Audit Test #1 Chapter 3
Internal control is a process, effected by an entity's board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives relating to operations, reporting, and compliance.
True
Which of the following is not part of management's report on internal controls?
A statement indicating the extent of tests performed to assess controls
Performing a walkthrough provides an understanding of the nature of processing in important accounting applications.
True
Which one of the following is not a control activity implemented in most accounting systems?
Segregation of duties. Competent, trustworthy employees. Authorization procedures. All of these activities are normally implemented.
Which of the following services does the PCAOB require auditors of public companies to perform?
A financial statement audit and an examination of the effectiveness of internal controls
Which one of the following represents a control deficiency?
A missing control that is required for achievement of objectives.
Which of the following is an inherent limitation of internal controls?
Collusion
A strong control environment can reduce all the financial reporting risks to zero.
False
Which of the following is not true of internal control as defined by COSO?
It is narrower than internal control over financial reporting
Requiring two signatures on any check in excess of $10,000 is an example of which type of control?
Preventive control
Internal control is a process designed to achieve objectives in which one of the following categories?
Reliability of financial reporting. Compliance with applicable laws. Operational Effectiveness. All of the above.
Internal controls may be preventive or detective.Which of the following controls is preventive?
Requiring two persons to open mail containing payments.
A deficiency in design of internal controls exists when an existing control is not properly designed so that, even if the control operates as designed, the control objective would not be met.
True
A control designed to ensure that sales transactions are generated using the company's most current prices would be considered to be which type of control?
A processing control
What is the primary benefit of effective internal control in an organization?
Achievement of certain organizational goals.
Which of the following is an example of a control environment deficiency??
An audit committee that is not viewed as the client of the external auditor
An edit test is considered to be which type of control?
An input control
Which of the following is another name for transaction controls?:
Application controls.
Which of the following is an example of a detective control in an information system?
Automated reports to management that specifically identify delinquent receivables
Which one of the following groups is interested in an organization's control structure?
Board members, lenders, and auditors
Which one of the following is an example of an internal risk for an organization?
Changes in internal information technology.
Internal control is a process affected by the organization's board of directors, management, and other personnel to provide reasonable assurance of achieving certain objectives. Which of the following does not fit into one of these categories of objectives?
Continuing existence
Security management practices which limit access to technologies is a function included in which COSO component of internal control structure?
Control Activities
Which of the following is not part of the control environment?
Control activities.
Which one of the following COSO components of internal controls influences the tone for the organization?
Control environment
Which of the following is not a major component of an organization's internal controls?
Control risk
Which of the following is not included as a components of an organization's internal control structure in the COSO framework?
Control risk
Which of the following is considered to be an entity-wide control?
Controls over management override
In an Integrated Audit, what is the independent external auditor primary concerned with?
Determining whether the internal controls are effective
Which statement is true concerning the documentation of internal control?
Documentation should be sufficient to support the design and operating effectiveness of internal controls
Which of the following best describes the purpose of personnel policies and procedures?
Ensure the organization hires the right people. Ensure the organization complies with federal and state laws in its hiring and retention decisions. Ensure the organization has employees that are properly trained and supervised. Ensure the organization performs all of the above.
A company's internal auditing function should not be considered when assessing the effectiveness of internal controls.
False
A material control weakness is a deficiency in internal control such that a reasonable probability exists that a material misstatement of the company's financial statements may not be prevented or detected on a timely basis..
False
A walkthrough involves following a transaction back from when it is reflected in the financial records to when it originated to determine if the controls are effectively designed and have been implemented.
False
A well-controlled organization has an appropriate structure and clearly defined lines of responsibility and authority where everyone in the organization has equal responsibility for the effective operation of internal control.
False
An organization's control environment is established and maintained by the internal auditing department.
False
Control activities implemented to mitigate transaction processing risk that typically affect only certain processes, transactions, accounts, and assertions are referred as transaction or application controls.
False
Controls to monitor results of operations are considered to be transaction controls.
False
Corporate policies designed to attract, train, and evaluate competent employees are considered to be control activities in the COSO framework for internal controls.
False
Internal control is a process designed to guarantee the achievement of the objectives of reliable financial reporting, compliance with laws and regulations and ineffective and inefficient operations.
False
Management is obligated to report significant deficiencies in the control structure in their annual report on internal control effectiveness required by the Sarbanes-Oxley Act.
False
Management should test all internal controls for effectiveness when performing their annual evaluation of the internal control structure.
False
Management's risk assessment process should be performed only by senior-level management.
False
One of the advantages of a computerized accounting system is that the computerized system eliminates the need for internal controls.
False
One of the components of internal control, monitoring, refers to the process of identifying, capturing, and exchanging information in a timely fashion to enable accomplishment of the organization's objectives.
False
Physical controls to safeguard assets are not intended to include simple controls such as fences and locks.
False
Preventive controls are designed to provide reasonable assurance that the correct program is used for processing, all transactions are processed, and the transactions update appropriate files.
False
Preventive controls are generally more cost-efficient than detective controls.
False
Segregation of duties is considered a part of the monitoring component of the COSO framework for internal control structure.
False
The payroll department should be responsible for signing payroll checks.
False
Which COSO component of internal control concerns the process of identifying, capturing, and exchanging information in a timely fashion to enable accomplishment of the organization's objectives?
Information and communication
A control designed to ensure that no employee is paid for more than 80 hours of sick pay is an example of which type of control?
Input control
In a large company, who usually monitors the internal control?
Internal auditors
Which of the following is an example of a physical control to safeguard assets?
Locks on the warehouse doors
Which of the following is not a way management obtains evidence regarding the effectiveness of internal control over the accounting system?
Making inquiries of banks and attorneys
With whom does the tone of internal control typically originate?
Management
Which of the following is not part of the control environment of an organization?
Management's philosophy and operating style. Organizational structure. Human resources. Both A and B. All of the above are part of the control environment.
Which of the following is the most severe?
Material weaknesses in internal control
Which component of COSO's internal control system concerns the process that provides feedback on the effectiveness of the other four components of internal control?
Monitoring
A control designed to ensure that the number of sales transactions recorded in the accounting records matches the number of sales invoices entered during processing is known as which type of control?
Output control
Which of the following is considered to be a transaction control?
Physical controls to safeguard assets
Requiring the mail clerk to prepare a listing of all checks received, with copies of the list going to the cashier and to accounting, is an example of which type of control?
Preventive
The COSO principle that an organization should identify and assess changes that significantly impact the system of internal control is related to which COSO component?
Risk Assessment
Which of the following is a major component of an organization's internal control structure?
Risk assessment
Which of the following best represents a walkthrough?
The auditor traces three purchasing transactions from the purchase order to the financial statement for observation and understanding.
Which of the following is not one of the underlying principles of an effective control environment as developed by COSO?
The organization considers the potential for fraud in assessing risks to the achievement of objectives
The information and communication component of internal control includes which of the following?
The organization obtains or generates and uses relevant, quality information to support the functioning of other components of internal control
The quality of an organization's internal controls affect which of the following?
The reliability of financial data. The ability of management to make good decisions. The ability to remain in business. All of the above.
Which of the following is not true of the concepts that are embodied in the COSO framework of internal controls?
The six components of internal control are logically and operationally intertwined
A material weakness in internal control is a deficiency, or a combination of deficiencies, in internal control over financial reporting such that there is a reasonable possibility that a material misstatement of the company's annual or interim financial statements will not be prevented or detected on a timely basis.
True
A transaction trail includes the documents and records that allow an auditor to trace a transaction from its origination through to its final disposition, or vice versa.
True
All organizations should evaluates and communicates internal control deficiencies in a timely manner to those parties responsible for taking corrective action, including senior management and the board of directors, as appropriate.
True
An auditor needs to understand a company's internal controls in order to anticipate the types of material misstatements that may occur.
True
An organization's commitment to integrity is demonstrated through the tone set by the board and management.
True
Control activities are the component of internal control that includes control actions that have been established by policies and procedures
True
Control activities may be implemented at the organizational level and at the transactional level.
True
Effective control not only identifies risk but also responds to these risks appropriately.
True
Generally, highly regulated entities have more complex control activities than less-regulated entities.
True
In addition to controls being specific, they may be broad, such as policies regarding a code of ethics.
True
Managers must use professional judgment to determine whether identified control deficiencies rise to the level of a significant deficiency or material weakness.
True
Monitoring of the internal controls involves assessment by appropriate personnel of the design and operation of controls on a timely basis and taking necessary actions.
True
Physical controls are necessary to protect and safeguard assets from accidental or intentional destruction and theft.
True
Preventive controls are designed to prevent the occurrence of a misstatement.
True
Segregation of duties is a control activity that is designed to protect against the risk that an individual could both perpetrate and cover up a fraud.
True
Self-checking digit algorithms have been developed to test for transposition errors associated with identification numbers
True
Several significant deficiencies in internal controls may constitute a material weakness.
True
The better the quality of the internal controls, the more an auditor can rely on the controls.
True
The five major components of an organization's internal control are: the control environment, risk assessment, control activities, information and communication, and monitoring.
True
The quality of an organization's internal control will affect both the audit approach and the amount of testing needed for an engagement.
True
Transaction oriented controls are designed to ensure that transactions are properly valued.
True
Walkthroughs and inquiries are often used to obtain an understanding of internal controls.
True
Which of the following is not a reason that the auditor must gain an understanding of the client's internal control system?
a. Better understand the client, its risks, and how it manages those risks. b. Assess control risk and identify the types of financial statement misstatements that are most likely to occur. c. Plan direct tests of account balances to determine if misstatements have occurred. d. All are reasons why auditors must gain an understanding of the client's internal control system.
A bank reconciliation is an example of which type of control?
A detective control