Deck 5: Risk Assessment: Internal Control Evaluation

A) Reasonableness tests.
B) Record counts.
C) Financial totals.
D) Hash totals.

A) Occurrence.
B) Accuracy.
C) Valuation or allocation.
D) Cutoff.

A) To serve as a basis for constructive suggestions.
B) To plan subsequent substantive tests.
C) To identify types of possible misstatements that may occur.
D) To consider factors that may affect the risk of material misstatement.

A) Shipments to customers were invoiced.
B) Shipments to customers were recorded as sales.
C) Recorded sales were shipped.
D) Invoiced sales were recorded as sales.

A) Questionnaires, narratives, and flowcharts.
B) Bridge working papers.
C) Communications of significant deficiencies.
D) Internal control letters.

A) Verifying the accuracy of checks and vouchers.
B) Controlling the mailing of checks to vendors.
C) Approving vendors' invoices for payment.
D) Canceling payment vouchers when paid.

A) Separation of functional responsibilities.
B) Complexity of the client's internal controls.
C) Owner-manager's competence as well as ethics and integrity.
D) Bonding of employees.

A) Management assertions.
B) Control environment.
C) Control risk assessment.
D) Functional responsibilities.

A) Designing client's internal controls.
B) Documenting an understanding of a client's internal controls.
C) Communicating internal control deficiencies.
D) Assessing the effectiveness a client's internal controls.

A) Check digit.
B) Run-to-run totals.
C) Distribution of computerized output.
D) Separation of duties in the IT department.

A) Control environment.
B) Information and communication system.
C) Control activity effectiveness.
D) Monitoring activities.

A) Additional evidence to support an additional reduction in control risk was not cost beneficial.
B) Assessed level of inherent risk exceeded the assessed level of control risk.
C) Internal control structure was properly designed and justifiably may be relied on.
D) Evidence obtainable through tests of controls would not support an increased level of control risk.

A) Having authorization to execute transactions.
B) Recording transactions.
C) Having custody of assets involved in the transactions.
D) Preparing data.

A) Confirmation with outside parties.
B) Inquiry of client personnel.
C) Successful reperformance of the control activity.
D) Observation of client personnel.

A) Tests of controls to determine the effectiveness of internal control policies.
B) Analytical procedures to verify the design of internal control activities.
C) Substantive tests to restrict detection risk for significant transaction classes.
D) Dual-purpose tests to evaluate both the risk of monetary misstatement and preliminary control risk.

A) Valid character test.
B) Missing data test.
C) Reasonableness test.
D) Check digit.

A) Transaction authorization.
B) Recordkeeping.
C) Custody of, or direct access to, assets.
D) Hiring of employees.

A) Document his or her understanding of the entity's internal control.
B) Search for significant deficiencies in the operation of internal controls.
C) Perform tests of controls to evaluate the effectiveness of the entity's accounting system.
D) Determine whether control activities are operating effectively to prevent or detect material misstatements.

A) It would be efficient to perform tests of controls that would result in a reduction in planned substantive tests.
B) Additional evidence to support a further reduction in control risk is not available.
C) An increase in the assessed level of control risk is justified for certain financial statement assertions.
D) There were many internal control weaknesses that could allow errors to enter the accounting system.

A) Hours worked.
B) Total debits and total credits.
C) Net pay.
D) Department numbers.

A) The knowledge necessary for audit planning.
B) The evidential matter to use in assessing inherent risk.
C) A basis for modifying tests of controls.
D) An evaluation of the consistency of application of management's policies.

A) Consider factors that affect the risk of material misstatement.
B) Ascertain whether internal control policies and activities have been placed in operation.
C) Identify the types of potential misstatements that can occur.
D) Obtain knowledge about the operating effectiveness of the client's internal control activities.

A) Test the client's control activities.
B) Assess the final control risk.
C) Document the understanding obtained.
D) Plan the remainder of the audit work.

A) Extent of substantive tests of details.
B)

A) Processing of control activities.
B) Separation of various computer system functions.
C) Appropriate documentation of the data processing system.
D) Control over physical access to computer hardware.

A) Apply analytical procedures to both financial data and nonfinancial information to detect conditions that may indicate weak controls.
B) Perform tests of details of transactions and account balances to identify potential errors and fraud.
C) Identify specific internal control policies and activities that are likely to detect or prevent material misstatements.
D) Document the fact that the additional audit effort to perform tests of controls exceeds the potential reduction in substantive testing.

A) Absence of appropriate separation of duties.
B) Absence of appropriate reviews and approvals of transactions.
C) Evidence of failure of control activities.
D) Ineffective oversight of the financial reporting process by the company's audit committee.

A) Journalize entries and prepare financial statements.
B) Record cash receipts and cash disbursements.
C) Establish internal controls and authorize transactions.
D) Perpetrate a fraud and then conceal it in the books.

A) Incompatible duties.
B) Management override.
C) Mistakes in judgment.
D) Collusion among employees.

A) Do not obtain an understanding of client environment, accounting, or control activities. Do not document the decision to assess control risk at maximum. Perform 100% substantive audit on all financial statement transactions and balances.
B) Obtain an understanding of client environment, accounting, and control activities. Document the decision to assess control risk at maximum. Perform an extensive but not 100% substantive audit on financial statement transactions and balances.
C) Obtain an understanding of client environment, accounting, and control activities, and perform detail tests of controls. Document the decision to assess control risk below the maximum. Perform restricted substantive audit on financial statement transactions and balances, considering the control risk assessment.
D) Obtain an understanding of client environment, accounting, and control activities, and perform detail tests of controls. Document the decision to assess control risk at zero. Perform no substantive audit on financial statement transactions and balances because zero control risk means that no errors or fraud can affect the accounts.

A) Reflects management's philosophy and operating style.
B) Affects management's financial statement assertions.
C) Provides adequate safeguards over access to assets.
D) Enhances management's decision making processes.

A) Perform a great deal of additional tests of controls.
B) Perform a great deal of substantive testing during the audit.
C) Perform substantive tests at an interim date.
D) Perform more audit procedures using internal evidence.

A) Computer-based control activities.
B) System of separation of duties.
C) Control environment.
D) Safeguards over access to assets.

A) Factors that raise doubts about the auditability of the financial statements.
B) Operating effectiveness of internal control policies and procedures.
C) Risk that material misstatements exist in the financial statements.
D) Possibility that the nature and extent of substantive tests may be reduced.

A) Perform exhaustive tests of accounting controls and evaluate the company's control system effectiveness.
B) Determine whether the company's control policies are designed well enough to prevent material misstatements.
C) Prepare auditing working papers that document the auditor's understanding of the company's internal control.
D) Design procedures to search for significant deficiencies in the actual operation of the company's internal control.

A) Policies and procedures that pertain to the maintenance of records that in reasonable detail accurately and fairly reflect the transactions and dispositions of the assets of the registrant.
B) Policies and procedures that provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with generally accepted accounting principles and that receipts and expenditures of the registrant are being made only in accordance with authorizations of management and directors of the registrant.
C) Policies and procedures that provide reasonable assurance regarding the compliance with applicable laws and regulations.
D) Policies and procedures that provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use, or disposition of the registrant's assets that could have a material effect on the financial statements.

A) Determine whether control activities have been placed in operation.
B) Perform procedures to understand the design of the internal control system.
C) Document the understanding of the company's internal control system.
D) Search for significant deficiencies in the operation of the internal control system.

A) An action taken by auditors to obtain evidence.
B) An action taken by client personnel for the purpose of preventing, detecting, and correcting errors and frauds in transactions to eliminate or mitigate risks identified by the company.
C) A method for recording, summarizing, and reporting financial information.
D) The functioning of the board of directors in support of its audit committee.

A) The Sarbanes-Oxley Act of 2002.
B) The PCAOB.
C) The AICPA.
D) The ASB.

A) A narrative memorandum describing the control system.
B) An internal control questionnaire.
C) A flowchart of the documents and procedures used by the company.
D) All of the above.

A) It is probable that an immaterial financial statement misstatement would not be detected on a timely basis.
B) There is a remote likelihood that a material misstatement would be detected on a timely basis.
C) It is reasonably possible that a material misstatement would not be detected on a timely basis.
D) It is reasonably possible that an immaterial misstatement would not be detected on a timely basis.

A) Performing more extensive substantive tests with larger sample sizes than originally planned.
B) Reducing inherent risk for most of the assertions relevant to significant account balances.
C) Changing the timing of substantive tests by omitting interim-date testing and performing the tests at year-end.
D) Identifying specific internal control activities that are relevant to specific financial statement assertions.

A) Inquiry of client personnel.
B) Observation of company operations.
C) Confirmation of balances.
D) Inspection of documentation.

A) Effectiveness and efficiency of operations.
B) People who operate the control system.
C) Reliability of financial reporting.
D) Compliance with applicable laws and regulations.

A) Control evaluation findings and subsequent audit procedures.
B) Management objectives and accounting system procedures.
C) Management objectives and entity control activities.
D) Financial statement assertions and tests of controls.

A) Provide a basis for making constructive suggestions in a management letter.
B) Determine the nature, timing, and extent of tests to be performed in the audit.
C) Provide the rationale for the inherent risk assessment at the financial statement assertion level.
D) Provide information for a communication of internal control-related matters to management.

A) Reconciliation of a bank account.
B) Recalculation of a sample of payroll entries by internal auditors.
C) Separation of duties between the payroll and personnel departments.
D) Detailed fluctuation analysis completed by the CFO for revenue.

A) Obtaining evidence about the financial statement assertions.
B) Accomplishing control over the occurrence of recorded transactions.
C) Applying analytical procedures to financial statement balances.
D) Obtaining evidence about the operating effectiveness of client control activities.

A) The cost of substantive procedures will exceed the cost of control evaluation work.
B) Auditors will be able to reduce the cost of substantive procedures by an amount more than the control evaluation costs.
C) The cost of control evaluation work will exceed the cost of substantive procedures.
D) Auditors will be able to reduce the cost of substantive procedures by an amount less than the cost of tests of controls.

A) Selecting larger sample sizes for audit.
B) Performing audit procedures at the fiscal year-end date as opposed to the interim period.
C) Deciding to obtain external evidence instead of internal evidence.
D) Performing procedures during the interim period as opposed to at the fiscal year-end date.

A) Inquiry and analytical procedures.
B) Reperformance and observation.
C) Comparison and confirmation.
D) Inspection and verification.

A) A statement that management is responsible for establishing and maintaining adequate internal control over financial reporting.
B) A statement identifying the framework management uses to evaluate the effectiveness of the company's internal control.
C) A statement providing management's assessment of the effectiveness of the company's internal control.
D) A statement providing management's evaluation of the company's control environment.

A) Evaluation of the auditing environment.
B) Testing of low-risk internal control activities.
C) All testing of the operating effectiveness of internal control activities.
D) Providing the principal evidence for the external auditors' opinion.

A) Determine whether the company's controls are processing company data effectively.
B) Determine that the company's controls will satisfy the company's control objectives and can effectively prevent or detect errors or fraud that could result in material misstatements, if they operate as prescribed.
C) Determine that the company's employees are processing the controls according to the policy and procedure manuals at the company.
D) None of the above.

A) Whether there is a reasonable possibility that the company's controls will fail to prevent or detect a misstatement of an account balance or disclosure.
B) Whether the account has a history of errors.
C) The magnitude of the potential misstatement resulting from the deficiency or the deficiencies.
D) Both A and C are correct.
E) All of the above are correct.

A) Identify significant accounts, locations, and assertions.
B) Conduct a walkthrough of the internal control process.
C) Make inquiries of employees regarding the existence of control activities.
D) Reperform control activities performed by client employees to determine their effectiveness.

A) Option A
B) Option B
C) Option C
D) Option D