A3

Question 1

type of audit required for an issuer

Answer 1

integrated audit (F/S & I/C)

Question 2

Client Acceptance Policies

Answer 2

1. Firm’s Ability to Meet Reporting Deadlines
2. Firm’s Ability to Staff the Engagement
3. Independence
4. Integrity of Client Management
5. Group Audits

Question 3

Management Responsibilities for Audit

Answer 3

financials and internal controls

Question 4

Preconditions of an Audit

Answer 4

1. applicable financial reporting framework

2. management responsibilities

Question 5

What to do if there is a management imposed scope limitation

Answer 5

1. audit required by law or regulation (permitted but not required)
2. qualified opinion or circumstances beyond their control can result in acceptance

Question 6

3 Types of Fraud in Audit

Answer 6

1. financial statement
2. asset misappropriation
3. corruption

Question 7

Engagement Letter Contents

Answer 7

1. objective and scope of an audit
2. responsibilities of auditor
3. responsibilities of management
4. statement that because of the inherent limitations of an audit
5. identification of the applicable financial reporting framework
6. reference to the expected form and content of any reports

Question 8

Considerations for Initial Audit

Answer 8

1. MANDATORY: communication with the predecessor auditor
   * *examine workpapers
   * *disagreements
   * *management integrity
   * *reason for change in auditors
   * *client PERMISSION is needed
2. Auditor’s Responsibility
   * *opening balances could contain misstatements
   * *accounting policies have been consistently applied in the current period

Question 9

Responsibilities of Engagement Partner

Answer 9

1. planning the audit
2. supervising the work of engagement team members
3. compliance with relevant auditing standards

Question 10

Knowledge of the Client’s Business and Industry

Answer 10

• can accept engagement but then must obtain this knowledge
• tour client facilities
• review the financial history
• obtain an understanding of client accounting
• inquire of client personnel

Question 11

Developing the Audit Strategy

Answer 11

1. WRITTEN audit strategy
2. Scope of the Audit (Extent)
3. Reporting Objectives, Audit Timing, and Required Communications (Timing)
4. Factors that Determine the Focus of the Audit (nature)

Question 12

Factors that determine the focus of the audit

Answer 12

1. materiality
2. audit risk
3. internal controls

Question 13

PCAOB Standards for Audit Strategy

Answer 13

• knowledge of internal control
• matters affecting industry
• extent of recent changes
• preliminary judgments about materiality and risk
• control deficiencies previously communicated
• legal or regulatory matters
• complexity of the company’s operations

Question 14

Materiality for an Audit on the Financial Statements as a Whole

Answer 14

*should use the smallest level of misstatement that could be material to any one of the financial statements

Question 15

Communication with Those Charged with Governance in initial planning stages of audit

Answer 15

*planned scope and timing

Question 16

Developing the Audit Plan

Answer 16

• MUST BE WRITTEN
  1. audit procedures
• risk assessment procedures
• further audit procedures
• tests of controls
• substantive procedures
  2. financial statement assertions
  3. drafting the audit plan

Question 17

Financial Statement Assertions

Answer 17

C ompleteness
O cutOff
V aluation, allocation, and accuracy 
E xistence and occurence 
R ights and obligations 
U nderstandability and classification

Question 18

PCAOB Financial Statement Assertions

Answer 18

C ompleteness
E xistence 
O ccurence 
A llocation
P resentation
R ights 
O bligations
V aluation 
E
D isclosure

Question 19

Role of Client’s Internal Auditors

Answer 19

• cannot help in matter involving judgment and/or assessment
• the higher up they report, the more objective they are
• NOT independent

Question 20

Auditor’s Responsibility with Internal Auditors

Answer 20

*obtain understanding and assess competence and objectivity

Question 21

Use of Specialists when Auditing

Answer 21

• treat the specialist like one of your staff

* competence, capabilities, and objectivity

Question 22

Types of Misstatements

Answer 22

1. factual misstatements
2. judgmental misstatements
3. projected misstatements

Question 23

Audit Risk Model

Answer 23

AR = IR x CR x DR

Question 24

Can substantive procedures ever not be performed during an audit?

Answer 24

No

Question 25

3 Categories to which assertions apply

Answer 25

1. transactions
2. account balances
3. disclosures

Question 26

Fraud Triangle

Answer 26

1. pressure
2. opportunity
3. rationalization

Question 27

Auditor’s Responsibility when it comes to Fraud

Answer 27

• design audit to obtain reasonable assurance about whether the financial statements are free of material misstatement
• difficult to detect fraud due to the concealment aspects
• should discuss risks with engagement personnel

Question 28

PCAOB Standards for Fraud

Answer 28

*ask management and audit committee if they have received and responded to tips or complaints regarding the company’s financial reporting

Question 29

When are analytical procedures required during an audit?

Answer 29

1. planning

2. final review

Question 30

Does the absence of fraud risk factors mean that there is no fraud risk?

Answer 30

No

Question 31

Presumption of Risk in All Engagements

Answer 31

1. improper revenue recognition

2. management override of controls

Question 32

Items most susceptible to manipulation

Answer 32

1. high degree of management judgment and subjectivity

2. highly complex accounting principles

Question 33

Levels to Respond to Assessed Fraud Risk

Answer 33

1. general response
2. response encompassing specific audit procedures
3. response addressing risks related to management override
   significant risks? withdraw

Question 34

Communications of Fraud to Management/Those Charged with Governance

Answer 34

*report to management at least one level above those involved

Question 35

Instances where third party disclosure is necessary regarding fraud

Answer 35

1. comply with certain legal and regulatory requirements
2. to a successor auditor when the successor makes inquiries with permission of client
3. response to a subpoena
4. funding agency or other specified agency for clients that receive governmental financial assistance
5. authorities in some circumstances

Question 36

Auditor’s Consideration of Noncompliance

Answer 36

obtain understanding of

1. legal and regulatory framework
2. how the entity is complying with that framework

Question 37

Reporting Noncompliance in the Auditor’s Report

Answer 37

1. material effect = GAAP = except for or adverse
2. insufficient evidence = GAAS = except for or disclaimer
3. client response/refuse = GAAS = withdraw

Question 38

Assessing the Risks of Material Misstatement

Answer 38

I nternal control understanding 
M aterial misstatement risks 
A assessed level of risk response 
C ontrol testing
P erform substantive testing 
A udit evidence - evaluate appropriateness and sufficiency

Question 39

Two Procedures Necessary in Every Audit

Answer 39

1. analytical procedures
2. risk assessment procedures

*test of operating effectiveness of controls is NOT required

Question 40

Risk Assessment Procedures

Answer 40

• perform analytical procedures
• conduct a discussion among engagement team members
• inquire of the audit committee and management about the RMM
• inquiries
• observation and inspection

Question 41

Required Documentation for Assessing RMM

Answer 41

• discussion among audit team
• key elements of the understanding of the entity and its environment
• the assessment of the risks of material misstatement
• identified risks and related controls evaluated by the auditor
• more complex = more extensive = more documentation

PCAOB = include assessment on particular locations (CPI)

Question 42

Five Components of Internal Control

Answer 42

*COSO framework

C ontrol environment 
R isk assessment 
I nformation and communication systems 
M onitoring 
E xisting control activities 

*think of pyramid

Question 43

Key phrase for the five components of internal control

Answer 43

*auditor should obtain an understanding and knowledge of each component

Question 44

Circumstances that are red flags about management’s philosophy and operating style

Answer 44

1. consumed with meeting budget
2. dominated by one person
3. compensation contingent upon the entity’s financial performance

Question 45

Control environment has a ________ effect on the auditor’s risk assessment and preliminary judgments

Answer 45

pervasive

Question 46

Strong vs. Weak control environment and timing of procedures

Answer 46

Strong: interim and roll forward
Weak: as of the balance sheet date

Question 47

Risk Assessment is whose responsibility when it relates to the five components of internal controls

Answer 47

management’s responsibility

Question 48

Information and Communication Systems - 5 Components of I/C

Answer 48

• initiate
• authorize
• process
• record
• report

Question 49

Control Activities in a Strong Control Environment

Answer 49

P renumbering of documents
A uthorization of transactions
I ndependent checks to maintain asset accountability
D ocumentation
T imely and appropriate performance reviews
I nformation processing controls
P hysical controls for safeguarding assets
S egregation of duties

Question 50

Segregation of Duties (not IT)

Answer 50

C ustody
A uthorization
R ecording

Question 51

Two key elements of internal controls

Answer 51

• preventative

* detective and corrective

Question 52

When assessing the RMM, the auditor should be

Answer 52

identifying types of potential misstatements

Question 53

Auditor should look at what when considering the internal controls

Answer 53

• design
• implementation
• procedures
• WALKTHROUGHS AND INQUIRIES
• document all understandings

Question 54

Documentation Types

Answer 54

F lowchart
I nternal control questionnaire or checklists
N arrative
D ocumentation from the client, including copies

Question 55

Issue when IT systems are used and records are continually modified

Answer 55

*difficult for timing of testing since records continually update

Question 56

The “IT Exception”

Answer 56

• cannot solve detection risk through substantive testing alone
• must do SUBSTANTIVE AND CONTROL TESTING

Question 57

Segregation of Duties (IT)

Answer 57

C ontrol group
O perators 
P rogrammers 
A nalyst 
L ibrarian 

*weakness comes from doing or supervising another area

Question 58

IT Weaknesses

Answer 58

G I G O

Question 59

Service Organizations and Internal Controls

Answer 59

Service Auditor Reports

1. reports only on design and implementation
   * *should not reduce the assessment of control risk
2. reports on design, implementation, and effectiveness
   * *can be used to reduce the assessment of control risk

Question 60

Two Types of Audit Approaches

Answer 60

1. substantive approach
2. combined approach (reliance method)

*IT requires internal control assessment and substantive procedures

Question 61

If the auditor wants to rely on the operating effectiveness of internal controls, when must the test of controls be performed?

Answer 61

in the current period

Question 62

Nature of Tests of Internal Controls

Answer 62

• using audit evidence hierarchy

* inquiry alone is not sufficient

Question 63

Audit Evidence Hierarchy

Answer 63

A uditor evidence
E xternal evidence 
I nternal evidence 
O ral evidence 
U KNOW IT

*inquiry alone is not sufficient

Question 64

Can you use evidence obtained in prior audits about operating effectiveness of controls be used in the current audit?

Answer 64

Yes

Question 65

Timing of Substantive Procedures

Answer 65

RMM low = interim (roll forward)

RMM high = at balance sheet date

Question 66

Evaluating the Sufficiency and Appropriateness of Audit Evidence

Answer 66

• revising the assessed RMM
• modify planned audit procedures
• document it
• *overall response
• *NET
• linkage of those audit procedures
• results of audit procedures
• conclusions reached

Question 67

primary purpose of evaluating internal control

Answer 67

*material misstatements could exist in the financials

Question 68

Can you evaluate the risk for internal control while obtaining an understanding of it?

Answer 68

Yes