Audit Exam 2

Ace your homework & exams now with Quizwiz!

what is audit risk?

-

what are some common fraud rationalizations ?

- "I'll pay the money back" - "nobody will get hurt" - "a successful image is important"

employee fraud :

- also called misappropriation of assets - usually involves some type of falsification - generally includes a cover up

what happens when an auditor receives an oral response to a confirmation?

- also need to get a written response - alternative audit procedures may be warranted

when are substantive procedures performed in the revenue cycle?

- always performed in the revenue cycle

materiality and significant accounts and disclosures

- an account or disclosure can be significant even though the balance is below materiality

if a control is missing or ineffective :

- auditors need to design substantive procedures related to control failure - the risk of material misstatement increases

access to accounts receivables records gives an individual what ?

- authorization - recording responsibility

what is the primary document used to test the cash balance in the financial statements ?

- bank reconciliation

when should an auditor define a significant difference when completing analytical procedures related to comparing expectations with recorded amounts

- before

what do general business sources include?

- business newspapers - specialized trade magazines and journals - registration statements and 10K filings

detection risk is .....

- calculated and derived from other risks - the amount of risk the auditor can allow

existence is riskier than completeness for what account?

- cash

difficulties in estimating the allowance for undoubtful accounts can be due to :

- change in customer base - revised credit policies - changing economic conditions

what does the audit team do with regards to internal control of a company ?

- communicates internal control issues to help management carry out internal control monitoring responsibilities - must communicate significant deficiencies and material weaknesses identified during the audit

effects of finding out a client is planning to acquire another company in terms of auditor

- component of understanding the nature of the company - results in additional risks for the auditor

what are good justifications for not using confirmations?

- confirmations would be ineffective - receivables are not material - other procedures provide sufficient, competent evidence

what is true regarding confirmations for AR?

- confirming a specific transaction is often more effective than confirming the account balance - confirmation returned as "undeliverable" are always a red flag

five basic of properly designed internal control system defined by COSO are

- control environment - risk assessment - control activities - monitoring - information and communication - work together (not independently of each other)

What does Sec 302 of SOX do?

- designed to ensure proper "tone at the top" - allows managers to make their own judgements about the necessity of specific controls - makes management responsible for monitoring, supervising, and maintaining control activities - makes managers responsible for establishing a control environment - requires management to assess the risks it wishes to control

what is the focus of AS 2201?

- determine whether a material weakness exists at the end of the year being reported on

what model did COSO develop to facilitate the assessment and mitigation of business risks a company faces?

- enterprise risk management

what is the result of a material weakness exists at the end of the year being reported on ?

- entity's internal control over financial reporting can't be considered effective

which documents should be matched before recording revenue?

- evidence of shipment - Customer invoice - customer sales order

what is part of the fraud risk assessment?

- examine journal entries and other adjustments, especially those made close to year end

what are business risks?

- factors, events, and conditions that can prevent the organization from achieving its objective

procedures related to internal control in an integrated audit performed under AS 2201 are _______ than those in a GAAS audit for a nonpublic entity ?

- far more extensive

what is employee fraud?

- fraudulent means to misappropriate funds or other property from one employer's definition

a code of conduct for employees .........

- helps send the right message from the top - is more likely to be supported if the board chairman follows it - must be supported by the control environment

obtaining an understanding of the information system relevant to financial reporting includes understanding

- how the information system captures events and conditions other than transactions significant to the financial statements - the nature of the underlying accounting records, information and accounts used to execute a transaction

facts about company's fraud prevention program

- in an electronic payment environment, lack of controls can lead to costly fraud - it is essential that management establish a strong control environment

what three things make up the fraud triangle?

- incentive/pressure - attitude/rationalization - opportunity

what are related parties?

- individuals or organizations that can influence or be influenced by the decisions of the company, possibly through family ties or investment relationships

an accounts significance is based on its _____ risk

- inherent

the risk of material misstatement is a combination of what types of risks?

- inherent and control risks

in a well-functioning internal control system, once the risk's to management's objectives have been identified, ______________________ are established to eliminate, mitigate, or compensate for the risks

- internal control activities

if preliminary findings indicate the possibility of fraud what should auditors do?

- involve fraud examination professionals

a proof of cash:

- is used to discover unrecorded cash transactions - is an effective procedure to verify cash transactions - reconciles the bank balance, bank reports of cash deposited and paid general ledger entries

the requirement of auditors to communicate significant deficiencies and material weaknesses in internal control that come to their attention during the performance of a PCAOB audit for which types of companies?

- issuers and non-issuers

two ways to classify employee fraud ?

- larceny/defalcation - embezzlement

section 302 of SOX requires ....

- makes management responsible for monitoring, supervising, and maintaining controls - allows managers to Make their own judgements about the necessity of specific controls - is designed to ensure the proper "tone at the top"

when developing an expectation for an account balance, auditors should

- may consider non-financial info - may use vertical and horizontal analysis - may consider third party info

what should auditors do when doing fraud risk assessment with revenue?

- must assume improper revenue recognition is a risk

a typical white collar criminal has :

- no arrest record - some type of religious affiliation - attended college - generally acting alone - socially conforming

what is an auditor's primary objective in related parties ?

- obtain evidence needed to determine if transactions with them have been properly accounted for and disclosed in the financial statements

the assessment of inherent risk needs to .....

- occur for each significant financial disclosure and account - to be evaluated without regards to internal controls

what is true about test of controls over cash?

- often support a reduction in control risk - most audit clients have strong controls over cash

typical ways companies cause F/S to be misstated through fraud or aggressive financial reporting

- omitting info from disclosures - overstating assets and understating liabilities

when gaining an understanding of internal control, assertions should be ....

- only be considered if they are relevant

control activities often take away the what for a fraudster to commit a fraud ?

- opportunity

what items must be included in the documentation in working papers during the risk assessment process?

- other conditions causing auditors to plan additional procedures - significant decisions during discussion - discussion with engagement personnel - specific risks identified and audit team responses - procedures to identify and assess risk - results of audit procedures, specifically procedures regarding management override

what is true regarding fraud?

- possibility of detection can be an effective fraud deterrent - control violation may be the audit team's first indication of fraud

what is inherent risk?

- probability that in absence of internal controls, material errors or frauds could enter the accounting system used to develop financial statements

what is control risk?

- probability that the client's internal control activities will fail to prevent or detect material misstatements provided they enter or would have enter the accounting system

what is not a basic activity in the revenue and collection cycle for a typical manufacturing company?

- purchasing raw materials

COSO internal control categories include _______ of financial reporting and _______ with applicable laws and regulations

- reliability - compliance

regarding the revenue process, management should ....

- review merchandise returns - continually review revenues and compare them to budgets and forecasts - scrutinize total write-offs of accounts receivable

what are some common monitoring controls?

- self-assessments by boards regarding the effectiveness of their oversight - periodic evaluation of controls by internal audit - supervisory review of controls - self-assessments by management regarding the tone they set - analysis of and follow up on items that might be indicative of a control failure - quality assurance review of the internal audit department

inherent risk components

- susceptibility of account to misstatement - not created by the auditors

what happens in the revenue cycle?

- tests of controls often support a reduction in control risk - it consists of routine transactions - there is always a presumptive risk of fraud

what factors relate to the susceptibility of accounts to misstatement or fraud?

- volume of transactions - size of account balance

fraudster behavior usually includes

- working too late - irritabilty - drinking too much - working standing up - inability to relax - defensiveness

what is detection risk?

The probability that the auditor's own procedures will fail to detect material misstatements provided that any have entered the accounting system

substantive procedures over cash will ....

always be performed

it is usually best to have an anonymous employee hotline responded to by who

an outside third-party agency

The risk that an unqualified opinion will be issued on financial statements that contain a material misstatement is the definition of ______ risk.

audit risk

detection risk is based on the level of ________ __________ and risk of material misstatement

audit risk

when a material misstatement is not prevented or detected by the client's internal controls or auditors substantive procedures __________ _________ has been manifested

audit risk

An entity's auditors, accountants and security personnel must be acquainted with the basics of fraud awareness ______.

because not all fraud schemes can be thwarted or detected

the auditor assesses inherent risk to determine where a material misstatement could enter the process ____________ the consideration of any internal controls

before

the form the carrier signs to verify goods are shipped is called what

bill of lading

All entities recognize the need for a formalized process to identify, assess and manage factors, events and conditions, known as __ __, that can prevent the organization from achieving it objectives.

business risks

giving managers and employees the freedom to do business -

can mean giving them freedom that enables committing fraud

AS 2201 encourages the audit team to use the work of internal auditors but the audit team must evaluate their __________ and __________ and perform some tests of their work.

competence and objectivity

specific actions a client's management and employees take to help ensure management's directives are carried out are called

control activities

integrity, ethical values, and competence of the entity's people are all __________ factors

control environment

the foundation for all other components of internal control is the

control environment

verifying the dates on sales documents helps reduce the risk of misstatement related to the _______ assertion of revenue

cutoff

the assessment of inherent risk and control risk lead to a determination of _________ risk

detection

auditors can and do influence both the level of ....

detection risk only

Auditors must gain an understanding of internal controls that are in place to mitigate assessed fraud risk and, at a minimum,______.

document that understanding in the workpapers

most common motivation in business frauds is

economic benefits

COSO internal control categories include

effectiveness and efficiency of operations

misappropriation of assets is another word for

employee fraud

Comparing all customers' credit limits to the sum of their outstanding credit balance plus a potential sales transaction as a means of checking for potential over-limit conditions is an example of ______ testing.

exception

using an automated test procedure designed to test all items in a population as a means to identify a violation of control activities is an example of _________ testing

exception

AR confirmation is a substantive procedure designed to obtain evidence of the _________ and rights and obligations of customer's balances directly from the customer

existence

when customers are not willing or able to return confirmations, examining subsequent cash receipts, sales orders, invoices, and shipping documents, and correspondence files for past-due accounts are alternative procedures that may be performed in order to ensure what

existence

accounts receivable confirmation is a substantive procedure designed to obtain evidence of the ____________ of customers' balances directly from the customer

existence rights and obligations

true or false - the auditor is only required to communicate significant deficiencies and material weaknesses in internal control that come to their attention during the performance of a PCAOB audit for an issuer

false - both issuers and non-issuers

true or false: auditing standards recommend but generally do not require the use of confirmations for AR

false - confirmations are a required auditing procedure

True or False: for audits of internal control the audit team must understand and evaluate internal controls for the entire period

false - true for financial statement audits but internal control audits just done at end of year

the higher the assessment of control risk - the ______ the assessment of risk of material misstatement

higher

what can general business sources relate to?

industry or individual company

Audit risk is manifested when a material misstatement enters the financial reporting process, which is known as ______ risk.

inherent

for each relevant assertion identified by the auditor, professional standards require auditors to first gain an understanding of the __________ _______________ that have been designed to mitigate the risk of material misstatement

internal controls

after understanding and documenting internal control, an audit team should be able to

make a preliminary assessment of control risk

the reason for a person to take a fraudulent action that is to be unsharable with others is a ....

motive

Under SOX , an audit of the internal control system over financial reporting must is required and .....

must be integrated with the financial statement audit

the assessment of risk of material misstatement at the assertion level is completed to give the audit team a basis for planning the audit and determining the ________, _________, and _________ of further audit procedures to be conducted for the financial statement audit

nature, timing, and extent

renumbered documents are important in testing which two assertions?

occurrence and completeness

failure to count inventory on a regular basis provides what to commit fraud

opportunity

improper SOD provides _________ to commit fraud

opportunity

a strong entity-level control in the revenue process is .....

overall performance review by management

a description of the goods being shipped as well as the quantity shipped is found on the ________

packing slip

a method to discover unrecorded transactions in a four-column bank reconciliation is called what

proof of cash

"I am underpaid and due additional compensation" example of fraud .....

rationalization

according to auditing standards, revenue must be ____________ or ___________ and earned to be recognized

realized or realizable

COSO definition deals with what and what about internal control and achievement of objectives in 3 categories

reasonable assurance

the SOX act of 2002 _______ an anonymous employee hotline for reporting ethical problems

requires

sales must be realizable and earned in order to be recorded under the accounting standards related to what

revenue recognition

gaining an understanding of internal controls should start with identifying .....

significant accounts and disclosures and their relevant assertions

the most effective alternative procedure to confirmations to ensure existence is examining what

subsequent cash receipts

what is fraud?

the act of knowingly making material misrepresentations of fact with the intent of inducing someone to believe the falsehood and act on it and, thus, suffer a loss or damage

professional standards recognize that to make effective decisions, managers must have access to _______, _______, and _______ information

timely, relevant, and reliable

true or false: the bank reconciliation is an opportunity for management to monitor the SOD between cash receipts and disbursements

true

Knowing if a client is centralized or decentralized is a component of ______.

understanding the nature of the company

When the auditor evaluates the reasonableness of the allowance for doubtful accounts, ______ is a high risk assertion.

valuation


Related study sets

Mental Health Exam 2 CH. 12,13,18,19,25

View Set

Chapter 7: Machine Learning and Deep Learning

View Set

NEB - LifeIN - Uses of Life Insurance

View Set

chapter 6 interest groups in texas

View Set

Health Insurance exam guaranteed

View Set