Exam 3: Internal Control Over Financial Reporting: Responsibilities of Management and the External Auditor

Management's risk identification and analysis should include both internal and external risk factors.

Which of the following is an example of a control environment deficiency?

Segregation of duties is considered a part of the monitoring component of the COSO framework for internal control structure.

A control designed to ensure that sales transactions are generated using the company's most current prices would be considered to be which type of control?

A significant deficiency should be reported to the audit committee and to external users of an organization's financial statements.

The information and communication component of internal control includes which of the following?

Management Evaluation of Internal Controls What are the steps in management's evaluation of internal control over financial reporting?

Several significant deficiencies in internal controls may constitute a material weakness.

The organization's risk assessment process is an example of an entity-wide control.

Which of the following is an inherent limitation of internal controls?

Requiring two signatures on any check in excess of $10,000 is an example of which type of control?

One of the advantages of a computerized accounting system is that the computerized system eliminates the need for internal controls.

Which of the following is considered to be an entity-wide control?

Which of the following is another name for transaction controls?

A transaction trail includes the documents and records that allow an auditor to trace a transaction from its origination through to its final disposition,or vice versa.

One of the components of internal control,monitoring,refers to the process of identifying,capturing,and exchanging information in a timely fashion to enable accomplishment of the organization's objectives.

A deficiency in design of internal controls exists when an existing control is not properly designed so that,even if the control operates as designed,the control objective would not be met.

Internal control is a process designed to achieve objectives in which one of the following categories?

Segregation of duties is a control activity that is designed to protect against the risk that an individual could both perpetrate and cover up a fraud.

Which of the following is not a reason that the auditor must gain an understanding of the client's internal control system?