Question 1

For a complex IT system, auditors are least likely to use which of the following when documenting their understanding of internal controls?

Accepted Answer

A)  Narratives. 
B)  Internal control questionnaires. 
C)  Flowcharts. 
D)  Organization charts. 
A)  Narratives. 
B)  Internal control questionnaires. 
C)  Flowcharts. 
D)  Organization charts.

Question 2

What are two potential benefits and two potential risks of using IT for an entity's internal control?

Accepted Answer

Student answers should include two benef

Question 3

Which of the following is not a characteristic of a batch processed computer system?

Accepted Answer

A)  The collection of like transactions which are sorted and processed sequentially against a master file. 
B)  Keypunching of transactions, followed by machine processing. 
C)  The production of numerous printouts. 
D)  The posting of a transaction, as it occurs, to several files, without intermediate printouts. 
A)  The collection of like transactions which are sorted and processed sequentially against a master file. 
B)  Keypunching of transactions, followed by machine processing. 
C)  The production of numerous printouts. 
D)  The posting of a transaction, as it occurs, to several files, without intermediate printouts.

Question 4

As opposed to a manual control, an automated control

Accepted Answer

A)  Can never be circumvented. 
B)  Should function consistently in the absence of program changes. 
C)  Need not be tested by the auditor. 
D)  Must be tested using the same techniques as a manual control. 
A)  Can never be circumvented. 
B)  Should function consistently in the absence of program changes. 
C)  Need not be tested by the auditor. 
D)  Must be tested using the same techniques as a manual control.

Question 5

Data capture occurs through source documentation, direct data entry, or a combination of the two. List three purposes of data capture controls.

Accepted Answer

Data capture controls ensure that (1) al

Question 6

While substantive procedures may support the accuracy of underlying records, these tests frequently provide no affirmative evidence of segregation of duties because

Accepted Answer

A)  Substantive procedures rarely guarantee the accuracy of the records if only a sample of the transactions has been tested. 
B)  The records may be accurate even though they are maintained by persons having incompatible functions. 
C)  Substantive procedures relate to the entire period under audit, but compliance tests ordinarily are confined to the period during which the auditor is on the entity's premises. 
D)  Many computerized procedures leave no audit trail of who performed them, so substantive procedures may necessarily be limited to inquiries and observation of office personnel. 
A)  Substantive procedures rarely guarantee the accuracy of the records if only a sample of the transactions has been tested. 
B)  The records may be accurate even though they are maintained by persons having incompatible functions. 
C)  Substantive procedures relate to the entire period under audit, but compliance tests ordinarily are confined to the period during which the auditor is on the entity's premises. 
D)  Many computerized procedures leave no audit trail of who performed them, so substantive procedures may necessarily be limited to inquiries and observation of office personnel.

Question 7

Which of the following statements concerning control risk is correct?

Accepted Answer

A)  Assessing control risk and obtaining an understanding of an entity's internal controls may be performed concurrently. 
B)  When control risk is high, an auditor is required to document the basis for that assessment. 
C)  Control risk may be assessed sufficiently low to eliminate substantive procedures for significant accounts. 
D)  When assessing control risk, an auditor should not consider evidence obtained in prior audits about the operation of control activities. 
A)  Assessing control risk and obtaining an understanding of an entity's internal controls may be performed concurrently. 
B)  When control risk is high, an auditor is required to document the basis for that assessment. 
C)  Control risk may be assessed sufficiently low to eliminate substantive procedures for significant accounts. 
D)  When assessing control risk, an auditor should not consider evidence obtained in prior audits about the operation of control activities.

Question 8

Tests of controls must be performed if control risk is set at a lower level.

Accepted Answer

A) True 
 B)False

Question 9

The documentation of an auditor's understanding of internal controls

Accepted Answer

A)  Is optional. 
B)  Must be exclusively in either narrative, questionnaires, or flowchart form. 
C)  Must include flowcharts. 
D)  Can include any combination of narratives, questionnaires, or flowcharts. 
A)  Is optional. 
B)  Must be exclusively in either narrative, questionnaires, or flowchart form. 
C)  Must include flowcharts. 
D)  Can include any combination of narratives, questionnaires, or flowcharts.

Question 10

An entity's IT infrastructure refers to

Accepted Answer

A)  Hardware components. 
B)  Programmers. 
C)  Software. 
D)  Data provided by the system. 
A)  Hardware components. 
B)  Programmers. 
C)  Software. 
D)  Data provided by the system.

Question 11

Internal control includes monitoring of controls.

Accepted Answer

A) True 
 B)False

Question 12

A high detection risk strategy includes all of the following except:

Accepted Answer

A)  Interim testing. 
B)  Reduced testing of transactions. 
C)  Heavy reliance on analytical procedures as substantive procedures. 
D)  Audit work only completed at year-end. 
A)  Interim testing. 
B)  Reduced testing of transactions. 
C)  Heavy reliance on analytical procedures as substantive procedures. 
D)  Audit work only completed at year-end.

Question 13

An auditor would most likely be concerned with internal control policies and procedures that provide reasonable assurance about the

Accepted Answer

A)  Efficiency of management's decision-making process. 
B)  Appropriate prices that the entity should charge for its products. 
C)  Methods of assigning production tasks to employees. 
D)  Entity's ability to accurately process and summarize financial data. 
A)  Efficiency of management's decision-making process. 
B)  Appropriate prices that the entity should charge for its products. 
C)  Methods of assigning production tasks to employees. 
D)  Entity's ability to accurately process and summarize financial data.

Question 14

The risk assessment component of internal control refers to

Accepted Answer

A)  The auditor's assessment of control risk. 
B)  The auditor's assessment of client risk. 
C)  The entity's identification and analysis of risks relevant to achievement of its objectives. 
D)  The entity's monitoring of the potential for material misstatements. 
A)  The auditor's assessment of control risk. 
B)  The auditor's assessment of client risk. 
C)  The entity's identification and analysis of risks relevant to achievement of its objectives. 
D)  The entity's monitoring of the potential for material misstatements.

Question 15

Assessing control risk at a lower level most likely would involve

Accepted Answer

A)  Changing the timing of substantive procedures by omitting interim testing and performing the tests at year-end. 
B)  Identifying specific internal controls relevant to specific assertions. 
C)  Performing more extensive substantive procedures with larger sample sizes than originally planned. 
D)  Reducing inherent risk for most of the assertions relevant to significant account balances. 
A)  Changing the timing of substantive procedures by omitting interim testing and performing the tests at year-end. 
B)  Identifying specific internal controls relevant to specific assertions. 
C)  Performing more extensive substantive procedures with larger sample sizes than originally planned. 
D)  Reducing inherent risk for most of the assertions relevant to significant account balances.

Question 16

Which of the following input controls is a numeric value computed to provide assurance that the original value has not been altered in construction or transmission?

Accepted Answer

A)  Hash total. 
B)  Parity check. 
C)  Encryption. 
D)  Check digit. 
A)  Hash total. 
B)  Parity check. 
C)  Encryption. 
D)  Check digit.

Question 17

Why might an auditor decide to test controls at an interim date?

Accepted Answer

An auditor might test controls at an int

Question 18

Management philosophy and operating style most likely would have a significant influence on an entity's control environment when

Accepted Answer

A)  The internal audit function reports directly to management. 
B)  Management is dominated by one individual. 
C)  Accurate management job descriptions delineate specific duties. 
D)  The audit committee actively oversees the financial reporting process. 
A)  The internal audit function reports directly to management. 
B)  Management is dominated by one individual. 
C)  Accurate management job descriptions delineate specific duties. 
D)  The audit committee actively oversees the financial reporting process.

Question 19

Walkthroughs usually involve all of the following audit procedures except:

Accepted Answer

A)  Reperformance. 
B)  Inquiry. 
C)  Observation. 
D)  Inspection. 
A)  Reperformance. 
B)  Inquiry. 
C)  Observation. 
D)  Inspection.

Question 20

While performing an audit on the internal controls over financial reporting for AirWaves Corporation, your audit team finds what it considers to be a significant deficiency. AirWaves is a large, private company. What steps would you take to communicate this finding?

Accepted Answer

Auditing standards require that the audi

Exam 6: Internal Control in a Financial Statement Audit

For a complex IT system, auditors are least likely to use which of the following when documenting their understanding of internal controls?

What are two potential benefits and two potential risks of using IT for an entity's internal control?

Which of the following is not a characteristic of a batch processed computer system?

As opposed to a manual control, an automated control

Data capture occurs through source documentation, direct data entry, or a combination of the two. List three purposes of data capture controls.

While substantive procedures may support the accuracy of underlying records, these tests frequently provide no affirmative evidence of segregation of duties because

Which of the following statements concerning control risk is correct?

Tests of controls must be performed if control risk is set at a lower level.

The documentation of an auditor's understanding of internal controls

An entity's IT infrastructure refers to

Internal control includes monitoring of controls.

A high detection risk strategy includes all of the following except:

An auditor would most likely be concerned with internal control policies and procedures that provide reasonable assurance about the

The risk assessment component of internal control refers to

Assessing control risk at a lower level most likely would involve

Which of the following input controls is a numeric value computed to provide assurance that the original value has not been altered in construction or transmission?

Why might an auditor decide to test controls at an interim date?

Management philosophy and operating style most likely would have a significant influence on an entity's control environment when

Walkthroughs usually involve all of the following audit procedures except:

While performing an audit on the internal controls over financial reporting for AirWaves Corporation, your audit team finds what it considers to be a significant deficiency. AirWaves is a large, private company. What steps would you take to communicate this finding?

An Introduction to Assurance and Financial Statement Auditing

The Financial Statement Auditing Environment

Audit Planning, Types of Audit Tests, and Materiality

Risk Assessment

Evidence and Documentation

Auditing Internal Control Over Financial Reporting

Audit Sampling: An Overview and Application to Tests of Controls

Audit Sampling: An Application to Substantive Tests of Account Balances

Auditing the Revenue Process

Auditing the Purchasing Process

Auditing the Human Resource Management Process

Auditing the Inventory Management Process

Auditing the Financing Investing Process: Prepaid Expenses Intangible Assets and Property Plant and Equipment

Auditing the Financing Investing Process: Long-Term Liabilities Stockholders Equity and Income Statement Accounts

Auditing the Financinginvesting Process: Cash and Investments

Completing the Audit Engagement

Reports on Audited Financial Statements

Professional Conduct, Independence, and Quality Control

Legal Liability

Assurance, Attestation, and Internal Auditing Services

Filters