11. Which of the following matters would an auditor most likely consider to be a significant deficiency to be communicated to the audit committee?
A. Management's failure to renegotiate unfavorable long-term purchase commitments.
B. Recurring operating lo
C. Evidence of a lack of objectivity by those responsible for accounting decisions.
12. In assessing the objectivity of a client's internal auditors, the CPA would be most likely to consider internal auditor:
A. Education levels.
B. Experience.
C. Organizational status within the company.
D. Training and supervisory skills.
C. Organizational status within the company.
13. In a financial statement audit performed following AICPA Professional Standards, how frequently must an auditor test operating effectiveness of controls that appear to function as they have in past years and on which the auditor wishes to rely upon in
D. At least every third audit.
14. After obtaining an understanding of internal control and arriving at a preliminary assessed level of control risk, an auditor decided to perform tests of controls. The auditor most likely decided that:
A. Additional evidence to support a reduction in
C. It would be efficient to perform tests of controls that would result in a reduction in planned substantive procedures.
15. Which of the following is least likely to be evidence of operating effectiveness of controls?
A. Cancelled supporting documents.
B. Confirmations of accounts receivable.
C. Records documenting usage of computer programs.
D. Signatures on authorization
B. Confirmations of accounts receivable.
16. Which of the following is not ordinarily a procedure for documenting an auditor's understanding of internal control for planning purposes?
A. Checklist.
B. Flowchart.
C. Questionnaire.
D. Confirmation.
D. Confirmation.
17. Tests of controls do not ordinarily address:
A. By whom a control was applied.
B. How a control was applied.
C. The consistency with which a control was applied.
D. The cost effectiveness of the way a control was applied.
D. The cost effectiveness of the way a control was applied.
18. Which is most likely when the assessed level of control risk increases?
A. Change from performing substantive procedures at year-end to an interim date.
B. Perform substantive procedures directed inside the entity rather than tests directed toward par
D. Use larger sample sizes for substantive procedures.
19. Which of the following must the auditor communicate to the audit committee?
A. Significant deficiencies and material weaknesses.
B. Only significant deficiencies.
C. Only material weaknesses.
D. Neither significant deficiencies nor material weaknesses
A. Significant deficiencies and material weaknesses.
20. A client's internal control appears strong, but the CPA has elected not to perform any tests of controls. The planned assessed level of control risk is at what level?
A. Zero.
B. Low.
C. Moderate.
D. Maximum.
D. Maximum.
21. Which of the following would be least likely to be regarded as a test of a control?
A. Tests of the additions to property by physical inspection.
B. Comparisons of the signatures on cancelled checks to the authorized check signer list.
C. Tests of sig
A. Tests of the additions to property by physical inspection.
22. Which of the following is not considered one of the five major components of internal control?
A. Risk assessment.
B. Segregation of duties.
C. Control activities.
D. Monitoring.
B. Segregation of duties.
23. Which of the following statements is correct concerning the understanding of internal control needed by auditors?
A. The auditors must understand the information system, not the accounting system.
B. The auditors must understand monitoring and all pre
C. The auditors must have a sufficient understanding to assess the risks of material misstatement.
24. The effectiveness of controls is not generally tested by:
A. Inspection of documents and reports.
B. Performance of analytical procedures.
C. Observation of the application of accounting policies and procedures.
D. Inquiries of appropriate client pers
B. Performance of analytical procedures.
25. On financial statement audits, it is required that the auditors obtain an understanding of internal control, including:
A. Its operating effectiveness.
B. Whether it has been implemented (placed in operation).
C. Performing tests of controls for all m
B. Whether it has been implemented (placed in operation).
26. A significant deficiency:
A. Differs from a material weakness in that it involves internal control over operations rather than internal control over financial reporting.
B. Involves an amount of discovered misstatements greater than the amount used as
D. Is less severe than a material weakness.
27. This organization developed a set of criteria that provide management with a basis to evaluate controls not only over financial reporting, but also over the effectiveness and efficiency of operations and compliance with laws and regulations:
A. Foreig
B. Committee of Sponsoring Organizations.
28. Which of the following is most likely to be considered a risk assessment procedure relating to internal control?
A. Confirm accounts receivable.
B. Perform a test of a control relating to payroll.
C. Take test counts of the year-end inventory.
D. Trac
D. Trace a transaction through the information system relevant to financial reporting.
29. Which statement is correct concerning the definition of internal control developed by the Committee of Sponsoring Organizations (COSO)?
A. Its applicability is largely limited to internal auditing applications.
B. It is recognized in the Statements on
B. It is recognized in the Statements on Auditing Standards.
30. The definition of internal control developed by the Committee of Sponsoring Organizations (COSO) includes controls related to the reliability of financial reporting, the effectiveness and efficiency of operations, and:
A. Compliance with applicable la
A. Compliance with applicable laws and regulations.
31. Which statement is correct concerning the relevance of various types of controls to a financial statement audit?
A. An auditor may ordinarily ignore the consideration of controls when a substantive audit approach is used.
B. Controls over the reliabil
B. Controls over the reliability of financial reporting are ordinarily most directly relevant to an audit, but other controls may also be relevant.
32. Which of the following is not a component of the control environment?
A. Integrity and ethical values.
B. Risk assessment.
C. Commitment to competence.
D. Organizational structure.
B. Risk assessment.
33. Which of the following is not ordinarily considered a factor indicative of increased financial reporting risk when an auditor is considering a client's risk assessment policies?
A. Salaried sales personnel.
B. Implementation of a new information syste
A. Salaried sales personnel.
34. The Sarbanes-Oxley Act of 2002 requires that the audit committee:
A. Annually reassess control risk using information from the CPA firm.
B. Be directly responsible for the appointment, compensation and oversight of the work of the CPA firm.
C. Require
B. Be directly responsible for the appointment, compensation and oversight of the work of the CPA firm.
35. When tests of controls reveal that controls are operating as anticipated, it is most likely that the assessed level of control risk will:
A. Be less than the preliminary assessed level of control risk.
B. Equal the preliminary assessed level of contro
B. Equal the preliminary assessed level of control risk.
36. Under which circumstance is it likely that the extent of substantive procedures will be expanded beyond that anticipated in the audit plan?
A. The auditors have determined that controls have been implemented (placed in operation) but, in accordance wi
D. The operating effectiveness of certain controls was found to be less than expected, although no material misstatements were identified.
37. The provisions of the Foreign Corrupt Practices Act apply to:
A. All U.S. corporations.
B. All U.S. corporations that engage in foreign operations.
C. All corporations that must file under the Securities Exchange Act of 1934.
D. All U.S. partnerships
C. All corporations that must file under the Securities Exchange Act of 1934.
38. If the auditors do notperform tests of controls for certain assertions:
A. They have performed a substandard audit.
B. They are not required to communicate significant deficiencies relating to those accounts to management and the board of directors.
C
D. They must assess control risk at the maximum level for those assertions.
39. During financial statement audits, the auditors' consideration of their clients' internal control is integral to both assess the risk of material misstatement and to:
A. Assess inherent risk.
B. Design further audit procedures.
C. Assess compliance wi
B. Design further audit procedures.
40. Which of the following comes closest to outlining the auditors' responsibility for considering internal control in all financial statement audits?
A. An understanding of the control environment, information and communication, risk assessment and monit
B. The auditor must obtain an understanding of each of the five internal control components sufficient to assess the risks of material misstatement for the audit.
C. When tests of controls
41. Which of the following is not a primary procedure auditors use to obtain sufficient knowledge about the design of the relevant controls and to determine whether they have been implemented (placed in operation)?
A. Previous experience with the entity.
C. Performance of substantive procedures.
42. A control deficiency that is less severe than a material weakness, but important enough to merit attention by those responsible for oversight of the company's financial reporting is referred to as a(n):
A. Control deficiency.
B. Inherent limitation.
C
D. Significant deficiency.
43. For effective internal control, which of the following functions should not be assigned to the company's accounting department?
A. Reconciling accounting records with existing assets.
B. Recording financial transactions.
C. Signing payroll checks.
D.
C. Signing payroll checks.
44. Which of the following is not a responsibility that should be assigned to a company's internal audit department?
A. Evaluating internal control.
B. Approving disbursements.
C. Reporting on the effectiveness of operating segments.
D. Investigating pote
B. Approving disbursements.
45. Which of the following is true about the auditors' consideration of internal control in a financial statement audit?
A. The auditors must assess control risk at a level lower than the maximum.
B. The auditors must prepare a flowchart description of in
C. The auditors must obtain an understanding of the steps in processing major types of transactions.
46. Which of the following is an advantage of describing internal control through the use of a standardized questionnaire?
A. Questionnaires highlight weaknesses in the system.
B. Questionnaires are more flexible than other methods of describing internal
A. Questionnaires highlight weaknesses in the system.
47. Which of the following is least likely to be considered a risk assessment procedure relating to internal control?
A. Counting marketable securities at year-end.
B. Inquiries of client personnel.
C. Inspecting documents and reports.
D. Observing the ap
A. Counting marketable securities at year-end.
48. Which of the following is least likely to be considered a risk assessment procedure?
A. Analytical procedures.
B. Inspection of documents.
C. Observation of the counting of inventory.
D. Observation of the performance of certain accounting procedures.
C. Observation of the counting of inventory.
49. Which of the following is not a factor that is considered a part of the client's overall control environment?
A. The organizational structure.
B. The information system.
C. Management philosophy and operating style.
D. Board of directors.
B. The information system.
50. Which of the following would be least likely to be considered a benefit of effective internal control?
A. Eliminating all employee fraud.
B. Restricting access to assets.
C. Detecting ineffectiveness.
D. Ensuring authorization of transactions.
A. Eliminating all employee fraud.
51. After documenting the client's prescribed internal control, the auditors will often perform a walk-through of each transaction cycle. An objective of a walk-through is to:
A. Verify that the controls have been implemented (placed in operation).
B. Rep
A. Verify that the controls have been implemented (placed in operation).
52. The major components of internal control include all of the following, except:
A. Risk assessment.
B. The control environment.
C. Internal auditing.
D. Control activities.
C. Internal auditing.
53. Which of the following is correct with respect to control deficiencies discovered during an audit?
A. Auditors must communicate and recommend corrections relating to all material weaknesses in internal control to management.
B. All material weaknesses
B. All material weaknesses in internal control should be reported to the audit committee.
54. After considering the client's internal control the auditors have concluded that it is well designed and is functioning as anticipated. Under these circumstances the auditors would most likely:
A. Cease to perform further substantive procedures.
B. Re
B. Reduce substantive procedures in areas where the internal control was found to be effective
55. The use of fidelity bonds protects a company from embezzlement loses and also:
A. Minimizes the possibility of employing persons with dubious records in positions of trust.
B. Reduces the company's need to obtain expensive business interruption insura
A. Minimizes the possibility of employing persons with dubious records in positions of trust.
56. The independent auditors might consider the procedures performed by the internal auditors because:
A. They are employees whose work must be reviewed during substantive testing.
B. They are employees whose work might affect the independent auditors' wo
B. They are employees whose work might affect the independent auditors' work.
57. In the consideration of internal control, the operating effectiveness of controls is tested by:
A. Flowcharts verification.
B. Tests of controls.
C. Substantive procedures.
D. Decision tables.
B. Tests of controls.
58. The auditors who become aware of an internal control significant deficiency are required to communicate this to the:
A. Client's legal counsel.
B. Compensation committee.
C. Audit committee.
D. Internal auditors.
C. Audit committee.
59. A material weakness involves an amount that could result in a misstatement that is
A. Smaller than inconsequential.
B. Larger than inconsequential.
C. Tolerable.
D. Material.
D. Material.
60. At least what level of probability of a material misstatement is required for a control deficiency to be considered a material weakness?
A. More than remote.
B. Probable.
C. Reasonable possibility.
D. Sufficient.
C. Reasonable possibility.
61. A situation in which the design or operation of a control does not allow management or employees, in the normal course of performing their assigned functions, to prevent or detect material misstatements on a timely basis is referred to as a:
A. Contro
A. Control deficiency.
62. To provide for the greatest degree of independence in performing internal auditing functions, an internal auditor most likely should report to the:
A. Financial vice-president.
B. Corporate controller.
C. Audit committee.
D. Corporate stockholders.
C. Audit committee.
63. Well-designed internal control that is functioning effectively is most likely to detect an fraud arising from:
A. The fraudulent action of several employees.
B. The fraudulent action of an individual employee.
C. Informal deviations from the official
B. The fraudulent action of an individual employee.
64. The program flowcharting symbol representing a decision is a:
A. Triangle.
B. Circle.
C. Rectangle.
D. Diamond.
D. Diamond.
65. Controls are not designed to provide assurance that:
A. Transactions are executed in accordance with management's authorization.
B. Fraud will be eliminated.
C. Access to assets is permitted only in accordance with management's authorization.
D. The r
B. Fraud will be eliminated.
66. The scope of substantive procedures as compared to the scope of tests of controls generally vary:
A. In a parallel manner.
B. Inversely.
C. Directly.
D. Equally.
B. Inversely.
67. Which of the following is least likely to be a factor that might indicate to an auditor that an identified risk of misstatement requires special audit consideration?
A. Complex calculations are involved.
B. The rate of technological change is moderate
B. The rate of technological change is moderate in the industry.
68. Which of the following audit tests would be regarded as a test of a control?
A. Tests of the specific items making up the balance in a given general ledger account.
B. Tests confirming receivables.
C. Tests of the signatures on canceled checks to boar
C. Tests of the signatures on canceled checks to board of director's authorizations.
69. If the independent auditors decide that the work performed by the internal auditors may have a bearing on their own procedures, they should consider the internal auditors':
A. Competence and objectivity.
B. Efficiency and experience.
C. Independence a
A. Competence and objectivity.
70. In the consideration of internal control, the auditor is basically concerned that it provides reasonable assurance that:
A. Management can not override the system.
B. Operational efficiency has been achieved in accordance with management plans.
C. Mis
C. Misstatements have been prevented or detected.
71. Which of the following is least likely to be considered an appropriate response relating to risks the auditors identify at the financial statement level?
A. Assign more experienced staff.
B. Incorporate additional elements of unpredictability in the s
D. Emphasize the need to remain neutral, rather than to exercise professional skepticism.
72. In assessing the competence of a client's internal auditor, an independent auditor most likely would consider the
A. Internal auditor's compliance with professional internal auditing standards.
B. Client's policies that limit the internal auditor's ac
A. Internal auditor's compliance with professional internal auditing standards.
73. Which of the following factors would most likely be considered an inherent limitation to an entity's internal control?
A. The complexity of the information processing system.
B. Human judgment in the decision making process.
C. The ineffectiveness of
B. Human judgment in the decision making process.
74. Proper segregation of duties reduces the opportunities to allow any employee to be in a position to both
A. Journalize cash receipts and disbursements and prepare the financial statements.
B. Monitor internal controls and evaluate whether the controls
D. Record and conceal fraudulent transactions in the normal course of assigned tasks.
75. Which of the following is intended to detect deviations from prescribed controls?
A. Substantive procedures specified by a standardized audit program.
B. Tests of controls designed specifically for the client.
C. Analytical procedures as set forth in
B. Tests of controls designed specifically for the client.
76. An auditor's purpose for performing tests of controls is to provide reasonable assurance that:
A. Controls are operating effectively.
B. The risk that the auditor may unknowingly fail to modify the opinion on the financial statements is minimized.
C.
A. Controls are operating effectively.
77. Of the following statements about internal control, which one is not valid?
A. No one person should be responsible for the custodial responsibility and the recording responsibility for an asset.
B. Transactions must be properly authorized before such
D. Control activities reasonably insure that collusion among employees can not occur.
78. Tests of controls are most likely to be performed when:
A. Controls seem weak and must be properly documented.
B. Inadequate substantive procedures exist to restrict audit risk to an acceptable level.
C. The auditor wishes to assess control risk at th
B. Inadequate substantive procedures exist to restrict audit risk to an acceptable level.
79. Which of the following would be least likely to be included in an auditor's tests of controls?
A. Inspection.
B. Observation.
C. Inquiry.
D. Analytical procedures.
D. Analytical procedures.
80. The internal control provisions of the Sarbanes-Oxley Act of 2002 apply to which companies in the United States:
A. All companies.
B. SEC registrants.
C. Only those companies included in the Fortune 500.
D. All nonpublic companies.
B. SEC registrants.
81. An integrated audit performed under Section 404b of the Sarbanes-Oxley Act addresses financial statements and:
A. Compliance with laws.
B. Internal control over asset safeguarding.
C. Internal control over financial reporting.
D. Suitable criteria.
C. Internal control over financial reporting.
82. A report on internal control performed in accordance with PCAOB Standard No. 2 includes an opinion on internal control for:
A. The entire year.
B. The prior quarter.
C. The "as of date."
D. The end of each quarter.
C. The "as of date.
83. When performing an audit of internal control under PCAOB requirements, auditors evaluate control:
Design Effectiveness/Operating Effectiveness
A. Option A
B. Option B
C. Option C
D. Option D
A. Option A
84. When performing an internal control audit under PCAOB requirements, one or more material weaknesses in internal control that exist at year-end may result in what type of report(s):
Qualified/Adverse
A. Option A
B. Option B
C. Option C
D. Option D
C. Option C
85. When performing an internal control audit under PCAOB standards, one or more material weaknesses in internal control that exist at year-end may result in what type of report(s):
Qualified/Disclaimer
A. Option A
B. Option B
C. Option C
D. Option D
D. Option D