A5 Flashcards
Under the Sarbanes-Oxley Act of 2002
the chief executive officer is required to certify (or sign off) on all the other items, but is not required to certify the financial expertise of the audit committee.
entity-level control
include controls related to the control environment, the risk assessment process, and the policies over risk management practices.
These affect the company as a whole not just a specific sector for example the controls on the completeness of deposited cash this would not be an entity control as it focuses on a singular account
Material weakness
Is the only one that would lead to an adverse opinion
disclaimer of opinion arises from
Restrictions on the scope of the engagement (Scope limitation)
adverse opinion arises from
Identification of a material weakness
Failure of management to provide a written representation letter acknowledging its responsibility for the effectiveness of internal control generally will result in
a disclaimer of opinion or withdrawal from the engagement.
An engagement to report on whether a previously reported internal control weakness continues to exis
Is voluntary
does not have to comply with any professional standards for example PCAOB or GAAS
Requires a written report from the company management to the Auditors
Scope
Uses the NET of things
Nature
Extent
Timing
SSAE involves
Establiceghd by the AICPA and addresses information for Attestation services of
Agreed upon procedures
Financial forecast and projection
Pro forma FS
Compliance
Management’s discussion and analysis (MD&A)
Reporting on controls at a service organization
The consistency assertion in an MD&A presentation addresses
whether nonfinancial data has been accurately derived from related records.
The occurrence assertion in MD&A addresses whether
reported transactions or events have occurred during a given period.
The presentation and disclosure assertion in MD&A addresses whether
information included in the MD&A presentation is properly classified, described, and disclosed.
The completeness assertion in MD&A addresses whether
descriptions of transactions and events necessary to obtain an understanding of the entity’s financial condition are appropriately included in the MD&A presentation
Financial forecast
Expected results(General Use)
Financial projection
Hypothetical assumption(Restricted use)
Prospective FS can be used by
You can pick between General Use or Limited Use
General Use (Financial Forecast)(Expected results) Implies that it will be used by parties not negotiating with the issuing company (For example sales pitch)
Limited Used FS (Financial projection)(Hypothetical assumption) will only be used by the issuing company and the people negotiating directly with them (for example a bank/lender) someone that is being negotiated with directly
Adverse in porspective FS
No reasonable basis
Disclaimer in prospective FS
Unable to preform reasonable procedures
Who is reponsible for accessing and reporting on internal controls in an audit
Managent and the auditor
What type of audit is required by teh PCAOB
Intergrated audit
when an usditor does not receive a letter of representation from management he must
Discalim and opinion or withdraw from the engagement
What is the top down approach
Evaluate overall risks at the financial statement level, consider controls at the entity level, and then focus on accounts, disclosures, and assertions for which there is a reasonable possibility of material misstatement.
Must be used
Entity level controls are
Control environments, the controls in place to detect and prevent misstatements form happening
What is the cost-benefit statement and what do auditors do with it
When a company believes that the cost of fixing a weakness discovered by the auditor will not be worth the money. Management has to input additional information as to why this is.
The auditor reads the additional information to ensure there are no material inconsistencies with management’s report and DISCLAIMS an opinion on the statement.
What is a difference between a fs audit and an internal control audit
When you find a misstatement in the FS audit of internal controls you use restricted language as to who can use this for example management but not in an audit of internal controls
When should communication be made in a FS audit and an internal control audit of an internal control deficiency
Within 60 days of the issuance of the report for FS
Before the issuance of the report for internal control audits
Agreed upon procedures report on
The procedures that were asked to perform and the auditors finding
What type of assurance does a compliance with contractual agreement give
Negative assurance
The previous FS must have been audited and either an unmodified or unqualified opinion must be issued
The compliance report is provided in conjunction with the audited FS
Difference between type 1 and type 2 reports
Type 1 does not include operating effectiveness and it is as a point in time
Includes only the implementation and design of cortrols
Type 2 Includes operating effectiveness as of a period of time
The security and confidentiality of information
What is a compliance report
A report that shows that a company has complied with requirements set by agencies for example a bank that sets a debt-to-equity ratio to a specific amount so you would check to see if the company complies with it
Government Auditing Standards published by the Government Accountability Office apply to
Audits of federal financial assistance and government organizations.
What does GAGAS do with findings of illegal acts
They report it to management and if they don’t approve it then they have to disclose it to federal inspection generals which are the counterparties to the contract
Under a single audit materiality is determined
separately for each major federal financial assistance program.
What does a single audit represent
An audit of statements and of compliance with federal regulations relating to federal financial assistance as prescribed by the Single Audit Act and 2 CFR 200.
What is a sub recipient
As a nonfederal entity that expends federal awards received from another entity to carry out a federal program.
You receive federal rewards from a nonfederal entity that had received them first, and then you carry out a federal program
For example, a state might receive federal funds and in turn provides those funds to a not-for-profit organization to accomplish an objective, the nont-for-profit will be the sub recipient
