Which of the following factors most likely would cause a CPA to decide not to accept a new audit engagement?
a. The CPA's lack of understanding of the prospective client's internal audit function's audit plan.
b. The prospective client refuses to let the
b. The prospective client refuses to let the predecessor auditor respond to communication from the successor auditor.
Which of the following statements is correct with regard to the predecessor-successor communications?
a. The successor auditor has no responsibility to contact the predecessor auditor.
b. The successor auditor should obtain permission from the entity befo
b. The successor auditor should obtain permission from the entity before contacting the predecessor auditor.
Which of the following statements best represents the reason why auditors prepare engagement letters to be signed by their auditees?
a. They provide documentation of management's responsibility for the financial statements.
b. They document the audit fees
c. They communicate and clarify the expectations and responsibilities of both the auditee and the auditor.
Which of the following factors would be of least importance to an auditor in determining how much reliance can be placed on the work of internal auditors?
a. The competence and objectivity of the internal audit function.
b. The materiality or significance
d. The nature of the audit software documentation used by the internal auditors.
The audit committee of a company which is responsible for the appointment of the independent audit firm should consist of?
a. Members of the board of directors who are not officers or employees.
b. Representatives of major equity interests (i.e., common a
a. Members of the board of directors who are not officers or employees.
Which of the following would most likely indicate the existence of related parties?
a. Failing to write down inventory to market value just before year-end.
b. Depending on one or a few products for nearly all of a firm's operating revenues.
c. Borrowing
c. Borrowing money at an interest rate substantially below the prevailing market rate of interest.
Tests of controls include all of the following except:
a. Inspection of documents, files, etc.
b. Analytical procedures
c. Walkthroughs.
d. Observation.
b. Analytical procedures
Which of the following would NOT be a typical supervisory activity for an audit?
a. Perform detailed testing of the accounts payable account.
b. Inform engagement team of the nature, timing, and extent of audit procedures.
c. Review the work of other enga
a. Perform detailed testing of the accounts payable account.
The concept of materiality as it applies to a financial statement audit
a. Relates primarily to the audit fees involved.
b. Generally involves less professional judgment for public companies.
c. Is determined, in part, based on how financial statement use
c. Is determined, in part, based on how financial statement users may be influenced in making decisions.
According to the text, the first step in applying materiality to an audit is
a. To determine tolerable misstatement for each account balance.
b. To determine a materiality level for the overall financial statements.
c. To aggregate the misstatements found
b. To determine a materiality level for the overall financial statements.
For which laws and regulations does the auditor have the same responsibility as that for errors and fraud?
a. Laws and regulations that have an indirect effect on the determination of financial statement amounts.
b. Laws and regulations that have a materi
c. Laws and regulations that have a direct and material effect on the financial statements.
When establishing an understanding with the entity regarding the terms of the engagement, all of the following should be discussed, except:
a. The engagement letter.
b. The internal audit function.
c. The audit committee.
d. The agreed upon limits on audi
d. The agreed upon limits on auditor liability for an improper audit.
The preliminary engagement activities include all of the following except:
a. Determine the audit engagement team requirements.
b. Ensure that the audit team is independent.
c. Ensure that there is an independent audit committee.
d. Ensure that the audit
c. Ensure that there is an independent audit committee
A dual-purpose test is:
a. A procedure that provides evidence about two different account balances at the same time.
b. A procedure that serves as both a test of control and a substantive test of transactions.
c. A procedure that provides evidence about t
b. A procedure that serves as both a test of control and a substantive test of transactions.
When likely misstatements are greater than overall materiality, the auditor should
a. Request that the auditee adjust the financial statements.
b. Issue an unqualified opinion.
c. Modify the opinion if the auditee will not adjust the financial statements.
d. Request that the auditee adjust the financial statements./ Modify the opinion if the auditee will not adjust the financial statements.
Before accepting an audit engagement, a successor auditor should make specific inquiries of the predecessor auditor regarding the predecessor's:
a. awareness of the consistency in the application of generally accepted accounting principles between periods
b. understanding as to the reasons for the change of auditors.
A written understanding between the auditor and the entity concerning the auditor's responsibility for fraud is usually set forth in a(n):
a. letter of audit inquiry.
b. engagement letter.
c. management letter.
d. internal control letter.
b. engagement letter.
If the independent auditors decide that it is efficient to consider how the work performed by the internal auditors may affect the nature, timing, and extent of audit procedures, they should assess the internal auditors':
a. competence and objectivity.
b.
a. competence and objectivity.
During the initial planning phase of an audit, a CPA most likely would:
a.evaluate the reasonableness of the entity's accounting estimates.
b. dentify specific internal control activities that are likely to prevent fraud.
c. discuss the timing of the audi
c. discuss the timing of the audit procedures with the entity's management
As generally conceived, the audit committee of a publicly held company should be made up of:
a. representatives of the major equity interests (preferred stock, common stock).
b. the audit partner, the chief financial officer, the legal counsel, and at lea
c. members of the board of directors who are not officers or employees.
When planning an audit, an auditor should:
a.evaluate detected misstatements.
b. determine overall materiality for audit purposes.
c. consider whether the extent of substantive procedures may be reduced based on the results of tests of controls.
d. conclu
b. determine overall materiality for audit purposes.
Which of these statements concerning illegal acts by clients is correct?
a. An audit in accordance with generally accepted auditing standards normally includes audit procedures specifically designed to detect illegal acts that have an indirect but materia
d. An auditor's responsibility to detect illegal acts that have a direct and material effect on the financial statements is the same as that for errors and fraud.
The engagement partner and manager review the work of engagement team members to evaluate which of the following?
a. The work was performed and documented.
b. The objectives of the procedures were achieved.
c. The results of the work support the conclusio
d. All of these are correct.
Tolerable misstatement is:
a. materiality used to establish a scope for the audit procedures for the individual account balance or disclosures.
b. the amount of misstatement that management is willing to tolerate in the financial statements.
c. materialit
a. materiality used to establish a scope for the audit procedures for the individual account balance or disclosures.
Which of the following would an auditor most likely use in determining overall materiality when planning the audit?
a. The anticipated sample size of the planned substantive tests.
b. The entity's income before taxes for the period-to-date (e.g., 6 months
b. The entity's income before taxes for the period-to-date (e.g., 6 months).
The existence of audit risk is recognized by the statement in the auditor's standard report that the:
a. Auditor obtains reasonable assurance about whether the financial statements are free of material misstatements.
b. Auditor is responsible for expressi
a. Auditor obtains reasonable assurance about whether the financial statements are free of material misstatements.
Which of the following factors would an auditor least likely consider when assessing the inherent risk associated with sales transactions?
a. Billings are made using the percentage-of-completion method of revenue recognition.
b. The nature of the credit a
b. The nature of the credit authorization internal control process.
The risk that an auditor's procedures will lead to a conclusion that a material misstatement in an account balance does not exist when, in fact, a misstatement does exist, is known as:
a. Audit risk.
b. Detection risk.
c. Inherent risk.
d. Business risk.
b. Detection risk.
One of your clients recently upgraded its accounting system from a medium-scale general ledger package to a complex state-of-the-art enterprise resource planning system. This installation took place over the last nine months of the entity's fiscal year an
a. It will likely increase the risk of material misstatement.
Which of the following would be classified as an error?
a. Misinterpretation by management of facts that existed when the financial statements were prepared.
b. Misappropriation of assets for the benefit of management.
c. Preparation of records by employe
a. Misinterpretation by management of facts that existed when the financial statements were prepared.
Which of the following factors is least likely to represent an opportunity to commit fraud?
a. The audit committee is ineffective.
b. Poor internal controls over cash transactions.
c. The existence of highly complex transactions.
d. Operating losses make
d. Operating losses make a hostile takeover imminent.
The auditor obtains an understanding of the entity and its environment by performing all of the following assessment procedures except:
a. Inquiries of management and others.
b. Compute the level of detection risk.
c. Analytical procedures.
d. Observation
b. Compute the level of detection risk.
Which of the following statements is false as it relates to the auditor's responsibility to document the risk assessment?
a. The documentation may include the use of questionnaires.
b.Management's response to high-risk areas identified by the auditor shou
c. The level of risk must be set quantitatively (i.e., inherent risk is 60%).
The disclosure of fraud to parties other than the entity's senior management and its audit committee ordinarily would be precluded by the auditor's ethical or legal obligations of confidentiality. However, the auditor has a duty to disclose the informatio
c. A Wall Street analyst inquiry regarding future profit projections.
Which of the following is not one of the three conditions that are generally present when fraud occurs?
a. incentive or pressure.
b. Opportunity.
c. Rationalization or attitude.
d. Collusion.
d. Collusion.
Audit risk is typically considered and assessed:
a. At the assertion level.
b. At the account balance level.
c. For the financial statements as a whole.
d. All of the above.
d. All of the above.
If risk of material misstatement is higher than originally anticipated, the auditor may respond by:
a. assign more experienced personnel.
b. Reducing control risk.
c. Reducing inherent risk.
d. None of the above.
a. assign more experienced personnel.
If the auditor determines that a material misstatement may be due to fraud, the auditor should do all of the following except:
a. Attempt to obtain evidence to determine whether the misstatement was, in fact, due to fraud.
b. Discuss the findings with an
c. Alert the authorities.
Which of the following represents a factual misstatement?
a. A misstatement that management knows about, but the auditor does not.
b. A misstatement found by the auditor that is due to incorrect pricing on a sales invoice.
c. A misstatement arising from t
b. A misstatement found by the auditor that is due to incorrect pricing on a sales invoice.
If acceptable audit risk is set at low and the assessed risk of material misstatement is high, then detection risk must be:
a. High.
b. Moderate.
c. Low.
d. Cannot determine detection risk from the information given.
c. Low.
Which of the following concepts are pervasive in the application of auditing standards?
a. Expected misstatement.
b. Control risk.
c. Materiality and audit risk.
d. Internal control.
c. Materiality and audit risk.
The existence of audit risk is recognized by the statement in the auditor's standard report that the auditor:
a. assesses the accounting principles used and evaluates the overall financial statement presentation.
b. realizes that some matters, either indi
c. obtains reasonable assurance about whether the financial statements are free of material misstatement.
Risk of material misstatement refers to a combination of which two components of the audit risk model?
a. Control risk and detection risk.
b. Inherent risk and control risk.
c. Audit risk and inherent risk.
d. Audit risk and control risk.
b. Inherent risk and control risk
As lower acceptable levels of both audit risk and materiality are established, the auditor should plan more work on individual accounts to:
a. find smaller errors.
b. increase the tolerable misstatements in the accounts.
c. decrease the risk of overrelian
a. find smaller errors.
Which of the following characteristics most likely would heighten an auditor's concern about the risk of intentional manipulation of financial statements?
a. The rate of change in the entity's industry is slow.
b. Insiders recently purchased additional sh
c. Management places substantial emphasis on meeting earnings projections.
Which of the following is a misappropriation of assets?
a. Classifying inventory held for resale as supplies.
b. An employee of a consumer electronics store steals 12 CD players.
c. Investing cash and earning at a 3 percent rate of return as opposed to pa
b. An employee of a consumer electronics store steals 12 CD players.
Auditing standards require auditors to make certain inquiries of management regarding fraud. Which of the following inquiries is required?
a. Management's attitude about hiring ethical employees.
b. Whether management has ever intentionally violated the s
d. Whether management has any knowledge of fraud that has been perpetrated on or within the entity.
Which of the following is an example of fraudulent financial reporting?
a. An employee steals inventory, and the shrinkage is recorded as a cost of goods sold.
b. An employee borrows small tools from the company and neglects to return them; the cost is re
d. Company management falsifies the inventory count, thereby overstating ending inventory and understating cost of sales.
When is a duty to disclose fraud to parties other than the entity's senior management and its audit committee most likely to exist?
a. In response to inquiries from a successor auditor.
b. When the fraud results from misappropriation of assets rather than
a. In response to inquiries from a successor auditor.
Which of the following is correct concerning required auditor communications about fraud?
a. Fraud that involves senior management should be reported directly by the auditor to the audit committee regardless of the amount involved.
b. Fraud with a materia
a. Fraud that involves senior management should be reported directly by the auditor to the audit committee regardless of the amount involved.
Which of the following procedures would an auditor most likely rely on to verify management's assertion of completeness?
a. Confirming a sample of recorded receivables by direct communication with the debtors.
b. Comparing a sample of shipping documents t
b. Comparing a sample of shipping documents to related sales invoices.
In testing the existence assertion for an asset, an auditor ordinarily works from the:
a. potentially unrecorded items to the financial statements.
b. accounting records to the supporting documents.
c. financial statements to the potentially unrecorded it
b. accounting records to the supporting documents.
Which of the following statements concerning audit evidence is correct?
a. The measure of the reliability of audit evidence lies in the auditor's judgment.
b. The difficulty and expense of obtaining audit evidence concerning an account balance are a valid
a. The measure of the reliability of audit evidence lies in the auditor's judgment.
Which of the following presumptions is least likely to relate to the reliability of audit evidence?
a. The more effective internal control, the more assurance it provides about the accounting data and financial statements.
b. An auditor's opinion is forme
b. An auditor's opinion is formed within a reasonable time to achieve a balance between benefit and cost.
Which of the following types of audit evidence is the least reliable?
a. Test counts of inventory performed by the auditor.
b. Correspondence from the entity's attorney about litigation.
c. Prenumbered purchase order forms prepared by the entity.
d. Bank
c. Prenumbered purchase order forms prepared by the entity.
Audit evidence can come in different forms with different degrees of reliability. Which of the following is the most persuasive type of evidence?
a. Prenumbered entity sales invoices.
b. Computations made by the auditor.
c. Vendors' invoices included in t
b. Computations made by the auditor.
An auditor would be least likely to use confirmations in connection with the examination of:
a. inventory held in a third-party warehouse.
b. refundable income taxes.
c. long-term debt.
d. stockholders' equity.
b. refundable income taxes.
The assurance bucket is filled with all of the following types of evidence except:
a. substantive analytical procedures.
b. test of controls.
c. the audit report.
d. tests of details.
c. the audit report.
The current file of the auditor's working papers should generally include:
a. organization charts.
b. copies of bond and note indentures.
c. a copy of the financial statements.
d. a flowchart of the accounting system.
c. a copy of the financial statements.
The permanent file section of the working papers that is kept for each audit client most likely contains:
a. a schedule of time spent on the engagement by each individual auditor.
b. narrative descriptions of the entity's accounting system and control pro
b. narrative descriptions of the entity's accounting system and control procedures.
An audit document that reflects the major components of an amount reported in the financial statements is referred to as a(n):
a. lead schedule.
b. supporting schedule.
c. working trial balance.
d. audit control account.
a. lead schedule.
The primary objective of final analytical procedures is to:
a. Satisfy doubts when questions arise about an entity's ability to continue in existence.
b. Assist the auditor in assessing the validity of the conclusions reached on the audit.
c. Obtain evide
b. Assist the auditor in assessing the validity of the conclusions reached on the audit.
The substantive analytical procedure known as trend analysis is best described by:
a. the comparison, across time or to a benchmark, of relationships between financial statement accounts or between an account and nonfinancial data.
b. the examination of c
b. the examination of changes in an account over time.
Discussions with the owner-manager of an entity under audit reveal to the auditor that the company is more concerned with minimizing its income tax payments than maximizing income. Based on this information, which management assertion will the auditor be
b. Completeness.
Which of the following primary assertions is satisfied when an auditor observes the entity's physical count of inventory?
a. Accuracy, Valuation and Allocation.
b. Completeness.
c. Existence.
d. Rights and obligations.
c. Existence.
Which of the following statements is correct with regard to the quality or appropriateness of evidential matter?
a. The auditor's direct personal knowledge, obtained through observation and inspection, is more persuasive than information obtained indirect
a. The auditor's direct personal knowledge, obtained through observation and inspection, is more persuasive than information obtained indirectly from independent outside sources.
Which of the following audit procedures would most likely be used to test the mathematical accuracy of a five-hundred page inventory listing?
a. Send confirmations to selected vendors to verify amounts.
b. Examine a random sample of inventory documents.
c
d. Use computer assisted audit techniques to foot, or sum, the entire listing.
Confirmations would normally be most likely used as a type of audit evidence in connection with which of the following?
a. Goodwill.
b. Deferred Taxes.
c. Machinery and Equipment.
d. Accounts Receivable.
d. Accounts Receivable.
One of the main objectives of performing analytical review procedures during the planning phase of the audit is to identify:
a. Transactions that have not been properly authorized.
b. Illegal acts undetected as a result of poor internal controls.
c. Ineff
d. Unusual changes that may signal possible account misstatements.
Audit evidence can come in different forms with different degrees of reliability. Which of the following is the least reliable type of evidence?
a. Vendor confirmations of accounts payable balances.
b. Copies of bank statements obtained from the entity un
c. Pre-numbered sales invoices.
Which of the following presumptions is correct regarding the reliability of audit evidence?
a. To be reliable, evidence should be convincing rather than simply persuasive.
b. Information obtained directly from the company is considered to be the most reli
c. An effective internal control system provides increased assurance with regard to the reliability of audit evidence.
Which of the following is true relating to audit work paper documentation?
a. It serves as the basis of review for audit supervisors to determine if sufficient, appropriate evidence has been gathered.
b. It should not include copies of any client-generate
a. It serves as the basis of review for audit supervisors to determine if sufficient, appropriate evidence has been gathered.
Which of the following items is generally not included as part of audit documentation?
a. Heading.
b. Indexing.
c. Client review notation.
d. Tickmarks.
c. Client review notation.
According to the reliability hierarchy by evidence type as presented in the text, an example of audit evidence with a low level of reliability is:
a. Reperformance.
b. Inspection.
c. Observation.
d. Analytical procedures.
c. Observation.
According to the reliability hierarchy by evidence type as presented in the text, an example of audit evidence with a high level of reliability is:
a. Scanning.
b. Recalculation.
c. Observation.
d. Confirmation.
b. Recalculation.
Audit documentation provides the principal support for which of the following?
a. Demonstrate how the audit complied with auditing and related professional practice standards.
b. Support the basis for the auditor's conclusions concerning every material fi
d. All of the above.
According to the text, each of the following is a main purpose for performing audit procedures except:
a. To obtain an understanding of the entity and its environment.
b. To test the operating effectiveness of controls.
c. To develop recommendations for t
c. To develop recommendations for the control system.
Which of the following is true regarding audit evidence?
a. Auditors typically gather audit evidence about one whole financial statement at a time rather than one account at a time.
b. Auditors rarely gather audit evidence about one business process at a
c. Audit evidence is gathered to determine whether each relevant financial statement assertion is being supported.
An auditor's primary consideration regarding an entity's internal controls is whether they:
a. affect the financial statement assertions.
Correct
b. prevent management override.
c. reflect management's philosophy and operating style.
d. relate to the cont
a. affect the financial statement assertions.
Which of the following statements about internal control is correct?
a. An exceptionally strong internal control system is enough for the auditor to eliminate substantive procedures on a significant account balance.
b. The establishment and maintenance of
c. The cost-benefit relationship is a primary criterion that should be considered in designing an internal control system.
Internal control is a process designed to provide reasonable assurance regarding the achievement of which objective?
a. Effectiveness and efficiency of operations.
b. Reliability of financial reporting.
c. Compliance with applicable laws and regulations.
d. All of these are correct
Monitoring is a major component of the COSO Internal Control�Integrated Framework. Which of the following is not correct in how the company can implement the monitoring component?
a. Monitoring can be an ongoing process.
b. The independent auditor can ser
b. The independent auditor can serve as part of the entity's control environment and continuous monitoring.
After obtaining an understanding of an entity's internal control system, an auditor may set control risk at high for some assertions because the auditor:
a. identifies internal controls that are likely to prevent material misstatements.
b. determines that
c. believes the internal controls are unlikely to be effective.
Regardless of the assessed level of control risk, an auditor would perform some:
a. tests of controls to determine the effectiveness of internal controls.
b. analytical procedures to verify the design of internal controls.
c. dual-purpose tests to evaluat
d. substantive procedures to restrict detection risk for significant transaction classes.
Assessing control risk below high involves all of the following except:
a. concluding that controls are ineffective.
b. analyzing the achieved level of control risk after performing tests of controls.
c. performing tests of controls.
d. identifying specif
a. concluding that controls are ineffective.
Which of the following audit techniques would most likely provide an auditor with the most assurance about the effectiveness of the operation of a control?
a. Walkthrough.
b. Inquiry of entity personnel.
c. Observation of entity personnel.
d. Reperformanc
b. Inquiry of entity personnel.
The highest-quality and most reliable audit evidence that segregation of duties is properly implemented is obtained by:
a. inspection of a flowchart of duties performed and available personnel.
b. inquiries of employees who apply control activities.
c. ob
c. observation by the auditor of the employees performing control activities.
SOC 1, Type 2 reports issued by the service organization's auditor typically:
a. assess whether the service organization's controls are suitably designed and operating effectively.
b. provide reasonable assurance that their financial statements are free o
a. assess whether the service organization's controls are suitably designed and operating effectively.
Significant deficiencies are matters that come to an auditor's attention that should be communicated to an entity's audit committee because they represent:
a. disclosures of information that significantly contradict the auditor's going concern assumption.
c. significant deficiencies in the design or operation of the internal control.
An auditor anticipates assessing control risk at a low level in an IT environment. Under these circumstances, on which of the following controls would the auditor initially focus?
a. General controls.
b. Application controls.
c. Output controls.
d. Data c
a. General controls.
An auditor's flowchart of an entity's accounting system is a diagrammatic representation that depicts the auditor's:
a. documentation of the study and evaluation of the system.
b. understanding of the system.
c. program for tests of controls.
d. understan
b. understanding of the system.
Auditors obtain an understanding of a nonpublic entity's internal control for the primary purpose of:
a. Gathering sufficient evidence to provide a reasonable basis for an opinion on the financial statements.
b. Determining the nature, extent, and timing
b. Determining the nature, extent, and timing of subsequent audit procedures to be performed.
Internal controls are designed to achieve company objectives in all of the following areas except:
a. Safeguarding of assets.
b. Reliability of financial reporting.
c. Reduction of debt financing costs.
d. Compliance with laws and regulations.
c. Reduction of debt financing costs.
Which of the following is not one of the five major components of internal control?
a. Risk assessment.
b. Control activities.
c. Information and communication system.
d. Human resource background checks.
d. Human resource background checks.
Which of the following is a proper reason for not conducting tests of controls for nonpublic companies?
a. The internal control structure appears very strong.
b. The procedures require more audit effort than the projected benefits to be obtained from lowe
b. The procedures require more audit effort than the projected benefits to be obtained from lowering the control risk.
For nonpublic companies with preliminary control risk assessments set at high, auditors are likely to:
a. Use a reliance strategy.
b. Complete little or no tests of controls.
c. Complete interim testing of account balances.
d. Test controls extensively.
b. Complete little or no tests of controls.
Which of the following represents the correct sequence of audit steps that come after first obtaining an understanding and documenting the entity's internal control?
a. Test of Controls, Assess Control Risk, Determine Extent of Substantive Tests, Reassess
d. Assess Control Risk, Test of Controls, Reassess Control Risk, Determine Extent of Substantive Testing.
Which of the following statements regarding auditor documentation of the entity's internal control is correct?
a. Documentation must include narrative memorandums.
b. No documentation is necessary to satisfy GAAS, however, oral inquiry is required at mini
d. No one particular form of documentation is necessary, and the extent of documentation may vary.
An auditor may need to obtain a service auditor's report when an entity receives accounting services such as payroll from a service organization. Which of the following statements is true regarding this service audit report?
a. It should include an opinio
a. It should include an opinion.
The auditor must report the following to the audit committee or others charged with governance:
a. Only material weaknesses.
b. Only significant deficiencies.
c. Significant deficiencies and material weaknesses.
d. All control deficiencies identified duri
c. Significant deficiencies and material weaknesses.
Which of the following is not considered a general control?
a. Back up and disaster recovery controls.
b. Password protection on the central server.
c. Reconciliation of payroll record count with the number of active employees.
d. Requiring change authori
c. Reconciliation of payroll record count with the number of active employees.
A reliance strategy is chosen when the auditor:
a. Plans on conducting tests of controls.
b. Has set the control risk at a high level.
c. Has set the control risk at a lower level.
d. Plans on conducting tests of controls and Has set the control risk at a
d. Plans on conducting tests of controls and Has set the control risk at a lower level.
Understanding each of the components of internal control provides knowledge about:
a. The design of tests of controls.
b. The assessment of inherent risks.
c. Factors that affect the risk of material misstatement.
d. The design of tests of controls & Fact
d. The design of tests of controls & Factors that affect the risk of material misstatement.
The effectiveness of internal control is reduced by:
a. Computerized accounting records.
b. Flowcharts.
c. Human errors or mistakes.
d. Both a and c.
c. Human errors or mistakes.
In order to be able to set control risk at a lower level, the auditor must do all of the following except:
a. Identify all general IT controls.
b. Identify specific controls that will be relied upon.
c. Perform tests of controls.
d. Conclude on the achiev
a. Identify all general IT controls.
The auditor may document the achieved level of control risk using all of the following except:
a. Structured working papers.
b. Flowcharts.
c. Internal control questionnaire.
d. A memorandum.
b. Flowcharts.
The Sarbanes-Oxley Act of 2002 requires management to include a report on the effectiveness of ICFR in the entity's annual report. It also requires auditors to report on the effectiveness of ICFR. Which of the following statements concerning these require
a. The auditor should provide recommendations for improving internal control in the audit report.
A control deviation caused by an employee performing a control procedure that he or she is not authorized to perform is always considered a:
a. significant deficiency.
b. deficiency in design.
c. material weakness.
d. deficiency in operation.
d. deficiency in operation.
Which of the following is not a factor that might affect the likelihood that a control deficiency could result in a misstatement in an account balance?
a. The nature of the financial statement accounts, disclosures, and assertions involved.
b. The suscept
c. The financial statement amounts exposed to the deficiency.
Entity-level controls can have a pervasive effect on the entity's ability to meet the control criteria. Which one of the following is not an entity-level control?
a. The period-end financial reporting process.
b. Controls to monitor results of operations.
c. Controls to monitor the inventory taking process.
Which of the following controls would most likely be tested during an interim period?
a. Controls that operate on a continuous basis.
b. Controls over the period-end financial reporting process.
c. Controls over transactions that involve a high degree of
a. Controls that operate on a continuous basis.
If the financial reporting risks for a location are low and the entity has good entity-level controls, management may rely on which of the following for its assessment?
a. Documentation and test entity-level controls over the entire entity.
b. Selective c
c. Self-assessment processes in conjunction with entity-level controls.
A walkthrough is one procedure used by an auditor as part of the internal control audit. A walkthrough requires an auditor to:
a. tour the organization's facilities and locations before beginning any audit work.
b. trace a transaction from each major clas
b. trace a transaction from each major class of transactions from origination through the entity's information system until it is reflected in the entity's financial reports.
When auditors report on the effectiveness of internal control "as of" a specific date and obtain evidence about the operating effectiveness of controls at an interim date, which of the following items would be the least helpful in evaluating the additiona
d. The walkthrough of the control system conducted at interim.
AnnaLisa, an auditor for N. M. Neal & Associates, is prevented by the management of Lileah Company from auditing controls over inventory. Lileah is a public company. Management explains that controls over inventory were recently implemented by a highly re
d. A disclaimer of opinion.
In auditing a public company, Natalie, an auditor for N. M. Neal & Associates, identifies four deficiencies in ICFR. Three of the deficiencies are unlikely to result in financial misstatements that are material. One of the deficiencies is reasonably likel
d. An unqualified report.
In auditing ICFR for a public company, Emily finds that the entity has a significant subsidiary located in a foreign country. Emily's accounting firm has no offices in that country, and the entity has thus engaged another reputable firm to conduct the aud
d. Accept the other auditor's opinion after evaluating the auditor's work and make reference to the other auditor's report in her audit opinion.
Which of the following statements concerning control deficiencies is true?
a. All control deficiencies are significant deficiencies.
b. An auditor must immediately report material weaknesses and significant deficiencies discovered during an audit to the P
c. The auditor should communicate to management, in writing, all control deficiencies in internal control identified during the audit.
Significant deficiencies and material weaknesses must be communicated to an entity's audit committee because they represent
a. disclosures of information that significantly contradict the auditor's going concern assumption.
b. material fraud or illegal ac
c. significant deficiencies in the design or operation of internal control.
Which of the following most likely represents a weakness in internal control of an IT system:
a. The control clerk establishes control over data received by the IT department and reconciles control totals after processing.
b. The systems programmer design
c. The systems analyst reviews output and controls the distribution of output from the IT department.
A primary advantage of using generalized audit software packages to audit the financial statements of an entity that uses an IT system is that the auditor may:
a. access information stored on computer files while having a limited understanding of the enti
a. access information stored on computer files while having a limited understanding of the entity's hardware and software features.
The requirements of Section 404 of the Sarbanes-Oxley Act of 2002 apply to
a. All companies that are subject to an independent audit.
b. Most publicly-held companies.
c. All privately-held companies.
d. All companies with sales in excess of $500 million.
b. Most publicly-held companies.
The role of the registered independent auditing firm relative to its clients' internal controls under the Sarbanes-Oxley Act of 2002 is to
a. Express an opinion on whether the entity is subject to all provisions of the Securities Exchange Act of 1934.
b.
b. Express an opinion on the effectiveness of the entity's internal control.
Which of the following statements concerning control deficiencies is true?
a. Auditors are required to report all control deficiencies to the audit committee.
b. A control deficiency is a type of significant deficiency.
c. Significant deficiencies are a s
d. The two dimensions of control deficiencies are likelihood of occurrence and magnitude.
Which of the following steps or procedures is least likely to be performed as part of management's assessment of the effectiveness of internal controls?
a. Engaging the external auditors to conduct cutoff tests.
b. Determining the locations or business un
a. Engaging the external auditors to conduct cutoff tests.
Which of the following statements is false concerning the audit requirements of the Sarbanes-Oxley Act of 2002 and AS5 related to internal controls?
a. Management's report should state its responsibility for establishing and maintaining effective internal
d. The auditor should provide recommendations to the audit committee for improving internal control as part of the auditor's assessment.
Which of the following types of audit reports would not be appropriate for an auditor to issue on the effectiveness of an entity's internal controls?
a. Unqualified [no material weaknesses identified].
b. Adverse [a material weakness exists].
c. Qualified
c. Qualified [a significant deficiency exists].
Which of the following statements best describes how the requirements under Sarbanes-Oxley changed the auditor's responsibility for issuing an opinion in connection with the audits of most public companies?
a. CPA firms are now required to add a second op
c. CPA firms are now required to issue a second opinion related to their evaluation of the effectiveness of internal controls in addition to an opinion on the overall fairness of the financial statements.
With regard to entities that have locations or business units that are judged to have financial reporting risks, the auditor
a. Need not perform any audit procedures.
b. Must first determine whether those risks are adequately addressed by entity-level con
b. Must first determine whether those risks are adequately addressed by entity-level controls.
Generalized audit software (GAS) would likely be used in the audit of accounts receivable for all of the following except:
a. Selection and printing of sample accounts to be confirmed.
b. Identifying weaknesses in the documentation of entity controls.
c.
b. Identifying weaknesses in the documentation of entity controls.
Which of the following statements is false regarding the use of the test data approach in the evaluation of an accounting system?
a. The test data should consist of only valid conditions.
b. Only one transaction generally needs to be tested.
c. The test d
a. The test data should consist of only valid conditions.
All of the following factors should be considered by the auditor when deciding on the extent of controls testing except:
a. The nature of the control to be tested.
b. The time the auditor has to test controls before a report must be issued.
c. The frequen
b. The time the auditor has to test controls before a report must be issued.
Place the following steps in the top-down, risk-based approach to the audit of ICFR in their proper order:
1. Identify significant accounts and disclosures and their relevant assertions.
2. Select controls to test.
3. Understand likely sources of misstate
b. 4, 1, 3, 2.
All of the following controls may mitigate the risk of fraud and management override except:
a. Controls over related-party transactions.
b. Controls over period-end adjusting entries.
c. Controls related to significant management estimates.
d. Controls r
d. Controls related to executive compensation.
Which of the following is not a requirement for management under Section 404 of the Sarbanes-Oxley Act of 2002?
a. Guarantee effectiveness of the entity's ICFR.
b. Accept responsibility for the effectiveness of the entity's ICFR.
c. Support the evaluation
a. Guarantee effectiveness of the entity's ICFR.
Remediation" refers to
a. Management's required annual communication to the Audit Committee regarding changes in the ICFR.
b. The auditor's required annual communication to the Audit Committee regarding weaknesses found in the ICFR.
c. Management's testi
d. Corrective actions taken by management to eliminate a material weakness.