efficiency and effectiveness of operations. D) All three of the above are equally difficult
C) Efficiency and effectiveness of operations.
In the audit of historical financial statements, what accounting criteria is most common? A) Regulatory accounting principles. B) International financial reporting standards. C) Generally accepted accounting principles. D) B and C E) All of the above.
C) Generally accepted accounting principles.
The Sarbanes-Oxley Act prohibits a CPA firm that audits a public company from providing which of the following types of services to that company? A) Reviews of quarterly financial statements. B) Preparation of corporate tax returns. C) Most consulting services. D) Tax services
C) Most consulting services.
1) The Sarbanes-Oxley Act applies to which of the following companies? A) All companies. B) Privately held companies. C) Public companies. D) All public companies and privately held companies with assets greater than $500 million.
C) Public companies.
Recording, classifying, and summarizing economic events in a logical manner for the purpose of providing financial information for decision making is commonly called: A) finance. B) auditing. C) accounting. D) economics
C) accounting
One objective of an operational audit is to: A) determine whether the financial statements fairly present the entity's operations. B) evaluate the feasibility of attaining the entity's operational objectives. C) make recommendations for improving performance. D) report on the entity's relative success in attaining profit maximization.
C) make recommendations for improving performance.
Financial statement users often receive unreliable financial information from companies. Which of the following is not a common reason for this? A) Complex exchange transactions. B) Voluminous data. C) Remoteness of information. D) Each of these choices is a common reason for unreliable financial information.
D) Each of these choices is a common reason for unreliable financial information.
Which of the following is not a SysTrust Services principle as defined by the AICPA? A) Online privacy. B) Availability. C) Processing integrity. D) Operational integrity.
D) Operational integrity.
Which department provides quantitative information in order for management and others to make decisions? A) management information systems. B) auditing. C) finance. D) accounting
D) accounting
The trait that distinguishes auditors from accountants is the: A) auditor's ability to interpret accounting principles generally accepted in the United States. B) auditor's education beyond the Bachelor's degree. C) auditor's ability to interpret FASB Statements. D) auditor's accumulation and interpretation of evidence related to a company's financial statements.
D) auditor's accumulation and interpretation of evidence related to a company's financial statements.
An audit of historical financial statements is most often performed to determine whether the: A) organization is operating efficiently and effectively. B) entity is following specific procedures or rules set down by some higher authority. C) management team is fulfilling its fiduciary responsibilities to shareholders. D) none of these choices.
D) none of these choices.
Only companies that file annual statements with the Securities and Exchange Commission are required to have an annual external audit. A) True B) False
FALSE
The Sarbanes-Oxley Act establishes standards related to the audits of privately held companies. A) True B) False
False
The criteria used by an external auditor to evaluate published financial statements are known as generally accepted auditing standards. A) True B) False
False
Discuss the similarities and differences between financial statement audits, operational audits, and compliance audits. Give an example of each type.
Financial statement audits, operational audits, and compliance audits are similar in that each type of audit involves accumulating and evaluating evidence about information to ascertain and report on the degree of correspondence between the information and established criteria and/or procedures, rules, or regulations. The differences between each type of audit are the information being examined and the criteria used to evaluate the information. An operational audit evaluates the efficiency and effectiveness of and part of an organization's operating procedures and methods. At completion of an operational audit, management normally expects recommendations for improving operations. In operational auditing, the reviews are not limited to accounting. It is more difficult to objectively evaluate whether the efficiency and effectiveness of operations meets established criteria than it is for compliance and financial statement audits. Also, establishing criteria for evaluating the information in an operational audit is extremely subjective. Thus, operational auditing is more like management consulting than what is usually considered auditing. A compliance audit is conducted to determine whether the auditee is following specific procedures, rules, or regulations set by some higher authority. Results of compliance audits are typically reported to management, like in the operational audits, rather than to outside users as is done with financial statement audits. A financial statement audit is conducted to determine whether financial statements are stated in accordance with specified criteria, normally the U.S. or international standards. Auditors not only focus on accounting transactions, but also focus on an integrated approach in which both the risk of misstatements and the operating controls are considered. The auditor must have a thorough understanding of the entity and its environment. An example of a financial statement audit would be the annual audit of IBM Corporation, in which the external auditors examine IBM's financial statements to determine the degree of correspondence between those financial statements and generally accepted accounting principles. An example of an operational audit would be an internal auditor's evaluation of whether the company's computerized payrollprocessing system is operating efficiently and effectively. An example of a compliance audit would be an IRS auditor's examination of an entity's federal tax return to determine the degree of compliance with the Internal Revenue Code.
What is an engagement to attest on internal control over financial reporting?
For an audit of internal control over financial reporting, management asserts that internal controls have been developed and implemented following well established criteria. Section 404 of the Sarbanes-Oxley Act requires public companies to report management's assessment of the effectiveness of internal control over financial reporting. The Act also requires auditors to attest to the effectiveness of internal control over financial reporting. This evaluation, which is integrated with the audit of financial statements, increases user confidence about future financial reporting, because effective internal controls reduce the likelihood of future misstatements in the financial statements.
Two types of attestation services provided by CPA firms are audits and reviews. Discuss the similarities and differences between these two types of attestation services. Which type provides the least assurance?
In both the review and audit of the historical financial statements, management asserts that the statements are fairly stated in accordance with accounting standards. The CPA provides a lower level of assurance for reviews of financial statements compared to the high level for audits, therefore less evidence is needed. A review is often adequate to meet financial statement users' needs. It can be provided by a CPA firm at a much lower fee than an audit because less evidence is needed.
Explain what is meant by information risk, and list the four causes of this risk.
Information risk reflects the possibility that the information upon which the business risk decision was made was inaccurate. Four causes of information risk are: • remoteness of information, • biases and motives of the provider, • voluminous data, and • complex exchange transactions.
Which of the following is considered audit evidence?
Oral statements made by management= yes Written Communications = yes Auditor Observation= yes
What are the five categories of attestation services?
The five categories of attestation services include: • audit of historical financial statements, • attestation on internal control over financial reporting, • review of historical financial statements, • attestation services on information technology, and • other attestation services that may be applied to a broad range of subject matter.
Evidence is paramount to audit and attestation engagements. List the four basic types of audit evidence.
The four types of audit and attestation evidence include: 1. Electronic and documentary data about economic transactions 2. Written and electronic communications with outsiders 3. Observations by the auditor 4. Oral testimony of the auditee (client)
Discuss the differences and similarities between the roles of accountants and auditors. What additional expertise must an auditor possess beyond that of an accountant? Answer: The role of accountants is to record, classify, and summarize economic events in a logical manner for the purpose of providing financial information for decision making. To provide relevant information, accountants must have a thorough understanding of the principles and rules that provide the basis for preparing the accounting information. In addition, accountants must develop a system to ensure that the entity's economic events are properly recorded on a timely basis and at a reasonable cost
The role of auditors is to determine whether the recorded information prepared by accountants properly reflects the economic events that occurred during the accounting period. Because U.S. or international standards provide the criteria for evaluating whether financial information is properly recorded, auditors must thoroughly understand those accounting standards. In addition to understanding accounting, the auditor must possess expertise in the accumulation and interpretation of audit evidence. It is this expertise that distinguishes auditors from accountants. Determining the proper audit procedures, deciding the number and types of items to test, and evaluating the results are unique to the auditor
Discuss the similarities and differences between the roles of independent auditors, GAO auditors, internal revenue agents, and internal auditors.
The roles of all four types of auditors are similar in that they involve the accumulation and evaluation of evidence about information to ascertain and report on the degree of correspondence between the information and established criteria. The differences in their roles center around the information audited and the criteria used to evaluate that information. Independent auditors primarily audit companies' financial statements. GAO auditors' primary responsibility is to perform the audit function for Congress. IRS auditors are responsible for the enforcement of federal tax laws. Internal auditors primarily perform operational and compliance audits for their employing company.
List and discuss the three primary requirements to become a CPA.
The three primary requirements for becoming a CPA are: • Educational requirement. An undergraduate degree or a graduate degree with a major in accounting is required. Most states now require 150 semester hours for licensure and some states require 150 semester hours before taking the CPA exam. • Uniform CPA examination requirement. This is a four-part, computer-based examination with components on auditing and attestation, financial accounting and reporting, regulation, and business environment and concepts. • Experience requirement. The experience requirement varies from state to state with some states requiring no experience, while other states require up to two years of audit experience.
The Sarbanes-Oxley Act is widely viewed as having ushered in sweeping changes to auditing and financial reporting. A) True B) False
True
What is a WebTrust engagement? What is a SysTrust engagement? How do they differ?
WebTrust is a service provided by a CPA where the CPA provides assurance that the Web Site owner has met established criteria related to business practices, transaction integrity, and information processes. SysTrust is a service provided by a CPA to evaluate and test a system reliability in areas such as security and data integrity. There are five principles that must be addressed on a SysTrust engagement: security, availability, processing integrity, online privacy, and confidentiality. WebTrust is primarily designed to provide assurance to third party users of a Web site. SysTrust provides assurance to management, the board of directors or third parties about the reliability of information systems used to generate real-time information.
The criteria by which an auditor evaluates the information under audit may vary with the information being audited. A) True B) False
true