2.2.19 Flashcards
An effective control that protects against the preparation of improper or inaccurate disbursements is to require that all checks be
Signed by an officer after necessary supporting evidence has been examined.
Checks for disbursements should be signed by an officer, normally the CFO, after necessary supporting evidence has been examined. The CFO should also be responsible for canceling the supporting documentation and mailing the signed checks and remittance advices. The documentation typically consists of a payment voucher, purchase order, receiving report, and a vendor invoice.
Before performing substantive procedures at an interim date, an auditor should
Consider the increased risk that period-end misstatements will not be detected.
Certain factors should be considered before substantive procedures are performed at interim dates. For example, the auditor should consider the risk that period-end misstatements are not detected by performing appropriate substantive procedures or a combination of tests of controls and substantive procedures to cover the remaining period.
Which of the following statements about the auditor’s response to assessed risks of material misstatement in a financial statement audit is true?
Risk assessment procedures performed to obtain an understanding of an entity’s internal control also may serve as tests of controls.
Performing risk assessment procedures to obtain an understanding of the entity and its environment involves, among other things, evaluating the design of controls and determining whether they have been implemented. Tests of controls evaluate their operating effectiveness in preventing, or detecting and correcting, material misstatements at the assertion level. Although risk assessment procedures and tests of controls differ, they may use the same types of procedures. Thus, the auditor may decide that it is efficient to test operating effectiveness and evaluate design and implementation at the same time. Furthermore, some risk assessment procedures may provide evidence about operating effectiveness. For example, the auditor may (1) inquire about the use of budgets, (2) observe comparison of budgets and actual results, and (3) inspect reports on the investigation of variances (AU-C 330 and AS 2301).
The procedure that best discourages the resubmission of vendor invoices after they have been paid is
The cancelation of vouchers by CFO personnel.
Canceling vouchers and supporting papers (with perforations, ink, etc.) upon payment prevents the payment of a duplicate voucher. If the person signing the check does the canceling, the documents cannot be recycled for duplicate payments. Securing the paid-voucher file from access by the accounts payable clerk is another effective control.
Which of the following is an aspect of scheduling and controlling the audit engagement?
Include in the audit plan a column for estimated and actual time.
The audit plan is a tool for scheduling and controlling the audit. It should contain a detailed set of procedures for accomplishing audit objectives, estimated times for each step, and the personnel required. Thus, it can be used to document the progress of the audit and the auditor’s compliance with requirements for planning and supervision.
When an auditor does not receive replies to positive requests for year-end accounts receivable confirmations, the auditor most likely would
Send the customer a second confirmation request.
When first requests for positive confirmation are not returned, the auditor should consider second requests. The requests should be authorized by the client and should ask the debtor to respond directly to the auditor.
Which of the following strategies most likely could improve the response rate of the confirmations of accounts receivable?
Include a list of items or invoices that constitute the customers’ account balances.
According to AU-C 505, the auditor should consider what respondents are most readily able to confirm so as to improve the response rate and the reliability of the evidence obtained. Thus, some customers may use a voucher system that facilitates responding to confirmation requests about individual invoices rather than the total balance.
Which of the following procedures is performed first for unreturned positive confirmations of accounts receivable?
Sending second requests for confirmation of accounts receivable.
Unreturned positive confirmations should be followed by second requests.
A service auditor’s report on internal control may be issued on management’s description of a service organization system and the suitability of the design of controls or management’s description of a service organization system and the suitability and operating effectiveness of controls. Which of the following is true about a type 1 report?
It should state that the auditor did not test the effectiveness of the controls.
A service auditor’s type 1 report should contain a statement that the auditor did not test the effectiveness of the controls.
The AICPA has issued additional guidance on service auditor reports. The term System and Organization Controls (SOC) report is used in this guidance. The reports obtained by the user auditor in an audit are called SOC 1 reports (type 1 or type 2). Service auditors also may prepare SOC 2 and SOC 3 reports to provide assurance on more than internal controls over financial reporting (e.g., security, availability, processing integrity, confidentiality, or privacy). SOC 2 reports are to be used by those identified in the report, and SOC 3 reports may be used by any user.
The standard AICPA form directed to financial institutions requests all of the following except
The principal amount paid on a direct liability.
The principal amount paid on a direct liability is not listed on the Standard Form to Confirm Account Balance Information with Financial Institutions. The auditor is not concerned with the amount of a liability already paid. The form confirms account number/description, balance, due date, interest rate, date through which interest is paid, and description of collateral.
In the accounting system of Apogee Company, the quantities counted by the receiving department and entered at a terminal are transmitted to the computer, which immediately transmits the amounts back to the terminal for display on the terminal screen. This display enables the operator to
Verify that the amount was entered accurately.
The display of the amounts entered is an input control that permits visual verification of the accuracy of the input by the operator. This is termed closed-loop verification.
When an accounting application is processed by computer, an auditor cannot verify the reliable operation of automated controls by
Manually reperforming, as of a moment in time, the processing of input data and comparing the simulated results with the actual results.
Manually reperforming, as of a moment in time, the processing of input data and comparing the simulated results with the actual results is auditing around the computer. The computer is treated as a black box, and only the inputs and outputs are evaluated. Because the actual controls may not be understood or tested, the technique is ordinarily inappropriate if the effectiveness of automated controls is important to the understanding of internal control and the assessment of control risk. Moreover, the auditor is concerned with the reliable operation of the controls throughout the audit period, not at a single moment in time.
Which approach to planning, performing, supervising, reviewing, and documenting internal audit activities distinguishes it from other monitoring controls that may be performed within the entity?
A systematic and discipline approach.
The application of a systematic and disciplined approach to planning, performing, supervising, reviewing, and documenting internal audit activities distinguishes it from other monitoring controls that may be performed within the entity.
Mill Co. uses a batch processing method to process its sales transactions. Data on Mill’s sales transaction file are electronically sorted by customer number and are subjected to programmed edit checks in preparing its invoices, sales journals, and updated customer account balances. One of the direct outputs of the creation of this file most likely would be a
Report showing exceptions and control totals.
Batch processing is useful for processing large volumes of data, especially when sorted in sequential order, for example, by customer number. Editing (validation) of data should produce a cumulative automated error listing that includes not only errors found in the current processing run but also uncorrected errors from earlier runs. Each error should be identified and described, and the date and time of detection should be given. The creation of the file also generates various totals that serve as controls over the accuracy of the processing.
Which of the following factors would least likely affect the form, content, and extent of audit documentation?
The medium in which it is recorded and maintained.
The medium used to prepare and maintain the audit documentation, e.g., paper or digital, does not affect its nature and extent. The form, content, and extent of documentation are determined by (1) the risks of material misstatement, (2) the extent of judgment involved in performing the work and evaluating the results, (3) the nature of the auditing procedures, (4) the significance of the evidence obtained, (5) the nature and extent of exceptions identified, (6) the need to document a conclusion or the basis for a conclusion, (7) audit methods, and (8) size and complexity of the entity.
