Audit 13 Flashcards
What are the percentages of diversified mutual funds can a covered member own and still be independent
5% or less of diversified mutual fund’s outstanding shares = immaterial indirect financial interest
5% or MORE of a diversified or an UNDIVERSIFIED mutual fund’s outstanding shares = material indirect financial interest in any of the underlying investments
What is in Sox III
CEO and CFO certify:
- each annual or quarterly report
- no untrue statements of material fact or omission
- Financial position and results of operations are fairly presented
- signing officers are responsible for establishing and maintaining effective internal controls
- they have checks them in 90 days
- have presented their conclusions as to the effectiveness of internal controls
NO statement about cooperating with the audit is required
When is a tax preparer justified in relying on information that a client represents to be correct
so long as the info does not appear to be incorrect or incomplete
What kind of a relationship is OK with a broker dealer client - that wont impede independence
- The auditor has a cash balance that is FULLY covered by protection. can only be cash.
- In general the relationship is impaired
Any CPA who signs or permits or directs another CPA to sign (supervisor) a document containing materially false and misleading information has committed what
An act discreditable to the profession
What is the purpose of a subsequent cash receipt
To determine if amounts reported in account receivable at year-end were fairly stated
What would be a consideration in planning a sample for a test of subsequent cast receipts
Preliminary judgement about materiality levels because that will determine whether or not a potential misstatement is material
What is relevant when planning the sample for a TOC
The assessed level of control risk
The test data approach allows n auditor to determine if the client’s system will prevent certain types of errors or frauds by applying standard procedures to a LARGE volume of similar transactions
It could be used for:
- testing payment for hours not worked by including timecards with hours not worked in the test data to see if they are processed
- It can be used to test withholdings or taxes and SS by including disbursements with INCORRECT withholdings or SS contribution amounts to determine if the client program identifies the error
- It can also be used to check for missing employee ID numbers by including disbursements without employee ID numbers in the test data
The test data approach involves running data compiled by the auditor through the client’s system under the auditor’s control
The data will contain certain errors
These are used to determine if the client’s IT system will deal with them appropriately
It only include data errors or conditions that the auditor wishes to test -NOt all possible conditions
- It needs only one example of each condition they wish to test
When evidence is most available through electronic formate the auditor must use what
generalized audit software to extract the data from the client databases
- this doesn’t necessarily increase control risk - this sis dependent on the design an operation of the client’s control over IT
Parallel simulation - the auditor is in control of the program
- one advantage is that you can easily test a great amount of data as a relatively small additional cost
- it involves running client data through programs under the control of the auditor that are presumed to be identical to the ones being applied by the client - if no unauthorized alterations have occurred - the results should be the same
A test data approach allows the auditor to use both valid and invalid transactions to
determine how their system will handle them
what is a digital signature
a mathematical scheme used to verify the authenticity of a signature
what is a heuristic processing
It uses judgmental rules in analyzing data rather than a logical approach which requires cognitive skills
- useful in analyzing data, but not in authenticating and making certain it isn’t tampered with
-
What is a default setting
- these are the standards that a manufactured or programmer creates to deal with the most common situations
What is a perimeter switch
- a device that allows data to be exchanged between the public internet and Intranet -
- It does not authenticate the originator of the document
What is an embedded audit module
- this is an audit system inserted into the client’s system as a monitoring device to apply audit procedures to client data throughout the period
- It is difficult to design
- don’t need to monitor continuously
- if properly designed - management wont be able to tamper with them
What is reviewing the program logic
- this involves analyzing the program itself to determine if it will process transactions and identify errors properly
- It does not involve the use of a program under the auditors control
What is the integrated test facilities approach
- this involves setting up a fictitious company or branch and having the auditor submit transactions to test the system
- it does Not involve using a program under the auditor’s control
What controls are important to establish in a database environment
- a wide range of data is stored in a single location to reduce redundancy and improve success
- controls need to prevent individuals from assessing data inappropriately
- different users have different needs and and different level of authority - so Not the same for every user
