Question 1

The auditor's understanding of the client's internal control is documented to substantiate:

Accepted Answer

A)  conformity of the accounting records with the accounting standards. 
B)  representation as to adherence to requirements of management. 
C)  compliance with the auditing standards. 
D)  the fairness of the financial report presentation. 
A)  conformity of the accounting records with the accounting standards. 
B)  representation as to adherence to requirements of management. 
C)  compliance with the auditing standards. 
D)  the fairness of the financial report presentation.

Question 2

When the auditor has assessed the level of control risk at less than high, the auditor should document:

Accepted Answer

A)  the understanding of the entity's internal control elements obtained to plan the audit. 
B)  the conclusion and the basis for that conclusion. 
C)  the implications for the overall audit strategy. 
D)  All of the given answers are correct. 
A)  the understanding of the entity's internal control elements obtained to plan the audit. 
B)  the conclusion and the basis for that conclusion. 
C)  the implications for the overall audit strategy. 
D)  All of the given answers are correct.

Question 3

An effective internal control requires organisational independence of departments. Organisational independence would be impaired in which of the following situations?

Accepted Answer

A)  The internal auditors report to the audit committee of the board of directors. 
B)  The financial controller reports to the marketing director. 
C)  The payroll accounting department reports to the chief accountant. 
D)  The cashier reports to the treasurer. 
A)  The internal auditors report to the audit committee of the board of directors. 
B)  The financial controller reports to the marketing director. 
C)  The payroll accounting department reports to the chief accountant. 
D)  The cashier reports to the treasurer.

Question 4

An IT input control is designed to ensure that:

Accepted Answer

A)  machine processing is accurate. 
B)  only authorised personnel have access to the computer area. 
C)  data received for processing are properly authorised and converted to machine readable form. 
D)  electronic data processing has been performed as intended for the particular application. 
A)  machine processing is accurate. 
B)  only authorised personnel have access to the computer area. 
C)  data received for processing are properly authorised and converted to machine readable form. 
D)  electronic data processing has been performed as intended for the particular application.

Question 5

Assessing control risk as less than high would most likely involve:

Accepted Answer

A)  changing the timing of substantive tests by omitting interim testing and performing the tests at year-end. 
B)  identifying specific internal controls relevant to specific assertions. 
C)  performing more extensive substantive tests with larger sample sizes than originally planned. 
D)  reducing inherent risk for most of the assertions relevant to significant account balances. 
A)  changing the timing of substantive tests by omitting interim testing and performing the tests at year-end. 
B)  identifying specific internal controls relevant to specific assertions. 
C)  performing more extensive substantive tests with larger sample sizes than originally planned. 
D)  reducing inherent risk for most of the assertions relevant to significant account balances.

Question 6

A company policy should clearly indicate that defective merchandise returned by customers is to be delivered to the:

Accepted Answer

A)  sales clerk. 
B)  receiving clerk. 
C)  inventory control clerk. 
D)  accounts receivable clerk. 
A)  sales clerk. 
B)  receiving clerk. 
C)  inventory control clerk. 
D)  accounts receivable clerk.

Question 7

Peter Budd, the purchasing officer of Lake Hardware Wholesalers Pty Ltd (Lake), has a relative who owns a retail hardware store. Peter Budd arranged for hardware to be delivered by manufacturers to the retail store on a COD basis, thereby enabling his relative to buy at Lake's wholesale prices. Budd was probably able to accomplish this because of Lake's poor internal control for:

Accepted Answer

A)  purchase requisitions. 
B)  cash receipts. 
C)  perpetual inventory records. 
D)  purchase orders. 
A)  purchase requisitions. 
B)  cash receipts. 
C)  perpetual inventory records. 
D)  purchase orders.

Question 8

One of the major problems with IT systems is that incompatible functions may be performed by the same individual.One compensating control for this is the use of:

Accepted Answer

A)  a tape library. 
B)  a check-digit system. 
C)  computer-generated hash totals. 
D)  a computer log. 
A)  a tape library. 
B)  a check-digit system. 
C)  computer-generated hash totals. 
D)  a computer log.

Question 9

How does the extent of substantive tests required to constitute sufficient appropriate audit evidence vary with the auditor's assessment of control risk?

Accepted Answer

A)  Randomly. 
B)  Disproportionately. 
C)  Directly. 
D)  Inversely. 
A)  Randomly. 
B)  Disproportionately. 
C)  Directly. 
D)  Inversely.

Question 10

For effective internal control purposes, which of the following individuals should be responsible for mailing signed cheques?

Accepted Answer

A)  Computer operator. 
B)  Financial controller. 
C)  Accounts payable clerk. 
D)  Payroll clerk. 
A)  Computer operator. 
B)  Financial controller. 
C)  Accounts payable clerk. 
D)  Payroll clerk.

Question 11

Totals of amounts in computer-record data fields that are not usually added, but are used only for data-processing control purposes, are called:

Accepted Answer

A)  record totals. 
B)  hash totals. 
C)  processing data totals. 
D)  field totals. 
A)  record totals. 
B)  hash totals. 
C)  processing data totals. 
D)  field totals.

Question 12

An input control is designed to ensure that:

Accepted Answer

A)  machine processing is accurate. 
B)  only authorised personnel have access to the computer area. 
C)  data received for processing are properly authorised and converted to machine-readable form. 
D)  electronic data processing has been performed as intended for the particular application. 
A)  machine processing is accurate. 
B)  only authorised personnel have access to the computer area. 
C)  data received for processing are properly authorised and converted to machine-readable form. 
D)  electronic data processing has been performed as intended for the particular application.

Question 13

The control environment component of internal controls includes all of the following except:

Accepted Answer

A)  management's operating style. 
B)  access to computer programs. 
C)  organisational structure. 
D)  human resource policies and practices. 
A)  management's operating style. 
B)  access to computer programs. 
C)  organisational structure. 
D)  human resource policies and practices.

Question 14

Which of the following is likely to be least important to an auditor who is reviewing the internal control of the data processing function?

Accepted Answer

A)  Ancillary program functions. 
B)  Disposition of source documents. 
C)  Operator competence. 
D)  Bit storage capacity. 
A)  Ancillary program functions. 
B)  Disposition of source documents. 
C)  Operator competence. 
D)  Bit storage capacity.

Question 15

Which of the following is essential to determine whether effective internal control policies and procedures have been prescribed and are being followed?

Accepted Answer

A)  Developing questionnaires and checklists. 
B)  Understanding control policies directed towards operating efficiency. 
C)  Understanding the internal control and performing tests of controls. 
D)  Observing employee functions and making inquiries. 
A)  Developing questionnaires and checklists. 
B)  Understanding control policies directed towards operating efficiency. 
C)  Understanding the internal control and performing tests of controls. 
D)  Observing employee functions and making inquiries.

Question 16

After obtaining an understanding of a client's IT control, an auditor may decide not to perform tests of controls within the IT portion of the client's system. Which of the following would not be a valid reason for choosing to omit tests of controls?

Accepted Answer

A)  There appear to be major deficiencies that preclude reliance on the stated procedure. 
B)  The time and dollar costs of testing controls exceed the savings in substantive testing if the tests show the controls to be operative. 
C)  The controls appear to be adequate and thus can be relied upon in assessing the level of control risk. 
D)  The controls duplicate controls existing elsewhere in the system. 
A)  There appear to be major deficiencies that preclude reliance on the stated procedure. 
B)  The time and dollar costs of testing controls exceed the savings in substantive testing if the tests show the controls to be operative. 
C)  The controls appear to be adequate and thus can be relied upon in assessing the level of control risk. 
D)  The controls duplicate controls existing elsewhere in the system.

Question 17

A procedural control used in the management of a computer centre to minimise the possibility of data or program file destruction through operator error includes:

Accepted Answer

A)  control figures. 
B)  cross-adding tests. 
C)  limit checks. 
D)  external labels. 
A)  control figures. 
B)  cross-adding tests. 
C)  limit checks. 
D)  external labels.

Question 18

Transaction authorisation within an organisation may be either specific or general. An example of specific transaction authorisation is the:

Accepted Answer

A)  setting of automatic reorder points for material or merchandise. 
B)  approval of a detailed construction budget for a warehouse. 
C)  establishment of requirements to be met in determining a customer's credit limits. 
D)  establishment of sales prices for products to be sold to any customer. 
A)  setting of automatic reorder points for material or merchandise. 
B)  approval of a detailed construction budget for a warehouse. 
C)  establishment of requirements to be met in determining a customer's credit limits. 
D)  establishment of sales prices for products to be sold to any customer.

Question 19

An effective internal control for the payroll function would generally include which of the following?

Accepted Answer

A)  Total time recorded on time-clock cards should be reconciled to job reports by employees responsible for those specific jobs. 
B)  Payroll department employees should be supervised by the management of the personnel department. 
C)  Payroll department employees should be responsible for maintaining employee personnel records. 
D)  Total time spent on jobs should be compared with total time indicated on time-clock cards. 
A)  Total time recorded on time-clock cards should be reconciled to job reports by employees responsible for those specific jobs. 
B)  Payroll department employees should be supervised by the management of the personnel department. 
C)  Payroll department employees should be responsible for maintaining employee personnel records. 
D)  Total time spent on jobs should be compared with total time indicated on time-clock cards.

The auditor's understanding of the client's internal control is documented to substantiate:

When the auditor has assessed the level of control risk at less than high, the auditor should document:

An effective internal control requires organisational independence of departments. Organisational independence would be impaired in which of the following situations?

An IT input control is designed to ensure that:

Assessing control risk as less than high would most likely involve:

A company policy should clearly indicate that defective merchandise returned by customers is to be delivered to the:

One of the major problems with IT systems is that incompatible functions may be performed by the same individual.One compensating control for this is the use of:

How does the extent of substantive tests required to constitute sufficient appropriate audit evidence vary with the auditor's assessment of control risk?

For effective internal control purposes, which of the following individuals should be responsible for mailing signed cheques?

Totals of amounts in computer-record data fields that are not usually added, but are used only for data-processing control purposes, are called:

An input control is designed to ensure that:

The control environment component of internal controls includes all of the following except:

Which of the following is likely to be least important to an auditor who is reviewing the internal control of the data processing function?

Which of the following is essential to determine whether effective internal control policies and procedures have been prescribed and are being followed?

After obtaining an understanding of a client's IT control, an auditor may decide not to perform tests of controls within the IT portion of the client's system. Which of the following would not be a valid reason for choosing to omit tests of controls?

A procedural control used in the management of a computer centre to minimise the possibility of data or program file destruction through operator error includes:

Transaction authorisation within an organisation may be either specific or general. An example of specific transaction authorisation is the:

An effective internal control for the payroll function would generally include which of the following?

Assurance and Auditing: An Overview

The Structure of the Profession

Ethics, Independence and Corporate Governance

The Legal Liability of Auditors Part Two: Planning and Risk

Overview of Elements of the Financial Report Audit Process

Planning, Understanding the Entity and Evaluating Business Risk

Assessing Specific Business Risk

Tests of Controls

Substantive Tests of Transactions and Balances

Audit Sampling Part Four: Completion and Communication

Completion and Review

The Auditors Reporting Obligations Part Five: Other Assurance Services

Internal Auditing

Auditing and Assurance Services in the Public Sector

Other Assurance Services and Advanced Topics

Filters

Exam 8: Understanding and Assessing Internal Control Part Three: Tests of Control and Tests of Details

The auditor's understanding of the client's internal control is documented to substantiate:

When the auditor has assessed the level of control risk at less than high, the auditor should document:

An effective internal control requires organisational independence of departments. Organisational independence would be impaired in which of the following situations?

An IT input control is designed to ensure that:

Assessing control risk as less than high would most likely involve:

A company policy should clearly indicate that defective merchandise returned by customers is to be delivered to the:

One of the major problems with IT systems is that incompatible functions may be performed by the same individual.One compensating control for this is the use of:

How does the extent of substantive tests required to constitute sufficient appropriate audit evidence vary with the auditor's assessment of control risk?

For effective internal control purposes, which of the following individuals should be responsible for mailing signed cheques?

Totals of amounts in computer-record data fields that are not usually added, but are used only for data-processing control purposes, are called:

An input control is designed to ensure that:

The control environment component of internal controls includes all of the following except:

Which of the following is likely to be least important to an auditor who is reviewing the internal control of the data processing function?

Which of the following is essential to determine whether effective internal control policies and procedures have been prescribed and are being followed?

After obtaining an understanding of a client's IT control, an auditor may decide not to perform tests of controls within the IT portion of the client's system. Which of the following would not be a valid reason for choosing to omit tests of controls?

A procedural control used in the management of a computer centre to minimise the possibility of data or program file destruction through operator error includes:

Transaction authorisation within an organisation may be either specific or general. An example of specific transaction authorisation is the:

An effective internal control for the payroll function would generally include which of the following?

Assurance and Auditing: An Overview

The Structure of the Profession

Ethics, Independence and Corporate Governance

The Legal Liability of Auditors Part Two: Planning and Risk

Overview of Elements of the Financial Report Audit Process

Planning, Understanding the Entity and Evaluating Business Risk

Assessing Specific Business Risk

Tests of Controls

Substantive Tests of Transactions and Balances

Audit Sampling Part Four: Completion and Communication

Completion and Review

The Auditors Reporting Obligations Part Five: Other Assurance Services

Internal Auditing

Auditing and Assurance Services in the Public Sector

Other Assurance Services and Advanced Topics

Filters