AUD 2.7 & 2.8 - Risk Assessment

Question 1

Why does a CPA test internal control?

Answer 1

In order to adequately plan the “NET” procedures

Question 2

The following are risk assessment procedures performed by the auditor:

Answer 2

Understand the entity and its environment
Understand the internal controls
Inquire the audit committee, management, and other about the risks of material misstatement
Perform analytical procedures to assist with planning
Conduct a discussion among the engagement team

Question 3

What are the three factors within the fraud triangle:

Answer 3

Pressure
Opportunity
Rationalization

Question 4

What is equatable to the “pressure” in the fraud triangle?

Answer 4

Industry factors & regulatory factors

Question 5

The competitive environment, supplier and customer relationships, and technological developments are all conditions included in what?

Answer 5

Industry factors

Question 6

Laws and regulation, taxation, government policies and environmental requirements are all factors included in what?

Answer 6

The regulatory factors

Question 7

Accounting principles and industry specific practices and regulatory frameworks are factors included in what?

Answer 7

The application of financial reporting frameworks factors

Question 8

What are ways technology effects the entity under the technology factors?

Answer 8

Automation
Connectivity
Entity’s products
Security

Question 9

The PCAOB standards state the auditor should consider performing the following procedures to obtain an understanding of the entity:

Answer 9

Read public information about the entity
Observe or read transcripts of earnings calls
Understand the compensation arrangements with senior management
SEC filings
Read the company’s policies and procedures regarding expense reimbursement for executive officers

Question 10

What is the “overall plans for the entity”. What is the “means used to achieve those plans”?

Answer 10

1. Objectives
2. Strategies

Question 11

In situations in which management receives performance-based compensation, what might be indicative of management bias in the financials?

Answer 11

Unusual growth or profitability

Question 12

When obtaining an understanding of the entity and its environment in a group audit, the group engagement team should:

Answer 12

1. Understand the components and their environments
2. Understand the consolidation process
3. Confirm or revise the initial identification of significant components

Question 13

The auditor should document the key elements to its understanding of the entity and its environment. The key elements would include:

Answer 13

1. Relevant industry, regulator, and other external factors
2. The entity’s operations, ownership, and types of investments
3. The organizational structure
4. Application of accounting policies
5. The entity’s objectives and strategies
6. Review the entity’s financial performance

Question 14

Evaluations of the financial information made by a study of plausible relationships among financial and nonfinancial data:

Answer 14

Analytical procedures

Question 15

Analytical procedures are required during what phases of the audit?

Answer 15

Planning stage
Final review stage

Question 16

During planning, analytical procedures consist of:

Answer 16

Review of data aggregated at a high level, such as comparing financial statements to budgeted or anticipated results

Question 17

The objective of analytical procedures at planning is:

Answer 17

To enhance the auditors understanding of the entity
Identify unusual transactions and events or trends

Question 18

Does the auditor have to obtain an understanding of internal controls even if they are not testing or relying on the internal controls?

Answer 18

Yes

Question 19

A process effected by those charged with governance, management, and other personnel, designed to provide reasonable assurance about the achievement of the entity’s objectives:

Answer 19

Internal controls

Question 20

What are the three categories an entity’s objectives can be divided into?

Answer 20

1. Reliability of financial reporting
2. Effectiveness and efficiency of operations
3. Compliance with applicable laws and regulations

Question 21

What are the five components of internal controls?

Answer 21

Control environment
Risk assessment
Information and communication systems
Monitoring
Existing control activities

Question 22

This component of internal control “sets the one at the top”. It provides discipline and structure and is generating by management and executives.

Answer 22

Control environment

Question 23

The auditor may perform more substantive procedures as of the balance sheet date rather than at interim if there is a strong or weak control environment?

Answer 23

Weak

Question 24

The auditor may perform more substantive procedures during interim rather than the balance sheet date if there is a strong or weak control environment?

Answer 24

Strong

Question 25

This component of internal controls is an entity’s identification and analysis of risks to the achievement of its objectives. This assessment is done by management.

Answer 25

Risk assessment

Question 26

This component of internal controls supports the identification, capture, and exchange of information in a timely and useful manner. It encompasses the accounting system, and any methods used to communicate roles and responsibilities:

Answer 26

Information and communication systems

Question 27

This component of internal controls assesses the quality of internal control performance over time by assessing the design and operation of the controls on a timely basis and taking the necessary corrective actions:

Answer 27

Monitoring

Question 28

Establishing and maintaining internal control is the responsibility of who?

Answer 28

Management

Question 29

This component of internal controls is the policies and procedures that help ensure that management directives are carried out and that necessary steps to address risks are taken:

Answer 29

Existing control activities

Question 30

Existing control activities relative to an audit include what 8 procedures?

Answer 30

Prenumbering of documents
Authorization of transactions
Independent checks to maintain asset accountability
Documentation
Timely and appropriate financial performance reviews
Information processing controls
Physical controls for safeguarding assets
Segregation of duties

Question 31

A clients internal control should separate what functions to remain a segregation of duties

Answer 31

Authorization
Record keeping
Custody of related assets

Question 32

Provide reasonable assurance that only valid transactions are recognized, approved, and submitted for processing. Applied before the processing activity occurs.

Answer 32

Preventative controls

Question 33

Designed to provide reasonable assurance that errors or irregularities are discovered and corrected on a timely basis. Normally performed after the processing has been completed.

Answer 33

Detective controls

Question 34

Involves determining whether a control is capable individually or in combination with other controls, of preventing or detecting and correcting material misstatements:

Answer 34

Design of a control

Question 35

To determine this, an auditor must obtain evidence about whether the individuals responsible for performing the controls have an awareness of the existence of the procedures and a working knowledge of how the procedures should be performed:

Answer 35

Implementation of controls

Question 36

What procedures are used to obtain evidence about the design and implementation of internal controls?

Answer 36

Inquiry of entity personnel
Observation
Inspection of documents
Walk-throughs

Question 37

Trace transactions relevant to financial reporting through the accounting system from inception through recording in the general ledger and presentation in the financial statements:

Answer 37

Walk-throughs

Question 38

How can a walkthrough be performed?

Answer 38

By selecting a single transaction and tracing it through the entity’s information processing system from inception to financial reporting
OR
Identifying the key steps in the processing of a class of transactions and perform procedures for a specific transaction at each step

Question 39

Documentation of the understanding of internal controls may include any one of the following:

Answer 39

Flowchart
Internal control questionnaire
Narrative
Documentation from the client

Question 40

A diagram representing the sequential flow of authority, processes, and documents:

Answer 40

Flowchart

Question 41

Shows the origin of each document int he system, its subsequent processing, and its final disposition

Answer 41

System flowcharts

Question 42

Documents the logic and existing flow of a computer program

Answer 42

Program flowchat

Question 43

This consists of a list of questions to be answered by “Yes” or “No” responses. A “No” response is designed to draw attention to a possible weakness in the internal control. Written explanations are required for no answers.

Answer 43

Internal control questionnaire

Question 44

A written version of a flowchart. It is a description of the auditors understudying of the system of internal control. This is more appropriate for less complex structures.

Answer 44

Narrative

Question 45

This is an entity’s procedures manuals that include documentation of the entity’s accounting system and related controls.

Answer 45

Documentation from the client

Question 46

What are three inherent limitations of internal controls related to the control environment?

Answer 46

Management override
Human error
Collusion

Question 47

Policies and procedures that relate to many applications and support the effective functioning and proper operation of the information system:

Answer 47

IT General Controls

Question 48

Examples of IT general controls include:

Answer 48

Passwords, change in management procedures, backup/recovery systems, and administrative rights to the network

Question 49

This applies t the processing of individual transactions and help to ensure that transactions occurred are authorized and are completely and accurately processed and reported:

Answer 49

IT Application controls

Question 50

Examples of IT Application Controls include:

Answer 50

Administrative access rights, control over interfaces, integrations, and e-commerce, checking the mathematical accuracy, maintaining and reviewing accounts, automated edit checks, manual follow ups of exception reports