1
Q
A quality control system consists of:
A
policies and procedures designed, implemented, and maintained to ensure that the firm complies with professional standards and appropriate legal and regulatory requirements and that any reports issued are appropriate in the circumstances
2
Q
The nature and extent of a CPA firm’s quality controls depend on what factors?
A
size of the firm, the degree of operating autonomy allowed its personnel and its practice offices, the nature of its practice, its organization, and appropriate cost-benefit considerations
3
Q
When assigning personnel to an engagement, the firm should consider the following factors in achieving a balance of engagement manpower requirements, personnel skills, and individual development and utilization:
A
- engagement size and complexity
- personnel availability
- special expertise required
- timing of the work to be performed
- continuity and periodic rotation of personnel
- opportunities for on the job training
4
Q
Primary purpose of a second partner review is to ensure that:
A
The FS are in accordance with GAAP
5
Q
Policies and procedures should be established for deciding whether to accept or continue a client in order to:
A
minimize the likelihood of association with a client whose management lacks integrity
6
Q
The AICPA’s Statements on Quality Standards asset that professional development policies and procedures should be established by the firm in order to:
A
provide reasonable assurance that personnel will have the knowledge required to perform their work and progress within the firm
7
Q
the six interrelated elements of quality control
A
- Human Resources,
- engagement/client acceptance and continuance,
- leadership responsibilities,
- performance of the engagement,
- monitoring, and
- ethical requirements (professional skepticism)
8
Q
Statements of Quality Control Standards (SQCS) are issued:
A
to provide guidance with respect to audit quality control. These standards indicate that the nature and extent of a firm’s quality control policies and procedures are directly tied to its organizational structure.
9
Q
By maintaining a comprehensive system of quality control in relation to its organizational structure, the CPA firm would:
A
provide reasonable assurance that its professional services conform to the SQCS (statements of quality control standards)
10
Q
two Examples of a policies and procedures for human resources.
A
assigning personnel to engagements, maintaining personnel files containing documentation related to the evaluation of personnel
11
Q
Why are policies and procedures for Human Resources important?
A
they provide reasonable assurance that the persons assigned will have the technical training and proficiency required to perform their work and progress within the firm
12
Q
Procedures for reviewing audit documentation and engagement reports are established to ensure:
A
that the work performed meets the firm’s quality standards. relates to the control element of performance
13
Q
Requiring personnel to adhere to the applicable independence rules related to the quality control element of:
A
ethical requirements
14
Q
Example of a policy and procedure of the monitoring element of quality control:
A
peer review
15
Q
Three requirements stated in PCAOB standards to be documented by the engagement quality reviewer
A
- identification of the documents reviewed by the engagement reviewer and others who assisted the reviewer
- the date on which the engagement quality reviewer provided concurring approval of issuance
- identification of the engagement quality reviewer and others who assisted the reviewer.
16
Q
Audit documentation should include: (3)
A
- which members of the audit team performed and reviewed the audit work
- demonstrate compliance with the standards of fieldwork
- be sufficient to enable members of the audit team with supervisory responsibilities to understand the nature, timing, extent, and results of auditing procedures (the work performed and the evidence obtained)
17
Q
The permanent (continuing) file of audit documentation includes:
Also, give examples:
A
items with continuing audit significance.
debt agreements, lease agreements, bond indenture agreements, flowchart of internal control
18
Q
Examples of current audit documentation include: (3)
A
- attorney letters
- bank statements
- lead schedules
19
Q
Audit documentation serves mainly to provide: (4)
A
- the principal support for the auditor’s report
- assistance in the planning, conduct, and supervision of the audit
- accountability
- useful information
20
Q
The working trial balance generally contains a column for:
A
adjustments and reclassifications
21
Q
Audit objectives and assertions are contained in:
A
the audit plan
22
Q
Factors affecting the nature and extent of the audit documentation include: (6)
A
- the risk of material misstatement
- the extent to which judgement was required in performing the work and evaluating the results
- the nature of the specific auditing procedures
- the significance of the evidence obtained
- the nature and extent of any problems identified
- the need to document conclusions that may not be obvious
23
Q
The quantity, type, and content of Audit Documentation vary with circumstances, but it should be sufficient to show:
A
that the accounting records agree or reconcile with the financial statements
24
Q
An engagement letter summarizes:
A
the timing and details of the auditor’s planned field work
25
Two methods that might be used to assist the auditor in obtaining an understanding of internal control:
flowcharts and internal control questionnaires
26
The documentation completion date is defined as: (3)
1. 45 days from the report release date, based on PCAOB standards. (issuer)
2. 60 days from the report release date, based on auditing standards (nonissuer)
3. the date after which existing documentation must not be deleted, and additions to the documentation file must be documented as such
27
The report release date: (3)
1. used to define the beginning of the retention period
2. the date on which the report is delivered to the client
3. the date on which the auditor grants the client permission to use the report
28
The required retention period (how long the firm keeps client documents) under PCAOB standards and auditing standards
5 to 7 years
29
Reviewing audit work papers allows a supervisor to: (3)
1. understand the work performed and the evidence obtained
| 2. evaluate whether the audit was adequately performed
30
Audit documentation comprises the principal record of: (3)
1. audit procedures performed
2. evidence obtained
3. conclusions reached
31
If additional evidence is required to document significant findings or issues, the original evidence:
is supplemented by the additional evidence and not deleted.
32
The management representation letter is where:
the client asserts that all material matters have been adequately disclosed to the auditor
33
Who has ownership of the audit working papers?
CPA firm that performed the audit
34
Required documentation of an audit in accordance with GAAS: (3)
1. engagement letter
2. written audit program describing procedures performed
3. auditor's assessment of the risk of material misstatement
35
The ________ _______ is the foundation for all other components of internal control.
control environment
36
successor auditor inquiring to the predecessor includes:
specific questions, facts that might bear on the integrity of management; disagreements with management as to accounting principles, auditing procedures, or other similarly significant matters; communications with those charged with governance regarding fraud, acts of noncompliance with laws and regulations, and matters relating to internal control; and the predecessors understanding to the reason for change in auditors
37
Examples of what is in an engagement letter: (3)
1. arrangements to contact to predecessor auditor
2. fees for services
3. the audit provides reasonable assurance of the detection of errors but audit risk does exist
38
Which party should initiate the communication? successor auditor, client, or predecessor auditor?
successor auditor after getting permission from client
39
An auditor may consider obtaining an additional engagement letter when:
1. a separate report is issued for the component
2. legal requirements regarding the appointment of the auditor
3. the degree of independence for the component management form the parent entity
40
The auditor is required to establish an understanding with the client, and this understanding should:
1. be documented in the form of an engagement letter
2. encompass management's responsibilities, which include providing the auditor with a representation letter at the conclusion of the engagement
41
A successor auditor can review a predecessor's _____ but not ________.
work papers, engagement letter.
42
Prior to commencing field work, the auditor would likely discuss with management:
any assistance desired from client staff
43
One of the auditor's responsibilities is to ensure that those charged with governance are aware of:
any significant deficiencies in internal control that come to the auditors attention
44
Prior to commencing fieldwork, an auditor would establish an understanding with the client as to the:
1. services to be performed
| 2. overall audit strategy
45
Prior to commencing fieldwork, the understanding the auditor establishes with the client may include:
arrangements involving the conduct of the engagement, such as timing, client assistance, and the availability of documents
46
Determining existing fraud risk factors is generally made during what stage of the audit?
fieldwork
47
Identification and evaluation of control weaknesses generally occurs in what stage of the audit?
fieldwork
48
An independent auditor may accept an engagement after the close of the fiscal year as long as:
he or she can address any limitations resulting from accepting the engagement at this time
49
making a preliminary judgment about materiality is a part of what stage?
planning
50
If the predecessor auditor refuses to give the current auditor of a nonissuer access to the documentation, the current auditor should:
review the risk assessment of the opening balances of the FS
51
_____ is usually agreed upon before implementation of the audit strategy
timing
52
An understanding with the client should be established regarding management's responsibilities, which include:
establishing and maintaining effective internal control over financial reporting
53
inadequate financial records may preclude the auditor from obtaining:
sufficient appropriate audit evidence
54
Describe the timing of the predecessor / successor communications:
Must communication before the successor excepts the engagement (talk about managements integrity). May communicate after accepting the engagement (talk about continuing accounting or audit significance).
55
Contingencies have continuing significance as they may:
continue to affect the current year financial statements (either by remaining as contingencies or by being resolved)
56
Balance sheet accounts from prior year have continuing significance because:
they are opening balances for the current year
57
Matters that may facilitate the evaluation of financial reporting consistency between the current and prior years should be discussed:
with the predecessor auditor after accepting audit the engagement
58
Disagreements between the predecessor auditor and management as to significant accounting policies and principles should be discussed:
with the predecessor auditor prior to accepting the engagement
59
If the accountant concludes that there is reasonable justification to change the engagement, the accountants review report should:
not include reference to the original engagement, to any auditing procedures that may have been performed, or to the scope limitation that resulted in the changed engagement
60
When an auditor is requested to change the engagement from an audit to a compilation, the auditor must consider:
the effort needed to complete the audit, the cost of completing the audit, and the reasons for the client's request
61
Part of the assistants responsibility is to:
properly evaluate audit results, and the in-charge auditor would likely discuss this with them.
62
To obtain an understanding of a continuing client's business in planning an audit, an auditor most likely would:
review prior-year audit documentation and the permanent file for the client
63
Each assistant should have a right to:
document her disagreement if she believes it is necessary to be disassociated from the resolution of the matter
64
Impartial peer review teams are primarily concerned with:
determining whether quality control policies and procedures are being effectively applied
65
During the ______ stage, matters that may affect the audit should be discussed with the firm personnel responsible for non-audit services to the entity
planning
66
A decrease in the amount of misstatements that the auditor can tolerate will cause the auditor to:
modify the nature, timing, or extent of auditing procedures. Performing the planned procedures closer to the balance sheet date.
67
A decrease in the amount of misstatements that can be tolerated would ____ the extent of auditing procedures
increase
68
In designing a written audit plan, an auditor should establish:
specific audit objectives that relate to the FS assertions
69
In developing an overall audit strategy, an auditor should consider:
preliminary evaluations of materiality, audit risk, and internal control
70
Which element of quality control does this policy represent: Personnel will receive an annual evaluation of performance and career development
Human Resources
71
Which element of quality control does this policy represent: Engagement documentation will be filed with document control. Document control will only release documentation to approve personnel
performance of engagement
72
When audit procedures are performed before year-end, the auditor must assess:
the incremental risk involved and determine whether sufficient alternative procedures exist to extend the interim conclusions to year end
73
According to PCAOB standards, a centralized accounting function is indicative of:
less complex operations
74
The extent of supervision should be determined after taking into account:
the nature of the company, the nature of the work assigned to each engagement team member, the risk of material misstatement, and the knowledge, skill and ability of each engagement team member
75
Inherent risk should be _____ in order to test substantively at interim
low
76
Primary internal control planning objectives of an auditor at a financial statement audit:
1. identify types of potential material misstatements
2. consider factors that affect the risk of material misstatements
3. design effective substantive tests
77
In assessing the objectivity of internal auditors, the independent CPA who is auditing the entity's financial statements considers:
information obtained from pervious experience, from discussions with management, from external quality reviews (if performed), and from professional internal auditing standards (developed by the institute of internal auditors)
78
The internal auditors' work may affect the NET of the audit, including procedures the auditor performs when:
obtaining an understanding of internal control, assessing risk, performing substantive procedures
79
The work of a management specialist who has a relationship with a client:
may be acceptable under certain circumstances
80
If the management specialist has a relationship with the client, the auditor should:
assess the risk that the specialist's objectivity might be impaired
81
If the auditor believes that the relationship might impair the management specialist's objectivity, the auditor should:
perform additional procedures with respect to the specialist's assumptions, methods, or findings to determine that the findings are not unreasonable or should engage another specialist for that purpose
82
In making judgements about the extent of the effect of the internal auditor's work on the auditor's procedures, the auditor considers:
the materiality of the financial statement amounts, the risk of material misstatement of the assertions related to these financial statement amounts, the degree of subjectivity involved in the evaluation of the audit evidence gathered in support of the assertions.
83
As the degree of subjectivity increases, the need for the auditor to perform tests of the assertions _____
increases
84
Internal auditors may assist the auditor in: obtaining an understanding of its:
obtaining an understanding of its internal control, performing tests of controls, performing substantive tests
85
Although the appropriateness and reasonableness of methods or assumptions used and their application are the responsibility of the specialist, the auditor should:
obtain an understanding of the methods or assumptions used in order to determine whether the findings are suitable for corroborating the representations in the FS
86
Because the auditor has the ultimate responsibility to express an opinion on the financial statements, what should always be those of ONLY the auditor? (4)
judgements about assessments of risk, the materiality of misstatements, the sufficiency of tests performed, the evaluation of significant accounting estimates, and other matters affecting the auditor's report
87
The independent auditor (can/cannot) share responsibility on the judgements of inherent risk and control risk with the internal auditor
cannot
88
In evaluating the work of internal auditors, the independent auditor should examine on a test basis, documentary evidence of the work performed by internal auditors and should consider such factors as:
whether the scope of the work is appropriate, the audit plan is adequate, audit documentation, adequately documents work performed, conclusions reached are appropriate in the circumstances, and any reports prepared are consistent with the results of work performed
89
An auditor who uses the work of a specialist may refer to the specialist in the auditor's report if:
as a result of the work performed by the specialist, the auditor adds explanatory language to or departs from an unmodified opinion
90
What would assist an independent auditor in assessing the objectivity of the internal auditor?
the organizational level to which the internal auditor reports
91
Considering the policies that prohibit the internal auditors from auditing areas where they were recently assigned. Is the auditor assessing objectivity or competence?
objectivity
92
An auditor is most likely to rely on work done by internal auditors for FS amounts judged by the auditor to require:
little to no subjectivity evaluated audit evidence
93
The _____ audits would cover more areas in greater depth than those of ______ auditors.
internal, independent
94
Is a tax expert employed by the auditor's CPA firm reviews the client's tax accruals using the work of a specialist? why?
No, the experts skills are in accounting
95
the auditor engages a lawyer to interpret the provisions of the complex contract. is this using the work of the specialist?
yes
96
GAAS defines a specialist as:
a person or firm with special skills in a field other than accounting or auditing
97
Examples of specialists:
actuaries, appraisers, attorneys, engineers
98
The independent auditor most likely would consider that the audit committee reviews employment decisions related to the director of internal auditing when assessing:
the objectivity of the internal auditor
99
The auditor would most likely use what to determine preliminary judgement about materiality?
entity's FS of the prior year
100
Because the FS are interrelated, materiality levels are generally considered in terms of:
the smallest level of misstatement that could be material to any one of the FS
101
an increase in materiality levels would result in a ______ in audit risk
decrease
102
The auditor believes there is a high likelihood of uncorrected and infected misstatements. Therefore, she most likely will use a percentage closer to:
the lowest end of the range provided in firm guidance
103
overall materiality equals:
applicable benchmark x applicable percentage
104
performance materiality equals:
overall materiality x applicable percentage
105
Test of transactions involve:
selecting specific transactions and evaluating whether they were properly recorded
106
Test of details are audit procedures used to:
gather evidence to support specific account balances
107
Test of controls are performed to:
evaluate the effectiveness of controls
108
The auditor would consider the turnover of accounting personnel when:
assessing control risk and when considering appropriate disclosure
109
When performing ______ ______ during planning, the auditor considers relevant non financial information, when generally is related to financial data in some way
analytical procedures
110
A requirement during planning is to perform analytical procedures, which involve:
comparisons of recorded amounts to expectations
111
Analytical procedures used in planning the audit should focus on:
1. enhancing the auditor's understanding of the client's business and transactions and events that have occurred since the last audit date
2. identifying areas that may represent specific risks relevant to the audit
112
The auditor should obtain an understanding of the entity and its environment sufficient to assess:
the risk of material misstatement and to design and perform further audit procedures
113
The objective of performing analytical procedures during planning is to:
discover unusual transactions or events that may have an impact on the planning of the financial statement audit
114
The understanding of the entity's business enables the auditor to better understand:
events, transactions, and practices that may affect the FS, to plan and perform appropriate audit tests, and to properly understand and evaluate the results of those tests
115
an understanding of internal control relevant to what is neccesary in a FS audit?
an entity's financial reporting objective is necessary as part of audit planning
116
If the auditor spots a significant increase in net income then what exception of recorded amounts would be unreasonable?
a decrease in retained earnings
117
If a person is the authorized representative of management and the board of directors then the auditor should address the engagement letter to:
the authorized person
118
If management and the board of directors both take responsibility of the FS then the engagement letter states:
both of them are responsible
119
The auditor report is addressed to:
entity's board of directors
120
The federal reserve announces that they will continue to keep interest rates low. This ____ audit risk.
decreases
121
What procedures would provide an auditor with evidence about whether an internal control activities are suitable to prevent or detect material misstatements?
Observation of entity personnel applying the activities
122
What procedures may be used to evaluate the design of controls:
observation and inspection
123
Reperforming control activities provides the auditor with evidence about:
the operating effectiveness of special control activities
124
Examples of control activities:
segregation of duties, safeguards over access to assets, computer-based controls
125
What factors does the control environment represent: (5)
managements philosophy and operating style, the entity's organizational structure, the participation of those charged with governance, methods of assigning authority and responsibility, and human resource policies and practices
126
The auditor should obtain sufficient knowledge of the client's info system relevant to financial reporting to:
understand the types of transactions processed, and how the transactions are intimated, recorded and summarized
127
An entity's information system supports:
the identification, capture, and exchange of information
128
Included in the information system relevant to financial reporting is:
the preparation of significant accounting estimates
129
"Substance over form" concerns relate to:
controls that appear on the surface to exist but in reality are not operating effectively
130
When obtaining an understanding of a client's internal controls, an auditor should concentrate on:
the substance of controls rather than the form because even when appropriate procedures are established, management may not enforce compliance
131
In every audit, the auditor should obtain a sufficient understanding of the design of relevant internal controls pertaining to:
financial reporting in each of the five internal control components
132
The control environment element of an entity's internal control relates to:
the tone of the organization
133
What is a primary criterion that should be considered in designing internal control?
cost-benefit relationship
134
Knowledge about the design and implementation of relevant internal controls should be used to identity:
types of potential misstatements that could occur.
135
Assessment of control risk (and documentation of that assessment) must be based on:
test of controls
136
In obtaining an understanding of an entity's internal control, an auditor is required to obtain knowledge about what? what is the auditor not required to obtain knowledge about?
1. design of controls and how they have been implemented
| 2. operating effectives of controls
137
Examples of important controls related to financial reporting:
1. compliance with income tax regulations, use of password s to limit data access, and generation of reports to facilitate variance analysis
138
Procedures to reduce inefficiency on the production line relate to:
operational objectives
139
IF a budgetary reporting system provides adequate reports, but the reports are not analyzed and acted upon:
the control has been implemented but is not operating effectively
140
Services performed by another organization are not considered to be part of the client's information system if the services provided are limited to:
executing transactions that are specifically authorized by the client
141
Service organization's services are part of an entity's information system if:
they affect the initiation, processing, or reporting of the entity's transactions
142
_____ controls would be more suitable for situations with routine errors that can be predicted and corrected
automated
143
_____ controls would be more suitable for large, unusual, and nonrecurring transactions
manual
144
______ controls would be more suitable for circumstances that require a high degree of accuracy
automated
145
______ controls would be more suitable for high-volume transactions that require additional calculations
automated
146
General controls are:
policies and procedures that relate to many applications and support the effective functioning and proper operation of the information system
147
____ controls include procedures to ensure appropriate systems software acquisitions
general
148
_____ controls help assess the quality of internal control
monitoring
149
_____ controls relate to safeguarding assets
physical
150
Application controls apply to the processing of individual transactions and help to ensure that:
transactions occurred, are authorized, and are completely and accurately processed and reported
151
______ follows a transaction from its origination until it is reflected in the FS
walkthrough
152
Walkthrough procedures include:
inspection, inquiry, observation, recalculation, and/or control reperformance
153
Inadequate segregation of duties implies that the system of internal control:
wasn't properly designed
154
_____ ____ may result in an inappropriate application of properly designed controls
human error
155
Proper segregation of duties reduces the opportunities for:
any individual to both preptrate and conceal errors or fraud
156
Proper serration of duties involves assigning different people the responsibilities of:
authorizing transactions, recording transactions, and maintaining custody of the related assets
157
An inherent limitation of internal control exists when:
although good controls are instituted, management can override those controls
158
The suitability of the client's lines of reporting is an important part of the:
organizational structure
159
The more _____ the IT system, the more _____ the documentation
complex, extensive
160
The best compensating control for the lack of segregation of duties in small organizations is:
to have more management oversight in incompatible functions
161
An auditor most likely would consider what when evaluating the control environment of an audit client?
the management's operating style
162
Management reviews of monthly financial statements most likely be considered in evaluating:
control activities
163
The managements philosophy and operating style include the management's approach to:
taking and managing business risks, attitudes and actions toward financial reporting, and attitudes toward information processing and accounting functions and personnel
164
An auditor would most likely perform risk-assessment procedures to:
evaluate the design of relevant controls when obtaining an initial understanding of internal control sufficient to assess the risk of material misstatement of the FS
165
Test of controls are performed when the auditor's risk assessment is based on:
assumptions that controls are operating effectively or when substantive procedures alone are insufficient
166
The classes of transactions in the issuer's operations that are significant to the issuers FS are typically assessed when:
the auditor is obtaining an understanding of the information and communication component of internal control
167
Deliberate circumvention of controls by collusion of two or more people is an example of:
a limitation of internal control
168
A failure in internal control occurs when:
a control doesn't exist, isn't designed appropriately, or isn't operating effectively
169
An auditor would most likely be concerned with internal controls that provide reasonable assurance about:
the entity's ability to process and summarize financial data
170
An entity's objectives consist of:
financial reporting, operations, and compliance
171
Internal control over safeguarding of assets may relate to which objectives?
financial reporting and operations
172
Controls related to financial reporting include:
1. use of a lockbox system for collecting cash
| 2. passwords for limiting access to AR data files
173
Controls related to operations might include:
controls to prevent the excess use of materials in production
174
Control environment factors include:
1. communication and enforcement of integrity and ethical values
2. commitment to competence
3. participation of those charged with governance
4. management philosophy and operating style
5. organizational structure
6. assignment of authority, responsibility, and accountability
7. human resource policies and practices
175
An auditor evaluates an entity's risk assessment to:
understand how management addresses risks relevant to financial reporting
176
Control activities
policies and procedures that help ensure that management directives are carried out
177
The auditor obtains an understanding of the entity's information and communication system to understand:
how transactions are initiated, processed, and reported, the financial reporting process, and the means used by entity to communicate financial reporting roles and responsibilities
178
Monitoring is the process of:
assessing the quality of internal control performance over time and taking necessary corrective actions NOT eliminating a control that is operating effectively
179
Client records documenting the use of EDP programs would be a relevant item for an auditor to examine while determining if:
internal control is operating as designed
180
Embedded audit modules are:
1. sections of the application program code that collect transaction data for the auditor
2. usually built into the application program when the program is developed
181
Primary reason auditors hesitate to use embedded audit modules:
they are required to be involved in the system design of the application
182
In a paperless system, the CPA would most likely need to continuously monitor and analyze transaction processing to ensure:
that controls are operating effectively throughout the period under audit. an embedded audit module is one way to achieve this goal.
183
What procedure is used to monitor the authorization of transactions in all computerized systems?
verification of encrypted digital certificates
184
__________ uses test data commingled with actual data to test transactions
integrated test facility
185
_______ involves the client's input data processed through both the auditor's version of the clients program and the clients program and the output is compared
parallel simulation
186
Examples of input controls:
data entry monitor, input controls matrix
187
Test data consists of:
- "dummy" or fictious data run through the clients computer system under the auditor's control to test whether adequate controls exist over data processing
- only transactions that the auditor wishes to test is used
188
The objective of the test data approach is to:
test programs that the client uses to process data. Using different programs defeats the purpose of the test
189
It is (easier/harder) to access and alter microcomputer data files than manually prepared data files
easier
190
Microcomputer access security is difficult to maintain because:
of the increased number of data entry points and the potential ability to defeat access controls
191
1 benefit and 1 disadvantage of an automated system over a manual system regarding errors:
benefit: removal of random (computational) errors from the process
disadvantage: systematic errors are more common because pf reduced human involvement in processing
192
Example of test data:
discovery of invalid employee ID numbers
193
When using computers in an auditing task, audit documentation may not contain:
readily observable details of calculations
194
in order to review assistants work, a supervisor may have to:
examine the formulas used on the computer rather than simply examining the audit documentation
195
The assessment of control risk is based on:
auditor's judgement. (a computer cannot replace auditor judgement in assessment)
196
A generalized audit software package (GASP) is used:
to perform tests directly on a clients system
197
Tasks typically performed by generalized audit software package (GASP) include:
1. selecting items that meet specified criteria
2. recalculating amounts and totals
3. performing statistical analysis of data
198
When performing test data, if the client's program is operating effectively, it should:
generate the same results determined previously by the auditor
199
_________ contains the types of valid and invalid conditions in which the auditor is interested
test data
200
An integrated test facility utilizes:
dummy (simulated) accounts
201
Using ___________, test data is initially commingled with live data, but coding to a dummy (simulated) account allows later extraction from the system of information on operating effectiveness of controls
integrated test facility approach
202
One of the primary benefits of using generalized audit software:
the ability to access client data stored in computer files without having a detailed understanding of the client's hardware and software features
203
_________ and _________ are controls embedded in client software applications to ensure accuracy
Self-check digits and hash totals
204
Generalized audit software is used to:
extract and analyze data, filter data to select items meeting specific criteria
205
Another word for random errors
computational errors
206
In computer audit applications, efficient and effective system usage requires:
1. identification of the appropriate audit tasks and
| 2. appropriate software to perform the selected audit tasks
207
Program code checking is:
the review of the client's program source code by a qualified IT/auditor specialist
208
________________ is a less common term used for parallel processing where the auditor writes a program to "reprocess" some or all of the client's live data
Controlled reprocessing of transactions
209
Frame relay protocol refers to:
the physical and logical link layers of digital communication channels using packet switching methodology
210
Remote node router is:
a device used to connect physical devices such as terminals and printers not connected to the main network
211
_______ is data that the auditor develops to test programmed controls
test data
212
If the client has a programmed control that requires a supervisory approval for transactions over $500, the auditor would then create________ to determine if the system would accept a transaction over $500 without a required supervisor password approval.
test data
213
Continuous performance of audit tests is required when:
financial data is processed electronically, without paper documentation, to ensure that controls are operating effectively thought out the period under audit
214
Use of computer assisted audit techniques typically allows:
a greater number of items to be tested at relatively little additional cost
215
Computer-assisted audit techniques (CAATs) are:
computer programs that allow auditors to test computer files and databases during an audit
216
When are computer-assisted audit techniques (CAATs) best to use?
when there is need to examine a lot of data in the computer files
217
When are manual techniques best to use?
- when assessing compliance with policies and procedures related to information security
- when verifying unrecorded legal liabilities
- reviewing approval of dividends
218
A policy for information security may be that all patient health care files need to be in a locked cabinet is an example of what?
assessing compliance with policies and procedures related to information security
219
What is performed by reviewing the response from the lawyer to the letter of inquiry
when verifying unrecorded legal liabilities
220
What is performed by reviewing the board of director meeting minutes for proper approval of the dividends
reviewing approval of dividends
221
Comparing the payroll transaction file to the employee master file to extract payments to employees who are not in the employee master file is a procedure for what?
testing completeness of the master file
222
obtaining statistics on the population of the payroll file to identify unusual pay amounts to employees is a procedure for what?
helping the auditor identify unusual pay amounts
223
Comparing Social Security numbers paid in the payroll transaction file to a file of government-authorized social security numbers is a procedure for what?
identify employees with invalid Social security numbers
224
The primary objective of procedures performed to obtain an understanding of the entity and its environment is to provide an auditor with:
knowledge necessary for risk assessment and audit planning
225
Documenting the deadlines for interim and final reporting are in the:
audit strategy
226
Board meeting minutes go in which file?
permanent file
227
________ are responsible for the timing of the audit
Both management and auditor
228
_______ are responsible for coordinating client assistance
Both management and auditor
229
internal audit function is part of the ______ component of internal control
monitoring
230
Adoption of new accounting principles is part of the ______ component of internal control
risk assessment
231
________ are used to present presentations and disclosures properly
information and communication
232
New personnel is part of the _______ component of internal control
risk assessment
233
incorporation of new technology is part of the ______ component of internal control
risk assessment
234
measurement and recording of proper monetary values is part of the ______ component of internal control
information and communication
235
The way in which significant events are captured by the accounting system is part of the ______ component of internal control
information and communication
236
operating performance reviews is part of the ______ component of internal control
information and communication
237
Corporate restructuring is part of the ______ component of internal control
risk assessment
238
the tile of the OCBOA report:
"Independent Auditor's report"
239
Although the audit strategy and audit plan are linked together, the _________, not the _______, outlines the nature timing, and extent of the audit procedures that will be performed by the auditors on the engagement
audit plan, not audit strategy
240
outlining reporting objectives, providing the scope of the audit, and providing a preliminary assessment of materiality and tolerable misstatement are primary functions of:
an audit strategy
241
Should the successor auditor request to review the predecessor's auditor documentation related to internal control?
yes
242
the auditor uses ______ at the relevant assertion level to test a client's material account balances, transaction classes, and disclosure items in the FS
substantive tests and tests of controls
243
The auditor's preliminary evaluations of materiality and audit risk will impact the:
focus of the audit (NOT the scope)
244
What would effect the scope of the audit?
- regulatory, statutory and industry specific reporting requirements
- any knowledge gained by auditor from prior audit experience with the client
- info tech of the client
245
Operating performance reviews are part of the________ of an organization.
control activities
246
____________ are used to capture and record significant events.
Information and communication systems
247
The auditor should consider timing when developing the audit strategy, which includes _________
he deadlines for interim and final reporting.
