Exam 10: Section 404 Audits of Internal Control and Control Risk

Adequate documents and records is a subcomponent of the control environment.

The independent auditor should acquire an understanding of the internal audit function as it relates to the independent auditor's study and evaluation of internal control because the:

Smaller companies usually have less extensive internal controls than larger companies which result in more frauds being committed at small companies.

The Sarbanes-Oxley Act requires:

Section 404 requires auditors to evaluate the effectiveness of the audit committee's oversight of the company's:

Narratives, flowcharts, and internal control questionnaires are three common methods of:

Internal controls normally include procedures designed to provide reasonable assurance that:

Discuss what is meant by the term "control environment" and identify four control environment subcomponents that the auditor should consider.

Which of the following groups establishes and maintains the company's internal controls?

The primary emphasis by auditors is on controls over:

Which of the following is most correct for audits of non-public companies?

Match seven of the terms (a-i) with the definitions provided below (1-7): a. Control environment b. Control activities c. Independent checks on performance d. Internal control e. Monitoring f. Separation of duties g. General authorization h. Specific authorization i. Risk assessment ________ 1. Management's ongoing and periodic assessment of the quality of internal control performance to determine that controls are operating as intended and are modified when needed. ________ 2. Company-wide policies for the approval of all transactions within stated limits. ________ 3. The actions, policies, and procedures that reflect the overall attitudes of top management, directors, and owners of an entity about internal control and its importance to the entity. ________ 4. Segregation of the following activities in an organization: custody of assets, accounting, authorization, and operational responsibility. ________ 5. Management's identification and analysis of risks relevant to the preparation of financial statements in accordance with an applicable accounting framework. ________ 6. Policies and procedures that help ensure that necessary actions are taken to address risks in the achievement of the entity's objectives. ________ 7. A process designed to provide reasonable assurance regarding the achievement of management's objectives in the following categories: (1) reliability of financial reporting, (2) effectiveness and efficiency of operations, and (3) compliance with applicable laws and regulations.

Auditors of private companies may rely on prior periods' tests of controls.

Which of the following is not one of the three primary objectives of effective internal control?

When internal controls over a given financial statement account are assessed as highly effective, the auditor need not obtain audit evidence for that account beyond testing the controls.

Certain principles dictate the proper design and use of documents and records. Briefly describe several of these principles.

The primary emphasis by auditors when evaluating and testing internal control is on controls over classes of transactions rather than controls over account balances.

Of the following statements about internal controls, which one is least likely to be correct?

When a compensating control exists, the absence of a key control:

The text suggested a five-step approach to identify deficiencies, significant deficiencies, and material weaknesses. Describe this approach.