Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 9: Audit Risk Assessment

Full screen (f)
exit full mode
Question
Which of these is not an inherent limitation of an internal control structure?

A) mistakes in judgement.
B) collusion.
C) management override.
D) accounting override.
Use Space or
up arrow
down arrow
to flip the card.
Question
Which of the following is an example of how an auditor might document the understanding of internal control?

A) internal control questionnaire.
B) flow chart and narrative memoranda.
C) both of the above.
D) none of the above.
Question
Which factor concerning boards of directors and audit committees would be considered least influential in its impact on the control environment?

A) the sex of directors.
B) experience and stature of directors.
C) the extent of director's involvement and scrutiny of management's activities.
D) independence from management.
Question
Management is responsible for implementing effective controls to control risks identified in a risk assessment. Which of these would not be considered to impact on management's risk assessment?

A) expanding foreign exchange operations.
B) changing the external auditor.
C) new personnel.
D) new technology.
Question
The importance of internal control to management and auditors has been recognised for many years. Which of the following is likely to be cited as a major factor contributing to this importance?

A) The operations of the business entity have become so unwieldy that management must rely on the chief financial officer to effectively control operations.
B) Checks and reviews protect against employee collusion and reduce the chance of employee fraud.
C) Internal control procedures must be utilised to maintain accurate accounting records.
D) It is impractical for auditors to audit most companies within economic fee limitations without relying on the client's system of internal controls.
Question
The least likely procedure to obtain an understanding of the internal control structure would be:

A) reviewing previous experience with the client.
B) confirming transactions.
C) inspecting documents and records.
D) enquiring of appropriate management.
Question
Incompatible duties are those that allow an irregularity to be perpetrated:

A) and concealed through collusive actions.
B) by a single employee.
C) and concealed by a single employee.
D) by accounting personnel.
Question
Which of these would be considered a limitation of internal controls?

A) internal control systems focus on routine transactions.
B) management participating in the supervision of operations.
C) they compare actual performance with budgeted performance
D) all of the above.
Question
A characteristic of management's philosophy and operating style is:

A) being sufficiently skilled.
B) exercising disciplinary action for violations of expected behaviour.
C) the experience and stature of directors.
D) the approach taken to monitoring business risks.
Question
Why is it important to obtain an understanding of the internal control system?

A) weak internal controls may increase the risk of material misstatement.
B) to determine the level of inherent risk.
C) because strong internal controls indicate management integrity.
D) all of the above
Question
Which of these is not a major advantage of the internal control questionnaire?

A) it may be completed in a mechanical fashion.
B) it reduces errors of omission.
C) it provides guidance for less experienced staff.
D) it is usually developed by experienced professionals.
Question
Which of these is not a category of application controls?

A) input controls.
B) processing controls.
C) output controls.
D) general controls.
Question
Which of the following is not generally considered one of the factors that make up the control environment?

A) audit committee.
B) organisational structure.
C) accounting package used.
D) board of directors.
Question
A transaction walk-through review is most commonly associated with:

A) documenting the understanding.
B) tests of controls.
C) substantive tests.
D) procedures to obtain an understanding.
Question
Essential to both management and auditors is a chain of evidence in the accounting system provided by coding, cross references, and documentation connecting account balances and other summary results with original data. This chain of evidence is referred to as the:

A) control trail.
B) audit trail.
C) tracing trail.
D) accounting trail.
Question
Which of these is not one of the fundamental concepts in the COSO report's definition of internal control?

A) Internal control is a guarantee.
B) Internal control is a process.
C) Internal control is affected by people.
D) Internal control is geared to the achievement of objectives in the overlapping categories of financial reporting, compliance and operations.
Question
Smaller entities are best able to overcome their absence of safeguards by:

A) implementing a strict segregation of duties policy.
B) creating an audit committee.
C) removing authority from the owner/manager.
D) developing a culture that emphasises integrity, ethical values and competence.
Question
Which of the following is incorrect concerning the segregation of duties within an organisation?

A) all accounting records can generally be kept by the same person
B) the various steps involved in executing a transaction should be separated.
C) The responsibility for executing a transaction, recording it and maintaining custody of resulting assets should be assigned to different individuals or departments
D) All of the above are correct statements.
Question
A way to prevent unauthorised access to computer systems is:

A) good access controls.
B) strong firewalls.
C) controls to detect attempts at unauthorised access.
D) all of the above.
Question
Restricting the use of the information system to particular authorised personnel by use of passwords is an example of:

A) organisational controls.
B) systems development and maintenance controls.
C) data and procedural controls.
D) access controls.
Question
When the lower assessed level of control risk approach is used, the final assessment of control risk is made after completing:

A) the procedures to obtain an understanding.
B) the documentation of the understanding.
C) all the planned tests of controls.
D) all the above.
Question
For a particular assertion, control risk is the risk that:

A) a material misstatement will occur in the accounting process.
B) audit procedures will fail to detect a weak control system.
C) control procedures will not detect a material misstatement that occurs.
D) the prescribed control procedures will not be applied uniformly.
Question
Which of these is one of the three components of audit risk?

A) deception risk.
B) control risk.
C) rejection risk.
D) acceptance risk.
Question
Inherent risk is defined in terms of:

A) a total absence of controls.
B) an ideal set of controls.
C) the existing controls.
D) the standard controls for the client's industry.
Question
Flowcharts should depict all of the following except:

A) all operations performed in processing the class of transactions.
B) the method of processing.
C) the extent of segregation of duties.
D) the audit procedures conducted.
Question
The true statement is:

A) Internal controls are more important when companies grow in size and complexity.
B) Effective internal controls are able to provide absolute assurance for an entity's management and board.
C) Auditors have a statutory legal obligation to report on internal controls within the entity.
D) The control environment means the auditor's overall attitude, awareness and actions regarding internal control and its importance in the entity
Question
The control environment means management's overall attitude, awareness and actions regarding internal control and its importance in the entity. Identify and describe four factors that constitute part of the control environment.
Question
1. Identify and define the components of the quantified audit risk model.
"2. Indicate which of these components is under the control of the auditor and indicate the relationship of this component to the other components of audit risk.
"
Question
Identify what category of control activity each of the following belong to:
1.Management reviews the sales of each salesperson on a monthly basis.
2.Access to the cash office is restricted by entry code.
3.There is an automated stop placed on payroll if the amounts entered exceed a certain reasonable amount.
4.Authority to approve credit is the responsibility of the cash office, not the sales department.
5.All sales are processed on a cash register which produces receipts and a journal roll for the office.
6.Before new information systems are approved they are extensively tested for weaknesses.
7.When entering data the system will prompt for an entry if there is an empty or incomplete field.
8.Management reviews the actual versus budget report each week.
Question
1.Explain what an internal control questionnaire is and why it is used.
2.List three advantages of using questionnaires.
Question
For a given assertion, the relationship between the level of detection risk (DR) and assessed control risk (CR) and inherent risk (IR) is shown correctly in which of the following, where + means increase, - means decrease:

A) +DR if +CR and +IR.
B) +DR if -CR and -IR.
C) +DR if +CR and -IR.
D) +DR if -CR and +IR.
Question
Control activities are detailed policies and procedures that management establishes to help ensure that its directives are carried out. List the four different categories of control activities and give an example of each.
Question
If inherent risk and control risk are both assessed as low, detection risk will be:

A) low.
B) high.
C) the same as audit risk.
D) medium.
Question
Internal control can only provide reasonable assurance as there are inherent limitations within an entity's control structure. Identify and describe three of these limitations.
Question
1. List the four procedures necessary to obtain an understanding of the entity's internal control.
2. Explain what a transaction walk-through review consists of.
Question
List the fundamental concepts that are embodied in the definition of internal control as per the COSO report:
…a process, effected by an entity's board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categories:
-reliability of financial reporting;
-compliance with applicable laws and regulations;
-effectiveness and efficiency of operations.
Question
The assessment of inherent risk requires consideration of matters that have a pervasive effect on the entity as a whole and matters that may affect only specific accounts. Which of the following is an example of a "pervasive effects" matter?

A) industry of operation.
B) susceptibility to misappropriation.
C) sensitivity of valuations to economic factors.
D) all of the above.
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/37
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 9: Audit Risk Assessment
1
Which of these is not an inherent limitation of an internal control structure?

A) mistakes in judgement.
B) collusion.
C) management override.
D) accounting override.
D
2
Which of the following is an example of how an auditor might document the understanding of internal control?

A) internal control questionnaire.
B) flow chart and narrative memoranda.
C) both of the above.
D) none of the above.
C
3
Which factor concerning boards of directors and audit committees would be considered least influential in its impact on the control environment?

A) the sex of directors.
B) experience and stature of directors.
C) the extent of director's involvement and scrutiny of management's activities.
D) independence from management.
A
4
Management is responsible for implementing effective controls to control risks identified in a risk assessment. Which of these would not be considered to impact on management's risk assessment?

A) expanding foreign exchange operations.
B) changing the external auditor.
C) new personnel.
D) new technology.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
5
The importance of internal control to management and auditors has been recognised for many years. Which of the following is likely to be cited as a major factor contributing to this importance?

A) The operations of the business entity have become so unwieldy that management must rely on the chief financial officer to effectively control operations.
B) Checks and reviews protect against employee collusion and reduce the chance of employee fraud.
C) Internal control procedures must be utilised to maintain accurate accounting records.
D) It is impractical for auditors to audit most companies within economic fee limitations without relying on the client's system of internal controls.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
6
The least likely procedure to obtain an understanding of the internal control structure would be:

A) reviewing previous experience with the client.
B) confirming transactions.
C) inspecting documents and records.
D) enquiring of appropriate management.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
7
Incompatible duties are those that allow an irregularity to be perpetrated:

A) and concealed through collusive actions.
B) by a single employee.
C) and concealed by a single employee.
D) by accounting personnel.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
8
Which of these would be considered a limitation of internal controls?

A) internal control systems focus on routine transactions.
B) management participating in the supervision of operations.
C) they compare actual performance with budgeted performance
D) all of the above.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
9
A characteristic of management's philosophy and operating style is:

A) being sufficiently skilled.
B) exercising disciplinary action for violations of expected behaviour.
C) the experience and stature of directors.
D) the approach taken to monitoring business risks.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
10
Why is it important to obtain an understanding of the internal control system?

A) weak internal controls may increase the risk of material misstatement.
B) to determine the level of inherent risk.
C) because strong internal controls indicate management integrity.
D) all of the above
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
11
Which of these is not a major advantage of the internal control questionnaire?

A) it may be completed in a mechanical fashion.
B) it reduces errors of omission.
C) it provides guidance for less experienced staff.
D) it is usually developed by experienced professionals.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
12
Which of these is not a category of application controls?

A) input controls.
B) processing controls.
C) output controls.
D) general controls.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
13
Which of the following is not generally considered one of the factors that make up the control environment?

A) audit committee.
B) organisational structure.
C) accounting package used.
D) board of directors.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
14
A transaction walk-through review is most commonly associated with:

A) documenting the understanding.
B) tests of controls.
C) substantive tests.
D) procedures to obtain an understanding.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
15
Essential to both management and auditors is a chain of evidence in the accounting system provided by coding, cross references, and documentation connecting account balances and other summary results with original data. This chain of evidence is referred to as the:

A) control trail.
B) audit trail.
C) tracing trail.
D) accounting trail.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
16
Which of these is not one of the fundamental concepts in the COSO report's definition of internal control?

A) Internal control is a guarantee.
B) Internal control is a process.
C) Internal control is affected by people.
D) Internal control is geared to the achievement of objectives in the overlapping categories of financial reporting, compliance and operations.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
17
Smaller entities are best able to overcome their absence of safeguards by:

A) implementing a strict segregation of duties policy.
B) creating an audit committee.
C) removing authority from the owner/manager.
D) developing a culture that emphasises integrity, ethical values and competence.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
18
Which of the following is incorrect concerning the segregation of duties within an organisation?

A) all accounting records can generally be kept by the same person
B) the various steps involved in executing a transaction should be separated.
C) The responsibility for executing a transaction, recording it and maintaining custody of resulting assets should be assigned to different individuals or departments
D) All of the above are correct statements.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
19
A way to prevent unauthorised access to computer systems is:

A) good access controls.
B) strong firewalls.
C) controls to detect attempts at unauthorised access.
D) all of the above.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
20
Restricting the use of the information system to particular authorised personnel by use of passwords is an example of:

A) organisational controls.
B) systems development and maintenance controls.
C) data and procedural controls.
D) access controls.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
21
When the lower assessed level of control risk approach is used, the final assessment of control risk is made after completing:

A) the procedures to obtain an understanding.
B) the documentation of the understanding.
C) all the planned tests of controls.
D) all the above.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
22
For a particular assertion, control risk is the risk that:

A) a material misstatement will occur in the accounting process.
B) audit procedures will fail to detect a weak control system.
C) control procedures will not detect a material misstatement that occurs.
D) the prescribed control procedures will not be applied uniformly.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
23
Which of these is one of the three components of audit risk?

A) deception risk.
B) control risk.
C) rejection risk.
D) acceptance risk.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
24
Inherent risk is defined in terms of:

A) a total absence of controls.
B) an ideal set of controls.
C) the existing controls.
D) the standard controls for the client's industry.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
25
Flowcharts should depict all of the following except:

A) all operations performed in processing the class of transactions.
B) the method of processing.
C) the extent of segregation of duties.
D) the audit procedures conducted.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
26
The true statement is:

A) Internal controls are more important when companies grow in size and complexity.
B) Effective internal controls are able to provide absolute assurance for an entity's management and board.
C) Auditors have a statutory legal obligation to report on internal controls within the entity.
D) The control environment means the auditor's overall attitude, awareness and actions regarding internal control and its importance in the entity
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
27
The control environment means management's overall attitude, awareness and actions regarding internal control and its importance in the entity. Identify and describe four factors that constitute part of the control environment.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
28
1. Identify and define the components of the quantified audit risk model.
"2. Indicate which of these components is under the control of the auditor and indicate the relationship of this component to the other components of audit risk.
"
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
29
Identify what category of control activity each of the following belong to:
1.Management reviews the sales of each salesperson on a monthly basis.
2.Access to the cash office is restricted by entry code.
3.There is an automated stop placed on payroll if the amounts entered exceed a certain reasonable amount.
4.Authority to approve credit is the responsibility of the cash office, not the sales department.
5.All sales are processed on a cash register which produces receipts and a journal roll for the office.
6.Before new information systems are approved they are extensively tested for weaknesses.
7.When entering data the system will prompt for an entry if there is an empty or incomplete field.
8.Management reviews the actual versus budget report each week.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
30
1.Explain what an internal control questionnaire is and why it is used.
2.List three advantages of using questionnaires.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
31
For a given assertion, the relationship between the level of detection risk (DR) and assessed control risk (CR) and inherent risk (IR) is shown correctly in which of the following, where + means increase, - means decrease:

A) +DR if +CR and +IR.
B) +DR if -CR and -IR.
C) +DR if +CR and -IR.
D) +DR if -CR and +IR.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
32
Control activities are detailed policies and procedures that management establishes to help ensure that its directives are carried out. List the four different categories of control activities and give an example of each.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
33
If inherent risk and control risk are both assessed as low, detection risk will be:

A) low.
B) high.
C) the same as audit risk.
D) medium.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
34
Internal control can only provide reasonable assurance as there are inherent limitations within an entity's control structure. Identify and describe three of these limitations.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
35
1. List the four procedures necessary to obtain an understanding of the entity's internal control.
2. Explain what a transaction walk-through review consists of.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
36
List the fundamental concepts that are embodied in the definition of internal control as per the COSO report:
…a process, effected by an entity's board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categories:
-reliability of financial reporting;
-compliance with applicable laws and regulations;
-effectiveness and efficiency of operations.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
37
The assessment of inherent risk requires consideration of matters that have a pervasive effect on the entity as a whole and matters that may affect only specific accounts. Which of the following is an example of a "pervasive effects" matter?

A) industry of operation.
B) susceptibility to misappropriation.
C) sensitivity of valuations to economic factors.
D) all of the above.
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 37 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree