AUD Ninja Notes Flashcards

1
Q

What should be included for the Auditor’s address?

A

The City and State where located

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is Management Responsible for in regards to the Financial Statements?

A

Preparation and Fair Presentation of Financial Statements in accordance with the Applicable Financial Reporting Framework

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is Management Responsible for in regards to Internal Control?

A

Internal Control Design, Implementation, Maintenance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the headings in the Audit Report for an Unmodified Opinion?

A

(TIM-AA) Title; Introduction; Management Responsibility; Auditor Responsibility; Audit Opinion

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the headings in the Audit Report for an Modified Opinion?

A

(TIMA-BA) Title; Introduction; Management Responsibility; Auditor Responsibility; Basis for (Modified) Opinion; Audit Opinion

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

In an Unmodified Opinion with Emphasis-of-Matter / Other-Matter sections, what is the order of the headings?

A

(TIM-AA EMO) Title; Introduction; Management Responsibility; Auditor Responsibility; Audit Opinion; Emphasis-of-Matter; Other-Matter

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the requirements for referencing a Component Auditor in the Audit Report?

A

Component Financial Statements must be prepared using same Financial Reporting Framework as the Group Financial Statements; Component Auditor must have performed audit in accordance with GAAS or PCAOB Standards.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What must the Group Engagement Partner do if they assume responsibility for the Component Auditor’s work?

A

Perform additional audit procedures; Be involved in Component Auditors work; Perform Risk Assessment procedures; Assess Risk of Material Misstatement

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What standards govern SSARS engagements?

A

Compilations are governed by SSARS (Statements on Standards for Accounting and Review Services)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which clients can have compilation engagements?

A

Non-SEC (non-public) registrants only.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is a Compilation?

A

Accountant puts together financial statements with information PROVIDED BY MANAGEMENT. No opinion is expressed and no assurances are given. Independence is not required.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What disclosures are required for Compilation engagements?

A

Disclosures not necessary must state that they are not included

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What standards govern Review engagements?

A

SSARS (Statements on Standards for Accounting and Review Services)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What type of assurance is given in a Review engagement?

A

Reviews give limited assurance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What procedures are required for Review engagements?

A

Analytical procedures are required for reviews. Compare results to documented predictions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is a Review engagement?

A

Financial statements are presented with no opinion expressed- and limited assurances are given. Independence is required for a review engagement.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is a Forecast?

A

A prospective financial statement that uses normal circumstances. General and limited use allowed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is a Projection?

A

A prospective financial statement using hypothetical situations. Only limited use by the client is allowed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What are the requirements for Agreed Upon Procedures?

A

Independence is required; Only limited use by the client is allowed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What disclosures are required for remote likelihood of losses?

A

No disclosure required.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What disclosure is required for a probable loss contingency?

A

Accrue if estimable. Emphasis-of-Matter paragraph if not estimable.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What disclosure is made if a loss contingency is reasonably possible?

A

Auditor assesses need for Emphasis-of-Matter paragraph based on loss likelihood.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

How is a gain contingency reported?

A

Gain contingencies are not reported.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

How does an immaterial GAAP issue affect the audit opinion?

A

It doesn’t. Opinion is Unmodified.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

How does a very material GAAP issue affect the Audit Report?

A

Modified-Adverse Opinion is issued. Emphasis-of-Matter paragraph is added after Opinion paragraph.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

How do GAS standards compare to GAAS?

A

GAS is more strict than GAAS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What is required under the Single Audit Act?

A

An audit performed under governmental auditing standards (GAS). A report on internal control is required. GAAS and GAS don’t require the I/C report.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What is Audit Sampling?

A

Taking part of a population- subjecting it to audit procedures- projecting results to a population

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

What are the characteristics of Statistical Sampling?

A

Based on formulas

Helps find an appropriate audit sample

Helps evaluate evidence obtained

Helps evaluate results and quantify Sampling Risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

What are the characteristics of Non-Statistical Sampling?

A

Based on human decision

Equally acceptable as Statistical Sampling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

What are the characteristics of Substantive Tests?

A

Variables sampling

Probability proportionate to size sampling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

What type of sampling are Control Tests?

A

Attribute Sampling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

What is Sampling Risk?

A

Risk that your sample isn’t representative of population

Can happen even if audit is done properly

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

What is the risk of assessing Control Risk too high?

A

A risk of Control Testing - Auditor works to make Control Risk lower

More substantive tests - Sample overstates Control Risk- Leads to an under-reliance on internal control- over-testing- and overall audit inefficiency

Audit ends up being effective (correct result)- but you do more work

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

What is the risk of assessing Control Risk too low?

A

A risk of Control Testing - Complement to Confidence Level
Inverse relationship to Sample Size

Higher accepted risk of assessing Control Risk too low = Smaller Sample

Lower accepted risk of assessing Control Risk too low = Larger Sample

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

What are the risks if the auditor concludes controls are operating effectively based on the sample and Control Risk is set too low?

A

Leads to higher Detection Risk - Fewer substantive tests

Sample understates Control Risk

This error leads to over-reliance on internal control- under-testing- and overall audit ineffectiveness.

Does NOT necessarily mean that the Financial Statements are materially misstated - it does mean that if there is one- you are less likely to find it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

What is the risk of Incorrect Acceptance?

A

A risk of Substantive Testing - Auditor accepts a balance as fairly stated- when in fact it is not fairly stated

Hurts audit effectiveness

Wrong conclusion reached

Efficient- but not effective

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

What is the risk of Incorrect Rejection?

A

A risk of Substantive Testing - Auditor rejects balance as fairly stated when in fact it is fairly stated

Hurts audit efficiency

Wrong recommendations given

Effective- but not efficient

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

What is Non-Sampling Risk?

A

Risk of human (auditor) missing an error

Also called exception- error or deviation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

How does Sampling Risk compare to Non-Sampling Risk?

A

Sampling Risk deals with the chance that your audit sample is flawed

Non-Sampling risk deals with the chance that your human decisions/conclusions are flawed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

What is Attribute Sampling?

A

Looking at Control Procedures - Were invoices approved when paid?

Errors are stated in terms of %- not dollar amounts

For example- 5 invoices out of 100 were not properly paid. Error rate is 5%

Hint: If you see Error Rate on the Exam- they are referring to Attribute Sampling.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

How do you determine if Control Procedures are operating properly or not operating properly?

A

Control Procedures are either operating properly or they are not operating properly - based on Error Rate and the tolerance you have for errors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

What is the Tolerable Rate?

A

Error rate in population that you are willing to accept/tolerate

Inverse relationship to Sample Size

Higher Tolerable Rate = Smaller Sample
Lower Tolerable Rate = Larger Sample

If you’re willing to accept a higher probability that errors exist- there is less pressure on the sample

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

What is the Expected Population Error Rate?

A

What Error Rate are you expecting? - Judgment call- based on experience

Direct relationship to Sample Size

More errors = Larger Sample

Less errors = Smaller Sample

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

What is the basic premise of Attribute Sampling?

A

Attribute in the sample gives information about the entire audit population

Used to estimate Internal Control error rate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

For what is the Expected Population Deviation (error) Rate used?

A

Used to determine initial level of Control Risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

What is the Allowable Risk of Over-reliance?

A

Risk of Assessing Control Risk too low

Gives you the Sampling Risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

When is Attribute sampling used?

A

Attribute sampling is only useful when there is documented evidence (an audit trail) to test

Use when the existence of an error needs to be verified or debunked

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

What is Classic Variable Sampling?

A

Testing for a dollar amount

Value in sample gives information about value in entire population.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

What functions are used in conjunction with Classic Variable Sampling?

A

Mean Per Unit = Sample Average x Number in Population

Stratification - Decreases effect of variance in population and reduces sample size

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

What are the characteristics of Probability Proportionate to Size (PPS) sampling?

A

A form of Variable Sampling

Does NOT use Standard Deviation

Auditor focuses on a dollar amount

Larger or more valuable items get picked more often as part of the sample

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

What is Projected Misstatement?

A

Misstatement found in sample - have to project it to remainder of population

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

How does Probability Proportionate to Size (PPS) sampling compare to Classic Variables sampling?

A

PPS:

Easier to use- Results in a stratified (homogenous) sample- Results in a smaller sample size to audit- Easy to design

Classic Variables Sampling:

Easy to expand sample size- Selecting zero and negative balances easy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

What factors affect sample size?

A

Tolerable rate for error - Inverse relationship with sample size

Risk of assessing Control Risk too low - Inverse relationship with sample size

Expected population error rate - Direct relationship with sample size

Population size does NOT affect the sample size - as population is larger- sample size doesn’t grow.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

What is the formula for Audit Sampling?

A

SER + ASR < TER

SER = Sample Error Rate

ASR = Allowance for Sampling Risk

TER = Tolerable Error Rate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

What is Allowance for Sampling Risk?

A

The amount that you add to the Sampling Error Rate to get some cushion for your sample.

As high as you think the population error rate could go based on experience.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

What is the Tolerable Error Rate?

A

The amount of error rate that you can accept - If population error rate is less than TER- then accept the Control as effective

If population error rate is more than TER- do more testing to get SER lower or conclude control isn’t effective. Do more substantive testing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

What are the steps to develop a sampling plan?

A

Determine Test Objective - for example- have sales shipments been billed?

Define Population and Deviation - take a sample of shipping document- trace forward to see if billed

Determine Sample Size based on tolerable rate for error- risk of assessing Control Risk too low- and expected population error rate.

Select Sampling Technique

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

After a Sampling Plan is developed- what are the steps in sampling?

A

Perform the Sampling Plan

Evaluate Results

Document Results

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

What is Systematic Sampling?

A

Every certain # of a population is selected

Population needs to be randomly ordered

Primary advantage is that population doesn’t require pre-numbering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q

What is Sequential Sampling?

A

Also called Stop or Go sampling

Each audit step determines the next step

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

What is Discovery Sampling?

A

Audit is testing an area that is so crucial that zero population errors can be tolerated

Any phony employees on payroll?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
63
Q

How does Block Sampling compare to other sampling methods?

A

Easy to implement- but is the worst method of sampling.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
64
Q

What is the primary duty of an auditor?

A

To provide users of financial information with REASONABLE ASSURANCE that the financial statements are not materially misstated.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
65
Q

What is the auditor’s responsibility for detecting theft or fraud?

A

Auditors are not responsible for detecting theft or fraud.

Instead- they are responsible for providing REASONABLE ASSURANCE that the financial statements are not materially misstated.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
66
Q

When should an auditor be hired in relation to the balance sheet date for optimum audit planning and efficiency?

A

The earlier the auditor is hired- the better for audit planning and efficiency.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
67
Q

When can audit procedures be performed at interim dates?

A

If Control Risk for the accounts and/or transactions is low- audit procedures can be performed at interim dates.

The auditor then reviews changes in the balances at year-end.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
68
Q

When can an auditor accept an engagement offered after the year is already closed?

A

The auditor can take the engagement if they are able to overcome the limitations of the engagement.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
69
Q

For what does an auditor use professional skepticism?

A

To plan the scope of the audit

To plan the objectives of the audit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
70
Q

How can analytical procedures be performed in audit planning?

A

The auditor can compare actual versus forecasted numbers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
71
Q

What must an auditor have in order to discuss issues relating to a predecessor auditor’s work?

A

If issues relating to predecessor auditor’s work on previous Financial Statements come up during the current audit- Auditor must have client’s permission to discuss the issue.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
72
Q

What questions must an auditor ask with respect to procedures carried out by assistants?

A

Were they adequately performed? (Review the working papers)

Are the results consistent with the audit report?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
73
Q

How is audit strategy mapped out?

A

Auditor determines what the reporting objectives are.

Auditor determines the scope of the audit.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
74
Q

Describe the key components of maintaining auditor independence.

A

Auditor must be independent in fact and appearance

Honesty

No direct financial interest

No indirect material financial interest

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
75
Q

Describe Due Professional Care

A

Technical abilities mirror those held by peers in the profession
Follow GAAS Standards
Obtain a Reasonable Level of Assurance
Maintain Reasonable Level of Skepticism
Supervise Audit Staff
Review judgment at every level

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
76
Q

What should an auditor do prior to accepting an audit engagement?

A

Review the previous financial statements

Speak to third parties

Contact predecessor auditor to evaluate whether engagement should be accepted (must have client permission)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
77
Q

What questions should be asked by an auditor prior to taking an engagement?

A

Note: must have permission of client to contact predecessor auditor (no permission = no engagement)

Why the Auditor Change?
Any Serious Discussions with Audit Committee?
How is Management Integrity? Disagreements?
How was Internal Control?
Understand Industry or Be Willing to Learn
Consider Scope Limitation - Limited evidence available = no engagement

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
78
Q

What should be included in an audit engagement agreement?

A

Note: must be written

Objectives of Engagement
Limitations of Engagement
Responsibilities of Management - Provide written assertions
Responsibilities of Auditor - Limited error/fraud responsibility
Expectations of Access to Records
Financial Statements (and Disclosures) are Management’s Responsibility
Compliance with Laws
Internal Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
79
Q

What is management’s responsibility with respect to the financial statements?

A

Management is responsible for financial statements and adequacy of disclosures.

Presentation & Disclosure
Existence (Tests Overstatements)
Rights & Obligations
Completeness (Tests Understatements)
Valuation & Allocation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
80
Q

What is the purpose of the Audit Committee?

A

Responsible for Hiring Auditor

Oversees Internal Control

Must Agree with Auditor on: Responsibility of the Parties- Audit Fee- Timing of the Audit- Audit Plan

Acts as Liaison Between Auditor and the Board

Auditor Communicates Concerns about: Internal Control Deficiencies- Errors- Fraud- Illegal Activities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
81
Q

How is Audit Risk calculated?

A

Inherent Risk x Control Risk x Detection Risk

Risk that material mistakes- errors- omissions- or fraud will result in an inaccurate audit report

Based on Auditor Judgment

Measured in both Qualitative and Quantitative

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
82
Q

Describe Control Risk

A

Risk that internal control will not detect error or fraud

Auditor cannot control this.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
83
Q

Describe Inherent Risk.

A

Which transactions have a higher level of risk?

Auditor cannot control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
84
Q

Describe Detection Risk.

A

Will the auditor fail to detect a material misstatement?

Auditor CAN control

Do testing at year-end
Increase substantive testing
Run more effective tests

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
85
Q

What responses should an auditor take based on different levels of acceptable detection risk (DR)? What type of tests should be performed?

A

Less Acceptable DR = Run More Substantive Tests

More Acceptable DR = Run Less Substantive Tests

More Substantive Tests (DR down) = Less Audit Risk; (AR = IR x CR x DR)

Less Substantive Tests (DR up) = More Audit Risk; (AR = IR x CR x DR)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
86
Q

What are quantitative measurements versus non-quantitative measurements with respect to risk?

A

Quantitative Measurements - Inherent- Control- and Detection Risk can all be measured in terms of percentages

Non-Quantitative Measurements - Inherent- Control- and Detection Risk can all be measured in terms of acceptable ranges

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
87
Q

Whose responsibility is it to FIND and PREVENT fraud?

A

It is Management’s responsibility.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
88
Q

What is the auditor’s responsibility with respect to fraud and illegal acts?

A

Assess the RISK that such things will lead to material misstatements

Design the audit to provide reasonable assurance against fraud- illegal acts that directly and materially affect the financial statements

Report ALL management fraud to the audit committee (minor fraud by low-level employees not reported to committee)

Perform required inquiries and procedures (management inquiries- analytical procedures- discussions with audit personnel about fraud)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
89
Q

What are the three factors that affect/influence fraud?

A

Fraud is born out of:

Rationalization
Incentive
Opportunity

(RIO)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
90
Q

What is the difference between fraud and errors?

A

Errors are unintentional- fraud is intentional.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
91
Q

What red flags may indicate higher risk in an audit?

A

Management compensation tied to stock
Aggressive financial forecasting
Former auditor disagreed with Management
Records not available for audit

Current audit procedures may need to be reconsidered if red flags exist.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
92
Q

Describe the characteristics of a Fraud Risk Factor.

A

Has been observed in similar situations

Does NOT necessarily mean that there is a material weakness in internal control

Leads to an auditor taking action

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
93
Q

What does an examination of internal control accomplish with respect to illegal acts?

A

Internal control analysis can result in the conclusion that IC is weak- but probably won’t identify illegal acts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
94
Q

What is the purpose of adjusting audit procedures in light of fraud risk factors identified during an audit?

A

Strives to make audit engagement procedures less patterned and predictable

Re-evaluates management’s application of accounting procedures

Finds and assigns audit personnel with relevant skills in this area

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
95
Q

What should be documented with respect to fraud risk factors in an audit?

A

Any fraud risks identified that could lead to material misstatement

Audit procedures performed to assess risks

Nature of communication made to audit committee and company management

Disclosure to third parties regarding fraud not normally the auditor’s responsibility

Fraud by management should normally be reported to the audit committee- NOT the SEC.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
96
Q

What was the effect of the SOX Act of 2002?

A

Created PCAOB

Designates Officer responsibility for internal control

Must disclose significant internal control weaknesses to auditor and audit committee

Must disclose any level of fraud discovered by employees with internal control responsibilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
97
Q

What is the Hierarchy of Authoritative Literature?

A
  1. Statements on Auditing Standards (SAS)
  2. Auditing Interpretations- AICPA Guides & SOPs
  3. Industry Articles (no authority)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
98
Q

What quality control activities are undertaken by CPA firms with audit practices?

A

Firm Leadership exhibits quality and leads by example and sets the tone for the organization

Firm should Monitor and document that its policies and procedures are being followed

Firm should have Relevant Ethical Requirements

Acceptance and continuance of client engagements should continue to be evaluated for client integrity- auditor competency- and legality

Firm should have competent and ethical personnel

Firm engagements are performed- supervised- and reviewed in accordance with professional standards and regulations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
99
Q

Which literature governs Compilation services?

A

SSARS - Statements on Standards for Accounting and Review Services

These govern reporting for non-public entities only

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
100
Q

What is the independence requirement for Compilations?

A

Independence NOT required for Compilations

No Internal Control work allowed

No assurance given

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
101
Q

What type of assurance is provided by a Compilation?

A

Compilations are not an assurance service. No assurance is provided.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
102
Q

What type of assurance is provided by Review services?

A

Reviews provide NEGATIVE assurance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
103
Q

What is the independence requirement for a Review?

A

Reviews require independence.

No Internal Control work allowed
Performs analytical procedures
No material indirect financial interest allowed
No immaterial direct financial interest allowed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
104
Q

For compilations and reviews- what knowledge must a service provider have?

A

Must have an understanding of the client industry.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
105
Q

What are attestation services?

A

CPA expresses a conclusion about an assertion - Compliance with laws

NOT considered a Consulting engagement

Independence Required

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
106
Q

What is the independence requirement for consulting services?

A

Independence is not required for consulting services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
107
Q

Describe the limitations on Prospective Financial Statements?

A

Report is restricted to specified users.

Agreed-upon procedures are implemented.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
108
Q

What is the role of the Group Engagement Team?

A

Develop Audit Strategy; Communicate with Component Auditors; Perform work on the Consolidation Process; Evaluate Audit Conclusions; Understand work of Component Auditors;

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
109
Q

Who is on the Group Engagement Team?

A

Firm Partners; Group Engagement Partner; Audit Staff

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
110
Q

Who establishes the Materiality threshold for the Component Auditor?

A

The Group Engagement Team; The Materiality threshold must be lower than the Group Materiality threshold

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
111
Q

What is the Group Engagement Partner responsible for?

A

Group Audit Engagement Direction - Supervision - Performance and the Audit Report

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
112
Q

What is the role of a Component Auditor

A

Audit a component of the entity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
113
Q

What should the Group Engagement Team do if a Component Auditor audits a Significant Component due to Financial Materiality?

A

Audit the Financial Information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
114
Q

What should the Group Engagement Team do if a Component Auditor audits a Significant Component due to Risk of Material Misstatement?

A

Perform Audit Procedures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
115
Q

What should the Group Engagement Team do if a Component Auditor audits a Non-Significant Component?

A

Analytical Procedures performed at Group Level

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
116
Q

Why does an Auditor do if they suspect legal proceedings could contribute to a Material Misstagement?

A

Contact Client external counsel through a Letter of Inquiry

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
117
Q

What is the majority of an auditor’s work in determining an audit opinion?

A

Collection of evidence to support the opinion.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
118
Q

Of what does audit Evidence consist?

A

Evidence consists of client accounting data and supporting documentation from client or from third parties.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
119
Q

What is the relationship between Evidence and Detection Risk?

A

Evidence has an inverse relationship with Detection Risk

The one aspect of Audit Risk an auditor can control through (N)ature (T)iming (E)xtent of audit procedures.

Inherent Risk and Control risk are outside of auditor’s control.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
120
Q

Which aspects of Audit Risk can an auditor control?

A

Detection Risk which is decreased by gathering evidence.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
121
Q

Which aspects of Audit Risk can an auditor NOT control?

A

Inherent Risk and Control Risk are outside of an auditor’s control.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
122
Q

How does a high level of acceptable Detection Risk affect an audit?

A

Less Evidence collected. Opens door for incremental audit risk - Internal Control should be strong.

Business and transactions should be relatively stable and predictable.

(N) Less-competent Evidence collected
(T) Interim testing acceptable
(E) Fewer transactions are verified.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
123
Q

What should occur when a low level of Detection Risk is acceptable?

A

More Evidence collected

(N) More-competent Evidence collected
(T) End of year balance testing
(E) More transactions are verified

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
124
Q

What are the primary risks in an audit for a typical for-profit company?

A

Auditors are there to verify that

Assets & Revenues are not overstated
Expenses & Liabilities are not understated

Exception - if the CPA Exam states that it is a tax-driven company flip them around

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
125
Q

What is the primary constraint on audit evidence?

A

Cost vs. Benefit is a primary constraint.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
126
Q

What characteristics should audit evidence have?

A

Sufficient (quantity)

Appropriate: Relevant & Reliable (Quality)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
127
Q

How does the quality of audit evidence vary depending on who has provided it?

A

Best evidence: Observation of activity by auditor.

2nd Best: Originates from External Parties and is sent directly to auditor (or failing that items are generated by third party and provided to auditor by the client such as a bank statement)

Weakest: Oral evidence from management.

128
Q

Which documents are the most persuasive and credible?

A

Third party documents are more persuasive and credible than internally-prepared docs

Auditor Knowledge = Most Persuasive

3rd Party info given to auditor

3rd Party info given to client

Internally-prepared doc

129
Q

What are Substantive Procedures?

A

Test substance/amounts/values. They help to reduce the risk of material misstatements. They only test accuracy of financial statements and dollar amounts - they don’t test internal controls.

130
Q

What are the substantive tests that are most often performed?

A
Trace (or Vouch)
Reconcile
Analytical Procedures
Confirmations
Examine evidence that supports management assertions.

(T.R.A.C.E.)

131
Q

When performing audit procedures what should auditors focus on?

A

Auditors focus first on Balance Sheet Accounts then associated Income Statement items

132
Q

How is Cash audited?

A

Assurance Level is High.

Acceptable Detection Risk is Low.

133
Q

How is Accounts Receivable audited?

A

If Acceptable DR is High - Negative Confirmation is used - Customer only responds if balance is materially wrong.

If Acceptable DR is Low - Positive Confirmation is used - Customer asked to confirm by telling auditor the balance.

Corresponding Income Statement Account - Revenue

134
Q

How is Accounts Payable audited?

A

Review purchase orders/invoices

Confirm with Vendors

Corresponding Income Statement Account - Various Expenses

135
Q

How is Inventory audited?

A

Examine purchase agreements

Look at Board Minutes

Is Inventory held as collateral?

Corresponding Income Statement Account - COGS

136
Q

How are beginning balances audited?

A

Should match last year’s ending balance.

137
Q

What is the general presumption for auditing Ending Balances?

A

If Beginning Balance Additions Subtractions are OK then Ending Balances should also be OK.

138
Q

How is a Statement of Cash Flows audited?

A

Foot all balances - Check the Math

Trace Cash Flow items to other Financial Statements

Check classifications - Operating Activities Investing Activities Financing Activities

139
Q

Under the Indirect Method what must be disclosed on a Statement of Cash Flows?

A

Interest Paid

Income Taxes Paid

Non-cash Transactions

Cash and Cash Equivalents Definitions

140
Q

Under the Direct Method what must be disclosed on a Statement of Cash Flows?

A

Results as if you had used Indirect Method

Non-cash Transactions

Cash and Cash Equivalents Definition

141
Q

What are Subsequent Events and what do they require?

A

Subsequent events occur after the Balance Sheet Date but before the audit report is issued.

Auditor needs to make inquiries and assess if they affect the audit report.

142
Q

What should occur if the audit report has already been issued and the auditor becomes aware of a situation that was present as of the Balance Sheet date (a subsequent event)?

A

If audit report has already been issued and auditor becomes aware of a situation that was present as of the BS date client should issue a disclosure to financial statement users and/or revise the financial statement.

Regulatory agencies might need to get involved under some circumstances.

143
Q

What should an auditor do if they discover they have forgotten to perform a substantive procedure?

A

If auditor discovers that they forgot to perform a substantive procedure auditor should determine if other substantive procedures performed served as a substitute.

Otherwise support for their audit opinion could be jeopardized.

144
Q

When are Analytical Procedures required?

A

REQUIRED When planning the audit (preliminary)

REQUIRED When reviewing the audit (final)

Analytical procedures may be also performed optionally along with the substantive testing.

Use of Analytical Procedures in the audit must be documented.

145
Q

How do Analytical Procedures assist the auditor?

A

Helps the Auditor:

Determine if Management Assertions are reasonable

Develop audit plan

Develop some expectations about the financial statement and hopefully bring to light any glaring errors on financial statement

146
Q

What is the focus of Analytical Procedures?

A

Analytical Procedure focus is on dollar amounts (not internal controls)

Analyzes Financial Data: Do Financial Statements Make Sense?

Comparison of data between years

147
Q

How is the Current Ratio calculated?

A

Current Ratio = Current Assets / Current Liabilities

148
Q

How is the Quick Ratio calculated?

A

Quick Ratio = Liquid Assets / Current Liabilities

149
Q

How is the Asset Turnover calculated?

A

Asset Turnover = Net Sales / Average Assets

150
Q

How is the Inventory Turnover calculated?

A

Inventory Turnover = COGS / Average Inventory

151
Q

How is Gross Margin % calculated?

A

Gross Margin % = Gross Margin / Sales

152
Q

What type of testing are ratios?

A

Ratios are Analytical Procedures

153
Q

What type of procedure is a Budget vs. Actual comparison?

A

Budget vs. Actual comparisons are Analytical Procedures.

154
Q

List Common Types of Analytical Procedures

A

Ratio analysis

Budget vs. Actual comparison

Comparison of data between years

Use of non-financial data to predict expected values for financial data

155
Q

How do management assertions affect the audit?

A

Management assertions help the auditor to plan the audit and select substantive tests.

156
Q

What assertions do auditors test?

A

Presentation - Cutoff Classification - Is it in the right period and category?
Existence/ Occurrence - Did it happen? Does it exist?
Rights & Obligations - Does the company own them?
Completeness - Was everything recorded?
Valuation - Are they worth the amount at which they are recorded?

(PERCV)

157
Q

What assertions are tests for transaction classes?

A

Occurrence

Cutoff

Classification

Completeness

Accuracy

158
Q

For which assertions are disclosures tested?

A

Occurrence

Completeness

Classification

Accuracy

159
Q

Is testing the validity of direct evidence a basic audit procedure?

A

No it is an extended procedure.

For example you don’t have to take a loan covenant document and go search out that it’s a valid loan covenant. Instead you consider the source - if it’s externally prepared it’s more persuasive.

160
Q

How are Management Estimates audited?

A

First and foremost you need to understand management’s rationale and methods for developing estimates before you can judge reasonableness.

Next Auditor should formulate their own opinion on what a good estimate should be and compare it.

Finally determine if subsequent events affect the estimate.

161
Q

Whose property are audit documentation (audit workpapers)? In what form must they be?

A

Audit workpapers are the property of the auditor.

They can be paper or electronic.

They must include a WRITTEN audit program (either paper or electronic).

162
Q

What is the Current File?

A

Information pertaining to the current year’s audit.

163
Q

What is the Permanent File?

A

Information used for this audit and future audits which is updated as needed.

164
Q

How long must audit workpapers be maintained?

A

Must be kept for 5 years after the audit release date or according to regulations whichever is longer.

Must be kept for 7 years under PCAOB Audit

PCAOB audits also require an Engagement Completion Document

165
Q

What is the primary requirement for audit workpapers besides being written?

A

Any experienced auditor should be able to look at your work and understand what you did.

166
Q

How should documents added to work papers be treated?

A

If further documents are added to the work papers after the audit report is issued it must be documented as to who added them why they were added and any effects on the audit report.

167
Q

How should documents removed from workpapers be treated?

A

After the audit report is released the firm has 60 days to subtract from the file.

You can still add to the file if you document it but you cannot delete any information after 60 days.

Note - for SEC auditors the PCAOB only allows deletions up to 45 days after issuance of the audit report.

168
Q

Which IT personnel roles should always be segregated?

A

Operators

Programmers

Librarians

169
Q

What are the duties of a systems analyst?

A

Designs or purchases IT system

Responsible for flowcharts

Liaison between Users and Programmers

Note: Think IT Manager

170
Q

What is the primary duty of a Systems Administrator?

A

A Systems Administrator controls database access.

171
Q

What are the duties of a Systems Programmer?

A

Writes- Updates- Maintains- & Tests software- systems- and compilers

172
Q

Which duties should a Systems Programmer NOT have?

A

In order to maximize internal control- a Systems Programmer should NOT have application programming duties/abilities or be an Operator on the system.

173
Q

What are the duties of a Systems Operator?

A

Schedules and Monitors Jobs

Runs IT Help Desk

174
Q

What duties should a System Operator NOT have?

A

For internal control purposes- they should not be a Programmer on the system.

175
Q

If it is not possible to segregate duties in an IT System- what actions should be taken to compensate for internal control purposes?

A

Include Computer Logs.

Control Group should review the logs.

176
Q

What is the purpose of a Management Information System (MIS)?

A

To assist with decision making.

177
Q

What is an Accounting Information System (AIS)?

A

A type of Management Information System (MIS) that processes accounting transactions.

178
Q

What are the characteristics of an Executive Information System (EIS)?

A

Specialized for Company Executive needs

Assists with Strategy Only

No Decision-Making Capabilities

179
Q

What are the characteristics of an Expert System (ES)?

A

Computer uses reasoning

Structured

No human interpretation needed

180
Q

What are the characteristics of a Decision Support System (DSS)?

A

Computer provides data

Gives Interactive Support

Human interpretation needed

181
Q

What are the characteristics of an Ad Hoc computer report?

A

User initiates the report.

The report is created upon demand.

182
Q

When are Exception reports generated?

A

Exception reports are produced when Edit Tests- Check Digits- or Self-Checking Digits identify a problem

183
Q

What is a query?

A

A type of Ad Hoc report- initiated by a user.

184
Q

What is End-User Computing?

A

The User develops and executes their own application.

185
Q

What is the primary benefit of E-commerce?

A

E-commerce makes business transactions easier.

186
Q

What are the risks of E-commerce?

A

Compromised data or theft.

Less paper trail for auditors.

187
Q

What are the benefits of Electronic Data Interchange?

A

Uses globally-accepted standards

Efficient

188
Q

What is a File Server?

A

A file server stores shared programs and documents.

189
Q

What is the purpose of a Database?

A

Located on a File Server- a Database allows users to share documents.

190
Q

What is the purpose of a LAN (Local Area Network)?

A

It connects computers in close proximity.

191
Q

What is the purpose of a WAN (Wide Area Network)?

A

It connects computers that are far apart.

192
Q

What are the characteristics of a VAN (Value-Added Network)?

A

Privately-owned Network

Serves as 3rd Party Between 2 Companies

Routes EDI Transactions

Accepts wide range of Protocols

Very Costly

193
Q

What is the purpose of a Firewall?

A

Prevents unauthorized access to a network.

194
Q

What are the characteristics of a virus?

A

Takes over a computer

Needs a host program to run

195
Q

What are the characteristics of a computer worm?

A

Takes over multiple computers

Doesn’t need a host program to run

196
Q

What is the purpose of Automated Equipment Controls?

A

They prevent and detect hardware errors.

197
Q

What is RAM?

A

Random Access Memory.

Internal memory in the computer used during immediate processing.

198
Q

What is a CPU?

A

Computer Processing Unit

It processes commands within a computer.

199
Q

What is Job Control Language?

A

It schedules and allocates system resources.

200
Q

What are examples of input devices?

A

Keyboard
Mouse
Scanner
Magnetic Ink Reader
Magnetic Tape Reader
EDI
Point of Sale Scanner

201
Q

What are examples of Output Devices?

A

Speakers

Monitors

Printers

202
Q

What are the characteristics of Magnetic Tape storage?

A

Sequential Access - Sorts data in order

Slower data retrieval

Header Label prevents Operator error by loading wrong tape

External Labels prevent accidental destruction by operator

203
Q

What are the characteristics of Magnetic Disks?

A

Random Access - Finds data in random spots

Faster data retrieval

Uses Boundary Protection for data

204
Q

What is a Gateway?

A

Connects one network to another

Note: the Internet is connected by Gateways

205
Q

What are Parity Checks?

A

A control that detects internal data errors.

A bit is added to each character- it checks to see if a bit was lost.

206
Q

What is an Echo Check?

A

Transmitted data is returned to the sender for verification (it echoes back to the sender)

207
Q

What is a Change Control?

A

It authorizes program changes and approves program test results.

208
Q

What is security software?

A

Software that controls access to IT systems.

Note: Don’t confuse this with anti-virus software

209
Q

What is the purpose of a Digital Signature?

A

It confirms a message has not been altered.

210
Q

List the types of computers from smallest to largest

A

PDA/Smartphone/Tablet

Microcomputer - PC- Laptop (cost-effective)

Minicomputer - Like a Mainframe- but smaller

Mainframe - Large computer with terminals attached

Supercomputer - Very powerful and very big

211
Q

What are the units of computer data from smallest to largest?

A

Bit - 1 (on) and 0 (off)
Byte - 8 bits to a byte/character
Field - group of related characters/bytes (i.e. Name- Zip Code- Serial #)
Record - Group of related fields (i.e. Member name- address- phone number)
File - Group of related records (i.e. Membership directory)

212
Q

What is the duty of a design engineer?

A

Determine language used for a specific computer- on a computer-to-computer basis

213
Q

What are object programs?

A

Programs written in base computer language- not similar to English.

214
Q

How can source programs be recognized?

A

They are written in a language close to English.

215
Q

What is the purpose of a Compiler?

A

Takes Source language (English) and converts to Object (Computer) Language

216
Q

How does Online Analytical Processing work?

A

It uses a Data Warehouse to support management decision making.

217
Q

What is Data Mining?

A

Using artificial intelligence and pattern recognition to analyze data stores within a Data Warehouse.

218
Q

What is the purpose of online transaction processing?

A

To process a company’s routine transactions.

219
Q

What are the characteristics of batch processing?

A

Data held- updates multiple files all at once

Leaves a better audit trail

Uses Grandfather-Father-Son backup (3 levels of backup kept in 3 locations)

220
Q

What does an output control check for?

A

Checks to see if output data is valid- distributed and used in an authorized manner.

221
Q

What does a processing control check?

A

Checks if data processing produced proper output

222
Q

What is a hash total?

A

An input control number- a meaningless sum of values included in the input.

Example would be summing a list of SSNs to make sure the data is the same once entered as it was prior to input into the system.

223
Q

What is a validity check?

A

Checks to see if data in existing tables or files belongs in the set

For example- is there a # in an alpha-only field or a letter in a numeric-only field

224
Q

What is a limit check?

A

Checks to see if numbers surpass a certain limit- i.e. in an age field is the number greater than 110.

225
Q

What is a check digit?

A

An input control that adds an identification number to a set of
digits - usually at the end

226
Q

What is a field check?

A

An input check that prevents invalid characters- i.e. checks for alphabetic letters in a SSN field

227
Q

What is a Hot Site?

A

A disaster recovery system where if the main system goes down- a Hot Site is ready to take over immediately.

228
Q

What is a Cold Site?

A

If a main system goes down- a Cold Site will take time to get set up and running.

229
Q

What is the most common database language?

A

SQL - Standard Query Language

230
Q

What is a Data Definition Language?

A

Defines SQL Database

Controls SQL Tables

231
Q

What is a Data Manipulation Language?

A

Queries SQL Database tables

232
Q

What is a Data Control Language?

A

Controls Access to SQL Database

233
Q

What are the characteristics of a Relational Database?

A

Logical structure

Uses rows and columns similar to spreadsheet

234
Q

What are the characteristics of a Hierarchical Database?

A

Has various levels

Uses trees to store data

235
Q

What are the advantages of a database?

A

Data is more accessible

Reduced redundancy

236
Q

What are the disadvantages of a database?

A

Cost of installation

Skilled personnel required to maintain

237
Q

What are the components of a database?

A

Desktop client

Application Server

Database Server

Think: Your desktop computer runs applications and saves to a database

238
Q

If Internal Control is poor and a company’s accounting practices are sloppy - which risk is higher?

A

Control risk increases with poor Internal Controls and sloppy accounting practices.

239
Q

If Internal Control is poor - what is the effect on the audit?

A

Auditor will need to perform more testing and dig deeper into accounts in order to arrive at an opinion regarding the financial statements.

240
Q

What does Internal Control provide reasonable assurance for?

A

Internal control provides reasonable assurance that

Material misstatements will be prevented

Reliability/integrity of financial statements will be preserved

Assets are protected against misuse

241
Q

What is required in an examination of Internal Control under Sarbanes-Oxley?

A

CEO/CFO must disclose Internal Control deficiencies

Management must provide assessment of Internal Control

Management must certify Financial Statements

242
Q

What is the relationship between Internal Control and Substantive Testing?

A

Inverse Relationship

Stronger Internal Controls - Less Testing Needed

Weaker Internal Controls - More Testing Needed

243
Q

What are the 3 objectives of Internal Control?

A

Reliability of Financial Reporting

Operational Efficiency/Effectiveness

Compliance with Law and Regulations

244
Q

What are the 5 components of Internal Control?

A

Control Environment

Risk Assessment

Information and Communication

Monitoring

Control Activities

245
Q

What is the purpose for a Control Environment assessment?

A

Sets tone for the entire company

246
Q

What are the components of the Control Environment?

A

Integrity/Ethics of Management
Competence of Management
Organizational Structure
Human Resource Policies
Assignment of Authority/Responsibility
Management’s Style (riskier with a dominant/aggressive individual)
Board/Audit Committee involvement

247
Q

What does an auditor’s assessment of Detection Risk determine?

A

Detection Risk determines nature- timing- and extent of audit procedures.

248
Q

What determines the acceptable level of Detection Risk?

A

Risk of material misstatement determines acceptable level of Detection Risk

249
Q

What items could increase the risk of material misstatement?

A

Rapid growth in the company.

The methods management uses to identify risk- estimate its significance and assess the likelihood of occurrence

Major changes to operations- personnel- systems- IT- products- corporate organization- and foreign operations.

250
Q

What happens when Control Risk is assessed to be at the maximum level?

A

No Internal Control testing is performed.

All audit procedures are increased in intensity to compensate for increased risk.

251
Q

What happens when Control Risk is below the maximum level?

A

Auditor tests Internal Controls.

Auditor evaluates Control Risk based on tests

Auditor adjusts substantive tests accordingly

Weaker Internal Control - More substantive tests

Stronger Internal Control - Less substantive tests

252
Q

Describe some common examples of Control Activities.

A

Performance Reviews

Information Processing

Physical Controls

Segregation of Duties

253
Q

What should an auditor understand with respect to Information and Communication on an audit?

A

Understand Client’s

Major transaction classes
Transaction initiation
Support records/documents
Transaction processing
Financial Statement internal reporting process
Financial Statement external reporting process

254
Q

How must an auditor document understanding of Internal Control?

A

Through written documentation such as Internal Control memos- flowcharts- and questionnaires

255
Q

What questions should be asked to determine the risk of material misstatement?

A

Were all transactions recorded?
Were they timely?
Measured appropriately?
Recorded in correct period?
Presented and disclosed properly?
Did Management communicate their responsibilities?

256
Q

What is the purpose of testing Internal Controls?

A

Auditor needs reasonable assurance that controls are functioning as designed and effective

Internal Control Testing should be strong as (IRON) so that nothing gets past them

Inquiry - Interview company personnel
Re-performance - Can it be replicated?
Observation - Watch the control be applied
INspection - Dig into the details/documents

If results are as expected- substantive procedures do not need to be adjusted

257
Q

When can controls tested by an auditor in a prior year be used in the current year’s audit assessment?

A

Controls tested by auditor in a prior year can be used in the current year’s audit assuming they are re-tested every third year

Exception If the control has changed since the last audit

258
Q

What happens if Internal Controls are deficient?

A

Control Risk increases

Scope of substantive procedures increases

Detection Risk decreases

Material Weakness - Reasonable possibility that a material misstatement in Financial Statements would not be found- more than a remote chance of occurrence

259
Q

What is a Material Weakness?

A

Reasonable possibility exists that a material misstatement in Financial Statements would not be found- and has more than a remote chance of occurrence.

260
Q

What does Tracing test?

A

Tests Completeness

Starts with source document and traces forward to the journal entry.

261
Q

What does Vouching test?

A

Tests Existence.

Starts with a journal entry and searches for a voucher or source document to support the entry.

262
Q

What activities represent Segregation of Duties?

A

Non-compatible duties performed by separate individuals- such as

Authorization of asset disbursement vs. Recording of Assets vs. Custody of assets

If supporting audit evidence doesn’t exit - use Observation and Inquiry

Accounting should be segregated from Production

263
Q

With respect to signing checks - how are duties segregated?

A

Employees who prepare vouchers/invoices should not also have the authority to SIGN CHECKS

Tip - Remember this as an underlying theme with Segregation of Duties. The authority to make a payment should not also lie in the hands of those creating invoices/vouchers. Why? People commit fraud by setting up fake companies and basically paying themselves

264
Q

With respect to custody of assets - how should duties be segregated?

A

Employees who have custody of assets should not also RECORD those assets

Someone in charge of petty cash should not also control the petty cash records

Treasury Department (custodians) should NOT have record keeping duties

They control assets and should not be able to adjust any recording of those assets

265
Q

What are the limitations on Control Activities?

A

Controls can’t stop collusion or bad judgment

Management can override controls

Cost vs. Benefit relationship of Internal Control

266
Q

What is required if a Material Weakness is identified?

A

A written report to management is required.

Report declaring that no material weaknesses were found is allowed

Previous weaknesses reported that still exist should be reported again

Should be reported no later than 60 days after audit report release date

If one or more material weaknesses is uncorrected at year-end- an Adverse Opinion on Internal Control must be given

267
Q

What is the effect of a Significant Deficiency? What is it?

A

A significant deficiency adversely affects a company’s ability to report in the financial statements according to GAAP.

A significant deficiency is a more than a remote likelihood of material misstatement by more than an inconsequential amount

268
Q

What must occur if a Significant Deficiency is identified?

A

If a Significant Deficiency is identified- a written report to management required

Report declaring that no significant deficiencies exist is not allowed

Previous deficiencies reported that still exist should be reported again

Should be reported no later than 60 days after the audit report release date

269
Q

What is a Control Deficiency?

A

A control is not operating as intended.

270
Q

What must an auditor ask if using the work of third parties?

A

Are they competent?

Are they objective?

271
Q

What must an auditor understand with respect to internal auditors?

A

Auditor needs to understand the role of Internal Auditors within the organization because their work affects the audit plan

Responsibility for judgments about materiality or appropriateness of entries or estimates cannot be shared with third parties like Internal Auditors

Internal Auditors should be asked to do some of the legwork like preparing schedules or running reports

They should not be asked to make any decisions or judgments

272
Q

What is required in an examination of Internal Control under Sarbanes-Oxley?

A

CEO/CFO must disclose deficiencies

Management must provide assessment of Internal Controls

Management must certify Financial Statements

273
Q

What is the relationship between Internal Control and Substantive Testing?

A

Has inverse relationship

Stronger Internal Control results in LESS substantive testing

Weaker Internal Control leads to MORE substantive testing

274
Q

What are the three objectives of Internal Control?

A

Reliability of Financial Reporting

Operational Efficiency/Effectiveness

Compliance with Law and Regulations

275
Q

What are the five components of Internal Control?

A

Control Activities

Risk Assessment

Information and Communications

Monitoring

Control Environment

276
Q

What are the components of the Control Environment?

A

Integrity/Ethics of Management
Competence of Management
Organizational Structure
Human Resources Policies
Assignment of Authority/Responsibility
Management’s Style (riskier with a dominant/aggressive individual)
Board/Audit Committee involvement

277
Q

What happens when Control Risk is below the maximum level?

A

Auditor tests Internal Controls.

Auditor evaluates Control Risk based on tests

Auditor adjusts substantive tests accordingly

Weaker Internal Control - More substantive tests

Stronger Internal Control - Less substantive tests

278
Q

What should an auditor understand with respect to Information and Communication on an audit?

A

Understand Client’s

Major transaction classes
Transaction initiation
Support records/documents
Transaction processing
Financial Statement internal reporting process
Financial Statement external communication process

279
Q

How must an auditor document understanding of Internal Control?

A

Auditor must document understanding of Internal Control via Memos - Flowcharts - Questionnaires

280
Q

What is the purpose of testing Internal Controls?

A

Auditor needs reasonable assurance that controls are functioning as designed and effective

Internal Control Testing should be strong as (IRON) so that nothing gets past them

Inquiry - Interview company personnel
Re-performance - Can it be replicated?
Observation - Watch the control be applied
INspection - Dig into the details/documents

If results are as expected - substantive procedures do not need to be adjusted

281
Q

Who created the International Auditing Standards?

A

The International Auditing and Assurance Standards Board (IAASB)

Member of the International Federation of Accountants (IFAC)

282
Q

For whom were IAASB International Auditing Standards created?

A

IAASB standards are for countries that don’t have their own standards and help set the tone for the rest of the members who do have their own standards (AICPA)

IAASB doesn’t override member standards

283
Q

What financial approach is used under IAASB audit standards?

A

IAASB standards are based on a risk assessment approach

284
Q

How do IAASB audit standards compare to US audit standards?

A

IAASB - No Internal Control audits

IAASB - No Referencing another Audit Firm

IAASB - Less detailed documentation

IAASB - Required: obtain written fraud assessment

IAASB - Required: location of auditor’s home office

285
Q

What are International Ethical Standards?

A

Standards set by International Ethics Standards Board for Accountants (IESBA)

Code of Ethics for Professional Accountants - Similar to AICPA Code of Professional Conduct

286
Q

Which groups are covered under the three sections of the International Ethical Standards?

A

A) Covers all accountants

B) Covers Public accountants

C) Covers accountants in a business environment

287
Q

What are the requirements for all accountants under the International Ethical Standards?

A

Accountants should have Integrity
Accountants should be Objective
Accountants should have Competence
Accountants should exercise Due Care
Accountants should maintain Confidentiality
Accountants should act Professionally

288
Q

What questions should public accountants pose to themselves under the International Ethical Standards?

A

What are the threats/safeguards?
Does this new client threaten our ethics?
What are the conflicts of interest?
What are the threats/safeguards for offering a second opinion?
What are the threats/safeguards for receiving commissions or contingent fees?
Is our marketing truthful?
What are the threats/safeguards for receiving client gifts?
What are the threats/safeguards to objectivity?

289
Q

What engagements are covered by the AICPA Code of Professional Conduct?

A

Covers all professional engagements and is the minimum standard of conduct

Member should additionally follow specific standards for a specific engagement

290
Q

What must an accountant have under the AICPA Code of Professional Conduct?

A

Integrity
Objectivity
No Conflicts of Interest
No known misrepresentations of facts
No outsourcing of judgment

291
Q

What are threats and safeguards to independence?

A

Safeguards > Threats - Independence

Threats > Safeguards - No Independence

292
Q

What are the threats to independence?

A

Self-Review (Auditing own work)

Advocate of the Client

Adverse Interest (Lawsuit against Client)

Too familiar with Client - could impair the appearance of Independence to public

Undue influence on Client - On Board of Directors- exception being an Honorary board position

293
Q

What are the Safeguards to independence?

A

Offset the threats

Safeguards are created by Legislation (SOX)- Client (Audit Committee)- Accounting Firm (Policies)

294
Q

What are the characteristics of a Covered Member?

A

On the engagement team- have Significant influence on Audit- such as:

Reviewing Partner
Managing Partner in CPA Firm
Firm Personnel who does more than 10 hours of non-attest work (Income Taxes)
Partner sharing office with another Partner who oversees an engagement
Financial Interest in Client by Covered Member (Auditor on Engagement)

295
Q

What are the requirements for a Covered Member?

A

No direct financial interest

No Material indirect financial interest

Firm personnel who are not Covered Members cannot own more than 5% of stock

Covered Member’s immediate family cannot own more than 5% of stock or be employed in Key positions. If Covered member is aware of this- it will impair independence.

Cannot make management decisions.

All requirements apply during the period of the professional engagement- and as long as they are a client.

296
Q

What happens when a Covered Member disagrees with a Supervisor?

A

If Supervisor’s position is still GAAP/GAAS- defer to Supervisor

If Supervisor’s position is not GAAP/GAAS- report to higher levels of management

If management ignores you- consider leaving the firm

297
Q

When is independence required?

A

Audit

Review

Attestation Engagement

298
Q

What are the requirements for Non-attest engagements?

A

Agreement must be in writing.
Independence not required - Must state if you are not independent

Applicable engagements: Consulting- Compilation

299
Q

Which standards apply to consulting engagements?

A

Consulting engagements are covered by Statements on Standards for Consulting Services (SSCS)

Requirements: Competence- Due Care- Planning- Supervision- Obtain Sufficient Data- Must Serve Client Interest- Must have written or oral agreement- must communicate with client.

300
Q

List some common consulting engagements.

A

Advisory Services

Transaction Services

Management Consulting

Implementation Services

301
Q

What is the rule concerning contingent fees for a covered member?

A

Not allowed if Member also performs services where independence is required

Commissions or referral fees for Covered Members are not allowed

Example - Audit firm gets a commission for recommending to Client that they implement a new A/P System…NOT Allowed

If a firm performing non-attest work doesn’t also perform Covered Member services (aka - Independence not
required)- then Firm can get a commission on referring products/services- but they must disclose to the Client

Tax Preparation - Payment according to refund amount is disallowed

302
Q

When are contingent fees allowed?

A

When fees are structured relative to judicial proceedings.

Example: IRS audit- or filing an amended tax return subject to tax case with a different taxpayer.

303
Q

How should recommendations and suggestions by a covered member to a client be handled?

A

Client must carry them out - covered member cannot perform management functions.

Client must assign someone of competence to oversee the non-attest engagement and CPA must be satisfied that this has occurred.

304
Q

What are the requirements for Personal Financial Planning Engagements?

A

Must have definite objectives

Must have specific procedures planned

Must have a basis for recommendations

Must have recommendations communicated

Must have action steps to implement

305
Q

When is a GAAP departure appropriate?

A

Departure from GAAP is appropriate if GAAP would cause Financial Statements to be misleading- then it must be explained/disclosed.

306
Q

When may a covered member disclose confidential information?

A

Member may disclose confidential info when client isn’t following GAAP

OR

If they receive a subpoena - CPAs are not Attorneys- so there is no CPA-Client privilege

307
Q

What is the effect of not returning all client-provided documents upon request?

A

This is an act discreditable.

You MUST return all documents the client gives you even if they don’t pay their bill.

If you create a document- however- like a work paper- you are not required to give the client a copy of papers you created if they haven’t paid their bill

They are the firm’s work papers- but are still confidential!

308
Q

What are the rules with respect to CPA firm names?

A

CPA firm names must not be misleading.

If partner dies- remaining partner has two years to change name if partnership dissolved. If partner dies and more than one partner still remains (i.e. 1 dies and you still have 2 or more partners…you don’t need to change the name)

All Partners/Shareholders must be members of the AICPA in order to hold themselves out as members of the AICPA. Non-CPAs can be owners- but 2/3 of Ownership must be CPAs. Non-CPA owner must not be involved with the accounting- and is still bound by AICPA code of conduct- must maintain CPE requirements and have Bachelor’s degree.

309
Q

What is the consequence of disclosing CPA exam material post-1996?

A

It is an Act Discreditable.

310
Q

What are the consequences for a CPA who commits an Act Discreditable?

A

Licenses are granted at the State level
If State revokes certificate- AICPA Ban
Felony Conviction- AICPA Ban
Prepares Fraudulent Tax Return- AICPA Ban
Intentionally failing to file return- AICPA Ban
SEC can get involved with discipline

311
Q

What are the functions of the PCAOB?

A

Monitors CPA Firms who audit SEC clients - All SEC Audit firms must register

Issues standards for firms to follow - usually stricter than AICPA standards

312
Q

When is independence impaired under PCAOB standards?

A

If Client pays a contingent fee (i.e. based on outcome)

With Marketing or Planning engagements

Aggressive Tax Strategies

Firm does tax work for Client employee involved with audit oversight or their
family

313
Q

Who must approve non-audit work performed by a firm for a client?

A

Client Audit Committee must approve non-audit work performed by Firm

Firm must disclose any potential independence issues to Audit Committee

314
Q

Which organization is in charge of determining if federal funds are being misappropriated?

A

GAO - Government Accountability Office

315
Q

What rules must auditors follow for governmental audits?

A

Auditors must follow both GAAS and GAS aka the Yellow Book materiality threshold is usually lower
More detail is required on working papers
More stringent CPE rules and requirements - 24 hours of continuing education must be related to governmental auditing every 2 years
Compliance with Regulations is a requirement of the Audit Report