1.13.18 Flashcards
In the audit of which of the following types of profit-oriented enterprises is the auditor most likely to place special emphasis on testing the controls over proper classification of payroll transactions?
A manufacturing organization.
A manufacturer is characteristically labor intensive with a high frequency and volume of payroll transactions requiring classification into direct labor and overhead. Payroll information is important in the costing of work-in-process, finished goods inventory, and cost of goods sold.
Which of the following activities is most likely to prevent the improper disposition of equipment?
A segregation of duties between those authorized to dispose of equipment and those authorized to approve removal work orders.
Segregation of duties reduces the opportunity for an individual both to perpetrate and to conceal fraud or error. Accordingly, the authorization, recording, and asset custody functions should be separated. Thus, the same individual should not approve removal work orders (authorization) and dispose of equipment (asset custody).
To strengthen internal control over the custody of heavy mobile equipment, the client would most likely institute a policy requiring a periodic
Inspection of equipment and reconciliation with accounting records.
To strengthen control over the custody of equipment, the client should conduct periodic physical inventories (inspections) and compare them with the equipment subsidiary ledgers. A basic control is to compare the recorded accountability with existing assets at reasonable intervals. This physical inspection is especially appropriate when the client is, for example, a construction firm that owns expensive mobile equipment and permits field supervisors to authorize disposals.
Which of the following statements is correct regarding internal control?
An inherent limitation of internal control is that controls can be circumvented by management override.
Because of its inherent limitations, internal control can be designed and implemented to provide only reasonable assurance that the entity’s objectives are met. Human judgment is faulty, and controls may fail because of human error. Furthermore, manual or automated controls can be circumvented by collusion, and management may inappropriately override internal control.
Which of the following procedures is an auditor most likely to include in the planning phase of a financial statement audit?
Obtain an understanding of the entity’s risk assessment process.
An auditor should obtain an understanding of the entity’s risk assessment process and the other components of internal control when obtaining an understanding of the entity and its environment, including its internal control (AU-C 315).
Which of the following best describes an inherent limitation that should be recognized by an auditor when considering the potential effectiveness of internal control?
Controls, whether manual or automated, whose effectiveness depends on segregation of duties can be circumvented by collusion.
One of the inherent limitations of internal control is that it can be circumvented by collusion among persons both within and outside the entity. Thus, a control based on segregation of duties will be ineffective if a person in a position to commit fraud colludes with a person who can conceal it.
An auditor who uses the work of an auditor’s external specialist may refer to and identify the specialist in the auditor’s report if the
Auditor expresses a qualified opinion or an adverse opinion related to the work of the specialist.
The auditor may refer to an auditor’s external specialist only if the opinion is modified. A modified opinion is a qualified opinion, adverse opinion, or a disclaimer of opinion. The reference is made because it is relevant to understanding the modification. An auditor’s report with such a reference should state that it does not reduce the auditor’s responsibility (AU-C 620).
The normal sequence of documents and operations on a well-prepared systems flowchart is
Top to bottom and left to right.
The direction of flow in the normal sequence of documents and operations on a well-prepared systems flowchart is from top to bottom and from left to right.
In using the work of an auditor’s external specialist, an agreement should exist between the auditor and the specialist as to the nature of the specialist’s work. This agreement most likely should include
The applicability of the same confidentiality requirements to the auditor and the specialist.
The agreement should be documented and should cover (1) the nature, objectives, and scope of the work; (2) the roles of the auditor and specialist; (3) the nature, timing, and extent of communications between the auditor and specialist; and (4) the need for the specialist to observe confidentiality requirements. The agreement between the auditor and the auditor’s external specialist generally is documented in an engagement letter. A matter that should be included is the need for the confidentiality provisions of the relevant ethical requirements that apply to the auditor also to apply to the specialist. For example, a member of the AICPA may use a third-party service provider to render professional services to clients. The member should have a contract with the third-party service provider to maintain the confidentiality of the information (Ethics Ruling). Other requirements may be imposed by law or regulation.
During the audit of a new client, the auditor determined that management had given illegal bribes to municipal officials during the year under audit and for several prior years. The auditor notified the client’s board of directors, but the board decided to take no action because the amounts involved were immaterial to the financial statements. Under these circumstances, the auditor should
Consider withdrawing from the audit engagement and disassociating from future relationships with the client.
If the client does not take the remedial action the auditor deems necessary, the auditor should consider withdrawal from the engagement even when the illegal bribes are not material. The auditor should determine (1) the effects on the ability to rely on management’s representations and (2) the possible results of continued association with the client. The auditor may wish to seek legal advice (AU-C 250).
Which of the following questions would an auditor most likely include on an internal control questionnaire for notes payable?
Are direct borrowings on notes payable authorized by the board of directors?
Control is enhanced when different persons or departments authorize, record, and maintain custody of assets for a class of transactions. Authorization of notes payable transactions is best done by the board of directors.
Which of the following circumstances is most likely to cause an auditor to change an assessment of the risk of material misstatement of the financial statements due to fraud?
Unusual discrepancies between the entity’s records and confirmation replies.
An auditor’s assessment of fraud risks must be ongoing. Conditions may be encountered during the field work that support or change the auditor’s judgments. An example of such a condition is “unusual discrepancies between the entity’s records and confirmation replies” (AU-C 240).
The Sarbanes-Oxley Act limits the nonaudit services that an audit firm can provide to issuer audit clients. Which of the following services is still an allowable service that an auditor may provide to an issuer client?
Tax compliance services.
The Sarbanes-Oxley Act prohibits audit firms from providing consulting, legal, internal auditing, and other specified services to issuer audit clients. Moreover, any other service may be prohibited by the PCAOB. Audit firms may provide other nonaudit services, such as conventional tax planning and compliance services, to issuer audit clients. However, the audit committee must preapprove these other nonaudit services to be provided by the auditor.
An auditor uses the audit evidence provided by the understanding of internal control and the assessment of the risks of material misstatement to determine the nature, timing, and extent of
Further audit procedures.
The auditor uses the understanding of internal control and the assessment of the RMMs to design further audit procedures. These include tests of controls, if relevant, and substantive procedures.
In assessing whether to accept a client for an audit engagement, a CPA should consider the
Client’s business risk:
CPA’s business risk:
Yes
Yes
Before accepting an engagement, the CPA should consider the risks of being associated with the client. Auditor business risk relates to potential loss or injury to the auditor’s professional practice from litigation and adverse publicity from the relationship with the client. The successful outcome of an audit and the ability to control auditor business risk often depends on the client’s business risk. The auditor’s understanding of the entity’s business risks increases the likelihood of identifying risks of material misstatement. Thus, QC 10 states that policies and procedures should be established regarding acceptance and continuance of clients and specific engagements. They should provide reasonable assurance that the firm will undertake or continue relationships only when it does not have information leading to the conclusion that the client lacks integrity.