Audit Chapter 5 LearnSmart

Ace your homework & exams now with Quizwiz!

Which of the following statements are correct regarding internal control communications to public entities?

All deficiencies must be communicated in writing to management, the auditors' report must be in writing

True or false: An understanding of the design of controls or how they are intended to function provides the audit team complete evidence as to the operating effectiveness of controls.

False

True or false: Document examination alone is never considered an adequate test of controls.

False

True or false: Professional standards do not require the audit team to evaluate the sufficiency of management's control activities.

False

Which of the following statements are correct?

If a control activity has high risk, more persuasive evidence is needed, it may be more efficient for the auditor to choose not to rely on controls

True or false: Control activities designed to promote a culture of honest and ethical behavior should be evaluated in response to fraud risks identified during the planning stage.

True

True or false: In some sense, all controls can be thought of as preventative controls.

True

Which of the following statements are correct?

Using and accounting for prenumbered documents helps support the completeness assertion, spreadsheet "errors" can pose risks to an entity's internal control system

An external auditor recommends an internal control to a client that will improve the system. After doing a cost-benefit analysis, the client rejects the suggestion. The auditor should

accept the client's decision under the concept of reasonableness assurance

The final assessment of control risk should:

assist in determining the list of substantive procedures required, be coordinated with the final audit plan

All entities recognize the need for a formalized process to identify, assess and manage factors, events and conditions, known as __, that can prevent the organization from achieving it objectives.

business risks

A strong system of controls __ guarantee that errors will not occur.

cannot

Separation of duties cannot prevent __ which is two or more people working together to circumvent the internal control system.

collusion

The audit team:

communicates internal control issues to help management carry out internal control monitoring responsibilities, must communicate significant deficiencies and material weakness identified during the audit

The foundation for all other components of internal control is the __.

control environment

An employee knowingly doing something to bypass the internal control system is an act of

deliberate circumvention

Whether the controls over financial reporting, if operating as they should, would be expected to prevent or detect errors or fraud that could result in a material misstatement in the financial statements is determined by __.

design effectiveness

When a single audit test produces both control testing and substantive testing evidence, it is called a(n) __-__ test.

dual-purpose

An audit procedure that selects recorded payroll entries to vouch payroll to time cards and calculate the correct dollar amount of payroll is an example of a

dual-purpose test

COSO internal control categories include __ and __ of operations.

effectiveness, efficiency

COSO developed a(n) __ framework to facilitate the assessment and mitigation of business risks a company faces.

enterprise risk management

The idea behind ERM or __, is that management, boards, and employees have to be constantly thinking about what could go wrong with the business and how to prevent it.

enterprise risk management

Controls that are pervasive to the internal control system and the reliability of the financial statements as a whole are called __ controls.

entity-level

Comparing all customers' credit limits to the sum of their outstanding credit balance plus a potential sales transaction as a means of checking for potential over-limit conditions is an example of __ testing.

exception

The professional standards require the auditor to gain an understanding of the client's risk assessment process related to:

financial reporting risks, fraud risk

Segregation of duties:

forces different people or departments to deal with different facets of transactions, prevents fraud that do not involve collusion, prevents incompatible responsibilities

To be considered appropriate audit evidence, an audit sample must be:

from a population that covers the entire period of reliance, representative of the population being sampled

When audit teams reach the third phase of an evaluation of internal control they:

have identified controls on which they intend to rely, have set an acceptable rate of compliance for an activity to be considered effective

Flowcharts:

help the audit team assess the key control points in the process, involve considerable time and effort, have become a popular documentation method for auditors

The higher the assessment of control risk, the __ the assessment of risk of material misstatement.

higher

An audit team's assessment of control risk as high:

implies controls cannot be relied upon, implies controls are ineffective

Combinations of duties that place a single person in a position to create and conceal misstatement due to errors or frauds in his or her normal job are __ responsibilities.

incompatible

An account's significance is based on its __ risk.

inherent

The risk of material misstatement is composed of __ risk and __ risk.

inherent, control

The four methods of testing controls are __, __, document examination and __.

inquiry, observation, reperformance

External auditors complete an audit on the financial statements and one on internal control as part of a(n) __.

integrated audit

The efficiency of a management interview can be improved by using a(n)

internal control questionnaire

The emphasis of the Sarbanes-Oxley Act is on the ___ as an important means to prevent or detect material misstatements in the financial statements due to fraud.

internal control system

Physical access should be limited to authorized personnel. This limitation should include:

inventory, payroll records, securities

The audit team's decision that it would take more time to test the operating effectiveness of the control activities than it would take to perform the substantive tests necessary for a relevant assertion:

is equivalent to assessing control risk at 100%

After their understanding of the entity's internal controls have been documented, the audit team may choose not to perform tests on the operating effectiveness of the controls because:

it is less time consuming to conduct substantive tests, the internal control system is too ineffective to rely on, the cost of obtaining a low control risk assessment is high

Each member of the audit committee must be financially __ and one member must be a financial __.

literate, expert

After understanding and documenting internal control, the audit team should be able to:

make a preliminary assessment of control risk

Section 302 of the Sarbanes-Oxley Act:

makes management responsible for monitoring, supervising and maintaining control activities, allows managers to make their own judgements about the necessity of specific controls, is designated to ensure the proper "tone at the top"

Under the Sarbanes-Oxley Act who is responsible for evaluating the effectiveness of an organization's internal control system?

management and external auditors

Although not required by auditing standards, audit teams often issue a(n) __ containing commentary and suggestions on a variety of matters in addition to internal control matters.

management letter

Management may not be able to conclude that the entity's internal controls over financial reporting is effective if any __ exist.

material weaknesses

The audit team must adjust the substantive procedures accordingly in order to obtain enough evidence to mitigate the risk of material misstatements to a low level for the relevant assertions being tested if the assessment of control risk is:

moderate

Narrative descriptions tend to be:

most efficient for audits of small businesses

A method for documenting the audit team's inderstanding of internal controls that describes all environmental elements, the accounting system and all control activities is called a(n) __.

narrative description

A method for documenting the audit team's understanding of internal controls that describes all environmental elements, the accounting system and all control activities is called a(n) __.

narrative description

The assessment of risk of material misstatement at the assertion level is completed to give the audit team a basis for planning the audit and determining the __, __, and __ of further audit procedures to be conducted for the financial statement audit.

nature, timing, extent

An auditor can

never rely on information produced by the company's information system without investigation

Duties of the audit committee include:

oversight of the public accounting firm conducting the entity's audit, engaging legal counsel in the event of management fraud, overseeing the anonymous fraud hotline

When documenting their understanding of the internal control system, the audit team should consider questions related to:

policies and procedures documentation and communication, selection and development of control activities, integration with the risk assessment process, information technology

External auditors are:

primarily concerned with a client's internal control system as it relates to the financial reporting category

Internal control provides __ assurance that management's objectives will be achieved.

reasonable

The COSO definition states that internal control is designed to provide __ regarding the achievement of objectives in three categories.

reasonable assurance

Duties that should be segregated are:

reconciliation, recording, authorization, custody

COSO internal control categories include __ of financial reporting and __ with applicable laws and regulations.

reliability, compliance

A key factor in audit sampling is that, for a sample to be considered __, all items in a population must have an opportunity to be selected.

representative

Performance reviews:

require management's active participation in the supervision of operations, can help lower the risk of material misstatements, include the study of budget variances with follow up actions

The five basic components of a properly designed internal control system as defined by COSO are: (1) control environment, (2) __ assessment, (3) __ activities, (4) __ and (5) information and __.

risk, control, monitoring, communication

Common monitoring controls include:

self-assessments by management regarding the tone they set, analysis of and follow up items that might be indicative of a control failure, quality assurance review of the internal audit department

Internal control questionnaires:

should be used in combination with other methods, make it less likely for the audit team to forget to cover an important point, tend to be inflexible, are somewhat unique for each organization, help the auditing team obtain evidence about the control environment, should include questions about each relevant assertion

Flowcharts:

should flow from left to right and top to bottom, should include narrative explanations, must be understandable to an audit supervisor

The information system produces an audit trail that begins with __ documents and proceeds through to the financial reports.

source

A well-functioning internal control environment requires:

support as shown by management's philosophy and operating style, competent individuals in financial reporting and oversight roles, supportive human resource policies and practices

When the audit team members document their understanding of management's control activities, a positive assessment may result in

testing control activities for reliance

In order to assess control risk below the maximum:

tests of controls must be performed

Obtaining an understanding of the information system relevant to financial reporting includes understanding:

the nature of the underlying accounting records, information and accounts used to execute a transaction, how the information system captures events and conditions other than transactions significant to the financial statements

Professional standards recognize that to make effective decisions, managers must have access to __, __ and __ information.

timely, reliable, relevant

The audit team identifies __-__ controls that pertain to specific classes of entries, account balances and disclosures.

transaction-level

A combination of personnel inquiry, operation observation and document examination while tracing a single transaction through the entire audit trail is a(n)

walkthrough


Related study sets

Economics Chapter 7-10 test review

View Set

Chapter 12: Gross Domestic Product and Growth

View Set

CMJN 2100 final Auburn University (I got a 100)

View Set

Chapter 5: Consumer Credit: Advantages , Disadvantages, Sources, and Costs

View Set

WGU C113 - Instructional Planning (Math)

View Set

Chapter 9 Male Reproductive System- Pathology and Procedures

View Set

C237 - Sec 03 - Chapter 02 - Quiz Review

View Set

Sophia Principles of Finance Unit 3 Milestone

View Set