AUD 3 Internal Control 10 - 6 Flashcards
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
An auditor performs the following procedures to obtain and apply an understanding of internal control to an audit:
Step 1 – Obtain an understanding of the design of all 5 components of the entity’s internal control (CRIME) through the performance of risk assessment procedures.
Step 2 – Document the understanding of Internal Control.
Step 3 – Assess Risk of Material Misstatement (RMM) which consists of inherent risk (IR) and control risk (CR).
RMM = IR × CR
Step 4 – Develop an audit strategy to either:
o (RELY?)
Perform tests of control (TofC) to determine if CR is below maximum, reducing RMM below the level of IR and allowing for the modification of the nature, timing, and extent of further audit procedures (sub tests): or
o (NOT Rely)
Decide NOT to perform tests of controls, assessing CR at the maximum level as if the control did not exist, and measuring RMM as being equal to IR.
Step 5 – Reassess Risk of Material Misstatement and evaluate results.
o For controls for which tests of controls were performed, evaluate results to reassess RMM and determine if it is appropriate to modify the nature, timing, and extent of further audit procedures.
Step 6 – Document conclusions and determine the effect on the planned substantive procedures. At this point, the audit program needs to be developed or revised for further audit procedures.
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
An auditor performs the following procedures to obtain and apply an understanding of internal control to an audit:
Step 1 – Obtain an understanding of the design of all 5 components of the entity’s internal control (CRIME) through the performance of risk assessment procedures.
Step 2 – Document the understanding of Internal Control.
Step 3 – Assess Risk of Material Misstatement (RMM) which consists of inherent risk (IR) and control risk (CR).
RMM = IR × CR
Step 4 – Develop an audit strategy to either:
o (RELY?)
Perform tests of control (TofC) to determine if CR is below maximum, reducing RMM below the level of IR and allowing for the modification of the nature, timing, and extent of further audit procedures (sub tests): or
o (NOT Rely)
Decide NOT to perform tests of controls, assessing CR at the maximum level as if the control did not exist, and measuring RMM as being equal to IR.
Step 5 – Reassess Risk of Material Misstatement and evaluate results.
o For controls for which tests of controls were performed, evaluate results to reassess RMM and determine if it is appropriate to modify the nature, timing, and extent of further audit procedures.
Step 6 – Document conclusions and determine the effect on the planned substantive procedures. At this point, the audit program needs to be developed or revised for further audit procedures.
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 – Document conc______s and determine the effect on the planned substantive procedures.
At this point, the audit program needs to be developed or revised for further audit procedures.
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 – Document conclusions and determine the effect on the planned substantive procedures.
At this point, the audit program needs to be developed or revised for further audit procedures.
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 – Document conclusions and determine the ef____ on the planned substantive procedures.
At this point, the audit program needs to be developed or revised for further audit procedures.
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 – Document conclusions and determine the effect on the planned substantive procedures.
At this point, the audit program needs to be developed or revised for further audit procedures.
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 – Document conclusions and determine the effect on the pl___ed substantive procedures.
At this point, the audit program needs to be developed or revised for further audit procedures.
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 – Document conclusions and determine the effect on the planned substantive procedures.
At this point, the audit program needs to be developed or revised for further audit procedures.
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 – Document conclusions and determine the effect on the planned substantive procedures.
At this point, the audit pro____ needs to be developed or revised for further audit procedures.
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 – Document conclusions and determine the effect on the planned substantive procedures.
At this point, the audit program needs to be developed or revised for further audit procedures.
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 – Document conclusions and determine the effect on the planned substantive procedures.
At this point, the audit program needs to be developed or re___ed for further audit procedures.
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 – Document conclusions and determine the effect on the planned substantive procedures.
At this point, the audit program needs to be developed or revised for further audit procedures.
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 – Document conclusions and determine the effect on the planned substantive procedures.
At this point, the audit program needs to be dev____ed or revised for further audit procedures.
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 – Document conclusions and determine the effect on the planned substantive procedures.
At this point, the audit program needs to be developed or revised for further audit procedures.
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The auditor is re____ed to communicate significant deficiencies and material weaknesses to management and those charged with governance.
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The auditor is required to communicate significant deficiencies and material weaknesses to management and those charged with governance.
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The auditor is required to communicate sign_______ deficiencies and mat______ weaknesses to management and those charged with governance.
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The auditor is required to communicate significant deficiencies and material weaknesses to management and those charged with governance.
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The auditor is required to communicate significant deficiencies and material weaknesses to ma_________ and those charged with gov___________.
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The auditor is required to communicate significant deficiencies and material weaknesses to management and those charged with governance.
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The auditor is required to comm_________ significant deficiencies and material weaknesses to management and those charged with governance.
The basis for risk assessment must always be documented.
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The auditor is required to communicate significant deficiencies and material weaknesses to management and those charged with governance.
The basis for risk assessment must always be documented.
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The auditor is required to communicate significant deficiencies and material weaknesses to management and those charged with governance.
The ba___ for risk assessment must always be documented.
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The auditor is required to communicate significant deficiencies and material weaknesses to management and those charged with governance.
The basis for risk assessment must always be documented.
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The auditor is required to communicate significant deficiencies and material weaknesses to management and those charged with governance.
The basis for risk assessment m___ always be documented.
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The auditor is required to communicate significant deficiencies and material weaknesses to management and those charged with governance.
The basis for risk assessment must always be documented.
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The basis for risk assessment must always be do_______ed.
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The basis for risk assessment must always be documented.
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The basis for r___ assessment must always be documented.
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The basis for risk assessment must always be documented.
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The auditor is required to communicate significant deficiencies and material weaknesses to management and those charged with governance.
The basis for risk assessment must always be documented.
The aud____ needs to document:
• The assessment of the risks of material misstatement at the financial statement and relevant assertion levels;
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The auditor is required to communicate significant deficiencies and material weaknesses to management and those charged with governance.
The basis for risk assessment must always be documented.
The auditor needs to document:
• The assessment of the risks of material misstatement at the financial statement and relevant assertion levels;
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The auditor needs to document:
• The asse________ of the risks of material misstatement at the financial statement and relevant assertion levels;
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The auditor needs to document:
• The assessment of the risks of material misstatement at the financial statement and relevant assertion levels;
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The auditor needs to document:
• The assessment of the r___s of material misstatement at the financial statement and relevant assertion levels;
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The auditor needs to document:
• The assessment of the risks of material misstatement at the financial statement and relevant assertion levels;
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The auditor needs to document:
• The assessment of the risks of material misstatement at the fin_______ statement and relevant asse_____ levels;
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The auditor needs to document:
• The assessment of the risks of material misstatement at the financial statement and relevant assertion levels;
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The auditor needs to document:
• The assessment of the risks of ma______ misstatement at the financial statement and relevant assertion le___s;
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The auditor needs to document:
• The assessment of the risks of material misstatement at the financial statement and relevant assertion levels;
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The auditor n___s to document:
- The assessment of the risks of material misstatement at the financial statement and relevant assertion levels;
- The basis for that assessment;
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The auditor needs to document:
- The assessment of the risks of material misstatement at the financial statement and relevant assertion levels;
- The basis for that assessment;
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The auditor needs to document:
- The assessment of the risks of material misstatement at the financial statement and relevant assertion levels;
- The ba___ for that assessment;
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The auditor needs to document:
- The assessment of the risks of material misstatement at the financial statement and relevant assertion levels;
- The basis for that assessment;
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The auditor needs to document:
- The assessment of the risks of material misstatement at the financial statement and relevant assertion levels;
- The basis for that asse_________;
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The auditor needs to document:
- The assessment of the risks of material misstatement at the financial statement and relevant assertion levels;
- The basis for that assessment;
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The auditor needs to document:
- The assessment of the risks of material misstatement at the financial statement and relevant assertion levels;
- The basis for that assessment;
- Significant r___s identified and related controls evaluated;
Obtain an Understanding of the Entity’s Internal Control Structure (AU-C 315)
Step 6 –
6. Document Conclusions and Develop or Revise Audit Programs
The auditor needs to document:
- The assessment of the risks of material misstatement at the financial statement and relevant assertion levels;
- The basis for that assessment;
- Significant risks identified and related controls evaluated;