AUDIT EXAM 2

In a monetary-unit sample with a sampling interval of $10,000, an auditor discovered that a selected account receivable with a recorded amount of $5,000 had an audit amount of $2,000. The projected misstatement of this sample was

$6,000 (10,000 * .60) ((5,000-2,000)/(5,000)) = .60

In attributes sampling, population size has little or no effect on sample size once the population exceeds approximately

1,000

An auditor desired to test credit approval on 10,000 sales invoices processed during the year. The auditor designed a statistical sample that would provide 1 percent risk of assessing control risk too low for the assertion that not more than 7 percent of the sales invoices lacked approval. The auditor estimated from previous experience that about 2½ percent of the sales invoices lacked approval. A sample of 200 invoices was examined, and 7 of them were lacking approval. The auditor then determined the computed upper deviation rate to be 8 percent. Based on the information above, the planned allowance for sampling risk was

4.5%

In auditing ICFR for a public company, Emily finds that the entity has a significant subsidiary located in a foreign country. Emily's accounting firm has no offices in that country, and the entity has thus engaged another reputable firm to conduct the audit of internal control for that subsidiary. The other auditor's report indicates that there are no material weaknesses in the foreign subsidiary's ICFR. What should Emily do?

Accept the other auditor's opinion after evaluating the auditor's work, and make reference to the report in her audit opinion

An auditor's primary consideration regarding an entity's internal controls is whether they

Affect the financial statement assertions

Examples of entity-level controls include Management's risk assessment process. Controls to monitor results of operations. The period-end financial reporting process. All of these are examples of entity-level controls.

All

Internal control is a process designed to provide reasonable assurance regarding the achievement of which objective? Effectiveness and efficiency of operations. Reliability of financial reporting. Compliance with applicable laws and regulations. All of these are correct

All

In determining the extent to which the auditor may use the work of others in the audit of ICFR, the auditor should do all of the following except: Test some of the work performed by others to evaluate the quality and effectiveness of their work. Evaluate the nature of the controls subjected to the work of others. Evaluate the competence and objectivity of the individuals who performed the work. All of these are required.

All of these are required

Which of the following statements concerning the auditor's use of statistical sampling is correct? A classical variables sample needs to be designed with special considerations to include negative balances in the sample. An assumption of monetary-unit sampling is that the underlying accounting population is normally distributed. The selection of zero balances usually does not require special sample design considerations when using monetary-unit sampling. An auditor needs to estimate the dollar amount of the standard deviation of the population in order to use classical variables sampling.

An auditor needs to estimate the dollar amount of the standard deviation of the population in order to use classical variables sampling

Reports on service organizations typically

Assess whether the service organization's controls are suitably designed to achieve internal control objectives

For which of the following internal controls would an auditor be least likely to perform tests of internal controls closer to the "as of" date? Withdrawals from Federal Bank of more than $5 million must include a manager's signature. At the end of each day at Federal Bank, the total cash in the vault is reconciled with daily registers of deposits and withdrawals. Federal Bank has just started establishing trusts for its customers and it has only set up ten such trusts. Before making an investment for a trust, bank employees must verify that the investment is in accordance with stated investment policies. On an annual basis, Federal Bank management performs credit checks on its loan customers before determining the value of loans it will not be able to collect on.

At the end of the each day at Federal Bank, the total cash in the vault is reconciled with daily registers of deposits and withdrawals

A primary purpose of internal controls is to

Meet objectives of maintaining reliable documents and records and accurate financial reporting

The documentation of an auditor's understanding of internal controls

Can include any combination of narratives, questionnaires, or flowcharts

An auditor is performing substantive procedures of pricing and extensions of perpetual inventory balances consisting of a large numeber of items. Past experience indicates that there may be numerous pricing and extension errors. Which of the following statistical sampling approaches is most appropriate? Classical variables sampling. Monetary-unit sampling. Attribute sampling. Stop-n-go sampling.

Classical variables sampling

Which of the following would be an improper technique when using monetary-unit statistical sampling in an audit of accounts receivable? Combining negative and positive dollar misstatements in the appraisal of a sample. Using a sampling technique in which the same account balance could be selected more than once. Selecting a random starting point and then sampling every nth dollar. Defining the sampling unit in the population as an individual dollar and not as an individual account balance.

Combining negative and positive dollar misstatements in the appraisal of a sample

Which of the following controls would most likely be tested during an interim period? Controls that operate on a continuous basis. Controls over nonroutine transactions. Controls over the period-end financial reporting process. Controls over transactions that involve a high degree of subjectivity.

Controls that operate on a continuous basis

Entity-level controls can have a pervasive effect on the entity's ability to meet the control criteria. Which one of the following is not an entity-level control? Controls to monitor results of operations. Controls to monitor the inventory taking process. The period-end financial reporting process. Management's risk assessment process.

Controls to monitor the inventory taking process

A control deviation caused by an employee performing a control procedure that he or she is not authorized to perform is always considered a

Deficiency in operation

Which of the following combinations results in the greatest decrease in sample size in an attribute sample for a test of controls?

Desired Confidence Level Deviation Rate = Decrease Tolerable Deviation Rate = Increase Expected Population = Decrease

Which of the following factors does an auditor generally need to consider in planning a particular audit sample for a test of controls? Number of items in the population. Total dollar amount of the items to be sampled. Desired confidence level. Risk of assessing control risk too high.

Desired confidence level

Which of the following statements is correct concerning statistical sampling in tests of controls? As the population size increases, the sample size should increase proportionately. Deviations from specific internal control procedures at a given rate ordinarily result in misstatements at a lower rate. There is an inverse relationship between the expected population deviation rate and the sample size. In determining tolerable deviation rate, an auditor considers detection risk and the sample size.

Deviations from specific internal control procedures at a given rate ordinarily result in misstatements at a lower rate

An auditor is performing substantive procedures of pricing and extension of perpetual inventory balances consisting of a large number of items. Past experience indicates numerous pricing and extension errors. Which of the following statistical sampling approaches is most appropriate?

Difference projection

In examining cash disbursements, an auditor plans to choose a sample using systematic selection with a random start. The primary advantage of such a systematic selection is that population items

Do not have to be prenumbered in order for the auditor to use the technique

The risk of an incorrect acceptance relates to the

Effectiveness of the audit

Which of the following sample planning factors would influence the sample size for a substantive test of details for a specific account? Expected amount of misstatement but not the measure of tolerable misstatement. Expected amount of misstatement and the measure of tolerable misstatement. Measure of tolerable misstatement but not the expected amount of misstatement. Neither the expected amount of misstatement nor the measure of tolerable misstatement.

Expected amount of misstatement and the measure of tolerable misstatement (Both)

Considering each independency, a change in which of the following sample planning factors would influence thet dample size for a substantive test of details for a specific account?

Expexted Misstatement and Tolerable Misstatement

When an auditor increases the planned assessed level of control risk because certain control activities were determined to be ineffective, the auditor would most likely increase the

Extent of tests of details

An entity's control activities include all of the following except: Performance reviews. Information processing. External auditor's tests of controls. Segregation of duties.

External auditor's tests of controls

Auditors are most likely to gather audit evidence solely using substantive procedures

For nonrecurring, unusual transactions

Which of the following courses of action would an auditor most likely follow in planning a sample of cash disbursements if the auditor is aware of several unusually large cash disbursements? Set the tolerable deviation rate at a lower level than originally planned. Identify the large and unusual disbursements as individually significant and test 100 percent. Increase the sample size to reduce the effect of the unusually large disbursements. Continue to draw new samples until all the unusually large disbursements appear in the sample.

Identify the large and unusual disbursements as individually significant and test 100 percent

Which of the following would most likely be an advantage in using classical variables sampling rather than monetary-unit sampling? The auditor rarely needs the assistance of a computer program to design an efficient sample. Any amount that is individually significant is automatically identified and selected. Inclusion of zero and negative balances generally does not require special design considerations. An estimate of the standard deviation of the population's recorded amounts is not required.

Inclusion of zero and negative balances generally ddoes not require special design considerations

How would increases in tolerable misstatement and assessed level of control risk affect the sample size in a substantive test of details.

Increase Tolerable Misstatement Risk = Decrease Sample Size Increase in Assessed LEvel of Control = Increase sample size

When testing automated IT controls, the auditor is most likely to do all of the following except: examine the IT software. increase sample size because the tolerable deviation rate tends to be higher for automated IT controls. test one or a few of each type of transaction. test general controls over system and program changes.

Increase sample size because the tolerable deviation rate tends to be higher for automated controls

The primary purpose of a generalized computer audit program is to allow the auditor to

Independently process electronic data processing records

To obtain evidential matter about control risk, an auditor selects tests from a variety of techniques including Inquiry. Analytical procedures. Calculation. Confirmation.

Inquiry

Which of the following procedures most likely would be included as part of an auditor's tests of controls? Inspection. Reconciliation. Confirmation. Analytical procedures.

Inspection

Potential benefits of an entity's controls in an IT environment include all of the following except: Reduction in the risk that controls will be circumvented. More accurate accounting estimates. Consistent application of predefined business rules. More timely information.

More accurate accounting estimates

Harvey Jones, CPA, uses statistical sampling to test control procedures. What is a benefit of using statistical sampling?

It provides a means of mathematically measuring the sampling risk that result from examining only a part of the data

A procedure that would most likely be used by an auditor in performing tests of control activities that involve segregation of functions but which leave no transaction trail is

Observation

Monetary-unit sampling is said to eleminate the need to stratify the sample becasue

Sample itmes are selected in proportion to their dollar amount

The auditor should consider all of the following when deciding whether substantive procedures will be performed at an interim date except: The level of control risk. Scheduling conflicts in the audit firm that make interim testing more convenient. Whether business conditions will change after the interim date. The ability to examine the remaining period.

Scheduling conflicts in the audit firm that make interim testing more convenient

If the financial reporting risks for a location are low and the entity has good entity-level controls, management may rely on which of the following for its assessment? Self-assessment processes in conjunction with entity-level controls. Selective control test at that location. Documentation and test entity-level controls over the entire entity. Documentation and test controls over specific risks.

Self-assessment processes in conjunction with entity-level controls

Significant deficiencies and material weaknesses must be communicated to an entity's audit committee because they represent significant deficiencies in the design or operation of internal control. material fraud or illegal acts perpetrated by high-level management. disclosures of information that significantly contradict the auditor's going concern assumption. potential manipulation or falsification of accounting records.

Significant deficiencies in the design or operation or internal controls

A number of factors influence the sample size for a substantive test of details of an account balance. All other factors being equal, which of the following would lead to a larger smaple size? Greater reliance on internal controls Geater reliance on analytical procedures Smaller expected frequency of misstatements Smaller amount of tolerable misstatement

Smaller amount of tolerable misstatement

A number of factors influence the sample size for a substantive test of details of an account balance. all other factors being equal, which of the following would lead to a larger sample size? Greater reliance on internal controls. Greater reliance on analytical procedures. Smaller expected frequency of misstatements. Smaller measure of tolerable misstatements.

Smaller measure of tolerable misstatements

Which of the following is true regarding management's documentation of internal controls? Some documentation should focus on controls designed to detect fraud. Documentation should focus on controls over the interim financial reporting process. Documentation must be done on paper. Inadequate documentation is usually considered an insignificant deficiency in internal control.

Some documentation should focus on controls designed to detect fraud

In classical variables sampling, which of the following must be known in order to estimate the appropriate sampling size required to meet the auditor's needs in a given situation? The qualitative aspects of misstatements. The total dollar amount of the population. The acceptable level of risk. The estimated percentage of deviations in the population.

The acceptable level of risk

Which of the following statements concerning monetary-unit sampling is correct? The sampling distribution should approximate the normal distribution. Overstated units have a lower probability of sample selection than units that are understated. The sampling interval is calculated by dividing the number of physical units in the population by the sample size. The auditor controls the risk of incorrect acceptance by specifying the desired confidence level for the sampling plan.

The auditor controls the risk of incorrect acceptance by specifying the desired confidence level for the sampling plan.

An "integrated audit" as stated in Section 404 of the Sarbanes-Oxley Act means

The auditor must conduct two audits, one on the effectiveness of internal control and one on the financial statements, in an integgrated way

It is important for the CPA to consider the competence of the entity's employees because their competence bears directly and importantly upon the

concluding that controls are inefective

Which of the following statements concerning control deficiencies is true? The auditor should communicate to management, in writing, all control deficiencies in internal control identified during the audit. All significant deficiencies are material weaknesses. An auditor must immediately report material weaknesses and significant deficiencies discovered during an audit to the PCAOB. All control deficiencies are significant deficiencies.

The auditor should communicate to management, in writting, all control deficiencies in internal control identified during the audit

The Sarbanes-Oxley Act of 2002 requires management to include a report on the effectiveness of ICFR in the entity's annual report. It also requires auditors to report on the effectiveness of ICFR. Which of the following statements concerning these requirements is false? Management's report should state its responsibility for establishing and maintaining an adequate internal control system. Management should identify material weaknesses in its report. The auditor should provide recommendations for improving internal control in the audit report. The auditor should evaluate whether internal controls over financial reporting are designed and operating effectively.

The auditor should provide reccomendations for improving internal control in the audit report

Which of the following concerning the auditor's report on internal control over financial reporting is correct? The auditor's report contains an opinion on the effectiveness of internal control over financial reporting based on the auditor's independent work. In the report on internal control over financial reporting, the auditor can issue only a qualified or an unqualified opinion. The auditor needs to state management's assessment of internal control over financial reporting, but does not necessarily need to comment on whether he or she agrees. An unqualified opinion is required if a material weakness is identified.

The auditor's report contains an opinion on the effectiveness of internal control over financial reporting based on the auditor's independent work

Which of the following statements about internal control is correct? An exceptionally strong internal control system is enough for the auditor to eliminate substantive procedures on a significant account balance. A properly maintained internal control system reasonably ensures that collusion among employees cannot occur. The cost-benefit relationship is a primary criterion that should be considered in designing an internal control system. The establishment and maintenance of internal control is an important responsibility of the internal auditor.

The cost-benefit relationship is a primary criterion that should be considered in designing an internal control system

As a result of sampling procedures applied as tests of controls, an auditor incorrectly assesses control risk lower than appropriate. The most likely explanation for this situation is that

The deviation rate in the auditor's sample is less than the tolerable deviation rate, but the deviaiton rate in the population exceeds the tolerable deviation rate

According to the PCAOB, who is responsible for the reliability of the internal controls over financial reporting process of an entity?

The entity's CEO and/or CFO

Which of the following is not a factor that might affect the likelihood that a control deficiency could result in a misstatement in an account balance? The financial statement amounts exposed to the deficiency. The nature of the financial statement accounts, disclosures, and assertions involved. The interaction or relationship of the control with other controls. The susceptibility of the related assets or liability to loss or fraud.

The financial statemet amounts exposed to the deficiency

Monitoring is a major component of the COSO Internal Control—Integrated Framework. Which of the following is not correct in how the company can implement the monitoring component? Monitoring can be an ongoing process. The independent auditor can serve as part of the entity's control environment and continuous monitoring. Monitoring can be conducted as a separate evaluation. Monitoring and other audit work conducted by internal audit staff can reduce external audit costs.

The independent auditor can serve as part of the entity's control enviromnent and continuous monitoring

Assume an auditor is evaluating a statistical attribute sample of 50 items that resulted in three deviations. What should the auditor conclude if the tolerable deviation rate is 7 percent, the expected population deviation rate is 5 percent, and the allowance for sampling risk is 2 percent?

The planned assessed level of control risk should be modified becasue the sample deviation rate plus the allowance for sampling risk exceeds the tolerable deviation rate

Which of the following is not a characteristic of a batch processed computer system? The collection of like transactions which are sorted and processed sequentially against a master file. Keypunching of transactions, followed by machine processing. The production of numerous printouts. The posting of a transaction, as it occurs, to several files, without intermediate printouts.

The posting of a transaction, as it occurs, to several files, wihtout intermediate printouts

Which of the following risks is related to effectiveness of testing?

The risk of incorrect acceptance

Which of the following risks is related to effectiveness of testing? The risk of incorrect rejection. Inherent risk. The risk of incorrect acceptance. None of these.

The risk of incorrect acceptance

Which of the following is not a topic that requires special consideration by management during management's internal control assessment process and by the auditor during the audit of internal control? Multiple locations and business units. Service organizations. The role of the auditor in internal control. Safeguarding assets.

The role of the auditor in internal control

The PCAOB's definition of internal control over financial reporting specifically mentions all of the following control activities except: The maintenance of asset records. The segregation of duties. The authorization by management of receipts and expenditures. The safeguarding of assets.

The segregation of duties

Precision is a statistical measure of the maximum projected difference between the sample measure and the true but unknown population total and is direclty related to

confidence interval

Which of the following most likely represents a weakness in internal control of an IT system? The systems programmer designs the operating and control functions of programs and participates in testing operating systems. The systems analyst reviews output and controls the distribution of output from the IT department. The accounts payable clerk prepares data for computer processing and enters the data into the computer. The control clerk establishes control over data received by the IT department and reconciles control totals after processing.

The system analyst reviews output and controls the distributino of output from the IT department

When auditors report on the effectiveness of internal control "as of" a specific date and obtain evidence about the operating effectiveness of controls at an interim date, which of the following items would be the least helpful in evaluating the additional evidence to gather for the remaining period? Any significant changes that occurred in internal control subsequent to the interim date. The walkthrough of the control system conducted at interim. The length of the remaining period. The specific controls tested prior to the "as of" date and the results of those tests.

The walkthrough of the control system conducted at interim

The independent auditor should acquire an understanding of the internal audit function as it relates to the assessment of control risk because

The work performed by internal audit personnel may be a factor in determining the nature, timing, and extent of the independent auditor's procedures

Which of the following statements is correct concerning statistical sampling in tests of controls? There is an inverse relationship between the sample size and the tolerable deviation rate. The qualitative aspects of deviations are not considered by the auditor. As the population size doubles, the sample size should also double. Deviations from controls at a given rate usually result in misstatements at a higher rate.

There is an inverese relationship between the sample size and the tolerable deviation rate

An auditor established a $60,000 tolerable misstatement for an account balance of $1,000,000. The auditor selected a sample of every twentieth item from the population of 1,000 items that represented the asset account balance and discovered overstatements of $3,700 and understatements of $200. Under these circumstances, the auditor most likely would conclude that

There is an unacceptable high risk that the actual misstatements in the population exceed the tolerable misstatement becasue the total projected misstatement is more than the tolerable misstatement 1,000 / 20 = 50 Over - Under = 3,500 3,500 * 50 = 175,000 > 60,000

Which of the following is an advantage of generalized computer audit packages? They are all written in one identical computer language. They can be used for audits of entities that use differing IT equipment and file formats. They have reduced the need for the auditor to study input controls for IT-related procedures. Their use can be substituted for a relatively large part of the required compliance testing.

They can be used for audits of entities that use differing IT equipment and file formats

Which of the following is true of generalized audit software packages? They can be used only in auditing online computer systems. They can be used on any computer without modification. They each have their own characteristics that the auditor must carefully consider before using in a given audit situation. They enable the auditor to perform all manual test procedures less expensively.

They each have their own characteristics that the auditor must carefully consider before using in a given audit situation

What is the primary objective of testing all individually significant items rather than sample testing?

To accept no sampling risk for items greater than tolerable misstatement

An auditor desired to test credit approval on 10,000 sales invoices processed during the year. The auditor designed a statistical sample that would provide 1 percent risk of assessing control risk too low for the assertion that not more than 7 percent of the sales invoices lacked approval. The auditor estimated from previous experience that about 2½ percent of the sales invoices lacked approval. A sample of 200 invoices was examined, and 7 of them were lacking approval. The auditor then determined the computed upper deviation rate to be 8 percent. In the evaluation of this sample, the auditor decided to increase the level of the preliminary assessment of control risk because the

Tolerable decviation rate (7 percent) was less than the computed upper deviation rate (8 percent)

For attributes sampling, of the three factors that enter into sample size determination, which two factors can the auditor adjust to reflect the importance of the control? Tolerable deviation rate and confidence level. Expected deviation rate and confidence level. Population size and tolerable deviation rate. Tolerable deviation rate and expected deviation rate.

Tolerable deviation rate and confidence level

Auditing standards permit both statistical and nonstatistical methods of audit sampling.

True

The PCAOB makes it clear that the CEO and CFO are responsible for the internal control over financial reporting and the preparation of the statements. True/False

True

Which of the following sampling methods would be used to estimate a numeric measurement of a population, such as a dollar value? Numeric Sampling Random Sampling Variable Sampling Attribute Sampling

Variable Sampling

When assessing the tolerable deviation rate, the auditor should consider that, while deviations from control procedures increase the risk of material misstatements, such deviations do not necessarily result in misstatements. This explains why

a recorded disbursement that does not show evidence of required approval may nevertheless be a transacion that is properly authorized and recorded

A deficiency that implies that there is a reasonable possibility of misstatement in the financial statements that is significant but not material is

a significant deficiency

A primary advantage of using generalized audit software packages to audit the financial statements of an entity that uses an IT system is that the auditor may

access information stored on computer files while gaving a limited understanding of the entity's hardware and software features

In auditing a public company, Natalie, an auditor for N. M. Neal & Associates, identifies four deficiencies in ICFR. Three of the deficiencies are unlikely to result in financial misstatements that are material. One of the deficiencies is reasonably likely to result in misstatements that are not material but significant. What type of audit report should Natalie issue?

an unqualified report

After obtaining an understanding of an entity's internal control system, an auditor may set control risk at high for some assertions because he or she

believes the internal controls are unlikely to be effective

AnnaLisa, an auditor for N. M. Neal & Associates, is prevented by the management of Lileah Company from auditing controls over inventory. Lileah is a public company. Management explains that controls over inventory were recently implemented by a highly regarded public accounting firm that the entity hired as a consultant and insists that it is a waste of time for AnnaLisa to evaluate these controls. Inventory is a material account, but procedures performed as part of the financial statement audit indicate the account is fairly stated. AnnaLisa found no material weaknesses in any other area of the entity's internal control relating to financial reporting. What kind of report should AnnaLisa issue on the effectiveness of Lileah's internal control?

disclaimer of opinion

The risk of incorrect acceptance and the risk of overreliance relate to the

effectiveness of the audit

For monetary-unit sampling, a sampling interval of 400 means that

every 400th dollar in the account will be included in the sample

In addition to evaluating the frequency of deviations in tests of controls, an auditor should also consider certain qualitative aspects of the deviations. The auditor most likely would give broader consideration to the implications of a deviation if it was

initially concealed by a forged document

For which of the following audit tests would an auditor most likely use attributes sampling? Making an independent estimate of the amount of LIFO inventory. Examining invoices in support of the valuation of fixed asset additions. Selecting accounts receivable balances for confirmation. Inspecting employee time cards for proper approval by supervisors.

inspecting employee time cards for proper approval by supervisors

Monetary-unit sampling should not be used if

many items in the account are expected to have errors

Auditors who prefer statistical to nonstatistical sampling believe that the principal advantage of statistical sampling flows from its unique ability to

mathematically measure uncertainty

An advantage of statistical sampling over nonstatistical sampling is that statistical sampling helps an auditor to

measure the suffeciency of the evidential matter obtained

Statistical sampling provides a technique for

measuring the sufficiency of evidential matter

An auditor is preparing to sample an entity's customer receivables for overstatement. A statistical sampling method that automatically provides stratification when using systematic selection is attribute sampling. ratio-estimation sampling. monetary-unit sampling. mean-per-unit sampling.

monetary-unit sampling

An auditor who uses statistical sampling for attributes in testing internal controls is most likely to reduce the planned reliance on a prescribed control when the

sample deviation rate plus the allowance for sampling risk exceeds the tolerable deviaiton rate

If auditors conducting attributes sampling found that the entity deviated from a prescribed control in 9 of the first 10 items examined, the auditor is most likely to

stop the test and increase control risk

Regardless of the assessed level of control risk, an auditor would perform some

substantive procedures to restrict detection risk for signigicant transaction classes

Samples to test internal controls are intended to provide a basis for an auditor to conclude whether

the controls are operating effectively

The term precision relates to

the difference between expected and tolerable deviation rate

In determining the sample size for a test of controls, an auditor should consider the expected deviation rate, desired confidence level, and the

tolerable deviation rate

A walkthrough is one procedure used by an auditor as part of the internal control audit. A walkthrough requires an auditor to

trace a transaction from each major class of transactions from origination through the emtity's information system until it is reflected in the entity's financial reports