Audit 3 - Engagement Acceptance, Planning, and Risk Assessment

Question 1

Main Financial Statement Assertions

C.O.V.E.R.U.

Answer 1

C. - Completeness
O.- CutOff
V.- Valuation, allocation, accuracy
E. -Existence & Occurrence
R. - Rights & Obligations
U. - Understandability & Classification

Question 2

Inherent Risk

Answer 2

Susceptibility of a relevant assertion to a material misstatement, assuming there are no related controls. Assertions with high volume transactions, complex calculations, estimates, have higher inherent risk.

Question 3

Control Risk

Answer 3

Risk that MM could occur in a relevant assertion will not be prevented or detected (and corrected) on a timely basis by the entity’s internal control.

Question 4

Assessed by Auditor

Controlled by Auditor

Answer 4

Risk of Material Misstatement

Detection Risk

Question 5

Inherent Risk & Control Risk

Answer 5

Exist independently of the audit, and the auditor generally cannot change them.

Question 6

Detection Risk

Answer 6

Risk auditor will not detect a MM that exists in a relevant assertion. Function of effectiveness of audit procedures and of manner in which they are applied. Can be changed by varying N.E.T. of audit procedures. Controllable by auditor.

Question 7

Relationship of RMM to Detection Risk

Answer 7

Inverse relationship:

RMM high = Detection Risk should be set at low level.

Question 8

Relationship between RMM and assurance required from substantive procedures.

Answer 8

Direct Relationship: Greater risk requires more persuasive evidence, a larger sample size, and/or a shift from interim to year-end testing.

Question 9

Auditor’s Responsibility

Answer 9

Auditor has a responsibility to plan and perform the audit to obtain reasonable assurance about whether the FS are free of material misstatement, whether caused by error or fraud.

Question 10

Pass Key - Assessing Risks of MM

Answer 10

RRM is function of inherent risk and control risk. The process of obtaining an understanding of the entity and its environment, including its internal control, is the process of assessing the entity’s inherent risk and control risk. Once inherent risk and control risk have been assessed, the auditor determines the overall risk of MM and the acceptable level of detection risk. The acceptable level of detection risk is used to determine the N.E.T. of further audit procedures (tests of controls and substantive procedures)

Question 11

Steps in Assessing RMM and Responding

I.M.A. C.P.A.

Answer 11

I. - Internal Control - Understanding of entity & envi
M. MM - assess risks of it
A. Assessed level of risk- respond, design proc
C.- Controls, test internal controls oper effectiv
P. - Perform substantive procedures
A.- Audit evidence

Question 12

Control Activities in Strong System of IC

P.A.I.D. T.I.P.S.

Answer 12

P.- Pre-numbering documents
A. - Authorization of transactions
I.- Inde. checks to maintain asset accountability
D.- Documentation

T.- Timely and appropriate performance reviews
I.- Information processing controls
P.- Physical controls for safeguarding assets
S.- Segregation of duties

Question 13

Segregation of Duties

A.R.C. - to protect against a flood of trouble

Answer 13

A.- Authorization
R.- Record keeping
C.- Custody of related assets
Client’s IC should separate these functions

Question 14

During planning, if audit procedures performed before year-end, what must auditor assess?

Answer 14

Incremental risk involved and determine whether sufficient alternative procuedures exist to extend the interim conclusions to year-end.

Question 15

Regardless of assessed level of control risk, what must auditor still do?

Answer 15

Perform some level of substantive tests to restrict detection risk for significant transaction classes.

Question 16

What does auditor’s understanding of entity’s IC allow auditor to make a preliminary assessment on?

Answer 16

Entity’s Control Risk

Question 17

What should auditor of a nonissuer design tests of detail for?

Answer 17

To ensure sufficient audit evidence supports planned level of assurance at the relevant assertion level.

Question 18

Components of Internal Control

C.R.I.M.E.

Answer 18

C.- Control Environment - tone of org
R.- Risk assessment by management
I.- Info and Comm Systems
M.- Monitoring: assessment of IC performance
E.- Existing control activities

Question 19

What must auditor do when evaluating a client’s IC?

Answer 19

First obtain an understanding of the design of the controls and then determine if the controls have been implemented.

Question 20

Nature of test of controls

Answer 20

AKA tests of operating effectiveness of controls, to test control risk:

Inquiries
Observation
Inspection
Reperformance

Question 21

What should N.E.T. of substantive procedures be responsive to?

Answer 21

Assessed risks of MM, including results of tests of controls and planned level of detection risk. Substantive procedures follows tests of controls.

Question 22

How is evidence regarding proper segregation of duties generally obtained?

Answer 22

Through inspection and observation

Question 23

Assessing risk based on the effective operation of controls involves:

Answer 23

1. Identifying specific internal controls relevant to specific assertions that are likely to prevent or detect MM in those assertions.
2. Performing tests of such controls to evaluate their effectiveness.

Question 24

Why would an auditor decide to reduce tests of details for a particular audit objective?

Answer 24

If analytical procedures have revealed no unusual or unexpected results.

Question 25

Outline of Audit Strategy

Answer 25

Written, outlines:
1. Scope of audit engagement - Extent
2. Reporting objectives - Timing
3. Timing of audit- Timing
4. Required communications- Timing
5. Factors that determine focus of audit - Nature
Also includes preliminary assessment of materiality & tolerable misstatement

Question 26

Factors Determining Focus of the Audit

Nature

Answer 26

Prelminary evaluations of:
Materiality
Audit Risk
Internal Control

Question 27

Tolerable Misstatement

Answer 27

Maximum error in a population that the auditor is willing to accept. Tolerable misstatement is the application of performance materiality to a particular sampling procedure.

Question 28

Tests of Controls

Answer 28

Used to evaluate operating effectiveness of IC in preventing or detecting MM.

Needed if risk assessment based to some extent on operating effectiveness of IC & substantive procedures alone are deemed to be insufficient.

Question 29

Substantive Procedures

Answer 29

Used to detect MM. Include tests of details (applied to transaction classes, account balances, and disclosures and substantive analytical procedures.

Question 30

Risk of MM Equals

Answer 30

Inherent Risk x Control Risk

Question 31

Audit Risk Equals

Answer 31

RMM (IR x CR) x Detection Risk

Question 32

Detection Risk subdivided into:

Answer 32

1. Tests of Details Risk

2. Substantive Analytical Procedures Risk

Question 33

Detection Risk Assessment & Relationship

Answer 33

View it as acceptable level of detection risk:

If detection risk set to low level then you will be increasing substantive procedures (test of details, substantive analytical procedures)

If detection risk set to high level, assurance provided from substantive tests decreases, and provides for less testing.

Question 34

Relationship between Detection Risk and Substantive Procedures

Answer 34

Inverse

Low detection risk - more procedures
High detection risk - less procedures

Question 35

Risk Assessment Procedures

To obtain understanding of entity & environment including IC

Answer 35

1. Inquiries
2. Analytical Procedures
3. Observation & Inspection
4. Risk Assessment Discussion - with audit team

Question 36

Auditor of nonissuer design test of details to ensure sufficient audit evidence supports?

Answer 36

Ensure tests of details supports planned level of assurance at the relevant assertion level.

Question 37

Requirement of auditor in understanding of an entity’s internal control

Answer 37

Obtain knowledge about the design of controls and whether they have been implemented.

Question 38

Analytical Procedures during planning stage of audit.

Answer 38

Should focus on enhancing auditor’s understanding of the transactions and events that have occurred since the last audit.

Question 39

What should auditor of nonissuer design tests of details to ensure?

Answer 39

Sufficient audit evidence supports the planned level of assurance at the relevant assertion level.

Question 40

Test of details

Answer 40

To support relevant assertions or to detect material misstatements.