Auditing & assurance services ch 5

Ace your homework & exams now with Quizwiz!

When completing the audit of internal controls for an issuer, AS 2201 requires auditors to test:

Both operating and design effectiveness.

When completing the audit of internal controls for an issuer, the severity of an internal control deficiency depends on:

Both the magnitude of the potential misstatement resulting from the deficiency or the deficiencies and whether there is a reasonable possibility that the company's controls will fail to prevent or detect a misstatement of an account balance or disclosure.

Which of the following statements are correct? Multiple select question. Audit evidence for tests of controls should not be obtained during an interim period. For a sample to be representative, all items in the population have an opportunity to be selected. Tests of controls should be applied to samples executed throughout the period under audit. The audit team should never rely on tests from previous periods.

For a sample to be representative, all items in the population have an opportunity to be selected. Tests of controls should be applied to samples executed throughout the period under audit.

COSO internal control categories include: _____ of financial reporting _____ with applicable laws and regulations and ______ and ______ of operations.

Reliability of financial reporting Compliance with applicable laws and regulations Effectiveness and efficiency of operations

the probability that an entity's controls will fail to prevent or detect errors and frauds that would otherwise have entered the system

control risk

When either the design or operation of the control under consideration does not allow the entity's management or employees to detect or prevent misstatements in a timely fashion an internal control _____exists.

deficiency

An employee knowingly doing something to bypass the internal control system is an act of Blank______.

deliberate circumvention

a condition expressing whether controls would be expected to prevent or detect errors or fraud that could result in a material misstatement in the financial statements

design effectiveness

the activities that detect misstatements after they occur

detective controls

Section 302 of the Sarbanes-Oxley Act ______. Multiple select question. makes managers responsible for establishing a control environment requires management to assess the risks it wishes to control requires certain specific controls regardless of benefits versus costs makes internal auditors responsible for monitoring and maintaining control activities

makes managers responsible for establishing a control environment requires management to assess the risks it wishes to control

The COSO definition states that internal control is designed to provide ______ ______regarding the achievement of objectives in three categories

reasonable assurance

the concept that recognizes that the costs of control activities should not exceed the benefits that are expected from the control activities

reasonable assurance

A material weakness is a deficiency that results in a(n) ______ ______ that a material misstatement would not be prevented or detected on a timely basis.

reasonable possibility

The auditor should assess control risk for each relevant assertion by evaluating the evidence obtained from all sources, including

All of the choices are correct.

Which of the following is a device designed to help the audit team obtain evidence about the accounting and control activities of an audit client?

An internal control questionnaire.

According to the PCAOB, during the audit of internal controls for an issuer, the ultimate objective of testing the design effectiveness of internal controls is to

Determine that the company's controls will satisfy the company's control objectives and can effectively prevent or detect errors or fraud that could result in material misstatements, if they operate as prescribed.

If the auditors encounter a significant scope limitation in evaluating an issuer's internal control over financial reporting, which of the following types of opinions on the effectiveness of the company's internal control over financial reporting would be appropriate?

Disclaimer of opinion.

Which report would not be appropriate for a public accounting firm to provide on financial reporting controls?

Disclaimer of opinion—significant deficiencies exist.

When completing the audit of internal controls for an issuer, the PCAOB requires the audit team to audit internal controls over:

Financial reporting.

The risk of material misstatement is composed of ______ risk and ______ risk

Inherent and control

Which of the following does not accurately summarize auditors' requirements regarding internal control? Issuer/Nonissuer

Test of Controls Yes/Yes

The most important fundamental component of an entity's internal control is

The control environment.

the opinion issued when the company has not maintained an effective internal control over financial reporting

adverse opinion on internal control over financial reporting

All entities recognize the need for a formalized process to identify, properly assess and ultimately manage factors, events, and conditions, known as,______ _______ that can prevent the organization from achieving its objectives

business risk

Two or more people working together to circumvent the internal control system is called ______ and it cannot be prevented by separation of duties.

collusion

Controls that are pervasive to the internal control system and the reliability of the financial statements as a whole are called ______ - level controls.

entity

Procedures related to internal control in an integrated audit performed under AS 2201 are ______ than those in a GAAS audit for a nonpublic entity.

far more extensive

the term used to describe an audit process that is designed to provide an opinion on both the financial statements and internal control system of an entity

integrated audit process

a process, effected by an entity's board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the reliability of financial reporting, the effectiveness and efficiency of operations, and compliance with applicable laws and regulations

internal control

a condition that exists when the design or operation of a control does not allow the entity's management or employees to detect or prevent misstatements in a timely fashion

internal control deficiency

a checklist of internal control-related questions used to gain and document an understanding of the client's internal control

internal control questionnaire

a deficiency or combination of deficiencies that results in a reasonable possibility that a material misstatement would not prevented or detected on a timely basis

material weakness

a condition expressing whether a control is operating as designed and whether the person performing the control possesses the necessary authority and qualifications to perform the control effectively

operation effectiveness

the tracing of one or more transactions through the audit trail from initiation of the transaction to its inclusion in the financial statements

walkthrough

The five basic components of a properly designed internal control system as defined by COSO are: (1) control ______, (2) ______ assessment, (3) ______ activities, (4) ______ and (5) information and ______ .

(1) control environment (2) risk assessment (3) control activities (4) monitoring (5) information and communication

The purpose of separating the duties of hiring personnel and distributing payroll checks is to separate the

Authorization of transactions from the custody of related assets.

True or false: For audits of internal control, the audit team must understand and evaluate internal controls for the entire period.

F

a subcommittee of the board of directors that is generally composed of three to six "outside" members of the organization's board of directors

audit committee

a report required by the Sarbanes-Oxley Act that provides an opinion on the effectiveness of the entity's internal control over financial reporting

auditor's report on internal control over financial reporting

those factors, events, and conditions that could prevent the organization from achieving its business objectives

business risk

an audit procedure that can be used as both a test of controls and a substantive test

dual-purpose test

When planning the audit of internal controls for an issuer, the audit team should:

identify significant accounts, locations, and relevant assertions.

Gaining an understanding of internal controls should start by identifying ______ accounts and disclosures and their ______ ______

significant; relevant assertions

the controls that are persuasive to the financial statements taken as a whole

entity-level controls (ELCs)

Comparing all customers' credit limits to the sum of their outstanding credit balance plus a potential sales transaction as a means of checking for potential over-limit conditions is an example of ______ testing.

exception

An account's significance is based on its ______ risk.

inherent

When a properly designed control is either ignored or inappropriately applied, a(n) Blank______ has occurred.

operating deficiency

maintaining a good business reputation, ensuring a positive return on investment, increasing market share, promoting new product innovation, and using assets effectively and efficiently

operations category

In most audits of large entities, control risk assessment contributes to audit efficiency, which means that

Auditors will be able to reduce the cost of substantive procedures by an amount more than the control evaluation costs.

Once the auditor detects a control deficiency, which of the following steps must he or she take first?

Evaluate the severity of the deficiency on the auditor's control risk assessment for that assertion.

True or false: The audit team is only required to communicate significant deficiencies and material weaknesses in internal control that come to their attention during the performance of a PCAOB audit for an issuer.

F

When testing a control activity's operating effectiveness, procedures the auditor performs to test operating effectiveness would likely include

Inquiry of appropriate personnel and reperformance of the control activity.

A material weakness is a situation in which

It is reasonably possible that a material misstatement would not be detected on a timely basis.

If the auditor plans to assess control risk at less than the maximum and rely on controls, and the nature, timing, and extent of further audit procedures are based on that lower assessment, the auditor must

Obtain evidence that the controls selected for testing are designed effectively and operated effectively during the entire period of reliance.

Which of the following would probably not be considered an indication of a material weakness?

Overproduction by the manufacturing plant.

Effectiveness of audit procedures would be reduced by

Performing procedures during the interim period as opposed to at the fiscal year-end date.

Matters that could affect the necessary extent of testing for a control activity as it related to the degree of auditor reliance on a control activity would not include the following:

The relevance and reliability of the audit evidence to be obtained to test the operating effectiveness of a control activity.

The foundation for all other components of internal control is the ______ ______.

control environment

Section 302 of the Sarbanes-Oxley Act ______. Multiple select question. allows managers to make their own judgments about the necessity of specific controls is designed to ensure the proper "tone at the top" makes management responsible for monitoring, supervising and maintaining control activities stipulates criminal penalties for the Board of Directors of firm's issuing materially misleading financial statements

allows managers to make their own judgments about the necessity of specific controls is designed to ensure the proper "tone at the top" makes management responsible for monitoring, supervising and maintaining control activities

Flowcharts ______. Multiple select question. can be helpful in identifying missing controls are easy to evaluate after they are completed are time-consuming to construct must be created from scratch for every audit

can be helpful in identifying missing controls are easy to evaluate after they are completed are time-consuming to construct

AS 2201 encourages the audit team to use the work of internal auditors but the audit team must evaluate their ______ and ______ and perform some tests of their work.

competence and objectivity

to ensure compliance with laws and regulations that affect the entity

compliance category

Specific actions a client's management and employees take to help ensure management's directives are carried out are called ______ ______.

control activities

the specific actions taken by a client's management and employees to help ensure that management directives are carried out

control activities

Integrity, ethical values and competence of the entity's people are all ______ ______ factors

control environment

the situations in which auditors cannot provide assurance on the effectiveness of internal control over financial reporting; issued when a significant scope limitation exists

disclaimer of opinion on internal control over financial reporting

For all relevant assertions for each significant account and disclosure, the audit team begins by examining ______ ______ controls that are pervasive to the internal control system and reliability of the financial statements as a whole.

entity level

Using an automated test procedure designed to test all items in a population as a means to identify a violation of control activities is an example of ______ testing.

exception

producing reliable financial reports and safeguarding assets

financial reporting category

Separation of duties Blank______. Multiple select question. forces different people or departments to deal with different facets of transactions prevents fraud that do not involve collusion increases the chance of innocent errors being overlooked prevents incompatible responsibilities

forces different people or departments to deal with different facets of transactions prevents fraud that do not involve collusion prevents incompatible responsibilities

After understanding and documenting internal control, the audit team should be able to ______.

make a preliminary assessment of control risk

Combinations of duties that place a single person in a position to create and conceal misstatements due to errors or frauds in their normal job are termed ______ responsibilities.

incompatible

an entity's system, usually built on some type of technological platform that has been designed to produce the information necessary for the entity to operate and control its business operations

information system

______ ______ ______ are designed to help the audit team obtain evidence about the control environment of a client organization.

internal control questionnaires

a report required by the Sarbanes-Oxley Act that states that management is responsible for establishing and maintaining adequate internal control over financial reporting, identifies the framework management uses to evaluate the effectiveness of the entity's internal control, and provides management's assessment of the effectiveness of the entity's internal control

management's annual report on internal control over financial reporting

The focus of AS 2201 is to determine whether a(n) ______ ______ exists at the end of the year being reported on. If it does, the entity's internal control over financial reporting cannot be considered effective.

material weakness

The magnitude of the potential misstatement that could occur and would not be detected on a timely basis is the primary difference between a(n) ______.

material weakness and significant deficiency

The audit team: Multiple select question. generally makes recommendations to management regarding ways to improve internal control. must communicate significant deficiencies and material weaknesses identified during the audit. communicates internal control issues to help management carry out internal control monitoring responsibilities.

must communicate significant deficiencies and material weaknesses identified during the audit. communicates internal control issues to help management carry out internal control monitoring responsibilities.

the audit documentation that describes the environmental elements, the accounting system, and the control activities in an entity's internal control

narrative description

the activities that prevent misstatements before they occur

preventive controls

Common monitoring controls include Blank______. Multiple select question. quality assurance review of the internal audit department regular management and supervisory control activities analysis of and follow up items that might by indicative of a control failure self-assessments by management regarding the tone they set

quality assurance review of the internal audit department analysis of and follow up items that might by indicative of a control failure self-assessments by management regarding the tone they set

An assertion that has a reasonable possibility of containing a material misstatement is considered to be a(n) ______ assertion

relevant

When control activities do not lend themselves to automated testing, the audit team is likely to use audit ______ to test the population.

sampling

A deficiency in internal controls that is less severe than a material weakness yet important enough to merit attention from those charged with governance is a(n) ______ ______

significant deficiency

a deficiency or a combination of deficiencies in internal control that is less severe than a material weakness yet important enough to merit attention by those charged with governance

significant deficiency

the detailed audit and analytical procedures designed to detect material misstatements in account balances and footnote disclosures

substantive procedures

Common monitoring controls include Blank______. Multiple select question. supervisory review of controls periodic evaluation of controls by internal audit external auditor inquiries of internal auditors and the audit committee self-assessments by boards regarding the effectiveness of their oversight

supervisory review of controls periodic evaluation of controls by internal audit self-assessments by boards regarding the effectiveness of their oversight

Internal control questionnaires ______. Multiple select question. tend to be inflexible make it less likely for the audit team to forget to cover an important point should be worded so that "yes" answers are always good should be used in combination with other methods

tend to be inflexible make it less likely for the audit team to forget to cover an important point should be used in combination with other methods

reliability of financial reporting effectiveness and efficiency of operations compliance with applicable laws and regulations

three objectives of internal control

Professional standards recognize that to make effective decisions, managers must have access to _____ ,_____ , and _____ information

timely, reliable, and relevant

the controls that relate to specific classes of transactions, account balances, and disclosures

transaction-level controls

If the audit-team decides an entity-level control sufficiently reduces a specific risk Blank______.

transaction-level controls related to that risk may not be needed

the report issued when no material weaknesses in internal control over financial reporting are identified and no scope limitations on the audit of internal control exist

unqualified opinion on internal control over financial reporting


Related study sets

Intro to Marketing Quiz Questions

View Set

Exam, TEAS Eng and language usage, TEAS Test Science Questions, teas test review 1, English study question teas, MATH SECTION, test, Reading2, Teas Reading, TEAS TEST (WHITE HOUSE SOLAR PANEL), TEAS Science Questions, TEAS READING: Assessment B, TEAS...

View Set

AP Government Unit 1: Foundations of American Democracy

View Set

Fire Officer Chapter 5 Fire Department Administration

View Set

Great Britain Practice Questions

View Set