A3: Engagement Acceptance, Planning, and Risk Assessment

Question 1

Tolerable Misstatement

Answer 1

The MAXIMUM error in a population that the auditor is willing to accept

Question 2

Which of the following risks may be assessed in nonquantitative terms?

Answer 2

Control Risk: YES
Detection Risk: YES
Inherent Risk: YES

Both the risk of material misstatement (IR x CR) and detection risk may be assessed in quantitative terms such as percentages or in nonquantitative terms that range, for example, from a minimum to a maximum

Question 3

The existence of audit risk is recognized by the statement in the auditor’s standard report that the:

Answer 3

Auditor obtains reasonable assurance about whether financial statements are free of material misstatement

The existence of audit risk is recognized by the statement in the standard report that the auditor obtained REASONABLE assurance about whether the financial statements are free of material misstatement. Audit risk is the risk that the auditor may unknowingly fail to appropriately modify the opinion on financial statements that are materially misstated

Question 4

When an auditor increases the assessed level of control risk because certain control activities were determined to be ineffective, the auditor most likely would increase the:

Answer 4

Extent of tests of details

An increase in the assessed level of control risk means that the assessed risk of material misstatement has also increased, and this requires a corresponding decrease in detection risk to maintain the same (presumably low) level of overall audit risk. Increasing the extent of tests of details will result in a reduction in detection risk

Question 5

As the acceptable level of detection risk decreases, an auditor may:

Answer 5

Postpone the planned timing of substantive tests from interim dates to the year-end

As the acceptable level of detection risk decreases, the assurance provided from substantive tests should increase. Consequently, the auditor should do one or more of the following: 1.) Change the nature of substantive tests from a less effective to a more effective procedure, 2.) Change the timing of substantive tests, such as performing them at year-end rather than at an interim date, or 3.) Change the extent of substantive tests, such as using a larger sample size

Question 6

An auditor uses the assessed level of control risk to:

Answer 6

Determine the acceptable level of detection risk for financial statement assertions

An auditor uses the assessed level of control risk to determine the risk of material misstatement, which in turn determines the acceptable level of detection risk for financial statement assertions. Detection risk should bear an inverse relationship to control risk. For example, the less control risk an auditor believes exists, the greater the level of detection risk he or she can accept

Question 7

In a financial statement audit, inherent risk is evaluated to help an auditor assess which of the following?

Answer 7

The susceptibility of a financial statement assertion to a material misstatement assuming there are no related controls

Inherent risk is the susceptibility of a relevant assertion to a material misstatement, assuming there are no related controls

Question 8

In an engagement to examine management’s discussion and analysis (MD&A), which of the following best defines control risk?

Answer 8

The risk that material misstatements in the MD&A presentation will not be prevented in a timely manner

Control risk is the risk that a material misstatement that could occur in an assertion within MD&A will not be prevented or detected on a timely basis

Question 9

Which statement is true with respect to discussion among engagement personnel regarding the risk of material misstatement due to fraud?

Answer 9

Audit documentation must include a description of the discussion

Audit documentation is required to include a description of the discussion among engagement personnel regarding the risk of material misstatement due to fraud

Question 10

Which of the following is NOT an inquiry the auditor should make to identify the risks of material misstatement due to fraud?

Answer 10

Whether operating personnel have communicated to management regarding internal control and how it functions to prevent, deter, or detect material misstatement due to fraud

The auditor should inquire whether management (not operating personnel) has communicated to those charged with governance (not management) regarding internal control and how it functions to prevent, deter, or detect material misstatement due to fraud

Question 11

During the annual audit of Ajax Corp., a publicly held company, Jones, CPA, a continuing auditor, determined that illegal political contributions had been made during each of the past seven years, including the year under audit. Jones notified the board of directors about the illegal contributions, but they refused to take any action because the amounts involved were immaterial to the financial statements.

Jones should reconsider the intended degree of reliance to be placed on the:

Answer 11

Management representation letter

The auditor should consider the implications of an act of noncompliance with laws and regulations in relation to other aspects of the audit, particularly the reliability of representations of management

Question 12

Which of the following statements is correct concerning an auditor’s responsibility to report fraud?

Answer 12

The disclosure of fraudulent activities to parties other than the client’s senior management and those charged with governance is NOT ordinarily part of the auditor’s responsibility

The disclosure of fraudulent activities to parties other than the client’s senior management and those charged with governance is NOT ordinarily part of the auditor’s responsibility

Question 13

Which of the following statements best describes an auditor’s responsibility to detect errors and fraud?

Answer 13

An auditor should design the audit to provide reasonable assurance of detecting errors and fraud that are material to the financial statements

Question 14

When performing a substantive test of a random sample of cash disbursements, an auditor is supplied with a photocopy of vendor invoices supporting the disbursements for one particular vendor rather than the original invoices. The auditor is told that the vendor’s original invoices have been misplaced. What should the auditor do in response to this situation?

Answer 14

Reevaluate the risk of fraud, and design alternate tests for the related transactions

The auditor should reevaluate the risk of fraud and design alternate tests for the related transactions as the evidence (photocopy of vendor invoices) is not reliable

Question 15

Which of the following statements is correct concerning analytical procedures used in planning an audit engagement?

Answer 15

They usually use financial and nonfinancial data aggregated at a high level

Analytical procedures performed during planning often use data aggregated at a high level

Question 16

An auditor prepares an unmodified opinion on financial statements that are materially misstated due to fraud. Which of the following is true?

Answer 16

The auditor will be considered to have met his or her responsibility provided the audit was planned and performed appropriately, including a specific assessment of the risk of material misstatement due to fraud

The auditor’s responsibility is to plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement, whether caused by error or fraud. This includes a specific assessment of the risk of material misstatement due to fraud

Question 17

The primary objective of procedures performed to obtain an understanding of the entity and its environment is to provide an auditor with:

Answer 17

Knowledge necessary for risk assessment and audit planning

The auditor should obtain an understanding of the entity and its environment sufficient to assess the risk of material misstatement and to design and perform further audit procedures

Question 18

Analytical procedures used in planning an audit should focus on:

Answer 18

Enhancing the auditor’s understanding of the client’s business

Analytical procedures used in planning the audit should focus on enhancing the auditor’s understanding of the client’s business and the transactions and events that have occurred since the last audit date

Question 19

When the auditor’s risk assessment is based on the effective operation of controls, the audit will most likely involve:

Answer 19

Identifying specific internal controls relevant to specific assertions

When the auditor’s risk assessment is based on the effective functioning of internal control, the auditor should identify specific internal controls relevant to specific assertions that are likely to prevent or detect material misstatements in those assertions

Question 20

An audit client failed to maintain copies of its procedures manuals and organizational flowcharts. What should the auditor do in an audit of financial statements?

Answer 20

Document the auditor’s understanding of internal controls

Although it is helpful when the auditor can review client procedures manuals and organizational flowcharts, not having this documentation simply means that the auditor will need to put forth more effort to obtain an understanding of internal control. As is always the case, the auditor should document his or her understanding of internal control

Question 21

An auditor of a nonissuer should design tests of details to ensure that sufficient audit evidence supports which of the following?

Answer 21

The planned level of assurance at the relevant assertion level

An auditor of a nonissuer should design tests of details to ensure that sufficient evidence supports the planned level of assurance at the relevant assertion level

Question 22

When an auditor is to conduct an audit of a service organization, what considerations should the auditor make in the planning stages regarding internal controls of the organization?

Answer 22

The auditor should obtain an understanding of the effect of the user organization upon the service organization

In some situations, the controls at a service organization are designed under the assumption that there will be certain complementary controls implemented by user organizations. These complementary controls should be included in the description of controls. The service auditor should obtain an understanding of such situations, in order to evaluate whether the complementary controls are necessary to achieve stated control objectives

Question 23

Management’s emphasis on meeting projected profit goals most likely would significantly influence an entity’s control environment when:

Answer 23

A significant portion of management compensation is represented by stock options

Management’s emphasis on meeting projected profit goals would significantly influence an entity’s control environment when a significant portion of management compensation is represented by stock options, because management would then have a personal interest that might be at odds with accurate financial reporting

Question 24

Which of the following components (elements) of an entity’s internal control includes the development of personnel manuals documenting employee promotion and training policies?

Answer 24

Control Environment

The control environment element of an entity’s internal control relates to the tone of the organization, which includes human resources

Question 25

Which of the following statements about internal control is correct?

Answer 25

The cost-benefit relationship is a primary criterion that should be considered in designing internal control

The concept of reasonable assurance recognizes that the cost of an entity’s internal control should not exceed the benefits that are expected to be derived. The cost-benefit relationship is a primary criterion that should be considered in designing internal control

Question 26

The ultimate purpose of assessing control risk is to contribute to the auditor’s evaluation of the:

Answer 26

Risk that material misstatements exist in the financial statements

The ultimate purpose of assessing control risk is to contribute to the auditor’s evaluation of the risk that material misstatements exist in the financial statements

Question 27

Which of the following is necessary in a financial statement audit?

Answer 27

An understanding of internal control relevant to an entity’s financial reporting objective

An understanding of internal control relevant to an entity’s financial reporting objective is necessary as part of audit planning

Question 28

Which of the following controls is least likely to be relevant to a financial statement audit?

Answer 28

Procedures that prevent the excess use of materials in production

Procedures to reduce inefficiency on the production line relate to operational objectives, and not necessarily to financial reporting

Question 29

If a budgetary reporting system provides adequate reports, but the reports are not analyzed and acted upon:

Answer 29

The control has been implemented but is not operating effectively

The fact that budgetary reports are being generated indicates that the control has been implemented. The control, however, does not provide any assurance regarding achievement of the entity’s objectives, since the report is not being analyzed or acted upon. Accordingly, the control is NOT operating effectively

Question 30

Which of the following services performed by another entity would NOT be considered to be part of the client’s information system?

Answer 30

Sale (specifically authorized by the client) of investment securities by an external broker

Services performed by another organization are not considered to be part of the client’s information system if the services provided are limited to executing transactions that are specifically authorized by the client

Question 31

Which of the following is an inherent limitation in internal control?

Answer 31

Faulty human judgement

Inherent limitations in internal control are limitations that exist despite implementation of appropriate controls. For example, faulty human judgment may result in errors in the design or use of internal controls

Question 32

An auditor is auditing a mutual fund company that uses a transfer agent to handle accounting for shareholders. Which of the following actions by the auditor would be most efficient for obtaining information about the transfer agent’s internal controls?

Answer 32

Review reports on internal control placed in operation and its operating effectiveness produced by the agent’s own auditor

Reports on internal control placed in operation and its operating effectiveness produced by the agent’s own auditor would be an efficient means of obtaining information about the transfer agent’s internal controls

Question 33

An auditor should obtain sufficient knowledge of an entity’s information system relevant to financial reporting to understand the:

Answer 33

Process used to prepare significant accounting estimates

The auditor should obtain sufficient knowledge of the client’s information system relevant to financial reporting to understand the types of transactions processed, and how the transactions are initiated, recorded and summarized. Included in the information system relevant to financial reporting is the preparation of significant accounting estimates

Question 34

Which of the following types of evidence would an auditor most likely examine to determine whether internal controls are operating as designed?

Answer 34

Client records documenting the use of EDP programs

Client records documenting the use of EDP programs would be a relevant item for an auditor to examine while determining if internal control is operating as designed

Question 35

In which of the following circumstances would an auditor expect to find that an entity implemented automated controls to reduce risks of misstatement?

Answer 35

When transactions are high-volume and recurring

Automated controls are more suitable than manual controls where transactions are high-volume and recurring

Question 36

An auditor determines that there is a high level of control risk surrounding the revenue cycle. Which situation is most likely to have given rise to this assessment?

Answer 36

The sales manager does not enforce the client’s stated policies regarding authorization and approval of sales transactions

Management override of internal control policies and procedures might cause the auditor to assess control risk as high

Question 37

Which of the following is the best way to compensate for the lack of adequate segregation of duties in a small organization?

Answer 37

Allowing for greater management oversight of incompatible activities

The best compensating control for the lack of segregation of duties in smaller organizations is to have more management oversight of incompatible functions

Question 38

The audit plan usually CANNOT be finalized until the:

Answer 38

Consideration of the entity’s internal control has been completed

The auditor should obtain a sufficient understanding of the entity and its environment, including its internal control, to plan the audit of the entity’s financial statements

Question 39

If an auditor is obtaining an understanding of an issuer’s information and communication component of internal control, which of the following factors should the auditor assess?

Answer 39

The classes of transactions in the issuer’s operations that are significant to the issuer’s financial statements

The classes of transactions in the issuer’s operations that are significant to the issuer’s financial statements are typically assessed when the auditor is obtaining an understanding of the information and communication component of internal control