Exam 3: Internal Control Over Financial Reporting: Responsibilities of Management and the External Auditor

The payroll department should be responsible for signing payroll checks.

Which of the following activities would be an example of an ongoing evaluation?

Self-checking digit algorithms have been developed to test for transposition errors associated with identification numbers.

Internal controls may be preventive or detective.Which of the following controls is preventive?

Effective monitoring of internal controls not only identifies risks but also responds to these risks appropriately.

Internal control Define the term "internal control" and identify the major components of an internal control system.

The COSO principle that an organization should identify and assess changes that significantly impact the system of internal control is related to which COSO component?

Which of the following is not part of the control environment of an organization?

An organization's risk assessment process should be performed only by senior-level management.

Relationship of the five internal control components The five components of the COSO internal control system are conceptually and logically integrated.List the five components of the model and describe how they are integrated with each other in the internal

Internal Control Principles Identify and briefly describe the two principles that should govern the monitoring function.

Entity-Wide and Transaction Controls Distinguish between entity-wide controls and transaction controls. Provide at least three examples of each type. Entity-wide controls operate across an entity and affect multiple processes, transactions, accounts, and assertions. Some examples of entity-wide controls include: Controls related to the control environment Controls over management override The organization’s risk assessment process Centralized processing and controls Controls to monitor results of operations Controls to monitor other controls Controls over the period-end financial reporting process Policies that address significant business control and risk management practices

Controls to monitor results of operations are considered to be transaction controls.

All organizations should evaluate and communicate internal control deficiencies in a timely manner to those parties responsible for taking corrective action,including senior management and the board of directors,as appropriate.

An organization's control environment is established and maintained by the internal auditing department.

Physical controls to safeguard assets are not intended to include simple controls such as fences and locks.

In a financial statement audit,what is the external auditor's primary concern?

Which of the following services does the PCAOB require auditors of public companies to perform?

Walkthroughs and inquiries are often used to obtain an understanding of internal controls.

Which of the following is an example of a physical control to safeguard assets?