LESSON 3 - FA#3
12. Which of the following considered control environment elements? Commitment to competence Detection risk Organizational structure a. Yes No Yes b. Yes Yes Yes c. No No No d. No No Yes
a
13. An entity's risk assessment process includes how management: A/B/C/D Identifies risk Yes/Yes/No/Yes Assess significance and likelihood of occurrence of these identified risks Yes/Yes/Yes/No Decides upon actions to manage these risks Yes/No/Yes/No
a
2. A reason to establish internal control is to: a. Provide reasonable assurance that the objectives of the organization are achieved b. Ensure the accuracy, reliability and timeliness of information c. Encourage compliance with organizational objectives d. Have a basis for planning the audit
a
20. When considering an entity's system of internal control, one of the auditor's major concerns is to ascertain whether internal control is designed to provide reasonable assurance that a. Financial statements are fairly presented b. The accounting manager reviews all accounting transactions c. Profit margins are maximized, and operational efficiency is optimized d. Corporate morale problems are addressed immediately and effectively
a
26. After obtaining an understanding of an entity's internal control, an auditor may assess control risk at the maximum level for some assertions because the auditor a. Believes the internal control policies and procedures are unlikely to be effective. b. Determines that the pertinent internal control components are not well documented. c. Performs tests of controls to restrict detection risk to an acceptable level. d. Identifies internal control policies and procedures that are likely to prevent material misstatements.
a
28. Which of the following is a correct statement about internal control? a. The cost-benefit relationship is a primarily criterion that should be considered in designing internal control b. The auditor can eliminate substantive tests on significant account balances and classes of transactions for an entity that has exceptionally strong internal control c. The internal auditor has the responsibility to establish and maintain internal control d. Properly maintained internal control reasonably ensures that collusion among employees cannot occur
a
40. An auditor may decide to assess control risk at the maximum level for certain assertions because the auditor believes a. Evaluating the effectiveness of policies and procedures is inefficient. b. Sufficient evidential matter to support the assertions is likely to be available. c. More emphasis on tests of controls than substantive tests is warranted. d. Considering the relationship of assertions to specific account balances is more efficient.
a
43. After documenting internal control in an audit engagement, the auditor may perform tests on: a. Those controls that the auditor plans to rely on. b. Those controls that were reviewed (selected on a random basis). c. Those controls in which deficiencies or weaknesses were identified. d. Those controls that have a material effect on the balances in the financial statements.
a
49. Which of the following is the auditor's purpose of further testing internal control procedures? a. Provide a basis for reducing the assessed level of control risk below that which resulted from the auditor's initial understanding of internal control. b. Reduce the risk that errors or fraud which are not prevented or detected by internal control are not detected by the independent audit. c. Provide assurance that transactions are executed in accordance with management's authorization and access to assets is limited by a proper segregation of functions. d. Provide assurance that transactions are recorded as necessary to permit the preparation of the financial statements in accordance with PFRS.
a
52. A control that reduces the risk that an existing or potential control weakness will result in a failure to meet a control objective is referred to as: a. Compensating control c. Non-routine control b. Conditional control d. Offset control
a
53. When a compensating control exists, a weakness in the system: a. Is no longer a concern because the potential for misstatement has been sufficiently reduced. b. Is reduced but it is not removed; therefore, it is still of concern to the auditor. c. Could cause a material loss, so it must be tested using substantive procedures. d. Is magnified and must be removed from the sampling process and examined in its entity.
a
7. PSA 315 Redrafted requires the auditor to obtain an understanding of the client's internal controls a. For every audit b. For first-time audits c. Whenever it would be appropriate d. Sufficient to find any frauds which may exist
a
1. It is the process designed and effected by those charged with governance, management, and other personnel to provide reasonable assurance about the achievement of the entity's objectives. a. Internal auditing c. Business strategy b. Internal control d. Accounting process
b
10. The following are components of internal control: a. Organizational structure, management philosophy, and planning. b. Control environment, risk assessment process, control activities, information system and communication, and monitoring of controls. c. Risk assessment process, backup facilities, responsibility accounting and natural laws. d. Legal environment of the firm, management philosophy, and organizational structure.
b
15. As part of a periodic planning exercise, Cedric Naranjo Company discovers that a political dispute may interfere with the company's supply sources. This is an example of: a. Control environment c. Control activities b. Risk assessment d. Monitoring of controls
b
22. Obtaining an understanding of internal control involves: A/B/C/D Evaluating the design of a control Yes/Yes/Yes/No Determine whether the control has been implemented Yes/Yes/No/Yes Testing the effectiveness of a control Yes/No/Yes/Yes
b
25. To obtain an understanding of the relevant policies and procedures of internal control, the auditor performs all of the following except: a. Make inquiries c. Make observations b. Design substantive tests d. Inspect documents and records
b
27. After obtaining an understanding of internal control and assessing control risk, an auditor decided to perform tests of controls. The auditor most likely decided that a. Additional evidence to support a further reduction in control risk is not available. b. It would be efficient to perform tests of controls that would result in a reduction in planned substantive tests. c. An increase in the assessed level of control risk is justified for certain financial statement assertions. d. There were many internal control weaknesses that could allow errors to enter the accounting system.
b
32. The auditor's primary objective in obtaining an understanding of the client's control over the purchasing function is to a. Investigate the recording of unusual transactions regarding raw materials. b. Determine the reliability of financial reporting by the purchasing function. c. Observe the annual physical count. d. Ascertain that raw material paid for are on hand.
b
33. When obtaining an understanding of an entity's internal control, an auditor should concentrate on the substance of controls rather than their form because: a. The controls may be operating effectively but may not be documented. b. Management may establish appropriate controls but not act on them. c. The controls may be so inappropriate that no reliance is contemplated by the auditor. Management may implement controls with costs in excess of benefits
b
34. When obtaining an understanding of the accounting and internal control system the auditor may trace a few transactions through the accounting system. This technique is: a. Reperformance c. Control test b. Walk-through d. Validity test
b
36. Evidence of the performance of control risk assessment procedures includes all of the following except a. Flowcharts c. Questionnaires b. Lead schedule d. Memoranda
b
38. After obtaining a sufficient understanding of internal control, the auditor: a. Assesses the need to apply GAAS. b. Determines the preliminary assessment of control risk. c. Determines the assessed levels of detection risk and inherent risk. d. Assesses detection risk to determine the acceptable level of inherent risk.
b
48. An auditor intends to perform test of controls on a client's control procedures that leaves no audit trail of documentary evidence. The auditor most likely will test the procedure by a. Inquiry and inspection b. Inquiry and observation c. Confirmation and reperformance d. Analytical procedures and confirmation
b
9. In an audit of financial statements, an auditor's primary consideration regarding a control is whether it: a. Reflects management's philosophy and operating style. b. Affects management's financial statement assertions. c. Enhances management's decision-making processes. d. Provides adequate safeguards over access to assets.
b
17. Control activities constitute one of the five components of internal control. Which of the following is not included in this internal control component? a. Segregation of duties c. An internal audit function b. Performance reviews d. Authorization
c
18. Which of the following statements concerning the relevance of various types of controls to a financial statement audit is correct? a. All controls are ordinarily relevant to a financial statement audit. b. Controls over the reliability of assets and liabilities are of primary importance, while controls over the reliability of financial reporting may also be relevant. c. Controls over the reliability of financial reporting are ordinarily most directly relevant to a financial statement audit, but other controls may also be relevant. d. An auditor may ordinarily ignore a consideration of controls when a substantive audit approach is taken.
c
19. An internal control system that is working effectively a. Eliminates risk and potential loss of to the entity b. Cannot be circumvented by management c. Reduces the need for management the review exception reports on a day-to-day basis d. Is unaffected by changing circumstances and conditions encountered by the entity
c
21. When obtaining knowledge about an entity's internal control, it is important for the auditor to consider the competence of its employees, because their competence bears directly and importantly upon the a. Cost-benefit relationship of internal control b. Comparison of recorded accountability with assets c. Achievement of the objectives of internal control Timing of substantive tests to be performed
c
24. The primary objective of procedures performed to obtain an understanding of internal control is to provide an auditor with a. Information necessary to prepare flowcharts. b. Evidence to use in reducing detection risk. c. Knowledge necessary to plan the audit. d. A basis for modifying test of controls.
c
29. In obtaining an understanding of internal control relevant to the audit, an auditor is required to obtain knowledge about the a. Effectiveness of controls that have been implemented. b. Consistency with which controls are currently being applied. c. Design of the controls pertaining to internal control components. Controls related to each class of transactions and account balance
c
30. Information about segregation of duties ordinarily is best obtained by a. Performing test of transactions that corroborate management's financial statements assertions. b. Developing audit objectives that reduce control risk. c. Observing employees as they apply specific controls. d. Obtaining a flowchart of activities performed by entity personnel.
c
31. In conducting an audit in accordance with PSAs, the auditor is required to identify and assess the risks of material misstatement at the financial statements level, and at the assertion level for classes of transactions, account balances, and disclosure. Some of these risks, in the auditor's judgment, require special audit consideration, such as those that involve fraud or complex transactions. Such risks are called a. Business risks c. Significant risks b. Audit risks d. Material risks
c
35. Control risk assessment procedures include all of the following except a. Inspection of documents c. Confirmation of bank balances Observation of procedures d. Inquiry of client personnel
c
39. The ultimate purpose of assessing control risk is to contribute to the auditor's evaluation of the risk that: a. Specified controls requiring segregation of duties may be circumvented by collusion. b. Tests of controls may fail to identify controls relevant to assertions. c. Material misstatement may exist in the financial statements. d. Entity policies may be circumvented by senior management.
c
41. An auditor's flowchart of a client's accounting system is a diagrammatic representation that depicts the auditor's a. Assessment of control environment's effectiveness b. Identification of weaknesses in the system c. Understanding of the system d. Assessment of control risk
c
42. Which of the following statements is true? a. Tests of controls are necessary if the auditor plans to use the primarily substantive approach. b. Tests of controls are necessary if the auditor plans to assess the level of control risk at maximum. c. The auditor can simultaneously obtain an understanding of internal control and perform tests of controls. d. After performing tests of controls, the auditor will always assess control risk at maximum.
c
44. After obtaining an understanding of an entity's internal control structure and assessing control risk, an auditor may next: a. Perform tests of control to verify management's assertions that are embodied in the financial statements. b. Apply analytical procedures as substantive tests to validate the assessed level of control risk. c. Consider whether evidential matter is available to support a further reduction in the assessed level of control risk. d. Evaluate whether the internal control structure policies and procedures detected material misstatements in the financial statements.
c
45. In a financial statement audit, the auditor is required to perform test of controls when I. The auditors risk assessment includes expectation of the operating effectiveness of controls. II. When substantive procedures alone do not provide sufficient appropriate audit evidence at the assertion level. a. I only c. Either I or II b. II only d. Neither I nor II
c
5. Internal control can only provide reasonable, not absolute, assurance of achieving entity control objectives. One of the factors limiting the likelihood of achieving those objectives is that: a. The auditor's primary responsibility is the detection of fraud. b. The board of directors is active and independent. c. The cost of internal control should not exceed its benefits. d. Management monitors internal control.
c
50. Which of the following statements is correct? a. Tests of controls are necessary if the auditor plans to use the primarily substantive approach. b. Tests of controls are necessary if the auditor plans to assess the level of control risk at a high (maximum) level. c. The auditor can simultaneously obtain an understanding of internal control and perform tests of controls. d. After performing tests of controls, the auditor will always assess control risk at a high level.
c
51. Which of the following is not a characteristic of the lower control risk approach? a. The auditor usually plans to place considerable reliance on the controls. b. The auditor plans to perform extensive tests of controls. c. Control risk is usually assessed at maximum level. d. Substantive tests are usually restricted.
c
55. Regardless of the assessed level of control risk, an auditor would perform some a. Test of controls to determine the operating effectiveness of internal control policies b. Analytical procedures to verify the design of internal control procedures c. Substantive test to restrict detection risk for significant classes of transactions d. Dual-purpose test to evaluate both the risk of monetary misstatement and preliminary control risk
c
6. Which of the following is an example of an inherent limitation in a client's internal control system? a. The effectiveness of procedures depends on the segregation of employee duties. b. Procedures are designed to assure the execution and recording of transactions in accordance with management's authorization. c. In the performance of most control procedures, there are possibilities of errors arising from mistakes in judgment. d. Procedures for handling large numbers of transactions are processed by information technology (IT) equipment.
c
8. The primary purpose of the auditor's consideration of internal control is to provide a basis for a. Determining whether procedures and records that are concerned with the safeguarding of assets are reliable. b. Constructive suggestions to clients concerning deficiencies in internal control. c. Determining the nature, timing and extent of audit tests to be applied. d. The expression of an opinion.
c
1. Tests of controls are used to test whether controls are: a. Properly incorporated in the financial statements b. Placed in operation or implemented c. Properly documented by the client d. Operating effectively
d
11. Which of the following statements best describes "control environment?" a. Policies and procedures that help ensure that management directives are carried out. b. The system for transferring information from transaction processing systems to the general ledger or the financial reporting system. c. The entity's process for identifying business risks relevant to financial reporting objectives and deciding about actions to address those risks, and the results thereof. d. This includes the governance and management functions and the attitudes, awareness, and actions of those charged with governance and management concerning the entity's internal control and its importance to the entity.
d
14. Risks can arise or change due to circumstances such as the following, except: a. There is a change in the regulatory or operating environment (i.e. a new law has been passed which prohibits the use of a chemical which is a main ingredient of the company's major product). b. New employees have been hired by the company. c. The company switched from manual information systems to a computerized system. d. The accounting and financial reporting framework has remained stable for the past five years, and no new pronouncements have been made.
d
16. Under PSA 315, monitoring of controls is an internal control component that involves a process of assessing the quality of internal control performance over time. It involves assessing the design and operation of controls on a timely basis and taking necessary corrective actions. Monitoring of controls is accomplished through ongoing monitoring activities, separate evaluations, or a combination of the two. An entity's ongoing monitoring activities often include a. Periodic reporting by the entity's internal auditors about the functioning of internal control b. The audit of the annual financial statements c. Periodic audits by the audit committee d. Reviewing the purchasing account
d
23. Control activities are the policies and procedures that help ensure that management directives are carried out. These include activities relating authorization, performance reviews, information processing, physical controls and segregation of duties. There is proper segregation of duties when an individual who a. Authorizes a transaction records it. b. Maintains custody of an asset has access to the accounting records for the asset. c. Authorizes transaction maintains custody of the asset that resulted from the transaction. d. Records a transaction do not compare the accounting record of the asset with the asset itself.
d
3. This is a basic concept of internal control which recognizes that the cost of internal control should not exceed the benefits expected to be derived from it: a. Management by exception c. Limited liability b. Management responsibility d. Reasonable assurance
d
37. Which of the following statements regarding auditor documentation of the client's internal control structure is correct? a. Documentation must include flowcharts. b. Documentation must include procedural write-ups. c. No documentation is necessary although it is desirable. d. No one particular form of documentation is necessary, and the extent of documentation may vary.
d
4. Internal controls are not designed to provide reasonable assurance that a. The recorded accountability for assets is compared with the existing assets at reasonable intervals b. Access to assets is permitted only in accordance with management's authorization c. Transactions are executed in accordance with management's authorization d. Irregularities will be eliminated
d
47. Tests of controls may include the following, except: a. Reperformance of internal control procedures b. Inquiries about, and observation of, internal controls which leave no audit trail c. Inspection of documentary support to transactions evidencing authorization d. Analytical procedures involving comparison of operating expenses with budget amount
d
54. If no changes have occurred since the controls were last tested, a CPA should a. Rely on the prior year audit's assessment of internal controls and use this assessment in the current year. b. Test the operating effectiveness of such controls at least once in every fourth audit. c. Rely entirely on the performance of substantive audit procedures. d. Test the operating effectiveness of such controls at least once in every third audit
d