BUS 169, Ch4-6

Ace your homework & exams now with Quizwiz!

Internally generated performance measures includes ___.

- Budgets -Variance analysis -subsidiary info & divisional, departmental, other performance reports - comparisons of an entity's performance with that of competitors.

The susceptibility of an assertion in an account or disclosure to a misstatement due to error or fraud that could be material is known as ___ risk.

- Inherent Risk

A management statement that the entity is making payments and has control of a leased asset is an example of the ___ assertion.

- Rights and obligation

Information processing controls:

- made up of two broad categories referred to as general and application controls

Performance Reviews:

- managers should periodically check the quality of subordinates' work

Segregation of duties:

- separating the custody of assets, authorization of transactions and recording of transaction

Under current auditing standards, management fall into categories of assertions about ___.

-Account balances and related disclosures at the period end -Classes of transactions and events and related disclosures for the period audit

Whether amounts and other data relating to recorded transactions and events have been recorded appropriately is addressed by the _______ assertions

-Accuracy

When management discloses the fair value of stock or bond investments, it is asserting which of the following?

-Accuracy -Valuation

The ___ and ___ assertion address whether financial information and other information is disclosed fairly and in appropriate amounts.

-Accuracy and valuation

Misstatements in the entity's records are corrected with ______ entries

-Adjusting

Which of the following statements are correct?

-An auditor may unknowingly rely on fraudulent audit evidence -Most fraudulent financial reporting involves management override of controls -Withholding evidence or misrepresenting information may conceal fraud.

Evaluations of financial info made through the study of plausible relationships among both financial and non financial data are referred to as ___ ___.

-Analytical procedures

Expressed or implied representations by management regarding the recognition, measurement, presentation and disclosure of information in the financial statements and related disclosures are referred to as _____

-Assertions

Items that may result in significant risks include __.

-Assertions identified with fraud risk factors. - Nonroutine or unsystematically processed transactions. -Significant accounting estimates and judgments. -Highly complex transactions. -Application of new accounting standards. -Revenue recognition -Industry specific issues.

If an auditor has determined that material misstatements were or may have been the result of fraud and is unable to determine if the effect is material, the auditor should____.

-Attempt to obtain audit evidence to determine whether, in fact, material fraud has occurred and, if so, its effect. -Consider the implications for other aspects of the audit. -Discuss the matter and the approach to further investigation with an appropriate level of management that is at least one level above those involved in committing the fraud and with senior management. -Suggest that the appropriate level of management consult with legal counsel.

The risk that the auditor expresses an inappropriate audit opinion when the financial statements are materially misstated in known as ___ risk.

-Audit

Whenever the auditor finds evidence of fraud that causes a material misstatement of the financial statements, it should be reported directly to the ___.

-Audit committee

The ___ assertion relates to whether all transactions have been properly approved.

-Authorization

The audit team is required to hold discussions, referred to as ___ ___, about the entity's financial statements' susceptibility to fraud.

-Brainstorming sessions

Examining ______ _______ and their related accounts allow the auditor to gather evidence by understanding the processing of related transactions through the information system from their origin to their ultimate disposition in the accounting journals and ledgers

-Business processes

The purposes of the ___ Framework is to help management better control the organization and to provide boards of directors an added ability to oversee internal control.

-COSO

Risk Factors Relating to the Misappropriation of Assets. Opportunities:

-Certain characteristics or circumstances may increase the susceptibility of assets to misappropriation (for example, large amounts of cash on hand or processed). -Inadequate internal control over assets may increase the susceptibility of misappropriation of those assets. For example, misappropriation of assets may exist because there is inadequate management oversight of employees responsible for assets (for example, inadequate supervision or monitoring of remote locations).

An example of the ______ assertion is that ordinary repairs to assets are charged to the repairs and maintenance expense account and not capitalized

-Classification

The risk of material misstatements is also referred to as ___ risk because it stems from decisions made by the entity.

-Client

This assertion addresses whether all assets, liabilities and equity interests that should have been included as ending balances on the financial statements have been included.

-Completeness

Whether all disclosures that should have been included in the financial statements have been included is the basis of the _____ assertion

-Completeness

Whether all transactions and events that occurred during the period have been recorded relates to the ____ assertion.

-Completeness

In deciding on the nature and extent of the understanding of internal control needed for the audit, the auditor should consider the entity's operations and systems __________

-Complexity -Sophistication

Controls that may be relevant to the audit when they have an impact on daya the auditor uses to apply audit procedures include ___ controls.

-Compliance -Operations

In order to set control risk below high level, the auditor must ___.

-Conclude on the achieved level of control risk -Perform test of the identified controls -identify specific controls that will be relied upon

The risk that a misstatement could occur in an assertion and would not be prevented, or detected and corrected, on a timely basis by the entity's internal control is known as ___ risk.

-Control

The tone of an organization is set tand the foundation for implementing the entity's system of internal control is established by the ___ ___.

-Control environment

The effectiveness of the audit procedures and how well the procedures are applied by the auditor determines the ___ risk.

-Detection

Risk Factors Relating to the Misappropriation of Assets. Attitudes/rationalizations:

-Disregard for the need for monitoring or reducing risks related to misappropriations of assets. -Disregard for internal control over misappropriation of assets by overriding existing controls or by failing to correct known internal control deficiencies. -Changes in behavior or lifestyle that may indicate assets have been misappropriated.

Example of misappropriation of assets include ___.

-Embezzling cash received. -Stealing physical assets and intellectual property. -Causing the entity to pay for goods or services not received. -Using an entity's assets for personal use.

Although some control can be exercised through the careful acceptance and continuance of clients, ___ risk cannot be directly controlled by the auditor.

-Engagement

Which of the following statements are correct?

-Entity personnel may be asked to explain unexpected differences. -During planning the auditor determines whether planned procedures need to be revised due to preliminary analytical procedures. -Unexpected differences may be addressed by reviewing the working papers for sufficient evidence.

Unintentional Misstatements of amounts or disclosures in financial statements are referred to as ____.

-Errors

A management statement that the inventory shown on the balance sheet was available for sale at the balance sheet date is an example of the ___ assertion.

-Existence

Factors that can impact the effectiveness of the board of directors or audit committee include ____________

-Experience and stature of members and independence from management. -Extent of involvement with and scrutiny of the entity's activities. -Information availability and willingness/ability to act on information. -Extent to which difficult questions are raised and pursued with management. -Nature and extent of interactions with internal and external auditors

T/F: Monitoring is an effective component of internal control, whether or not deficiencies are communicated to those with oversight responsibilities in a timely manner.

-False

The auditor's understanding of an entity's internal control over financial reporting are documented using diagrammatic representation known as a(n) ___.

-Flowcharts

Incentive, opportunity and rationalization are three conditions that are sometimes referred to as the ___ ___ triangle.

-Fraud Risk

The accuracy assertion is based on ___.

-GAAP

When both audit risk and the risk of material misstatement are low, detection risk will be ____.

-High

The extent of an entity's use of ____ can affect internal controls because this function affects the way transactions are initiated, authorizes, recorded, processed and reported.

-Information technology

This is an important audit procedure that is used extensively throughout the audit and is often complementary to performing other audit procedure.

-Inquiry

On most audit engagements, ___ makes up the bulk of the evidence gathered by the auditor.

-Inspection of records or documents

The entity's policy and procedures designed to provide reasonable assurance about the achievement of the entity's objective is labeled ___ ___.

-Internal Controls

When the entity's system of ___ ___ is considered effective, evidence generated by the accounting system is viewed as reliable.

-Internal controls

Duplicate copies of sales invoices and shipping remittances are examples of _________ documents Internal documents

-Internal documents

When documenting the quantity of evidence gathered through inspection of documents or confirmation of balances, the auditor should identify the _____

-Items tested

When an auditor considers management's selection of an accounting policy to be inappropriate, a(n) ___ misstatement arises.

-Judgmental

Auditing standards state that audit risk must be reduced to at least a ___ level

-Low

When audit risk is low and the risk of material misstatement is high, detection risk will be set at ___.

-Low

Interim tests of controls give auditors time to inform the ___ so that likely misstatements can be located and corrected before the rest of the audit is performed.

-Management

Responsibility for establishing mechanisms to communicate and hold individuals accountable for performance of internal control responsibilities across organization rests with __________

-Management -Board of directors

The ___ of the audit evidence refers to the form or type of information, which includes accounting records and other available information.

-Nature

The auditor should obtain info about the conduct of operations, joint ventures, planned acquisitions, and major subsidiaries as part of learning about the __.

-Nature of the entity

Looking at a process or procedure being performed by others is referred to as ________

-Observation

This is useful in helping auditors understand the entity's processes but is generally not considered very reliable.

-Observation

Which of the following types of evidence may be gathered during the application of risk assessment procedures, tests of controls or substantive.

-Observation -Inquiry -Scanning -Confirmation

The ___ assertion relates to whether all recorded transactions and events have happened and pertain to the entity.

-Occurrence

When management presents capitalized lease transactions on the balance sheet as leased assets, the related liabilities as long-term debt and the related footnote, it is asserting:

-Occurrence and Rights and Obligation

Designated lines of authority and responsibility are presented on an entity's ___ ___.

-Organizational chart

Designated lines of authority and responsibility are presented on an entity's ______ _______

-Organizational charts

If the auditor determines that internal controls are properly designed and implemented and the auditor intends to rely on those controls, the auditor will _________

-Perform tests of controls to obtain audit evidence that controls are operating effectively -Make an assessment of control risk based on the result of test of controls

Risk Factors Relating to the Misappropriation of Assets. Incentives/pressures:

-Personal financial obligations may create pressure for management or employees with access to cash or other assets susceptible to theft to misappropriate those assets. -Adverse relationships between the entity and employees with access to cash or other assets susceptible to theft may motivate those employees to misappropriate those assets.

The primary concern of ___ is simply whether the relationship used to test the assertion makes sense.

-Plausibility

A rule or guideline that calls for certain activities to take place in certain circumstances is knowns as a(n) ___

-Policy

The quality of an expectation is referred to as the ___ of the expectation.

-Precision

The reliability of analytical procedures is a function of the ___.

-Precision of the expectation and the rigor of the investigation -Plausibility and predictability of the relationship being tested -availability and reliability of the data used in the calculations

The function of audit documentation are to ___.

-Provide principle support that the audit was conducted in accordance with GAAS -Provide the basis for the review of the quality of work -Aid in the planning, performance, and supervision of the audit

Determining whether an explanation or error can explain the observed difference is called _____

-Quantification

Explanations for significant differences observed for substantive analytical procedures must be followed up and resolved through ____.

-Quantification -Corroboration -Evaluation

Checking the mathematical accuracy of documents or records is referred to as ___.

-Recalculation

To properly present info on the financial statements a(n) ___ entry that affects either the income statement or the balance sheet must be made.

-Reclassification

If an entity's response to identified risks is adequate, the risk of material misstatement may be ___.

-Reduced

The relationship of audit evidence to the assertion being tested is called the ___ of the evidence.

-Relevance

If the auditor relies on evidence that is unrelated to the assertion, an incorrect conclusion may be reached because the evidence used was not ______

-Relevant

When an auditor decides to follow a(n) _______ strategy, he or she has to understand the control activities that relate to assertions for which a lower level of control risk is expected

-Reliance

The independent execution by the auditor of procedures or controls that were originally performed by company personnel is called ___.

-Reperformance

Analytical procedures can be used by auditors to accomplish ______ procedures

-Risk assessment procedures -Substantive analytical procedures -Final analytical procedures

Which of the following statements are correct?

-Senior management may override an entity's internal control -Violations of internal control raise serious questions about management integrity

Assume an entity has 2,500 customer. If the audit mails confirmation to 25 of the largest customers and only 20 respond the auditor must ___.

-Still gather sufficient evidence on each of the 25 accounts

Which are correct?

-The auditor should understand the control procedures used by the entity to provide financial statement assurance -Understanding the information system requires knowing how IT is involved data processing

Which of the following statements are correct?

-The auditor should understand the control procedures used by the entity to provide financial statement assurance -Understanding the information system requires knowing how IT is involved in data processing.

When a substantive analytical procedure is used as the principal substantive procedure for significant financial statement assertion, the auditor should document ___.

-The expectation and how it was developed. -Results of the comparison of the expectation to the recorded amounts or ratios developed from recorded amounts. -Any additional auditing procedures performed in response to any significant differences identified.

The reliability of evidence obtained through external confirmations may be affected by the _______

-The form of the confirmation. -Prior experience with the entity. -The nature of the information being confirmed. -The intended respondent.

The auditor decide to follow a substantive strategy for some or all assertions because __________

-The implemented controls do not pertain to the assertion the auditor is considering. -The implemented controls are assessed as ineffective. -Testing the operating effectiveness of the controls would be inefficient.

To obtain info about an entity and its environment, auditor may make inquiries of ___.

-Those charged with governance (e.g., board of directors or audit committee). -Internal audit function. -Employees involved in initiating, authorizing, processing, or recording complex or unusual transactions. -In-house legal counsel. -Production, marketing, sales, and other personnel.

First selecting a source document and then following it into the journal or ledger is referred to as ___.

-Tracing

The controls that are of most direct relevance to a financial statement are those that contribute to financial statement ___.

-Transparency -Timeliness -Reliability

(T/F) Although the auditor owns the audit documents, they cannot be shown to outside parties without the entity's consent, except under certain circumstances.

-True

T/F: An entity's mix of manual and automated controls varies with the nature and complexity of the entity's use of IT.

-True

Substantive procedures:

-Used to detect material misstatements at the relevant assertion level.

Risk Assessment Procedures:

-Used to obtain an understanding of the entity and its environment, including its internal control, to assess the risks of material misstatement at the financial statement and relevant assertion levels

Test of controls:

-Used to test the operating effectiveness of controls in preventing, or detecting and correcting, material misstatements at the relevant assertion level.

Assertions about ______ or ________ address whether assets, liabilities and equity interests included in the financial statements are at appropriate amounts and any resulting adjustments are appropriately recorded

-Valuation; allocation

Which of the following statements are correct?

-Violations of internal control raise serious questions about management integrity -Senior management may override an entity's internal controls

Selecting an item for testing from the accounting journals or ledgers and then examining the underlying source document is referred to as ______

-Vouching

After planned tests of controls have been completed, the auditor should reach a conclusion on the ___ level of control risk.

-achieved

If the auditor assesses the ___ level of audit risk as being less than or equal to the ___ level of audit risk, an unqualified report can be issued.

-achieved -planned

The measure of the quality of audit evidence is referred to as ___.

-appropriateness

Auditors assess the risk of material misstatement at the ___ level.

-assertion

Consideration of audit risk at the account balance and disclosure levels is known by the term ___.

-assertion

The use of the audit risk model ___.

-assists the auditor in determining the scope of audit procedures -Involves considerable auditor judgement

People that significantly influence the control consciousness of the entity and must take their fiduciary responsibilities seriously and actively oversee the entity's accounting and reporting policies and procedures include the ___.

-board of directors -audit committee

To understand the nature of the entity, auditors should obtain info about the entity's: ___.

-business operations -investments and investment activities -financing and financing activities -financial reporting

Threats from sign. Events that could adversely affect an entity's ability to achieve its objectives and execute its strategies are ___ ____.

-business risk

Whether transaction and events have been recorded in the proper accounts is the concern of the ___ assertion.

-classification

The assertion related to these address whether financial information is appropriately presented and described, and disclosures are clearly expressed.

-classification and understandability

Within an entity, there's always a risk of fraud of ____ between individuals will destroy the effectiveness of segregation of duties.

-collusion

Which of the following areas require documentation related to the auditor's risk assessment and response?

-communication about error and fraud made to management and others -Discussion among the engagement team -Evaluation of management's response to identified risk

When management asserts that material disclosures have been omitted from the footnotes and other disclosures accompanying the financial statements, it is making an assertion about:

-completeness

Audit evidence obtained by the auditor as a direct written response to the auditor from a third party in paper form or by electronic or other medium is called a(n) ___.

-confirmation

If the results of audit tests indicate a significant risk of fraud, the auditor should ___.

-consider withdrawing from the engagement and communicating the reasons for withdrawal to the audit committee or others with equivalent authority and responsibility.

Assignment of authority and responsibility for operating activities and the establishment of reporting relationships and authorization hierarchies are part of the ___ environment principle.

-control

Examination of supporting evidence, inquiries of independent persons and evaluating evidence obtained from other auditing procedure are all common ___ procedures.

-corroborating

An audit examines shipping documents to ensure that no prior period sales have been recorded in the current year to test the ___ assertion.

-cutoff

The auditor can manipulate ___ risk by changing the scope of the auditor's test procedures.

-detection

An effective accounting system establishes methods and records that will ___.

-determine the proper time period in which transactions occurred -identify and record all valid transaction -describe transactions in sufficient detail to permit proper classification

Knowledge of the information system is important to understand the related accounting records when they are ___.

-electronic or manual

Audit documentation should ____.

-enable a knowledgeable reviewer to determine who performed the work -demonstrate how the audit complied with appropriate standards -show that standards of fieldwork have been followed

Possible causes of significant differences are ____.

-errors -accounting changes -fraud -economic conditions

Documents originating within the entity but circulated to independent sources outside the entity and documents generated outside the entity are referred to as ___ documents.

-external

How management identifies risks relevant to the preparation of financial statements, estimates their significance, assesses the likelihood of their occurrence and decides on how to manage them is most directly relevant to the ___.

-external auditor

Misstatements about which there is no doubt are called ___ misstatements.

-factual

(T/F) Inspecting tangible assets provides significant assurance for the rights and obligations assertion.

-false

Controls over network operations are included as part of ____ controls which relate to the overall information processing environment.

-general

if an auditor judges an entity's inherent risk and control risk to be ____, the auditor would accept a ____ level of detection risk in order to achieve the planned level of audit risk

-high -lower

An effective accounting system establishes methods and records that will ___.

-identify and record all valid transactions -determine the proper time period in which transactions occurred -present transaction and disclosures in a manner than ensures profitability for the entity -describe transaction in sufficient detail to permit proper classification

Audit documentation is the property of the ___.

-independent auditor

Which of these are generally low-reliability types of evidence because they require further corroboration by the auditor?

-inquiry, observation,

Counting cash on hand and examining inventory are examples of ___ of tangible assets.

-inspection

The approach to taking and monitoring business risks and attitudes and actions toward financial reporting are characteristics that may signal important information to the auditor about management's ___ and ___ values.

-integrity and ethical

There is a(n) ___ relationship between the sufficiency and appropriateness of audit evidence.

-inverse

If the auditor determines that internal controls are properly designed and implemented and the auditor intends to rely on those controls, the auditor will ___.

-make an assessment of control risk based on the result of tests of controls -perform tests of controls to obtain audit evidence that controls are operating effectively

The competence level for a particular job should be specified and translated into a job description that details the specific knowledge and skills required. This task should be done by ___.

-management

Who has the responsibility to design and maintain a system of internal control that provides reasonable assurance that assets and records are properly safeguarded, and that the entity's information system generates that is reliable for decision making?

-management

The operating effectiveness of the control can be affected by whether the control is performed ___ or is ___.

-manually or is automated

Assessing the quality of internal control performance over time is the intention of ___ of controls.

-monitoring

The heading of all audit documentation should include the _____

-name of the entity, -the title of the working paper, and -the entity's year-end date

Audit evidence is subject to human error which is referred to as ___ risk.

-nonsampling

A direct relationship exists between ___ which reflect what an entity is trying to achieve, ___ which represent what the entity needs to do to achieve them, and the ___ of the entity.

-objectives, components, structure

To obtain an understanding of an entity's internal controls auditors may use ___.

-observation of entity activities and operations - inquiry of appropriate personnel -inspection of entity documents and reports

The auditor should ____.

-obtain an understanding of how the audit committee exercises its oversight activities, including direct inquiry of audit committee members. -The auditor also should inquire of the internal audit function about its assessment of the risk of fraud, including whether management has satisfactorily responded to internal audit findings during the year. -The auditor should consider inquiries from others within the entity and third parties (e.g., vendors, customers, or regulators). It can be uncomfortable to inquire about potentially fraudulent activities; however, it is much more uncomfortable to fail to detect a material fraud.

Tests of controls directed toward ___ ___ are concerned with assessing how the control was applied, the consistency with which it was applied during the audit period and by whom it was applied.

-operating effectiveness

How authority and responsibilities are delegated and monitored and the framework within which the entity's activities for achieving entity wide objectives are planned, executed, controlled and reviewed are defined by the entity's ___ ___.

-organizational structure

An auditor makes inquiries of an entity's customers and discovers the customers received large quantities of unordered products just before year-end. This is an indicator of ___.

-overstated revenues

Financial statements level risks are ___ risks in that they apply to multiple components of the financial statements.

-pervasive

Which of the following communicate policies and procedures to the entity's personnel?

-policy manuals -accounting manuals -memoranda manuals

An auditor uses the misstatements identified in an audit sample to estimate the misstatements in the entire population. This is an example of a ___ misstatement.

-projected

An effective internal control system provides ___ assurance that the risk of not achieving an entity objective is reduced to an acceptable level.

-reasonable

Information that is capable of making a difference in user decisions has the characteristic of ___.

-relevance

Evidence is considered appropriate when it provides information that is both ___ and ___.

-relevant and reliable

The ability to develop precise expectations is influenced by the _____ of the available data

-reliability

The independence of the source of the evidence, the effectiveness of internal controls and the auditor's direct personal knowledge all affect the ___ of data for developing expectations.

-reliability

Whether a particular type of evidence can be depended upon signal the true state of an assertion is referred to as the __ of evidence.

-reliability

When the auditor intends to depend on the entity's controls, a(n) ___ strategy is chosen.

-reliance

Setting an audit strategy ___.

-requires a detailed understanding of the entity's internal controls

Searching for large and unusual items in the accounting records and reviewing transactions for errors are examples of ___.

-scanning

Allowing the individual who opens mail and receives cash payments to have access to the accounts receivable subsidiary ledger is a violation of the ___ ___ ___ principle.

-segregation of duties

If auditor determines that internal controls are not properly designated or not implemented the auditor will ___.

-set the level of control risk at high -use substantive procedures to reduce the risk of material misstatement to an acceptable level

In deciding on the nature and extent of the understanding of internal control needed for the audit, the auditor should consider the entity's operations and systems ___.

-sophistication -complexity

The risk that material misstatements are present in financial statements may be increased by conducting ___ procedures only at an interim date.

-substantive

When an auditor decides to follow a(n) ___ strategy, little work is done on understanding specific control activities.

-substantive

When the auditor has decided not to rely on the entity's controls and instead use procedures as the main source of evidence about the assertions in the financial statements, the auditor will choose a(n) ___ audit strategy.

-substantive

If management chooses not to eliminate an identified material misstatement, appropriate audit opinions include _____.

-the auditor should issue a qualified/modified or adverse opinion.

The 2nd step in the analytical procedures decision process is to define a ___ difference.

-tolerable

If the uncorrected total misstatements do not cause the financial statements to be materially misstated, the auditor should issue an ____ opinion.

-unqualified

Assertion about ___ or ___ address whether assets, liabilities and equity interests included in the financial statements are at appropriate amounts and any resulting adjustments are appropriately recorded.

-valuation or allocation

Factors that affect the reliability of evidence include ___.

-whether it is obtained internally or externally -the format of the evidence -the effectiveness of the entity's internal controls

Three conditions are generally present when material misstatements due to fraud occur:

1. Management or other employees have an incentive or are under pressure that provides a reason to commit fraud. 2. Circumstances exist that provide an opportunity for a fraud to be carried out. 3. Those involved are able to rationalize committing a fraudulent act. Some individuals possess an attitude, character, or set of ethical values that allow them to knowingly and intentionally commit a dishonest act.

Identify the three steps involved in the auditor's use of the audit risk module at the assertion level.

1. Setting a planned level of audit risk. 2. Assessing the risk of material misstatement. 3. Solving the audit risk equation for the appropriate level of detection risk.

Three steps are involved in the auditor's use of the audit risk model at the assertion level:

1. Setting a planned level of audit risk. 2. Assessing the risk of material misstatement. 3. Solving the audit risk equation for the appropriate level of detection risk.

The Sarbanes-Oxley Act and the PCAOB standards require that audit documentation be retained for _______ years from the date of completion of the engagement

7

Checks, invoices, contracts, ledgers, worksheets and spreadsheets are all part of auditing evidence referred to as ____ ______

Accounting records

After planned tests of controls have been completed, the auditor should reach a conclusion on the ________ level control risk

Achieved

The process of evaluating the effectiveness of an entity's internal control in preventing, or detecting and correcting, material misstatements in the financial statements is called __________ control risk

Assessing

The document that outlines the auditor's understanding of the entity and potential risks as well as the strategy to be followed by the auditor is called the ___ ___.

Audit Plan

If properly designed, _______ controls should operate more consistently and are not typically subject to human errors or mistakes in its application

Automated

The purpose of the ________ Framework is to help management better control the organization and to provide boards of directors an added ability to oversee internal control

COSO

Perhaps the most commonly used analytical procedure is _____

Comparison of Current Year Financial Information with Comparable Prior Period(s) after Consideration of Known Changes

Assignment of authority and responsibility for operating activities and the establishment of reporting relationships and authorization hierarchies are part of the _______ environment principle

Control

The policies and procedures that help ensure that management's directives are carried out and implemented to address risks identified in the risk assessment process are _____________ activities

Control

_____ risk is the risk that the procedures performed by the auditor to reduce audit risk to an acceptably low level will not detect a misstatement that exists and that could be material, either individually or when aggregated with other misstatements.

Detection

Monitoring is done to:

Determine if internal control components are present and functioning

Inbound receipt of relevant information and providing internal control related information to parties outside the organization in response to requirements and expectation is enabled by ____________ communication

External

Large public companies are required to engage a(n) ____________ auditor to express an opinion as to the effectiveness of their systems of internal control over financial reporting

External

How management identifies risks relevant to the preparation of financial statements, estimates their significance, assesses the likelihood of their occurrence and decides on how to manage them is most directly relevant to the ________

External auditors

T/F: The auditor is required to obtain corroborative evidence for planned analytical procedures

False

The auditor's understanding of an entity's internal control over financial reporting are documented using diagrammatic represented known as a(n) ___________

Flowchart

Controls over network operations are included as part of ____________ controls which relate to the overall information processing environment

General

In many entities, this produces much of the knowledge used in monitoring:

Information systems

The extent of an entity's use of _________ can affect internal controls because this function affects the way transactions are initiated, authorized, recorded, processed, and reported

Information technology

The susceptibility of an assertion in an account or disclosure to a misstatement due to error or fraud that could be material, either individually or when aggregated with other misstatements, before consideration of any related controls ______.

Inherent risk

Seeking information or knowledgeable persons within the entity or outside the entity is the basis of ______

Inquiry

Observation and inspection audit procedures include ___.

Inspection of documents, records, and internal control manuals. Reading reports prepared by management, the audit committee or those charged with governance, and the internal audit function. Visits to the entity's premises and plant facilities. Tracing transactions through the information system relevant to financial reporting, which may be performed as part of a walkthrough.

Information processing controls:

Made up two broad categories referred to as general and application controls

Interim tests of controls give auditors time to inform the _______ so that likely misstatements can be located and corrected before the rest of audit is performed

Management

The competence level for a particular job should be specified and translated into a job description that details the specific knowledge and skills required. This task should be done by ________

Management

Who has the responsibility to design and maintain a system of internal control that provides reasonable assurance that assets and records are properly safeguarded, and that the entity's information system generates information that is reliable for decision making

Management

Assessing the quality of internal control performance over time is the intention of ___________ of controls

Monitoring

If an entity's accounting system has control weaknesses that result in a high level of assessed control risk, substantive procedures will probably _________

Not be conducted at interim dates

These assertions address whether disclosed events, transactions, and other matters have happened and pertain to the entity

Occurrence and rights and obligation

Authorization requirements for access to computer programs and periodic counting and comparison with amounts shown on control records are examples of __________________

Physical controls

Which of the following communicate policies and procedures to the entity's personnel

Policy manuals, accounting and reporting manuals, and memoranda

A policy might call for two people to sign all checks over a certain dollar amount and the ________ is the action of having two people sign a check

Procedure

Information that is capable of making a difference in user decisions has the characteristic of _________________

Relevance

Consideration of possible changes in the internal or external environment because changes can introduce or change risks to the entity's objectives are part of the ________ identification process

Risk

The auditor's exercise of professional judgement to review accounting data to identify significant or unusual items to test is referred to as ________

Scanning

Ensuring that asset custody, transaction authorization and transaction recording are all assigned to different people is the basis for the control principle ____________ _____________ ______________

Segregation of duties

In order to provide evidence to support the lower level of control risk when using a reliance strategy, the auditor performs ________ ___________ __________

Test of controls

When reliance strategy is chosen, ________

Tests of controls are used to assess the achieved level of control risk

T/F An entity's risk assessment process should consider the possibility of events that threaten the achievement of objectives T/F An entity's risk assessment process should consider the possibility of events that threaten the achievement of objectives

True

Substantive procedures:

Used to detect material misstatements at the relevant assertion level. Substantive procedures include tests of details and substantive analytical procedures.

Risk assessment procedures:

Used to obtain an understanding of the entity and its environment, including its internal control, to assess the risks of material misstatement at the financial statement and relevant assertion levels.

Tests of controls:

Used to test the operating effectiveness of controls in preventing, or detecting and correcting, material misstatements at the relevant assertion level.

Standards require extensive ___ of the auditor's risk assessment procedures (including fraud risk assessment) and audit responses to identified risks.

documentation

The primary distinction between ____ is whether the misstatement was intentional or unintentional.

errors and fraud

the risk of material misstatement refers to misstatements caused by ____ or ___.

errors or fraud

Identify the fraud risk factors that organizations must consider in assessing risks to the achievement of objectives

incentives, pressures, opportunities, rationalize or justify

Active and qualified board of directors and independent audit committee members

internal control

A ___ ___ for detection risk implies that the auditor will conduct a more careful or thorough investigation of this account than if the assessment of detection risk were high.

low assessment

____ addresses business risks by implementing a risk assessment process

management

Performance review:

managers should periodically check the quality of subordinates' work

Physical Controls:

periodic counting and comparison with amounts shown on control records

Physical control :

periodic counting and comparison with amounts shown on control records

Authorization requirements for access to computer programs and periodic counting and comparison with amounts shown on control records are example of ___________

physical controls

Brainstorming: Emphasize the importance of maintaining ____ throughout the audit regarding the potential for material misstatement due to fraud

professional skepticism

Due to the subjectivity involved in judging the audit risk model's components, many public accounting firms find it more appropriate to use ___ ___, rather than percentages, in the model.

qualitative terms

The greater the incentive or pressure, the more likely an individual will be able to ____.

rationalize the acceptability of committing fraud.

The entity's audit committee should assume an active role in oversight of the assessment of the ___ __ ___.

risk of fraud.

Segregation of duties:

separating the custody of assets, authorization of transactions and recording of transactions

The last step in the decision process is performing _______ procedures

substantive

Risk factors relating to opportunities to report fraudulently include

— Assets, liabilities, revenues, or expenses based on significant estimates that involve subjective judgments or uncertainties that are difficult to corroborate. — Significant related party transactions. — There is a complex or unstable organizational structure.

Attitudes/rationalizations that may suggest misappropriation of assets include

— Disregard for the need for monitoring or reducing risks related to misappropriations of assets. — Disregard for internal control over misappropriation of assets by overriding existing controls or by failing to correct known internal control deficiencies. — Changes in behavior or lifestyle that may indicate assets have been misappropriated.

Risk factors relating to incentives/pressures to report fraudulent include ___.

— High degree of competition or market saturation, accompanied by declining margins. — Profitability expectations of external parties — Need to obtain additional debt or equity financing to stay competitive.


Related study sets

Spanish Test -- Conditional/Future Perfect, Si Clauses

View Set

EMT - Chapter 11 - Baseline Vital Signs, Monitoring Devices and History Taking

View Set

Gen Psych 1101: Practice test Chapters 5 & 6. +

View Set

PSYC-1300 (LEARNING FRAMEWORKS) - MIDTERM

View Set