1.18.19 Flashcards
Which of the following factors most likely would cause a CPA to decide not to accept a new audit engagement?
Management’s disregard of its responsibility to maintain an adequate internal control environment.
The control environment is the foundation for all other control components. It provides discipline and structure, sets the tone of the organization, and influences the control consciousness of employees. A precondition of an audit is management’s acknowledgment of its responsibilities for internal control relevant to financial reporting. Internal control should enable the preparation and fair presentation of financial statements that are free from material misstatement due to fraud or error. However, management’s disregard of this responsibility may raise doubts about the auditability of the financial statements and the integrity of management.
A company’s labor distribution report requires extensive corrections each month because of labor hours charged to inactive jobs. Which of the following data processing input controls appears to be missing?
Validity test.
Validity tests are used to ensure that transactions contain valid transaction codes. Before hours are assigned to a job, a programmed control should determine that the job code is active.
Fraudulent use of corporate credit cards will be minimized by which of the following controls?
Subjecting credit card charges to the same expense controls as those used on regular company expense forms.
Credit card charges should be controlled in much the same manner as expense accounts and other expense reports, including use of limitations on specific kinds of expenditures. These charges should be compared with supporting documentation, such as receiving reports and invoices.
During the course of an audit, an auditor required additional research and consultation with others. This additional research and consultation is considered to be
An appropriate part of the professional conduct of the engagement.
The Code of Professional Conduct states that in many cases additional research and consultation with others may be necessary during an engagement. The auditor should not undertake the engagement unless (s)he has or expects to gain the knowledge to complete the audit with professional competence.
Which of the following statements best describes why an auditor would use only substantive procedures to evaluate specific relevant assertions and risks?
Testing the operating effectiveness of the relevant controls would not be efficient.
The assessment of risks is a basis for choosing the audit approach. The risk assessment procedures may not identify effective controls for the relevant assertion, or testing controls may be inefficient. In these cases, the auditor may wish to use a substantive audit approach.
Which of the following statements reflects an auditor’s responsibility for detecting fraud and errors?
An auditor should design the audit to provide reasonable assurance of detecting fraud and errors that are material to the financial statements.
The auditor has a responsibility to plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatements, whether caused by fraud or error. Thus, the auditor should (1) identify and assess the risks of material misstatement due to fraud at the financial statement and assertion levels, (2) obtain sufficient appropriate audit evidence regarding those risks through implementing responses, and (3) respond to identified fraud or suspected fraud. Moreover, the consideration of fraud should be logically integrated into the overall audit process in a manner consistent with other pronouncements, e.g., those on (1) planning and supervision, (2) audit risk and materiality, and (3) internal control.
For which of the following computer-assisted auditing techniques does the auditor use a controlled program?
Parallel simulation.
Parallel simulation is a test of the controls in a client’s application program. An auditor-developed program is used to process actual client data, and the output and exceptions report is compared with those of the client’s application program. If the client’s programmed controls are operating effectively, the two sets of results should be reconcilable.
Fact Pattern: A sales transaction record designed to contain the information presented below. 1-10 Customer account number 11-30 Customer name 31-38 Amount of sale 39-44 Sales date 45-46 Store code number 47-49 Sales clerk number 50-59 Invoice number
If the last letter of a customer’s name is erroneously entered in column 31, which of the following is most likely to detect the error during an input edit run?
A field check.
The erroneous entry of a customer’s name into the field that should contain the amount of the sale is detected by a field check. This control identifies an alphabetic character in a field that should contain only numeric characters.
CPAs are required to complete engagements competently. Competence includes all of the following except
An unbiased mental attitude.
The Code requires the CPA to maintain an unbiased mental attitude. A member in public practice must be independent in the performance of professional services as required by standards issued by bodies designated by Council.
Which of the following factors would most likely be considered an inherent limitation to an entity’s internal control?
Human judgment in the decision making process.
Human judgment is faulty, and controls may fail because of simple error or mistake. For example, design changes for an automated order entry system may be faulty because the designers did not understand the system or because programmers did not correctly code the design changes. Errors also may arise when automated reports are misinterpreted by users. Furthermore, manual or automated controls can be circumvented by collusion, and management may inappropriately override internal control.
Quality control policies and procedures should be relevant, adequate, effective, and complied with. This statement is most closely associated with the quality control element of
Monitoring.
Monitoring provides reasonable assurance that policies and procedures related to the system of quality control are relevant, adequate, operating effectively, and complied with. The objectives of monitoring these policies and procedures are to evaluate (1) compliance with professional standards and legal requirements, (2) the design and effectiveness of the quality control system, and (3) whether appropriate reports are issued (QC 10).
Which of the following most likely would not be considered an inherent limitation of the potential effectiveness of an entity’s internal control?
Incompatible duties.
Internal control has inherent limitations. The performance of incompatible duties, however, is a failure to assign different people the functions of authorization, recording, and asset custody, not an inevitable limitation of internal control. Segregation of duties is a category of control activities.
What information would the auditor expect to find in the data dictionary that would assist in a payroll application audit?
Programs that access the data.
The data dictionary is a file (possibly manual but usually computerized) in which the records relate to specified data items. It contains definitions of data records and files and the list of programs used to process them. Only certain persons or entities are permitted to retrieve data or to modify data items. Accordingly, these access limitations are also found in the data dictionary.
Which of the following actions should the auditor take in response to discovering a deviation from the prescribed control?
Make inquiries to understand the potential consequence of the deviation.
Once a deviation is discovered by an auditor, (s)he should investigate it further by making inquiries to understand the potential consequences of the deviation.
Which of the following information that comes to an auditor’s attention most likely would raise a question about noncompliance with laws and regulations?
The discovery of unexplained payments made to government employees.
According to AU-C 250, the discovery of unexplained payments made to government officials or employees is specific information that may raise a question about possible noncompliance with laws and regulations.
