Audit CH 6
A significant deficiency is a deficiency, or a combination of deficiencies, in internal control that ________ ________. (choose two options). A. is less severe than a material weakness B. merits attention by those charged with governance C. is more severe than a material weakness D. does not merit attention by those charged with governance
A and B
Which of the following statements relating to identifying strengths and weaknesses in a system of internal controls are true? (choose two options) A. If the auditor identifies internal control weaknesses, the risk of material misstatements being undetected by management's processes and controls increases. B. The auditor typically performs additional substantive testing in the areas of internal control weakness in order to identify and quantify potential material misstatement. C. There is no link between weaknesses in internal controls (that is, observations that controls being tested did not operate as intended) and the level of substantive procedures required. D. When the auditor identifies internal control weaknesses, the auditor will consider a lower assessed level of control risk approach for assertions influenced by these weaknesses.
A and B
Which of the following documents contains the customer shipping and billing information and the customer credit limit? A. Customer master file B. Packing slip C. Bill of landing D. Sales invoice
A. Customer master file
In a top-down approach to understanding internal control over financial reporting and selecting the specific internal controls to test, the auditor focuses on _______-level controls. A. entity B. division C. operating unit D. function
A. entity
Which two of the following are external risk factors that an entity might consider? A. Technological development can affect the nature and timing of research and development or lead to changes in procurement. B. Changing customer needs or expectations can affect product development, production processes, customer service, pricing or warranties. C. The quality of personnel hired and methods of training and motivation can influence the level of control consciousness within the entity. D. The nature of the entity's activities, and employee accessibility to assets can contribute to misappropriation of resources.
A and B
Which two of the following are true of a sales invoice? A. It states the particulars of a sale, including the amount owed, terms, and date of sale. B. It is used to bill customers, and it provides the basis for recording a sale in the sales journal. C. It is a client prepared document with the details of items included in a shipment. D. It serves as acknowledgement of receipt of goods for delivery by a freight carrier.
A and B
While initiating sales, errors in which two of the following documents or files could mean the risk of sales being made to unauthorized customers? A. Customer master file B. Sales order C. Sales invoice D. Perpetual inventory
A and B
In the context of internal controls, which three of the following are true of a smaller entity? (choose three options) A. It has limitations surrounding its ability to put effective internal controls in place. B. The small number of its employees limits its ability to segregate duties. C. The risk of management override can be reduced by establishing documented policies and procedures. D. It is easier for smaller entities to have a paper trail of documentation supporting an assessment of internal controls.
A and B and C
Which three of the following are possible risks during the specific transaction of delivering goods? A. Goods may be released from warehouse for unauthorized orders. B. Products are shipped without shipping documents being generated. C. Goods ordered may not be shipped. D. Some shipments may not be billed.
A and B and C
Which three of the following are true of monitoring? A. Much of the information used in monitoring is produced by the entity's information systems. B. Ongoing monitoring procedures are built into the normal recurring activities of the entity. C. One of the most common monitoring activities is the internal audit function. D. Monitoring excludes information obtained from communications with external parties.
A and B and C
By whose standards are internal control weaknesses commonly categorized into three groups? A. Both PCAOB and U.S. GAAS B. PCAOB only C. U.S. GAAS only D. Neither PCAOB nor U.S. GAAS
A. Both PCAOB and U.S. GAAS
What kind of internal control documentation is particularly helpful in industries that the auditor may not personally be familiar with? A. Checklists and preformatted questionnaires B. Combinations of narratives and flowcharts C. Flowcharts and logic diagrams D. Narratives and logic diagrams
A. Checklists and preformatted questionnaires
Which of the following is a form of documenting internal controls that is typically a page divided into two sections? A. Combinations of narratives and flowcharts B. Checklists C. Preformatted questionnaires D. Narratives
A. Combinations of narratives and flowcharts
Which of the following is comprised of the attitudes, awareness and actions of management and those charged with governance concerning the entity's internal control and its importance in the entity? A. Control environment B. Entity-level controls C. Monitoring activities D. Information and communication
A. Control environment
If you place a control that the computer checks run-to-run total of beginning receivables, plus sales transactions with the sum of ending receivables, which of the following risks will you be addressing? A. Invoices not journalized or posted to customer accounts B. Sales invoices recorded in the incorrect accounting period C. Products shipped without shipping documents being generated D. Sale made without credit approval
A. Invoices not journalized or posted to customer accounts
Which of the following is a deficiency in internal control such that there is a reasonable possibility that a material misstatement of the entity's financial statements will not be prevented on a timely basis? A. Material weakness B. Deficiency in internal control C. Significant deficiency D. Immaterial weakness
A. Material weakness
Which process involves assessing the design and operation of controls on a timely basis and taking necessary corrective actions? A. Monitoring B. Risk assessment C. Control activities D. Information and communication
A. Monitoring
Which of the following is a report sent to each customer showing the beginning receivable balance, transactions during the month, and the ending receivable balance? A. Monthly statement of receivable balances B. Sales invoice C. Sales cycle database D. Customer master file
A. Monthly statement of receivable balances
What are the most common forms of documentation for client internal controls, particularly in smaller environments where accounting and internal control activities are simple? A. Narratives B. Logic diagrams C. Flow charts D. Preformatted questionnaires
A. Narratives
Reports that summarize the detail of account balances such as an aged trial balance of accounts receivable are an example of which category of control activities? A. Performance reviews B. Information processing controls C. Physical controls D. Segregation of duties
A. Performance reviews
If you place a control that only a limited number of individuals can change the customer master file and all file changes are reviewed by appropriate levels of management, which of the following risks will you be addressing? A. Sales made to unauthorized customers B. Goods released from warehouse for unauthorized orders C. Some shipments going unbilled D. Sales invoices recorded in the incorrect amount
A. Sales made to unauthorized customers
A deficiency, or a combination of deficiencies, in internal control such that there is a reasonable possibility that a material misstatement of the entity's financial statements will not be prevented, or detected and corrected, on a timely basis is best described as ________. A. a material weakness B. a significant deficiency C. a material deficiency D. a deficiency
A. a material weakness
A deficiency in an operation exists when ________. A. a properly designed control does not operate as designed or the person performing the control does not possess the necessary authority or competence to perform the control effectively B. properly designed control operates as designed and the person performing the control possesses the necessary authority or competence to perform the control effectively C. it has become clear to the auditor that performance of the operation creates significant risk that a material misstatement will not be detected by the client system D. an improperly designed control does not operate as designed or the person performing the control possesses the necessary authority or competence to perform the control effectively
A. a properly designed control does not operate as designed or the person performing the control does not possess the necessary authority or competence to perform the control effectively
Logic diagrams provide ________. A. a visual perspective of the flow of the transactions and key controls throughout the flow that is often simpler for the reader or reviewer to understand B. a description (in words) of each step of the flow of a transaction from start to finish (that is, from initiation to reporting in the financial report C. a process flowchart on the left-hand side and the narrative describing each step in the flow on the right-hand side D. extensive description of steps detailing all aspects of transaction in the internal control processes
A. a visual perspective of the flow of the transactions and key controls throughout the flow that is often simpler for the reader or reviewer to understand
Key assertions pertaining to the delivery of goods are ________. A. accuracy, completeness, and occurrence B. completeness, occurrence, and cutoff C. accuracy, occurrence, and rights and obligations D. presentation and disclosure
A. accuracy, completeness, and occurrence
The management letter should ________. A. be prepared by the audit team, be provided to the client, and discuss internal control weaknesses and other matters discovered during the audit B. only discuss internal control weaknesses C. be sent at the beginning of the engagement D. also be sent to the client's attorneys as a matter of course
A. be prepared by the audit team, be provided to the client, and discuss internal control weaknesses and other matters discovered during the audit
A purpose of the management letter is to ________. A. communicate internal control matters in writing on a timely basis with those charged with governance B. identify, analyze, and manage the risks that affect an entity's ability to achieve its operational effectiveness C. ensure that every transaction is authorized by management personnel acting within the scope of their authority D. control program development, program changes, and computer operations and to secure access to programs and data
A. communicate internal control matters in writing on a timely basis with those charged with governance
A top-down approach begins by _____. A. considering what can go wrong in the financial statements B. considering which members of top management might be committing fraud C. assigning the highest ranking and most experienced members of an audit team to an audit D. sending questionnaires to top management to complete before interviewing any mid-level management employees
A. considering what can go wrong in the financial statements
Compared to other types of entity-level controls, the auditor finds _______the easiest to test because their operation is readily verifiable. A. control activities B. control environment C. risk assessment D. information and communication
A. control activities
When the auditor identifies internal control weaknesses, ________. A. control risk is increased B. control risk is decreased C. risk of material misstatement decreases D. inherent risk is decreased
A. control risk is increased
Establishing an appropriate level of professional skepticism is achieved by ________. A. gaining an understanding of the entity-level (or entity-wide) internal control components B. talking to the internal audit function C. discussions with the client's attorney D. a directive from the audit partner in charge
A. gaining an understanding of the entity-level (or entity-wide) internal control components
The purpose of the management letter is to ________. A. meet the auditor's responsibility for communicating internal control matters in writing on a timely basis with those charged with governance B. inform management of the auditors pending desire to withdraw from the engagement C. meet the auditor's responsibility for communicating external control matters in writing on a timely basis with those charged with governance D. request management confirm the makeup and composition of its board of directors and any associated conflicts of interest
A. meet the auditor's responsibility for communicating internal control matters in writing on a timely basis with those charged with governance
Physical controls are concerned with limiting ________. A. physical access to assets to those authorized to have access B. the informational output of the firm C. investors access to certain records of the firm which should be kept private D. access to accounting information to senior managers only
A. physical access to assets to those authorized to have access
Transaction-level controls are those controls that ________. A. respond to things that can go wrong with transactions. B. are used reactively to determine where problems have occurred. C. deal with the financial statements in general. D. management have suggested the auditor implement.
A. respond to things that can go wrong with transactions.
If an employee who has access to the custody of assets steals a cash remittance and covers the theft by recording a bad-debt write off, there was likely a failure in the category of __________. A. segregation of duties B. performance reviews C. authorization control D. physical controls
A. segregation of duties
A bill of lading is a (an) ________. A. shipping document serving as acknowledgement of receipt of goods for delivery by a freight carrier. B. client prepared document with the details of items included in a shipment. C. electronic file that accumulates data on sales, cash receipts, and accounts receivables. D. electronic file containing the customer shipping and billing information and the customer credit limit.
A. shipping document serving as acknowledgement of receipt of goods for delivery by a freight carrier.
An auditor's documentation of the client's system of internal controls ________. A. should always be written and updated regularly as the auditor gains further understanding B. is the client's responsibility, and should be provided to the auditor by the client C. should be jointly drafted by the auditor and the client D. should be retained in the permanent audit file and never shared with the client
A. should always be written and updated regularly as the auditor gains further understanding
A control ensuring that sales are recorded in the sales ledger is a/an _______-level control. A. transaction B. entity C. division D. function
A. transaction
A deficiency in internal controls is described as ________. A. a combination of deficiencies in internal control which are as severe as material weaknesses B. a deficiency in the design or operation of a single control that does not allow management to prevent and correct misstatements on a timely basis C. a deficiency, or combination of deficiencies in internal control D. a deficiency that has created a reasonable possibility of a material misstatement
B. a deficiency in the design or operation of a single control that does not allow management to prevent and correct misstatements on a timely basis
A management letter is ________. A. formally sent by the auditor to the client before acceptance of the engagement B. a deliverable prepared by the audit team and provided to those charged with governance C. sent from management to the auditor, detailing management's assessment of the auditor's performance during the audit D. sent to the auditor by management, giving permission to contact the predecessor auditor
B. a deliverable prepared by the audit team and provided to those charged with governance
Key assertions pertaining to the audit of credit sales are ________. A. completeness and valuation B. accuracy and occurrence C. valuation and allocation D. rights and obligations
B. accuracy and occurrence
In an audit, the purpose of risk assessment is to ________. A. form an ultimate opinion on the financial statements based on management's directives B. assess the combined inherent, control and detection risks to evaluate the likelihood that material misstatements could occur in the financial statements. C. audit the system of internal control only D. ultimately ensure that the internal audit function is performing properly
B. assess the combined inherent, control and detection risks to evaluate the likelihood that material misstatements could occur in the financial statements.
The key assertion an auditor would be testing when examining a sales invoice to determine if it was billed to the correct customer would be ________. A. valuation and accuracy B. classification C. rights and obligations D. cutoff
B. classification
Policies and procedures enacted by the entity which help ensure that management's directives are carried out are generally referred to as ________. A. management activities B. control activities C. legislative activities D. company procedures
B. control activities
Upon consideration of a client's system of internal control, when an auditor identifies areas with weaknesses, ________. A. reduced substantive testing in this area will be appropriate to reach the desired level of assurance B. increased substantive testing in this area will be appropriate to reach the desired level of assurance C. the auditor should document the weaknesses and refer to them during next year's audit D. the auditor should disclaim an opinion on those areas
B. increased substantive testing in this area will be appropriate to reach the desired level of assurance
Good use of a narrative method of understanding a client's system of internal control would be when the ________. A. client is large and complicated B. is relatively small and not overly complex C. requests the auditor do so D. inherent risk is deemed to be high
B. is relatively small and not overly complex
When an auditor decides to follow a particular transaction from initiation through where it is recorded in the financial records, this is known as ________. A. reperformance B. walkthrough C. recalculation D. vouching
B. walkthrough
An auditor's understanding of a client's system of internal control ________. A. is unrelated to the level of substantive procedures an auditor will conduct B. will help the auditor to determine areas of risk to direct audit attention and resources to C. is optional, and should only be conducted for larger clients D. is a helpful tool to determine the accuracy of account balances and transactions
B. will help the auditor to determine areas of risk to direct audit attention and resources to
Integrity and ethical behavior ________. A. are provided by the auditor to the client in training sessions B. are of no concern, for they are always present C. are the products of the organization's ethical and behavioral standards D. should start at the bottom and work their way up the organization
C. are the products of the organization's ethical and behavioral standards
A logic diagram is best described as ________. A. a complex system of flowcharts detailing the audit procedures conducted and key audit findings B. a narrative surmise of the key audit findings C. being similar to a flowchart but including little detail D. being completed by the client and the auditor upon conclusion of the audit
C. being similar to a flowchart but including little detail
Risks related to the prelisting of cash receipts and remittance advices relate to ________. A. cash sales may not be recorded B. errors may be made in journalizing cash receipts C. checks received may not agree with prelist of cash D. receipts may be posted to the wrong customer account
C. checks received may not agree with prelist of cash
When the auditor identifies internal control strengths, ________. A. inherent risk is increased B. control risk is unaffected C. control risk is decreased D. there is no relationship between strength of internal control and inherent risk
C. control risk is decreased
The most common forms of documentation that auditor uses to signify their understanding of the system of internal control include ________. A. audit plan B. only flowcharts C. flowcharts, narratives, and logic diagrams D. logic diagrams only
C. flowcharts, narratives, and logic diagrams
The management letter discusses ________. A. all issues that management wishes to bring to the attention of the auditor B. all current and pending litigation against the client C. internal control weaknesses and other matters discovered during the course of the audit D. management's disagreements with the auditors regarding certain accounting principles
C. internal control weaknesses and other matters discovered during the course of the audit
An entity's risk assessment process ________. A. should be reevaluated every five years to respond to changing market conditions and threats B. should only solicit feedback from and be crafted by top management C. is its process for identifying and responding to risks that an organization will not achieve its objectives D. is the same as the auditor's consideration of risk
C. is its process for identifying and responding to risks that an organization will not achieve its objectives
A management letter is sometimes also referred to as a ________. A. representation letter B. audit letter C. letter of recommendations D. confirmation
C. letter of recommendations
An important outcome of understanding the client's system of internal control is the auditor's ability to ________. A. guarantee there are no misstatements in the financial statements B. make recommendations on costs savings related to internal control C. make observations, draw conclusions and offer recommendations regarding the strengths and weaknesses observed D. ensure an unqualified audit opinion in regard to the financial statements
C. make observations, draw conclusions and offer recommendations regarding the strengths and weaknesses observed
A report sent to each customer showing the beginning receivable balance, transactions during the month, and the ending receivable balance is best described as ________. A. a statement of cash receipts B. an aging of accounts receivable C. monthly statements of receivable balances D. a general ledger receivables report
C. monthly statements of receivable balances
Documents and files relating to recording sales would be ________. A. bill of lading and sales database B. sales invoice and sales database C. sales invoice, sales cycle database, and monthly statements of receivables balances D. bill of lading and monthly receivables balances
C. sales invoice, sales cycle database, and monthly statements of receivables balances
One disadvantage of flowcharts is they ________. A. are technically complex and thus misunderstood B. are too simplistic C. usually take longer to prepare than narratives or checklists D. are more expensive to prepare due to the number of audit hours involved
C. usually take longer to prepare than narratives or checklists
The auditor's understanding of the client's system of internal control should be ________. A. discussed among audit team members only B. submitted to the client's internal audit function for agreement/approval C. well documented so it can be referred back to at any time D. in documentary form only and submitted to the client's attorneys for risk assessment
C. well documented so it can be referred back to at any time
Those charged with governance of an organization ________. A. should always be sure to look out for their own interests as well as those of the company B. cannot be legally held responsible for the actions of the company C. should rely on the auditors for guidance D. have an obligation to be concerned with the entity's financial reporting to shareholders and the investing public
D. have an obligation to be concerned with the entity's financial reporting to shareholders and the investing public
PCAOB Audit Standard No. 2201 requires that ________. A. an auditor issues a qualified opinion on all accounts that were not tested in their entirety B. the audit partner should solely make the determination as to whether any material weaknesses have been identified as part of the audit C. all companies with a market capitalization of $75,000,000 or more file documentation with the Securities and Exchange Commission (SEC) detailing all deficiencies identified as part of the audit D. in an audit of ICFR, material weaknesses are reported to the public in the auditor report on ICFR
D. in an audit of ICFR, material weaknesses are reported to the public in the auditor report on ICFR
One of the key functions of a management letter is to ________. A. provide management with some idea as to the audit opinion they will likely receive B. advise management of the auditor's requirements with respect to filing reports with the Securities and Exchange Commission (SEC) C. attempt to resolve differences of opinion on accounting estimated used by management in which the auditor disagrees D. inform those charged with governance of the auditor's recommendations for improving its internal controls
D. inform those charged with governance of the auditor's recommendations for improving its internal controls