AUDIT 5 Flashcards
Describe the top-down approach used to select controls to test for issuer/nonissuer clients
Following chronological levels:
- FS Level
- Entity level
- Accounts, disclosure, assertions level
How does the extent of testing of internal controls differ between a financial statement audit and an audit of internal control for nonissuers.
The extent of testing of internal controls for a financial statement audit is more limited than in an audit of internal control.
When rendering an opinion on internal control for an audit of internal controls, the auditor should obtain evidence regarding the effectiveness of selected controls over all relevant assertions. This level of testing is not required for a financial statement audit.
What is the accountant’s responsibility with respect to control deficinincies identified during an engagement to audit the internal control of a nonissuer?
Sig. def. and material weaknesses should be communicated to those charged with governance by the report release date.
Control def. that are not significant or material should be communicated in writing to management within 60 days of the report release date.
A material weakness results in an adverse opinion.
How are control deficiencies, significant deficineines, and material weaknesses communicated by the auditor to the issuer in an integrated audit?
Internal control deficiencies: in writing to managements
Sig def: In writing to audit committee
Material weaknesses: To management and audit committe in writing
What standards are referenced in the auditor’s report that provides an opinion on the operating effectiveness of internal control for
- Issuers
- Nonissuers
- Issuers must reference that the audit was conducted in accordance with the standards of the PCAOB.
- Auditing standards generally accepted in the USA
What is included in the inherent limitations paragraph in the auditor’s report that provides an opinion on the operating effectiveness of internal control?
Because of its inherent limitations, IC over financial reporting may not prevent or detect and correct misstatements. Also, projections of any evaluation of effectiveness to future periods are subject to the risk that controls may become inadequate because of changes in conditions, or that the degree of compliance with the policies or procedures may deteriorate.
Is the report that contains an opinion on the operating effectiveness of internal control restricted?
Generally, it is not restricted.
May an auditor who is engaged to perform an integrated audit provide a report stating that all control deficiencies or all significant deficiencies have been identified?
An auditor should not issue a report stating that all control deficiencies or all significant deficiencies have been identified.
May an auditor issue a report stating that no material weaknesses were identified when engaged to perform an integrated audit?
An auditor should not issue a report stating that no material weaknesses were identified. Because the auditor’s objective in an audit of internal control is to form an opinion on the effectiveness of the entity’s internal control, the auditor should not issue a report indicating that no material weaknesses were identified during the integrated audit.
Is it possible for an auditor to render an unmodified opinion on the FS and an adverse opinion on internal control over FR?
Yes, and auditor may render this opinion. The IC could not be operating effectively but the FS may be fairly stated.
Note: auditor should disclose this and whether the FS were affected by this adverse opinion.
Define an attestation engagement.
It it one in which a CPA is engaged to issue or does issue an examination, a review, or an agreed upon procedures report on a subject matter, or on an assertion about the subject matter, that is the responsibility of another party (management).
List 6 major attestation services.
- Agreed upon procedures
- Financial forecasts and projections
- Pro forma financial statements
- Reporting on controls at a service organization
- Compliance with statutory, regulatory, or contractual agreements
- Managements Discussion and Analysis
How are attestation standards different for GAAS?
- Broader in scope
- No reference is made to GAAP or to FS
- Lower level of assurance
- Tailored to the need of the user
What are the common concepts related to all attestation engagements?
- Compliance with all attestation standards relevant to the engagement.
- Acceptance and continuance are satisfactory performed for client relationships and attestation engagements.
- Preconditions for an attestation engagement are present, including independence and responsibility for and appropriateness of subject matter.
- Engagement documentation standards for timeliness, retention, ownership, and confidentiality apply.
- Acceptance of a change in the terms of the engagement as reasonable, when applicable.
- Using the work of an other practitioner is allowed with appropriate due dilligence.
- Responsibility for quality control by the engagement partner.
- Professional skepticism and professional judgement are required in the planning and performance of an attestation engagement.
What levels or assurance may be provided by attestation engagements?
Examination: A positive opinion, high level of assurance, generally based on a variety of procedures, including search, verification, inquiry, and analysis.
Review (negative assurance): Moderate level of assurance, generally based on inquiry and analytical procedures.
Agreed-Upon procedures: No assurance, but procedures and findings are listed.