BUS 404 Final
GAAP
- Disclosure of related party transactions - affilitates, principal owners, mgnmt, immediate fam - Resopnsibility of Management - Design/implementation/maintenance of systems/controls to identify all related partyies - identify all related parties to auditor - Auditor's responsibilities - identifying related party transactions - Audit Objectives - Related party are properly disclosed Determining the Existence of Related Parties 1. Evaluating the company's procedures 2. Asking management for the names of all related parties . 3. Reviewing the reporting entity's filings with the SEC and other regulatory agencies concerning the names of officers and directors who occupy management or directorship 4. Reviewing material transactions (especially investment transactions) for related party evidence. 5. Reviewing prior years' audit documentation or inquiring of the predecessor auditor Identfiying related: Compensating balance arrangements (which may be maintained by or for related parties). b. Loan guarantees COMMON RELATED PARTY RELATIONSHIPS c. Unusual, nonrecurring transactions near year-end Before Y/E d. Transactions based on terms that differ significantly from market terms. e. Nonmonetary exchanges.
Document understanding:
- Minimum: document udnerstanding of design/implementatino of relevant controls in the ive components of IC - Weak Controls (Maximum CR) -> do not test weak controls - Decides to not rely on controls -> sets CR high -> do not test controls -> substantive approach is most effective - Strong Controls -> Below Maximum CR -> must test operating effectiveness of controls to support assessment - HEavy IT Use -> Substantive procedures alone are not sufficient, must test operating effectiveness
Understanding INternal Controls in every audit
- Obtain understanding of IC relevant to audit, not required to understand all - Concerned over reliability of financial reporting/controls over financial transactions - Purpose: assess RMM due to control risk to determine degree of reliance on controls - Timing: part of risk assessment procedures (interim) - Includes tests of controls when assessment/NeT rely on operating effectiveness of IC (CR below maximum), updated at year-end when NET relies on effectiveness of controls
Documenting the Understanding
1. Flowchat - diagram of client's document's flow in the organization - Origin of every document, record in the system, processing taking place - Disposition of every document/record in system - indication of controls relevant to assessment of CR Strength: Visual representation, Easy to follow Weakness: Requires knowledge of symbols, does not identify control weakness 2. IC Questionairre - Canned questionnaire, leads auditor through procedures/controls in a system with strong controls - Auditor answers questions, YES/NO response - N/A must be explained Strength: Guides auditor through process, identifies existence/absence of IC Weakness: Generic questionaire, requires clearance of No or N/A response 3. Narratives - written descriptions Strengths: Easy to prepare/no specialized knowledge required Weakness: Difficult to follow, does not identify control weakness
Sampling Risks
1. Sampling Risk - risk of non-representative sample - Due to: - Different characteristics as populatoin, or not represeentaive of population - Present in ever procedure applied to less than 100% of pop. 2. Nonsampling Risk -> risk of auditor error - Due to: - Error in selection, design, application - Incorrectly evalutes results of audit procedure/evidence - Occurs in all phases/activities
Internal Controls Opinions
1. Unqualified/Unmodified Opinion - No identifiable material weaknesses, with evidence - No restrictions on scope of auditor work 2. Adverse Opinion - At least one MW 3. Qualified/Disclaimer of Opinion - Scope Restriction
Auditor Communications about Internal Controls
3 Sets of Circumstances: 1. Non-Issuers Regular GAAS Audit: - Report on F/S, IC Matters Noted (Private) - Not required to perform procedures to identify control deficiencies - Issues reported in reporting, within 60 days of report release date - Report significant deficiencies and/or MW in ICFR - Repeat previously communicated control each year, until corrected - No assurance on IC - Not designed to uncover all signficant deficiencies and MW - Report orally, or in writing - May report recommendations, not required 2. Non-Issuers Integrated Audit (GAAS) - Report on F/S, IC Matters Noted (Private), and Report on Effectiveness of ICFR - Report with direct opinion on the effectiveness of OCFR - Issuer EITHER seperate report from report on F/S, or as single combined report containing seperate opinions - Report signifcant deficiencies and/or MW in ICFR, in writing, by report release date - No assurance that deficiencies < MW have been found - All control deficiencies within 60 days of report 3. Issuers Integrated Audit (PCAOB) - Report on F/S, IC Matters Noted (Private), and Report on Effectiveness of ICFR - Report with direct opinion on the effectiveness of OCFR - Issuer EITHER separate report from a report on F/S, or a single combined report containing separate opinions - Report any MW in writing to management + audit committee BEFORE issuance of report - No assurance that all deficiencies, less severe than MW, have been found
The risk of incorrect acceptance and the likelihood of assessing control risk too low relate to the:
Allowable risk of tolerable misstatement. Preliminary estimates of materiality levels. Efficiency of the audit. Effectiveness of the audit. D. Effectiveness of the audit.
The auditor is required to communicate each of the following items to those charged with governance, except:
An overview of the planned scope and timing of the audit. The auditor's responsibilities to complete the audit in accordance with generally accepted auditing standards. All control deficiencies detected during the course of the audit. Any significant findings from the audit. C. All control deficiencies detected during the course of the audit.
Which of the following statements is correct concerning statistical sampling in tests of controls?
As the population size increases, the sample size should increase proportionately. Deviations from specific control activities at a given rate ordinarily result in misstatements at a lower rate. There is an inverse relationship between the expected population deviation rate and the sample size. In determining tolerable rate, an auditor considers detection risk and the sample size. B. Deviations from specific control activities at a given rate ordinarily result in misstatements at a lower rate.
Methods of Sampling
Attributive Sampling: primarily tests of controls; possibly used in substantive tests of transactions - tests controls & substantive transactions by determining if controls are operating effectively, and whether monetary errors tolerable - estimate percent of items in a population containing characteristic or attribute of interest - the percentage is called: occurrence rate, or exception rate 1. Does control fail at sufficiently low enough rate to be reliable? - Computed Upper Deviation Rate < Tolerable Deviation Rate 2. Is rate of monetary errors below tolerable limits? - Computed Upper Error Rate < Tolerable Error Rate 3 Phases: 1. PLan the Sample 2. Select the Sample and Perform Auditor Procedures 3. Evaluate Results - Statistical attributes sampling and non-statistical sampling use the same 14 steps. The differences are: 1. The calculation of the initial sample size is developed statistically 2. The calculation of estimated upper exception rates uses statistics Variable Sampling & Probabilitity-Proportional-to-Size Sampling: Used in substantive tests
Audit Sampling
Audit Sampling - application of an audit procedure to less tha 100% of an account balance or class of transactions - major source of audit risk Representative sample - sample in which characteristics in sample are approx. same as population - General Rules: in sampling, auditor assumes population is normally distributed as "bell-shaped" curve + if sample size is large enough & randomly selected, sample should have same statistical characteristics - Std. Deviation is measure of dispersion of a characteristic within population (measure of variability/uncertainty/risk)
The date of the management representation letter should coincide with the date of the:
Balance sheet. Latest interim financial information. Auditor's report. Latest related party transaction. C. Auditor's report
Which of the following statements correctly describes the "top-down approach" used during an audit of internal control over financial reporting?
Begin reviewing balance sheet accounts and then review income statement accounts. Begin reviewing income statement accounts and then review balance sheet accounts. Begin by understanding the overall risks to internal control over financial reporting at the financial statement level. Begin by understanding the overall risks to internal control over financial reporting at the general ledger level. C. Begin by understanding the overall risks to internal control over financial reporting at the financial statement level.
Management should address written representations about a firm's annual audit to the:
Board of directors. Firm's attorneys. Shareholders. Auditor. D. Auditor
Which of the following matters would an auditor most likely include in a management representation letter?
Communications with those charged with governance concerning weaknesses in internal control. The reasonableness of significant assumptions used in making accounting estimates. Plans to acquire or merge with other entities in the subsequent year. Management's acknowledgment of its responsibility for the detection of employee fraud. B. The reasonableness of significant assumptions used in making accounting estimates.
Which of the following is not a role of the risk assessment in an integrated audit of a nonissuer?
Concluding on the effectiveness of a given control. Selecting controls to test. Determining significant accounts and relevant assertions. Determining evidence necessary to conclude on the effectiveness of a given control. A. Concluding on the effectiveness of a given control.
In evaluating the reasonableness of an accounting estimate, an auditor most likely would concentrate on key factors and assumptions that are:
Consistent with prior periods. Similar to industry guidelines. Objective and not susceptible to bias. Deviations from historical patterns. D. Deviations from historical
Report on Management's Description of the Service Organization's System and the Suitability of the Design and Operating Effectiveness of Controls
Contents: Management description of the organization's system, the written assertion by management that controls related to objectives outlined in description operated effectively to achieve control objectives, and SO auditor's opinion on management's assertions USer by the auditor: provides the auditor with information to understanding client's IC - Provides a basis to assess RMM below maximum
Report on Management's Description of the Service Organization's System and the Suitability of the Design of Controls
Contents: a written assertion by management that description fairly presents design/implementation of the system, and that controls related to objectives outlined in the description were suitably designed, & Service Organization auditor's opinion on management's assertions Use by auditor: provides auditor with information to understanding client's IC - No basis to assess RMM below maximum
Which of the following is not a procedure the auditor would use in evaluating the reasonableness of an accounting estimate?.
Determine how management developed their estimate and test the procedures they used. Confirm via the management representation letter that management has disclosed all significant estimates. Use subsequent events to determine whether the estimate was reasonable. Develop an independent estimate and compare it to management's estimate B. Confirm via the management representation letter that management has disclosed all significant estimates.
Which of the following statements is correct concerning statistical sampling in tests of controls?
Deviations from control procedures at a given rate usually result in misstatements at a higher rate. As the population size doubles, the sample size should also double. The qualitative aspects of deviations are not considered by the auditor. There is an inverse relationship between the sample size and the tolerable rate. D. There is an inverse relationship between the sample size and the tolerable rate.
In reporting on a nonissuer's internal control over financial reporting, an auditor should include a paragraph that describes the:
Documentary evidence regarding the control environment factors. Changes in internal control since the prior report. Potential benefits from the practitioner's suggested improvements. Inherent limitations of any internal control. D. Inherent limitations of any internal control.
An advantage of statistical sampling over nonstatistical sampling is that statistical sampling helps an auditor to:
Eliminate the risk of nonsampling errors. Reduce the level of audit risk and materiality to a relatively low amount. Measure the sufficiency of the audit evidence obtained. Minimize the failure to detect errors and fraud. C. Measure the sufficiency of the audit evidence obtained.
To determine the sample size for a test of controls, an auditor should consider the tolerable deviation rate, the allowable risk of assessing control risk too low, and the:
Expected deviation rate. Upper deviation rate. Risk of incorrect acceptance. Risk of incorrect rejection. A. Expected deviation rate
Effective Internal Contol Requirements
General Requirement: all five components and 17 principles that are relevant must be present and functioning. Present - included in design & implementation of IC Functioning - operating as designed Specific Requirements: Senior management must have reasonable assurance that the entity: 1. Achieves effeective/efficient operations 2. Complies with all relevant laws and regulations 3. Prepares reports in conformiy with the entity's reporting objectives Ineffective Internal Control: Material Weakness - major deficiency that significantly reduces the likelihood that the entity can achieve its objectives
In an audit of an issuer:
I. Management must assess and report on internal control. II. The auditor must assess and report on internal control. I only. II only. Either I or II. Both I and II. D. Both I and II.
In an audit of an issuer, the auditor must provide an opinion on which of the following?
I. The financial statements. II. The audit committee's oversight of financial reporting and internal control. III. The effectiveness of internal control. A. I and III only.
Service Organizations
IC of Outsourced Systems: Services involve the initiation, execution, processing, or reporting of the client's transactions Auditor Responsibility: - Obtain an understanding of nature and significance of outsourced services - Determine effect on client's IC sufficient to assess the risk of material misstatement S.O. provides its auditor's report to its customers for use by the customers' auditors
Effects on Sample Size:
INVERSE, Sample size decreases when these increase: - Acceptable Risk of Assessing Control Risk too low (greater chance of relying on weak control) - Acceptable Risk of Incorrect Acceptance (Auditor willing to take a greater chance of failing to find a material misstatement) - Tolerable Deviation Rate (Many control failures are OK) - Tolerable Misstatement (A misstatement must be large to be material) CORRELATED, Sample size increases when these increase: - Expected Deviation Rate (Auditor expects the control to fail frequently) - Expected Misstatement (Auditor expects the population to contain lots of misstatements) - Variability in Population (Auditor more uncertain because of the high degree of variability in population) - Assessed Risk of Material Misstatement (A strong chance that the F/S contain a material misstatement)
An auditor examining inventory most likely would use variables sampling rather than attributes sampling to:
Identify whether inventory items are properly priced. Estimate whether the dollar amount of inventory is reasonable. Discover whether misstatements exist in inventory records. Determine whether discounts for inventory are properly recorded. B. Estimate whether the dollar amount of inventory is reasonable.
Control Deficiencies
Identify/Evaluate - Evaluate whether key controls are absent in design/implementation of IC Three levels of Control Deficiencies: 1. Control Deficiency -> Least Severe - Design/Operation does not allow management/employees to prevent/detect misstatements - Design -> Control missing, or does not achieve objective - Operation -> Properly designed control does not work correctly/performed by inappropriate person 2. Significant Deficiency -> Severe - Less severe than material weakness, important enough to merit attention of those governing - likely to adversely affect financial reporting - Management cannot prevent/detect misstatements on a timely basis 3. Material Weakness -> Most Severe - Reasonsible possibility that material misstatement of FS will not be prevented/detected on timely basis - Indicators: Any level of fraud by senior mngmt, restatement of previously issued F/S to correct material misstatement - Identification of material misstatement that would not be detected by internal controls - Ineffective oversight by those governing
For which of the following audit tests would an auditor most likely use attribute sampling?
Inspecting purchase orders for proper approval by supervisors. Making an independent estimate of recorded payroll expense. Determining that all payables are recorded at year end. Selecting accounts receivable for confirmation of account balances. A. Inspecting purchase orders for proper approval by supervisors.
A client's lawyer is unable to form a conclusion about the likelihood of an unfavorable outcome of pending litigation because of inherent uncertainties. If the litigation's effect on the client's financial statements could be material but it is properly disclosed in the financial statements, the auditor most likely would:
Issue a qualified opinion in the auditor's report because of the lawyer's scope limitation. Withdraw from the engagement because of the lack of information furnished by the lawyer. Disclaim an opinion on the financial statements because of the materiality of the litigation's effect. Issue an unmodified opinion. D. Issue an unmodified opinion.
To which of the following matters would materiality limits not apply when obtaining written client representations?
Losses from sales commitments. Unasserted claims and assessments. Fraud involving management. Noncompliance with contractual agreements. C. Fraud involving management.
For which of the following audit tests would an auditor most likely use attribute sampling?
Making an independent estimate of the amount of a LIFO inventory. Examining invoices in support of the valuation of fixed asset additions. Selecting accounts receivable for confirmation of account balances. Inspecting employee time cards for proper approval by supervisors. D. Inspecting employee time cards for proper approval by supervisors.
Which of the following statements would an auditor most likely require management to indicate in a written representation letter obtained for an audit?
Management acknowledges its responsibilities for the design and implementation of programs and controls to detect fraud. Management plans to expand into international operations during the next few years. Management believes the financial statements are accurately stated in accordance with generally accepted auditing standards (GAAS). Management believes the company is the premier company in its industry regarding service to customers. A. Management acknowledges its responsibilities for the design and implementation of programs and controls to detect fraud.
An auditor becomes aware that a client has been threatened with litigation. The auditor would likely send an audit inquiry letter to the client's attorney regarding all of the following, except:
Management's intended response and the progress of the case to date. How likely it is that there will be an unfavorable outcome to the litigation. The appropriateness of management's financial statement disclosure. An estimate of the potential loss that may be incurred due to the litigation. C. The appropriateness of management's financial statement disclosure.
Which of the following expressions most likely would be included in a management representation letter?
No events have occurred subsequent to the balance sheet date that require adjustment to, or disclosure in, the financial statements. There are no significant deficiencies in internal control identified during the prior-year's audit of which those charged with governance are unaware. We do not intend to provide any information that may be construed to constitute a waiver of the attorney-client privilege. A. No events have occurred subsequent to the balance sheet date that require adjustment to, or disclosure in, the financial statements.
Which of the following statements about audit sampling risks is correct for a nonissuer?
Nonsampling risk arises from the possibility that, when a substantive test is restricted to a sample, conclusions might be different than if the auditor had tested each item in the population. Nonsampling risk can arise because an auditor failed to recognize misstatements. Sampling risk is derived from the uncertainty in applying audit procedures to specific risks. Sampling risk includes the possibility of selecting audit procedures that are not appropriate to achieve the specific objective. B. Nonsampling risk can arise because an auditor failed to recognize misstatements.
In evaluating an entity's accounting estimates, one of an auditor's objectives is to determine whether the estimates are:
Not subject to bias. Consistent with industry guidelines. Based on objective assumptions. Reasonable under the circumstances. D. Reasonable under the circumstances.
Integrated Audits
Objective = Dual Opinions - Opnion on fair presentation of F/S, and effetiveness of ICFR Requirements: - Integrated with F/S, sufficient appropriate evidence as basis - Design/perform tests of controls to obtain reaasonable assurance of detecting material weakness
Which of the following is not an audit procedure that the independent auditor would perform concerning litigation, claims, and assessments?
Obtain assurance from management that it has disclosed all unasserted claims that the lawyer has advised are probable of assertion and must be disclosed. Confirm directly with the client's lawyer that all claims have been recorded in the financial statements. Inquire of and discuss with management the controls adopted for identifying, evaluating, and accounting for litigation, claims, and assessments. Obtain from management a description and evaluation of litigation, claims, and assessments existing at the balance sheet date. B. Confirm directly with the client's lawyer that all claims have been recorded in the financial statements.
Phases of Attributive Sampling
Phase 1 - Plan the Sample 1. State objectives - Example: Test operating effectiveness of controls 2. Decide whether audit sampling applies - If auditor plans to reach conclusions about population based on sample 3. Define Attributes and Exception Conditions - carefully define characteristics being tested 4. Define population 5. Define Sampling Unit - based on the population and the sample selection method. 6. Specify tolerable deviation/exception rate - lower tolerable deviation rate, the more critical the control - inversely related to sample size - Low TDR -> more worried -> higher sample size 7. Specify acceptable risk of overreliance, acceptable risk of assessing control risk is low - Acceptable risk of overreliance (ARO) measures risk the auditor is willing to take that population deviation is greater than tolerable deviation, after conncluding control is effective a. Risk over Overreliance - auditor believes control is reliable, casts N-E-T too small, may miss M.M. b. Risk of Underreliance - auditor believes control is unreliable, casts N-E-T too large, audit is not efficient 8. Estimate Population Exception Rate - estimat of exception rate to plan sample size - directly related to sample size - lower deviation rate -> less worried -> smaller sample 9. Determine the initial sample size - For non-statistical sampling, auditor uses professional judgement - Four factors: 1. Population size (small populations) - Sample size > 5,000; sample size does not matter 2. Acceptable risk of assessing CR too low - inverse relationship - Normally 5% or less, (95 % confidence) 3. Tolerable deviation rate - an inverse relationship 4. Expected Deviation Rate - directly related Phase 2 - Select Sample and Perform Audit Procedures 10. Select Sample size - probabilstic method 11. Perform audit procedures - examine each item in sample, determine whether consistent Phase 3 - Evaluate the results 12. Generalize from Sample -> Population - Calculate Sample Deviation Rate - Sample Deviation Rate = # of exceptions/Sample Size - Calculate Upper Deviation Rate = Sample Deviation Rate + Allowance for Sampling Risk 13. Analyze Exceptions 14. Decide Acceptability of population
When planning an audit of the effectiveness of the entity's internal control in an integrated audit of a nonissuer, an auditor would be least likely to consider which of the following factors?
Preliminary judgments about the effectiveness of internal control. The extent of recent changes in the entity and its operations. The type of available evidential matter pertaining to the effectiveness of the entity's internal control. The evaluation of the operating effectiveness of the controls. D. The evaluation of the operating effectiveness of the controls.
Management responsibility over IC
Primary Responsibiilty relative to audit of financial statements ICFR (Internal Controls Over Financial Reporting) Sarbanes-Oxley SEction 404 REporting Responsiblities -> Issuers -> mangement Report on ICFR REQUIRED, as of year end date
Selection Techniques
Probabilistic Methods vs. Non-probabilistic Methods Probabilstic Method: auditor randomly seleects items that has a known probability of inclusion in sample - must be used in statistical sampling 1. Simple Random Sample Selection - Generates random numbers by using 1/3 computer selection techniques: Electronic spreadsheets, random number generators, generalized audit software 2. Systematic Sample Selection with Random Start - auditor calculates interval, selects items for sample based on size of interval - random number generator to select first item 3. Stratified Sample Selection - select samples that emphasize population items with larger recorded amounts - auditor seperates population into 2 or more parts (Strata) - seperate populations Nonprobabilstic Method: auditing situations in which probabilistic is less probable - Cannot be used in statistical sampling 1. Haphazard Sample Selection - selection of items w/o conscious bias - major shortcoming: difficulting of complete unbias 2. Block Sample Selection: first item in a block, then remainder of block is chosen in a sequence
Tests of Controls
Purpose: Supports auditor's assessment that CR is below maximum, Substantive procedures alone are not sufficient (Heavy IT), and sufficient appropriate evident for opinion on effectiveness of ICFR (integrated) Objective: Determine failure rate of control in population of items subjected to control - compare estimated failure rate with tolerable deviation rate - Estimated failure rate > tolerable deviation -> Control unreliable Nature: Result in "yes" or "no" results - only performed on controls believed to be reliable - Performed @ Interim, updated at year-end Types: 1. inquires of client personnel 2. observe control-related activities 3. examine documents, records, and reports for evidence of control 4. reperform client procedures Extent: depends on preliminary assessed control risk - Extent of desired reliance, expected deviation rate of control, and IT processing inherently consistent No Changes: reoccur tests every 3 years
Auditor responsibilities
Report to Management + Those Charged with Governance: - IC Matters noted, No opinion on effectiveness + no assurance provided - Private Communication: restricted use paragraph Issuers: Section 404 of Sarbanes-Oxley: Report on operating efefctiveness of ICFR @ year-end date - Requires integraetd audit -> F/S audit + audit of ICFR under PCAOB standards - Contrains opinion on operating effectiveness @ year end, Positive Assurance Nonissuer: Operating Effecticeness of ICFR - Requires integrated audit -> F/s under GAAS and audit of ICFR - Opinion on operating effectiveness of ICFR @ year-end - Only prepared when seperately engaged
Which of the following is an audit procedure that an auditor would most likely perform concerning litigation, claims, and assessments?
Request the client's lawyer to evaluate whether the client's pending litigation, claims, and assessments indicate a going concern problem. Examine the legal documents in the client's lawyer's possession concerning litigation, claims, and assessments to which the lawyer has devoted substantial attention. Discuss with management the controls adopted for evaluating and accounting for litigation, claims, and assessments. Confirm directly with the client's lawyer that all litigation, claims, and assessments have been recorded or disclosed in the financial statements. C. Discuss with management the controls adopted for evaluating and accounting for litigation, claims, and assessments.
An engagement to audit the internal control of a nonissuer will generally:
Require procedures that duplicate those already applied in assessing control risk during a financial statement audit. Increase the reliability of the financial statements that are being audited. Be more extensive in scope than the assessment of control risk made during a financial statement audit. Be more limited in scope than the assessment of control risk made during a financial statement audit. C. Be more extensive in scope than the assessment of control risk made during a financial statement audit.
Chapter 8: Considerations of IC
Requirements for consideration of internal controls for: -nonissuers in a typical financial statement audit -integrated audits for both issuers and nonissuers Required communications relative to internal controls: for both issuers and nonissuers, in: - financial statement audit - integrated audits
Inquiries Regarding Litigation, Claims, And Assessments
Review Documents - Ask management about pending litigation, claims, and assessments - Use documents: Minimutes, ccorrespondence/invoices from lawyers - Contracts, loan agreements, loan guarantees, leases, and correspondence from taxing authorities Specific Inquiry into Litigation - Nature of matter, timing, progress of case to date, degree of probability of an unfavorable outcome, and amount/estaimte of potential loss Letter of Inquity to Client's Attorny (Required) - details pending/threatened litigation matters 1. Response by attorney 2. Limitations on response - Probable, likely, or remote? REasonable estimate? a. Substantial Attention - lawyers given substantial attention, limit response to material matters of understanding b. confidentiality litiation - unwise to disclose certain confidential information 3. Refusal to respond - GAAS PRoblem -> Qualified/Disclaimer 4. Refusal to Permit INquiry - Significant GAAS Problem 5. Inherent Uncertainties - no modification to opinion if auditor is satifisfied that F/S diclosure is adequate
How do the scope, procedures, and purpose of tests of controls in an audit of the internal control of a nonissuer compare to those for obtaining an understanding of internal control and assessing control risk as part of a financial statement audit of a nonissuer?
Scope, Procedures, and Purpose are all DIFFERENT
For which of the following audit tests would an auditor most likely use attribute sampling?
Selecting accounts receivable for confirmation of account balances. Inspecting employee time cards for proper approval by supervisors. Making an independent estimate of the amount of a LIFO inventory. Examining invoices in support of the valuation of fixed asset additions. B. Inspecting employee time cards for proper approval by supervisors. Choice "1" is incorrect. Selecting accounts receivable for confirmation of accounts balances is a substantive test. Choice "3" is incorrect. Making an independent estimate of the amount of a LIFO inventory is a substantive test. Choice "4" is incorrect. Examining invoices in support of the valuation of fixed asset additions is a substantive test.
Analyzing Results
Step 1: Find Sample Deviation Rate a. Exceptions / Total Sample Size = Sample Deviation Rate b. if there are 3 exceptions wtihin a 78 sample size, deviation rate = 3.8% Step 2: Compute Upper Deviation Rate From Applicable Table a. Use Sample Size (rounded up) and Number of Deviations b. if there is a 78 (80) sample size, with a 95% confidence, table calculates a 9.5% upper deviation rate Step 3: Determine Allowance for Sampling Risk a. Sample Deviation Rate + Allowance = Upper Deviation Rate b. with 9.5% upper deviation, 5.7% allowance (9.5% - 3.8% = 5.7%) Step 4: Evaluate Result a. To consider control reliable, TOLERABLE deviation rate must be HIGHER than computed UPPER deviation rate b. If tolerable deviation rate = 5.7% (6%), and 9.5% = upper deviation rate, then tolerable deviation < upper deviation rate; CONTROL FAILED 95% CONFIDENT THAT TRUE DEVIATION RATE IS NO MORE THAN 9.5%, HIGHER THAN TOLERABLE
Process fo rUNderstanding IC and Assessing CR
Step 1: Obtain/Document Understanidng of internal control design/operation Step 2: Assess Control Risk Step 3: Design, Perform, and Evaluate tests of controls Step 4: Decide planned detection risk and substantive tests
Which of the following best describes an auditor's responsibility with respect to communicating internal control deficiencies of issuers?
The auditor is required to communicate all deficiencies in internal control to management, deficiencies that constitute a significant deficiency to the audit committee, and deficiencies that constitute a material weakness to the full board of directors. The auditor is required to communicate all deficiencies in internal control to management, and deficiencies that constitute a significant deficiency or a material weakness to management and the audit committee. The auditor is not required to communicate control deficiencies to management or the audit committee unless they constitute a significant deficiency or a material weakness. The auditor is not required to communicate control deficiencies or significant deficiencies to management or the audit committee, but must communicate material weaknesses to both management and the audit committee. B. The auditor is required to communicate all deficiencies in internal control to management, and deficiencies that constitute a significant deficiency or a material weakness to management and the audit committee.
Which of the following parties should request inquiry of a client's lawyer?
The auditor. The stockholders. Client management. The auditor's attorney. C. Client management.
Which of the following should be included as a written representation from management?
The belief that misstatements identified by the auditor and not corrected are immaterial. The belief that misstatements identified by the auditor and corrected are material. The belief that the auditor is responsible for the fair presentation of the financial statements in conformity with generally accepted accounting principles. The belief that the financial statements are completely accurate in all respects. A. The belief that misstatements identified by the auditor and not corrected are immaterial.
As a result of sampling procedures applied as tests of controls, an auditor incorrectly assesses control risk lower than appropriate. The most likely explanation for this situation is that:
The deviation rates of both the auditor's sample and the population exceed the tolerable rate. The deviation rates of both the auditor's sample and the population is less than the tolerable rate. The deviation rate in the auditor's sample is less than the tolerable rate, but the deviation rate in the population exceeds the tolerable rate. The deviation rate in the auditor's sample exceeds the tolerable rate, but the deviation rate in the population is less than the tolerable rate. C. The deviation rate in the auditor's sample is less than the tolerable rate, but the deviation rate in the population exceeds the tolerable rate.
The primary reason an auditor requests letters of inquiry be sent to a client's attorneys is to provide the auditor with:
The probable outcome of asserted claims and pending or threatened litigation. Corroboration of the information furnished by management about litigation, claims, and assessments. The attorneys' opinions of the client's historical experiences in recent similar litigation. A description and evaluation of litigation, claims, and assessments that existed at the balance sheet date. B. Corroboration of the information furnished by management about litigation, claims, and assessments.
Definitions
Tolerable Deviation Rate: Maximum Acceptable Failure Rate for a Reliable Control Sample Deviation Rate: Failure Rate per Actual Test Results Allowance for Sampling Risk: Cushion to Project the Maximum Population Failure Rate @ Desired Confidence Level Upper Deviation Rate: Maximum Population Failure Rate Projected @ Desired Confidence Level
In performing tests of controls over authorization of cash disbursements, which of the following statistical sampling methods would be most appropriate?
Variables. Stratified. Ratio estimation. Attributes. D. Attributes