Audit Q1 Flashcards
When the auditor has no reservations about management’s financial statements or internal controls, the auditor will issue an unqualified audit opinion.
true
The sole responsibility of management with regard to financial reporting
involves preparing and presenting financial statements in accordance with the
applicable financial reporting framework.
false
Which of the following are the responsibilities of the external auditor in
auditing financial statements?
a. Maintaining internal controls and preparing financial reports.
b. Providing internal assurance on internal control and financial reports.
c. Providing internal oversight of the reporting process.
d. Providing independent assurance on the financial statements
d. Providing independent assurance on the financial statements
Which of the following factors does not create a demand for external audit
services?
a. Potential bias by management in providing information.
b. Requirements of the state boards of accountancy.
c. Complexity of the accounting processing systems.
d. Remoteness between a user and the organization.
b. Requirements of the state boards of accountancy.
Audit quality is achieved when the audit is performed in accordance with
GAAS and when it provides reasonable assurance that the financial
statements have been presented in accordance with GAAP and are not
materially misstated due to errors or fraud.
true
One of the key drivers of audit quality is the gross margin achieved by the
audit firm and the ability of the engagement partner to maintain those margins
over the duration of the audit engagement.
false
Audit quality involves which of the following?
a. Performing an audit in accordance with GAAS to provide reasonable assurance that the audited
financial statements and related disclosures are presented in accordance with GAAP and providing
assurance that those financial statements are not materially misstated whether due to errors or
fraud.
b. Performing an audit in accordance with GAAP to provide reasonable assurance that the audited
financial statements and related disclosures are presented in accordance with GAAS and providing
assurance that those financial statements are not materially misstated whether due to errors or
fraud.
c. Performing an audit in accordance with GAAS to provide absolute assurance that the audited
financial statements and related disclosures are presented in accordance with GAAP and providing
assurance that those financial statements are not materially misstated whether due to errors or
fraud.
d. Performing an audit in accordance with GAAS to provide reasonable assurance that the audited
financial statements and related disclosures are presented in accordance with GAAP and providing
assurance that those financial statements contain no misstatements due to errors or fraud.
a. Performing an audit in accordance with GAAS to provide reasonable assurance that the audited
financial statements and related disclosures are presented in accordance with GAAP and providing
assurance that those financial statements are not materially misstated whether due to errors or
fraud
Which of the following factors is not a driver of audit quality as discussed by
the FRC?
a. Audit firm culture.
b. Skills and personal qualities of client management.
c. Reliability and usefulness of audit reporting.
d. Factors outside the control of auditors
b. Skills and personal qualities of client management.
The AICPA’s principles of professional conduct articulate auditors’
responsibilities and their requirements to act in the public interest, to act with
integrity and objectivity, to be objective and independent, to exercise due
care, and to perform an appropriate scope of services.
true
Per the AICPA’s Code, independence would be impaired if his or her
immediate family member were employed by the audit client in any capacity
or personnel level.
false
Which of the following is not a threat to auditor independence?
a. Self-review threat.
b. Advocacy threat.
c. Adverse interest threat.
d. Regulatory interest threat.
d. Regulatory interest threat.
Which of the following statements is false?
a. An auditor in public practice shall be independent in the performance of professional
services.
b. In performing audit services, the auditor shall maintain objectivity and integrity, be free of
conflicts of interest, and not knowingly misrepresent facts or subordinate his or her
judgment to others.
c. In performing audit services, the auditor may accept only contingent fees for publicly
traded audit clients.
d. An auditor in public practice shall not seek to obtain clients by advertising or other forms
of solicitation in a manner that is false, misleading, or deceptive
c. In performing audit services, the auditor may accept only contingent fees for publicly
traded audit clients.
Existing clients for which the audit firm provided services in the preceding
period are evaluated by the audit firm and by the individual engagement
partner at the completion of the audit to determine whether the audit firm
should continue to provide services again in the next period. The process by
which this evaluation occurs is called the client continuance decision.
true
Audit firms may discontinue serving a client because the client does not fit
the profile or growth strategy of the audit firm.
true
With regard to client acceptance/continuance decisions, which of the following is false?
a. Client acceptance/continuance decisions are one part of the audit firm’s overall portfolio
management activities.
b. The primary driver of the client acceptance/continuance decision is the level of audit fees that the audit firm can charge the client.
c. One can view an individual audit client as analogous to an individual stock in an
investment portfolio.
d. Audit firms are not required to provide audit services for all organizations requesting an
audit
b. The primary driver of the client acceptance/continuance decision is the level of audit fees that the audit firm can charge the client.
Which of the following factors is not an example of a risk relevant to the
client continuance decision?
a. Client entity characteristics
b. Independence risk factors
c. Third party/due-diligence risk factors
d. Advocacy threat
d. Advocacy threat
Utilitarian theory holds that what is ethical is the action that achieves the greatest good for the most important people.
true
In rights theory, the highest-order rights are those granted by the government, such as civil rights, legal rights, rights to own property, and
license privileges.
false
Which of the following statements related to rights theory is false?
a. The highest-order rights include the rights to life, autonomy, and human
dignity.
b. Second-order rights include rights granted by the government, such as
civil rights and legal rights.
c. Third-order rights include social rights, such as the right to higher
education, to good health care, and to earning a living.
d. Fourth-order rights include one’s essential interests or personal tastes.
d. Fourth-order rights include one’s essential interests or personal tastes.
Utilitarianism does not require which of the following actions when a person
considers how to resolve an ethical dilemma?
a. Identification of the potential problem and courses of action.
b. Identification of the potential direct or indirect impact of actions on each
affected party who has an interest in the outcome.
c. Identification of the motivation of the person facing the ethical dilemma.
d. Assessment of the desirability of each action for each affected party.
c. Identification of the motivation of the person facing the ethical dilemma.
Data science is an interdisciplinary field about scientific methods,
processes, and information systems that aims to help users gain insights
from complex and often unstructured data.
true
Round-number tests are a data-analytics approach auditors can use to
detect fraudulent transactions or journal entries.
true
Which of the following statements related to data-analytics is false?
a. Data-analytics tools can be qualitative or quantitative.
b. CRISP-DM is a framework in which the outcome is the primary focus of
employing data analytics.
c. One element of data preparation includes data cleansing.
d. Crafting a compelling story about the data is one element of presenting
the data
b. CRISP-DM is a framework in which the outcome is the primary focus of
employing data analytics.
A data dictionary:
a. Helps users understand the structure and content of a database,
including the name of the data, its description, relationships among
various related data, and access rights.
b. Articulates how users collect, store, organize, and use data.
c. Helps auditors make decisions about client risk assessment.
d. Helps the auditor manage hardware, software, air conditioning, backup
systems, communication, and security equipment for multiple
organizations.
a. Helps users understand the structure and content of a database,
including the name of the data, its description, relationships among
various related data, and access rights.
The SEC action against Elon Musk and Tesla is an asset misappropriation
fraud.
false
The Theranos fraud includes both asset misappropriate and fraudulent
financial reporting.
true
What is the primary difference between fraud and error in financial statement
reporting?
a. The materiality of the misstatement.
b. The intent to deceive.
c. The level of management involved.
d. The type of transaction affected
b. The intent to deceive.
Which of the following examples best represents an example of fraudulent financial reporting?
a. Management issues 40,000 share of the company’s stock to a friend without authorization
by the board of directors.
b. The controller of the company inappropriately records January sales in December so that
year-end results will meet analysts’ expectations.
c. The in-house attorney receives payments from the French government for negotiating the
development of a new plant in Paris.
d. The accounts receivable clerk covers up the theft of cash receipts by writing off older
receivables without authorization.
b. The controller of the company inappropriately records January sales in December so that
year-end results will meet analysts’ expectations.
The three elements of the fraud triangle include incentive, opportunity, and
rationalization.
true
Management compensation schemes that heavily emphasize stock-based
compensation primarily affect the opportunity to commit fraud.
false
Which of the following factors creates an opportunity for fraud to be
committed in an organization?
a. Management demands financial success.
b. Poor internal control.
c. Commitments tied to debt covenants.
d. Management is aggressive in its application of accounting rules.
b. Poor internal control.
Which of the following is a common rationalization for fraudulent financial reporting?
a. This is a one-time transaction and it will allow the company to get through the current financial
crisis, but I’ll never do it again.
b. I am only borrowing the money; I will pay it back next year.
c. Executives at other companies are getting paid more than I am, so I deserve the money.
d. The accounting rules don’t make sense for our company, and they make our financial results look
weaker than is necessary. Therefore, we have good reason to record revenue using a non-GAAP
method.
e. Both (a) and (d).
e. Both (a) and (d).
Federal prosecutors and the SEC can hold management accountable for
fraudulent statements that they make on social media in the same way that
they can hold management accountable for fraudulent statements that they
make in more traditional forms of communication (e.g., press releases) with
users of financial information.
true
Professional skepticism related to detecting possible fraud involves the
validation of information through probing questions, critical assessment of
evidence, and attention to inconsistencies.
true
Which of the following is true about short-selling firms?
a. A short-selling firm is a professional services firm that conducts in-house research to detect
companies potentially committing fraud, enters into short-selling contracts relating to the stock of
those companies, and then profits when investors react to their research and drive stock prices
down.
b. Short-selling firms helped bring to light frauds at Nikola and Luckin Coffee.
c. Short-selling firms help to maintain the integrity of capital markets by providing information to users
of the financial statements that would otherwise not be revealed in, for example, traditional
securities filings made by companies to the SEC.
d. All of the above.
e. None of the above.
d. All of the above.
Which of the following is not a key insight from the Anti-Fraud Collaboration report?
a. The most common industry sector involved in fraud is entertainment and communication.
b. Small companies are more likely to receive an AAER.
c. Perpetrators of fraud typically include the highest-ranking individuals in the company.
d. All of the above.
e. None of the above
a. The most common industry sector involved in fraud is entertainment and communication.
A presumptive doubt mindset exists when the auditor neither believes nor
disbelieves client management.
false
If the auditor trusts management and thinks that management has high
integrity, conducting a fraud brainstorming session is optional.
false
Which of the following activities will indicate to the auditors that the client is
engaging in related-party transactions?
a. Buying or selling goods or services at prices that are different from the
market value.
b. Buying or selling goods or services with unusual payment terms.
c. Borrowing or lending money with no recorded payment terms and/or no
interest.
d. All of the above.
e. Only (a) and (b) indicate related-party transactions
d. All of the above.
Which of the following statements is true?
a. Unless an independent audit can provide reasonable assurance that financial information has not
been materially misstated because of fraud, it has little, if any, value to society.
b. Repeated revelations of accounting scandals and audit failures related to undetected frauds have
seriously damaged public confidence in external auditors.
c. A strong ethical tone at the top of an organization that permeates corporate culture is essential in
mitigating the risk of fraud.
d. All of the above.
e. None of the above.
d. All of the above.
The AICPA wrote the Sarbanes-Oxley Act of 2002 to address problems
revealed in frauds that were committed in the
late 1980s.
false
The Sarbanes-Oxley Act contains a provision stating that auditors are not
allowed to provide most consulting services for their public company audit
clients.
true
Which of the following statements is correct regarding the responsibility of signing officers (usually the
CEO and CFO) of public companies under the Sarbanes-Oxley Act of 2002?
a. The external auditor will certify in quarterly and annual reports filed with the SEC that the report
does not contain untrue statements of material facts and that the financial statements and
disclosures present fairly (in all material respects) the financial condition and results of the
operations of the issuer.
b. The external auditor must establish and maintain effective internal controls to ensure reliable
financial statements and disclosures.
c. The external auditor is responsible for designing internal controls, assessing their effectiveness,
and disclosing material deficiencies in controls to the audit committee and to the registered
accounting firm.
d. All of the above are correct.
e. None of the above are correct.
e. None of the above are correct.
Refer to Exhibit 2.8. The Sarbanes-Oxley Act enacted which of the following provisions relevant to
auditors and the audit opinion formulation process?
a. The PCAOB was established, and it has the power to conduct inspections of public company
audits.
b. The lead audit partner and reviewing partner must rotate off the audit of a publicly traded company
at least every 10 years.
c. In the annual report, management must acknowledge that they are required to have the company’s
internal audit function attest to the accuracy of the annual reports.
d. All of the above.
e. None of the above
a. The PCAOB was established, and it has the power to conduct inspections of public company
audits.
Corporate governance is the process by which the owners and creditors of
an organization exert control over and require accountability for the
resources entrusted to the organization.
true
The SEC, working together with Tesla’s audit committee, has been effective
in ensuring that Elon Musk provides accurate information to the capital
markets.
false
Audit committee activities and responsibilities include which of the following?
a. Selecting the external audit firm.
b. Approving corporate strategy.
c. Reviewing management performance and determining compensation.
d. All of the above.
e. None of the above.
a. Selecting the external audit firm.
Which of the following audit committee responsibilities has the NYSE mandated?
a. Obtaining a report each year by the internal auditor that addresses the company’s
internal control procedures, any quality-control or regulatory problems, and any
relationships that might threaten the independence of the internal auditor.
b. Discussing in its meetings the company’s earnings press releases as well as financial
information and earnings guidance provided to analysts.
c. Reviewing with the internal auditor any audit problems or difficulties that they have had
with management.
d. All of the above.
e. None of the above.
b. Discussing in its meetings the company’s earnings press releases as well as financial
information and earnings guidance provided to analysts.
Effective internal control over financial reporting allows users to make
informed decisions about financial disclosures.
true
Management needs to understand risks to reliable financial reporting before
determining the internal controls that would be helpful to achieving reliable
financial reporting.
true
Which of the following are affected by the quality of an organization’s internal
controls?
a. Reliability of financial data.
b. Ability of management to make informed business decisions.
c. Ability of the organization to remain in business.
d. All of the above.
e. Only a and c.
d. All of the above.
Which of the following creates an opportunity for committing fraudulent
financial reporting in an organization?
a. Management demands financial success.
b. Poor internal control.
c. Commitments tied to debt covenants.
d. Management is aggressive in its application of accounting rules.
b. Poor internal control.
The purpose of internal control is to provide absolute assurance that an
organization will achieve its objective of reliable financial reporting
false
Organizations use the GAAP framework of internal control as a benchmark
when assessing the effectiveness of internal control over financial reporting.
false
What are the components of internal control per COSO’s Internal Control–
Integrated Framework?
a. Organizational structure, management philosophy, planning, risk assessment, and control activities.
b. Control environment, risk assessment, control activities, information and communication, and monitoring.
c. Risk assessment, control structure, backup facilities, responsibility accounting, and
natural laws.
d. Legal environment of the firm, management philosophy, organizational structure, control activities, and control assessment.
b. Control environment, risk assessment, control activities, information and communication, and monitoring.
Which of the statements regarding internal control is false?
a. Internal control is a process consisting of ongoing tasks and activities.
b. Internal control is primarily about policy manuals, forms, and procedures.
c. Internal control is geared toward the achievement of multiple objectives.
d. A limitation of internal control is faulty human judgment.
e. All of the above statements are true.
b. Internal control is primarily about policy manuals, forms, and procedures.
The control environment component of internal control is a pervasive or
entity-wide control because it affects multiple processes and multiple types
of transactions.
true
Corporate culture is an element of the monitoring component of the COSO
Framework.
false
Which of the following is not a principle of an organization’s control
environment?
a. Independence and competence of the board.
b. Competence of accounting personnel.
c. Structures, reporting lines, and authorities and responsibilities.
d. Commitment to integrity and ethical values.
e. The organization considers the potential for fraud in assessing risks to the
achievement of objectives.
e. The organization considers the potential for fraud in assessing risks to the
achievement of objectives.
Which one of the following is false regarding kickbacks?
a. A kickback is an illegal payment made by a customer to a supplier giving
the customer preferential treatment from the supplier.
b. A kickback is an illegal payment made by a supplier to a customer giving
the supplier preferential treatment from the customer.
c. A kickback is typically paid in the form of cash or merchandise but can
also be paid in the form of stock options.
d. A kickback is a type of bribery.
e. Two of the above (a-d) are false
a. A kickback is an illegal payment made by a customer to a supplier giving
the customer preferential treatment from the supplier.
Auditors will judge a misstatement as material if they can prove that it
affected economic decisions of users.
false
An organization’s risk assessment process should identify risks to reliable
financial reporting from both internal and external sources.
true
Which of the following statements is false regarding the risk assessment
component of internal control?
a. Risk assessment includes assessing fraud risk.
b. Risk assessment includes assessing internal and external sources of risk.
c. Risk assessment includes the identification and analysis of significant changes.
d. Economic changes would not be considered a risk that needs to be analyzed as part of the risk assessment process
d. Economic changes would not be considered a risk that needs to be analyzed as part of the risk assessment process
Which of the following is not part of management’s fraud risk assessment
process?
a. The assessment considers ways the fraud could occur.
b. The assessment considers the role of the external auditor in preventing
fraud.
c. Fraud risk assessments serve as an important basis for determining the
control activities needed to mitigate fraud risks.
d. The assessment considers pressures that might lead to fraud in the financial statements.
b. The assessment considers the role of the external auditor in preventing
fraud.
Top management is responsible for conducting a daily monitoring of any
attempts to compromise the internal control system.
false
Money laundering occurs when the criminal completes the following
processes after obtaining “dirty money”: placement, layering, and
integration.
true
Which of the following scenarios provides the best example of segregation
of duties?
a. Employees perform multiple jobs and have access to related records.
b. The internal audit function performs an independent test of transactions throughout the year and reports any errors to departmental managers.
c. The person responsible for reconciling the bank account is responsible for cash
disbursements but not for cash receipts.
d. The payroll department cannot add employees to the payroll or change pay rates without the explicit authorization of the Human Resources Department
d. The payroll department cannot add employees to the payroll or change pay rates without the explicit authorization of the Human Resources Department
Which of the following statements about application controls is true?
a. Organizations can have manual application controls or automated application controls, but not a combination of the two.
b. Application controls are intended to mitigate risks associated with data input, data processing, and data output.
c. Application controls are a part of the monitoring component of internal control.
d. Self-checking digits are an output control.
b. Application controls are intended to mitigate risks associated with data input, data processing, and data output.
An organization’s accounting system is part of its information and
communication component of internal control.
true
A whistle-blower is a governmental organization that exposes information or
activity about an individual who is committing illegal, immoral, illicit, unsafe,
or fraudulent activities.
false
Which of the following is an effective implementation of the information and communication
component of COSO’s Internal Control–Integrated Framework?
a. The organization has one-way communication with parties external to the organization.
b. The organization has a whistle-blower function that allows parties internal and external to the organization to communicate concerns about possible inappropriate actions in the organization’s operations.
c. The organization has a robust process for assessing risks internal and external to the organization.
d. The organization builds in edit checks to determine whether all purchases are made from
authorized vendors.
e. All of the above
b. The organization has a whistle-blower function that allows parties internal and external to the organization to communicate concerns about possible inappropriate actions in the organization’s operations.
Which of the following is not a principle of the information and communication component of COSO’s Internal Control–Integrated
Framework?
a. The organization identifies, obtains, and uses relevant information.
b. The organization communicates internally.
c. The organization communicates externally.
d. All of the above are principles of the information and communication
component of COSO’s Internal Control–Integrated Framework
d. All of the above are principles of the information and communication
component of COSO’s Internal Control–Integrated Framework
As part of monitoring, an organization will select either ongoing evaluations
or separate evaluations, but not both.
false
Communicating identified control deficiencies is a principle of monitoring
true
Which of the following is not an effective implementation of the monitoring component of
COSO’s Internal Control–Integrated Framework?
a. Internal audit periodically works to improve internal controls.
b. Management reviews current economic performance against expectations and
investigates to determine causes of significant deviations from the expectations.
c. The organization implements software that captures all instances in which the underlying
program identifies processed transactions that exceed company-authorized limits.
d. The organization builds in edit checks to determine whether all purchases are made from authorized vendors, and flags those that are not
a. Internal audit periodically works to improve internal controls.
Which of the following is the most accurate statement related to the monitoring
component of COSO’s Internal Control–Integrated Framework?
a. Monitoring is a process that is relevant only to the control activities component of
COSO’s Internal Control–Integrated Framework.
b. Separate evaluations are more timely than ongoing evaluations in identifying
control deficiencies.
c. Monitoring is a process that provides feedback on the effectiveness of each
component of internal control.
d. Monitoring includes automated edit checks to determine whether all purchases
are made from authorized vendors
c. Monitoring is a process that provides feedback on the effectiveness of each
component of internal control.
Management of US public companies may provide a public report on the
effectiveness of their organization’s internal control over financial reporting,
but management is not required to do so.
false
As part of a walkthrough, management will follow a transaction from
origination to when it is reflected in the financial records to determine
whether the controls are effectively designed and have been implemented
true
Which of the following statements is false regarding management’s documentation of
internal control over financial reporting?
a. Management needs to maintain sufficient and appropriate documentation of the internal controls they have designed and implemented to achieve the objective of reliable
financial reporting.
b. Internal control documentation is useful in training new personnel or serving as a reference tool for all employees.
c. Management only needs to maintain documentation if the company’s auditors will be providing an opinion on internal control effectiveness.
d. Documentation provides evidence that the controls are operating
c. Management only needs to maintain documentation if the company’s auditors will be providing an opinion on internal control effectiveness.
Which of the following is not included in management’s report on internal
control?
a. A statement that management is responsible for internal control.
b. A definition of internal control.
c. A discussion of the limitations of internal control.
d. The criteria used in assessing internal control.
e. A description of the work that the internal auditors performed.
e. A description of the work that the internal auditors performed.
If management identifies even one material weakness in internal control,
then management will conclude that the organization’s internal control over
financial reporting is not effective.
true
Management will classify a control deficiency as a material weakness only if
there has been a material misstatement in the financial statements that will
result in a restatement.
false
Assume that an organization sells software. The sales contracts with the customers often have
nonstandard terms that impact the timing of revenue recognition. Thus, there is a risk that revenue
may be recorded inappropriately. To mitigate that risk, the organization has implemented a policy that
requires all nonstandard contracts greater than $1 million to be reviewed on a timely basis by an
experienced and competent revenue accountant for appropriate accounting, prior to the recording of
revenue. Management has classified this deficiency as a material weakness. Which of the following
best describes the conclusion made by management?
a. There is more than a remote possibility that a material misstatement could occur.
b. The likelihood of misstatement is reasonably possible.
c. There is more than a remote possibility that a misstatement could occur.
d. There is a reasonable possibility that a material misstatement could occur.
e. There is a reasonable possibility that a misstatement could occur
d. There is a reasonable possibility that a material misstatement could occur.
Which of the following scenarios represents a control deficiency?
a. A missing control that is required for achieving objectives.
b. A control that operates as designed.
c. A control that provides reasonable, but not absolute assurance, about the
reliability of financial reporting.
d. An immaterial individual misstatement in internal.
e. None of the above
a. A missing control that is required for achieving objectives.
Under PCAOB standards, public company auditors will issue a report on
internal controls, but under IAASB standards, public company auditors will
not do so.
true
If the auditor concludes that there exists one or more material weaknesses
in internal control over financial reporting, the auditor will automatically
conclude that they cannot issue an unqualified opinion on the financial
statements
false
Which of the following is a reason that the auditor obtains an understanding
of the client’s internal control over financial reporting?
a. This understanding is required by professional auditing standards.
b. Understanding of internal control is needed to properly plan the audit.
c. This understanding helps an auditor assess a client’s risk of material
misstatement.
d. All of the above are reasons why the auditor obtains an understanding of the client’s internal control over financial reporting.
d. All of the above are reasons why the auditor obtains an understanding of the client’s internal control over financial reporting.
Which of the following statements is true regarding the auditor’s
assessment of a client’s internal control over financial reporting?
a. The auditor reviews management’s documentation of its internal control and
management’s evaluation and findings related to internal control effectiveness.
b. The auditor’s assessments of control deficiencies will be the same as management’s
assessment of the same deficiencies.
c. In testing controls, the auditor is only concerned about the client’s control
environment and risk assessment.
d. All of the above are true.
a. The auditor reviews management’s documentation of its internal control and
management’s evaluation and findings related to internal control effectiveness.
