Question 1

Which of the following payroll control activities would most effectively ensure that payment is made only for work performed?

Accepted Answer

A)  Require all employees to record arrival and departure by using the time clock. 
B)  Have a payroll clerk recalculate all time cards. 
C)  Require all employees to sign their time cards. 
D)  Require employees to have their direct supervisors approve their time cards. 
A)  Require all employees to record arrival and departure by using the time clock. 
B)  Have a payroll clerk recalculate all time cards. 
C)  Require all employees to sign their time cards. 
D)  Require employees to have their direct supervisors approve their time cards. D

Question 2

List several elements of a company's control environment.

Accepted Answer

Some of the elements of a control environment include:
* Management's philosophy and operating style.
* Company organization structure.
* Functioning of the board of directors,particularly its audit committee.
* Methods of assigning authority and responsibility.
* Management's monitoring methods,including internal auditing.
* Personnel policies and practices.
* External influences.

Question 3

Auditors are required to obtain a sufficient understanding of an entity's internal control.This understanding is required by the performance principle of GAAS.
Required:
A.What are some of the goals (purposes)for conducting an evaluation of an entity's internal control?
B.What is the impact on substantive testing procedures if the auditor assesses control risk at the "maximum" level? What is the impact on substantive testing procedures if the auditor assesses control risk below the "maximum" level?
C.Should auditors always try to obtain enough evidence to assess control risk below the "maximum" level? Explain.

Accepted Answer

A.The audit team has two primary reasons for conducting an evaluation of an entity's internal control.First,Sarbanes-Oxley requires an audit of the effectiveness of internal control that is an integrated part of the financial statement audit for publicly traded companies.The second reason for evaluating an entity's internal control is to comply with the performance principle of GAAS: To assess the risk of material misstatement to give the auditors a basis for planning the audit and determining the nature,timing,and extent of audit procedures for the substantive audit plan.The audit team assesses control risk.
B.If auditors assess control risk as "maximum" or 100 percent (i.e.,poor control),they will tend to perform a great deal of substantive procedures with large sample sizes (extent),at or near the entity's fiscal year end (timing),using procedures designed to obtain high-quality external evidence (nature).On the other hand,if auditors assess control risk as "low," usually around 10 to 20 percent (i.e.,effective control),they can perform fewer substantive procedures with smaller sample sizes (extent),at an interim date before the entity's fiscal year end (timing),using a mixture of procedures designed to obtain high-quality external evidence and lower-quality internal evidence (nature).Of course,auditors may assess control risk between "low" and "maximum" (e.g.,"moderate," "high," or "slightly below maximum")and adjust the substantive procedures accordingly.
C.No.here may be occasions when the audit team chooses to test everything substantively rather than relying on internal controls to reduce substantive testing.For example,for fixed assets,there are usually a small number of very material transactions.Testing controls would not be efficient if the audit team is going to examine every transaction anyway.

Question 4

In computer systems,the information technology general controls (ITGC)would not include

Accepted Answer

A)  processing control activities. 
B)  separation of various computer system functions. 
C)  appropriate documentation of the data processing system. 
D)  control over physical access to computer hardware. 
A)  processing control activities. 
B)  separation of various computer system functions. 
C)  appropriate documentation of the data processing system. 
D)  control over physical access to computer hardware.

Question 5

In an audit of financial statements of a non-public company in accordance with generally accepted auditing standards,an auditor is required to

Accepted Answer

A)  document the auditor's understanding of the entity's internal control. 
B)  search for significant deficiencies in the operation of the internal controls. 
C)  perform tests of controls to evaluate the effectiveness of the entity's accounting system. 
D)  determine whether control activities are operating effectively to prevent or detect material misstatements. 
A)  document the auditor's understanding of the entity's internal control. 
B)  search for significant deficiencies in the operation of the internal controls. 
C)  perform tests of controls to evaluate the effectiveness of the entity's accounting system. 
D)  determine whether control activities are operating effectively to prevent or detect material misstatements.

Question 6

Which of the following is not an objective of internal controls over financial reporting as defined by the Sarbanes-Oxley Act?

Accepted Answer

A)  Policies and procedures that pertain to the maintenance of records that in reasonable detail accurately and fairly reflect the transactions and dispositions of the assets of the registrant. 
B)  Policies and procedures that provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with generally accepted accounting principles, and receipts and expenditures of the registrant are being made only in accordance with authorizations of management and directors of the registrant. 
C)  Policies and procedures that provide reasonable assurance regarding the compliance with applicable laws and regulations. 
D)  Policies and procedures that provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use or disposition of the registrant's assets that could have a material effect on the financial statements. 
A)  Policies and procedures that pertain to the maintenance of records that in reasonable detail accurately and fairly reflect the transactions and dispositions of the assets of the registrant. 
B)  Policies and procedures that provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with generally accepted accounting principles, and receipts and expenditures of the registrant are being made only in accordance with authorizations of management and directors of the registrant. 
C)  Policies and procedures that provide reasonable assurance regarding the compliance with applicable laws and regulations. 
D)  Policies and procedures that provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use or disposition of the registrant's assets that could have a material effect on the financial statements.

Question 7

Which of the following procedures is considered a test of controls?

Accepted Answer

A)  An auditor reviews the entity's check register for unrecorded liabilities. 
B)  An auditor evaluates whether a general journal entry was recorded at the proper amount. 
C)  An auditor interviews and observes appropriate personnel to determine segregation of duties. 
D)  An auditor reviews the audit workpapers to ensure proper sign-off. 
A)  An auditor reviews the entity's check register for unrecorded liabilities. 
B)  An auditor evaluates whether a general journal entry was recorded at the proper amount. 
C)  An auditor interviews and observes appropriate personnel to determine segregation of duties. 
D)  An auditor reviews the audit workpapers to ensure proper sign-off.

Question 8

As part of understanding the internal control,an auditor is not required to

Accepted Answer

A)  consider factors that affect the risk of material misstatement. 
B)  ascertain whether internal control policies and activities have been placed in operation. 
C)  identify the types of potential misstatements that can occur. 
D)  obtain knowledge about the operating effectiveness of the client's internal control activities. 
A)  consider factors that affect the risk of material misstatement. 
B)  ascertain whether internal control policies and activities have been placed in operation. 
C)  identify the types of potential misstatements that can occur. 
D)  obtain knowledge about the operating effectiveness of the client's internal control activities.

Question 9

Which of the following is the best way to compensate for the lack of adequate segregation of duties in a small organization?

Accepted Answer

A)  Disclosing lack of segregation of duties to the external auditors during the annual review 
B)  Replacing personnel every three or four years 
C)  Requiring accountants to pass a yearly background check 
D)  Allowing for greater management oversight of incompatible activities 
A)  Disclosing lack of segregation of duties to the external auditors during the annual review 
B)  Replacing personnel every three or four years 
C)  Requiring accountants to pass a yearly background check 
D)  Allowing for greater management oversight of incompatible activities

Question 10

The overall attitude and awareness of an entity's board of directors concerning the importance of the client's internal control usually is reflected in its

Accepted Answer

A)  computer-based control activities. 
B)  system of separation of duties. 
C)  control environment. 
D)  safeguards over access to assets. 
A)  computer-based control activities. 
B)  system of separation of duties. 
C)  control environment. 
D)  safeguards over access to assets.

Question 11

Which of the following outcomes is a likely benefit of information technology used for internal control?

Accepted Answer

A)  Processing of unusual or nonrecurring transactions 
B)  Enhanced timeliness of information 
C)  Potential loss of data 
D)  Recording of unauthorized transactions 
A)  Processing of unusual or nonrecurring transactions 
B)  Enhanced timeliness of information 
C)  Potential loss of data 
D)  Recording of unauthorized transactions

Question 12

A sales clerk enters a customer's six-number customer account.The computer program uses the first five numbers to calculate a sixth number.This resulting number is then compared to the sixth number entered by the sales clerk.This is an example of a

Accepted Answer

A)  a valid character test. 
B)  missing data test. 
C)  reasonableness test. 
D)  check digit. 
A)  a valid character test. 
B)  missing data test. 
C)  reasonableness test. 
D)  check digit.

Question 13

Assessing control risk at below the maximum level most likely would involve

Accepted Answer

A)  performing more extensive substantive tests with larger sample sizes than originally planned. 
B)  reducing inherent risk for most of the assertions relevant to significant account balances. 
C)  changing the timing of substantive tests by omitting interim-date testing and performing the tests at year end. 
D)  identifying specific internal control activities that are relevant to specific financial statement assertions. 
A)  performing more extensive substantive tests with larger sample sizes than originally planned. 
B)  reducing inherent risk for most of the assertions relevant to significant account balances. 
C)  changing the timing of substantive tests by omitting interim-date testing and performing the tests at year end. 
D)  identifying specific internal control activities that are relevant to specific financial statement assertions.

Question 14

What is the difference between a significant deficiency and a material weakness?

Accepted Answer

The difference between a signi

Question 15

Which of the following is not an input control activity?

Accepted Answer

A)  Reasonableness tests 
B)  Record counts 
C)  Financial totals 
D)  Hash totals 
A)  Reasonableness tests 
B)  Record counts 
C)  Financial totals 
D)  Hash totals

Question 16

Which of the following activities performed by a department supervisor most likely would help in the prevention or detection of a payroll fraud?

Accepted Answer

A)  Distributing paychecks directly to department store employees 
B)  Setting the pay rate for departmental employees 
C)  Hiring employees and authorizing them to be added to payroll 
D)  Approving a summary of hours each employee worked during the pay period 
A)  Distributing paychecks directly to department store employees 
B)  Setting the pay rate for departmental employees 
C)  Hiring employees and authorizing them to be added to payroll 
D)  Approving a summary of hours each employee worked during the pay period

Question 17

Which of the following statements best describes why an auditor would use only substantive procedures to evaluate specific relevant assertions and risks?

Accepted Answer

A)  The relevant internal control components are not well documented. 
B)  The internal auditor already has tested the relevant controls and found them effective. 
C)  Testing the operating effectiveness of the relevant controls would not be efficient. 
D)  The cost of substantive procedures will exceed the cost of testing the relevant controls. 
A)  The relevant internal control components are not well documented. 
B)  The internal auditor already has tested the relevant controls and found them effective. 
C)  Testing the operating effectiveness of the relevant controls would not be efficient. 
D)  The cost of substantive procedures will exceed the cost of testing the relevant controls.

Question 18

Below are several of the ASB management assertions.
A. Occurrence
B. Completeness
C. Rights and obligations
D. Allocation or valuation
E. Classification
F. Existence
G. Cutoff
H. Accuracy
I. Understandability
For each of the following control activities, identify the management assertion that best applies by placing the correct letter in the blank space above.
____ 1. Match shipping documents with sales invoices before a sale is recorded.
____ 2. Balance total of individual customers' receivables with the control account.
____ 3. Sales manager approves taking discounts.
____ 4. Computer check for billing the quantity shipped, list price, and total.
____ 5. Account for numerical sequence of pre-numbered shipping documents

Accepted Answer

The answer of Below are several of the ASB management...

Question 19

Management's report on internal controls must include each of the following except

Accepted Answer

A)  a statement that management is responsible for establishing and maintaining adequate internal control over financial reporting. 
B)  a statement identifying the framework management uses to evaluate the effectiveness of the company's internal control. 
C)  a statement providing management's assessment of the effectiveness of the company's internal control. 
D)  a statement providing management's evaluation of the company's control environment. 
A)  a statement that management is responsible for establishing and maintaining adequate internal control over financial reporting. 
B)  a statement identifying the framework management uses to evaluate the effectiveness of the company's internal control. 
C)  a statement providing management's assessment of the effectiveness of the company's internal control. 
D)  a statement providing management's evaluation of the company's control environment.

Question 20

After obtaining an understanding of the entity's internal control and assessing control risk,an auditor of a non-public company decided not to perform additional tests of controls.The auditor most likely concluded that the

Accepted Answer

A)  additional evidence to support a further reduction in control risk was not cost beneficial. 
B)  assessed level of inherent risk exceeded the assessed level of control risk. 
C)  internal control structure was properly designed and justifiably may be relied on. 
D)  evidence obtainable through tests of controls would not support an increased level of control risk. 
A)  additional evidence to support a further reduction in control risk was not cost beneficial. 
B)  assessed level of inherent risk exceeded the assessed level of control risk. 
C)  internal control structure was properly designed and justifiably may be relied on. 
D)  evidence obtainable through tests of controls would not support an increased level of control risk.

Which of the following payroll control activities would most effectively ensure that payment is made only for work performed?

List several elements of a company's control environment.

In computer systems,the information technology general controls (ITGC)would not include

In an audit of financial statements of a non-public company in accordance with generally accepted auditing standards,an auditor is required to

Which of the following is not an objective of internal controls over financial reporting as defined by the Sarbanes-Oxley Act?

Which of the following procedures is considered a test of controls?

As part of understanding the internal control,an auditor is not required to

Which of the following is the best way to compensate for the lack of adequate segregation of duties in a small organization?

The overall attitude and awareness of an entity's board of directors concerning the importance of the client's internal control usually is reflected in its

Which of the following outcomes is a likely benefit of information technology used for internal control?

A sales clerk enters a customer's six-number customer account.The computer program uses the first five numbers to calculate a sixth number.This resulting number is then compared to the sixth number entered by the sales clerk.This is an example of a

Assessing control risk at below the maximum level most likely would involve

What is the difference between a significant deficiency and a material weakness?

Which of the following is not an input control activity?

Which of the following activities performed by a department supervisor most likely would help in the prevention or detection of a payroll fraud?

Which of the following statements best describes why an auditor would use only substantive procedures to evaluate specific relevant assertions and risks?

Management's report on internal controls must include each of the following except

After obtaining an understanding of the entity's internal control and assessing control risk,an auditor of a non-public company decided not to perform additional tests of controls.The auditor most likely concluded that the

Auditing and Assurance Services

Professional Standards

Engagement Planning

Management Fraud and Audit Risk

Employee Fraud and the Audit of Cash

Revenue and Collection Cycle

Acquisition and Expenditure Cycle

Production Cycle

Finance and Investment Cycle

Completing the Audit

Reports on Audited Financial Statements

Other Public Accounting Services

Professional Ethics

Legal Liability

Internal Audits governmental Audits and Fraud Examinations

Overview of Sampling

Attributes Sampling

Variables Sampling

Auditing and Information Technology

Filters

Exam 5: Risk Assessment: Internal Control Evaluation

Which of the following payroll control activities would most effectively ensure that payment is made only for work performed?

List several elements of a company's control environment.

In computer systems,the information technology general controls (ITGC)would not include

In an audit of financial statements of a non-public company in accordance with generally accepted auditing standards,an auditor is required to

Which of the following is not an objective of internal controls over financial reporting as defined by the Sarbanes-Oxley Act?

Which of the following procedures is considered a test of controls?

As part of understanding the internal control,an auditor is not required to

Which of the following is the best way to compensate for the lack of adequate segregation of duties in a small organization?

The overall attitude and awareness of an entity's board of directors concerning the importance of the client's internal control usually is reflected in its

Which of the following outcomes is a likely benefit of information technology used for internal control?

A sales clerk enters a customer's six-number customer account.The computer program uses the first five numbers to calculate a sixth number.This resulting number is then compared to the sixth number entered by the sales clerk.This is an example of a

Assessing control risk at below the maximum level most likely would involve

What is the difference between a significant deficiency and a material weakness?

Which of the following is not an input control activity?

Which of the following activities performed by a department supervisor most likely would help in the prevention or detection of a payroll fraud?

Which of the following statements best describes why an auditor would use only substantive procedures to evaluate specific relevant assertions and risks?

Management's report on internal controls must include each of the following except

After obtaining an understanding of the entity's internal control and assessing control risk,an auditor of a non-public company decided not to perform additional tests of controls.The auditor most likely concluded that the

Auditing and Assurance Services

Professional Standards

Engagement Planning

Management Fraud and Audit Risk

Employee Fraud and the Audit of Cash

Revenue and Collection Cycle

Acquisition and Expenditure Cycle

Production Cycle

Finance and Investment Cycle

Completing the Audit

Reports on Audited Financial Statements

Other Public Accounting Services

Professional Ethics

Legal Liability

Internal Audits governmental Audits and Fraud Examinations

Overview of Sampling

Attributes Sampling

Variables Sampling

Auditing and Information Technology

Filters