Audit Section 1 Flashcards by Adam Herron

AFRF are adopted by who?

Those charged w/ governance

How well did you know this?

Not at all

Perfectly

Public Companies comply with PCAOB , Non public companies comply with:

AICPA’ Auditing Standards Board’s statement on auditing standards (SAS)

How well did you know this?

Not at all

Perfectly

Can Financial reporting frameworks affect the scope of an audit?

Yes

How well did you know this?

Not at all

Perfectly

GAGAS (Generall Accepted Governmental Auditing Standards) is also known as what

Yellowbook

How well did you know this?

Not at all

Perfectly

Single audits are divided into what two areas?

Compliance and financial

How well did you know this?

Not at all

Perfectly

Who has the authority to develop government wide guidelines?

Office of Management and Budget (OMB)

How well did you know this?

Not at all

Perfectly

Can a unit elect to have a program-specific audit?

Yes

How well did you know this?

Not at all

Perfectly

What is a program-specific audit?

Audit only the federal program and not the entity

How well did you know this?

Not at all

Perfectly

Does a single audit require a financial audit as well?

Yes

How well did you know this?

Not at all

Perfectly

When an auditor reports to those charge w/ governance, is this considered a management responsibility and therefore would make the auditor NOT independent?

Yes – make auditor not independent

How well did you know this?

Not at all

Perfectly

Does an auditor need to collect evidence for accuracy or completeness in a compilation?

How well did you know this?

Not at all

Perfectly

Is a compilation an attest engagement?

Yes

How well did you know this?

Not at all

Perfectly

When can an auditor perform a review?

ONLY when the auditor is set to audit the upcoming F/S or has audited the previous F/S

How well did you know this?

Not at all

Perfectly

What does the SEC require when an auditor performs a review of a public company?

They require a review report of the interim F/S if the accountant is independent (should be independent anyways)

How well did you know this?

Not at all

Perfectly

What is the purpose of an attestation engagement?

provide users of info that generally 3rd parties w/ an opinion/conclusion/finding regarding the reliability of a subject matter.

How well did you know this?

Not at all

Perfectly

PCAOB adopted what from the AICPA?

SSAE – Statements on Standards for Attest Engagements

How well did you know this?

Not at all

Perfectly

Is membership of the AICPA required?

No - voluntary

How well did you know this?

Not at all

Perfectly

Are reviewers of an engagement apart of an engagement team

yes

How well did you know this?

Not at all

Perfectly

What is a covered Member?

On engagement Team
Position to influence attest engagement
Partner/partner equivalent/manager that provides >10 hours of nonattest services to client
Firm

How well did you know this?

Not at all

Perfectly

Is the firm employee benfeit plan apart of the covered member criteria?

Yes

How well did you know this?

Not at all

Perfectly

Is a covered member a person who can influence accounting/financial polices of an entity?

Yes

How well did you know this?

Not at all

Perfectly

What is a joint closely held investment?

Auditor and client jointly own an investment that they exercise sig. influence over.

How well did you know this?

Not at all

Perfectly

What is a partner equivalent

Dont need partners approval to do things

Authority to sign firm;s name to an attest report

How well did you know this?

Not at all

Perfectly

Period of professional engagement begins when?

When engagement letter/other agreement to perform attest services is signed.

How well did you know this?

Not at all

Perfectly

A member of the AICPA needs to be ____ and ____

Independent and objective

If threats are not at an acceptable level you should:

Talk to supervisor Discuss with management in member's organizations Consult w/ counsel

An advocacy threat to compliance mainly violates what?

Integrity and objectivity

What interpretation should an auditor/member apply if independent rule is absent?

Conceptual Framework For Independence

What interpretation should an auditor/member apply if objective/independent rule is absent?

Conceptual Framework for Members in public practice

Should an auditor document identified threats and document the safeguards applied?

Yes

What is an adverse interest threat?

Threat a member will not act w/ objectivity b/c the member's interests are opposite w/ the clients. (The auditor may be out to get the client because of some outside event) (Lawsuit, etc)

Advocacy threat, what is it?

The auditor/member promotes the client's interest to the point where his independence is compromised

Familiarity Threat

Close/long relationship w/ the client

Management Participation threat

Auditor takes on role of management. This threat is ONLY in public practice.

Self-interest Threat

Member tries to benefit financially from the client

Self-review threat

Member evaluates his own work

Undue Influence

Client threatens auditor to act a certain way. Black mail

Is a member's immediate family subject to the Independence rule?

Yes

When can an immediate family member of a covered member have a direct &/or material financial interest in a client

Member isn't involve in the engagement Investment is unavoidable Family member agrees to dispose the material/direct interest within 30 days

if a close relative is in a key position w/ the client, is independence impaired?

Yes

If a close relative has a financial interest w/ the client, is independent impaired?

Yes

If an auditor is an underwriter for a client, is independence impaired?

Yes

If an auditor is an honorary director or trustee of a Not for profit, is independent impaired?

Can an auditor be able to vote on a board and still be independent?

If a position is CLEARLY honorary a member holds on the board, is independence impaired?

Before performing non-attest services for an attest client, what needs to be evaluated

Independence rule

Nonattest services provided prior to engagement, prior to the period of the F/S, or F/S were audited by a different firm during non attest services -- would this impair independence?

Do you communicate client's selection/application of accounting standards to clients governance?

No -- only management

Do you communicate accounting methods to clients management?

Yes

Do you communicate AJE that member has prepped/propposed to governance?

No -- to management

Do you communicate the form and content of the F/S to client's governance?

No -- management

Independence impaired if you perform appraisal/valuation/actuarial services on the F/S?

Yes -- cannot reduce to acceptable level

Independence impaired if you perform appraisal/valuation/actuarial services to tax planning/tax compliance/divorce proceedings?

Is foresnic accounting an attest or nonattest service?

Non attest

Forensic accounting consists of ___ services and ___ services

litigation and investigative

If a member agrees to be an expert witness for a client, is independence impaired?

Yes -- it conflicts w/ objectivity

Does being a fact witness impair indpendnence?

Would representing a client in court impair independence if it was to resolve a dispute?

Yes

Would representing a client in court impair independence if it was infront of a tax authority?

Can a member be a power of attorney and still be independent? Why?

Yes -- only limited to tax matters

General Standards rule includes what components? States generally have DCSS (Department of child services (extra s)

Due professional Care Competence Supervision Planning Sufficient Relevant Data

A member performing an audit/review/comp/consulting/tax/other professional services must comply with WHAT rule?

``` General Standards Rule Due professional care Competence Supervision Sufficient relevant data ```

If a departure from gaap exists on the F/S , can an auditor still form an opinion?

Yes and No. Yes -- if the auditor can demonstrate that safeguards were applied No -- auditor cannot demonstrate that safeguards were applied

If a client request the member's work products, can the member say no?

Yes and no. Auditor can say no if there are unpaid fees.

What is a work product from a member?

deliverable assets to the client. Reports, etc.

Can a client request the auditor's wp?

They can request, but the auditor doesnt have to give it to them

If you give a client a work product document and they request it again, do you have to give it to them?

If you give a client a work product document and a natural disaster happens and they request another one, do you have to give it to them/

Yes

If a member has the ability to record an entry and chooses not to correct a material misleading instance....this is an act of what?

Act of discredibleness

Is an act discredible if a member doesn't follow the requirements of regulatory agencies?

Yes

If a member preps F/S for purpose of reporting to regulatory agencies/commissions/etc, should they follow the requirements of the agencies/commissions and gaap?

Yes

Is an act discredible if a member fails to comply w/ federal/state/local laws regarding the timely filing of tax returns & payroll?

Yes

What is a contingent fee?

A fee that is charged based off an event or result

Can a member charge a contingent fee if a client claimed their tax return had an omitted deduction?

Can you receive a commission/referral fee for a non-attest client?

Yes

Can you receive a commission/referral fee for an attest client?

Can 40% of owners of a CPA firm be non CPAS?

No -- at least 51% must be CPAs.

Can a Non-CPA owner of a firm assume the ulitmate responsibility?

No -- has to be a CPA

Can a non-cpa owner be non-active in the firm?

No -- the non-cpa has to be active.

What tiles can a non-cpa have? Non CPAs are cheerleaders. They use POMS

Principal Officer Member Shareholder

Can a non cpa owner have a regular membership to the AICPA?

Securities Act of 1933 main objectives are

Provide info on securities offered for public sale | Prohibit misrepresentation/fraud in sales of securities

If a company has an exemption with Regulation D, can securities be sold without registering with the SEC?

Yes

What regulation can securities be sold without registering with the SEC

Regulation D

Can an exempt security sale have to file a form D before a security?

No -- it can file afterwards

Rule 504 of regulation D provides an exemption from the registration requirement for sales up to $____ in any ___ month period. Can these sales be advertised to the public? Can the securities be resold by investors without registering

5 milllion / 12months Not advertised to public Cannot be resold without registering or w/o an exemption

Securities Exchange Act of 1934 created what

Securities Exchange Commission

SEC regulates securities on national exchanges & OTC stocks with more than $____ in assets and ____ or more shareholders

$10milllion 500 shareholders

What 4 reports are required by the SEC

10k 10q 8k Proxy Statement

What does the 10k need to be accompanied by?

Auditor's report

10Q may be limited to what type of engagement?

Review

What type of engagement is for the 8k

no engagement necessary

Are proxy statements audited? can they contain audited financial statemnets?

No they're not audited | Yes they can contain audited f/s (not required)

Can public offerings be offered through mail?

can public offering be offered through interstate commerce?

Can someone sue the CPA that audited the f/s who acquires securities

yes

When can someone sue the CPA

if the f/s contain untrue statements

does the plaintiff have the burden to prove the CPA was negligent or fraudulent?

does the cpa have the burden to establish innocence

yes

Is simple negligence enough when sueing a cpa?

yes

A defense for a CPA is: Plaintiff purchased securities after issuing a _____ statement and did not rely on ____

Generally available earnings statement Registration statement

'rule 10b5 with the SEC does what?

Regulates securities exchanges listed and traded on exchanges

What is scienter

it means intent to deceive/perpetuate fraud

With scienter, is simple negligence enough to hold a CPA responsible?

Dodd Frank is also known as what type of protection

Investor Protection

Dodd frank is what type of reform?

Regulatory

Dodd frank created what type of committee

Investor Advisory Committee

Investor Advisory committees do what?

Consult w/ SEC on regulatory priorities

Is the SEC granted the authority to establish a ____ for brokers and dealers to require ___ of range of products offered to _____

fiduciary duty disclosure investors

Sarbanes Oxley Act of 2002 protects ___ by improving ___ and ___ reliability of corporate ____

Investors Reliability Accuracy Disclosures

Sarbanes Oxley created what board?

PCAOB | Public Company Accounting Oversight Board

What do CPA firms have to do w/ PCAOB

Does the PCAOB have the authority to set/update/amend ethics standards?

Yes

PCAOB has the authority to conduct ____ inspections of each registered accounting firm

Compliance

If a CPA firm audits more than 100 issuers, how often does the PCAOB inspect them?

Audit >100 issuers are inspected annually

If a CPA firm audits less than 100 issuers, how often does the PCAOB inspect them?

Every 3 years

What does the PCAOB inspect?

Engagements/quality control system/supervisory conditions

What type of court can the PCAOB pursue?

Civil court

If a foreign accounting firm audits public companies, what does the PCAOB require

produce their workpapers

can pcaob approve a rule w/o the SEC's approval

Can CPA firms provide non attest services to public companies?

Yes -- only provide tax services

If the CPA firm can provide tax services, who approves this from the issuer?

Audit Committee

Is a disclosure required when performing a nonattest service to the issuer?

Yes it is required.

How often does the partner need to rotate out of the issuer's engagement?

Every 5 years

who is required to study and review potential effects of requiring mandatory rotation of a CPA firm?

Comptroller General of the US

Title III of SOX prohibits officer/directors to fraudulently influence/mislead a CPA T/F

True

Do material correcting adjustments need to be disclosed when auditing a public company?

Yes

Can a public company extend credit or provide a loan to a director/officer?

An internal control report is NOT required by the SEC annually? T/F

False -- it is required

How often do public companies need to submit their I/C report?

Annually

Do senior financial officers require a separate code of ethics?

Yes

what does the SEC require if a code of ethics is not present for senior financial officers?

Need to disclose why not

An audit committee requires at least two members be a financial expert T/F

false -- only requires ONE

What must be disclosed in "Plain English"

Material changes to the financial condition of the issuer

Is the PCAOB an agency of the United States Government?

Who created PCAOB

Sarbanes oxley

What is the purpose of the PCAOB

Oversee audits of issuers

How many people are on the PCAOB board

Who inspects registered public accounting firms?

PCAOB

Do audit firms have to register w/ the PCAOB in order to audit issuers?

Yes

How does registration with the PCOAB have to be sent?

electronically @ pcaobus.org

Violating the PCAOB is the same as violating _____

SEC

When auditing interim F/S for issuers, what standards are supposed to be followed?

GAAS

When auditing quality control for issuers, what standards are supposed to be followed

AICPA Auditing Standards Board Statements on Quality Control Standards

All interim standards follow what?

AICPA guidlines

The PCAOB adopted its own ___, ___, and ___

Auditing Standards, Ethics, Indepndence rules

To improve transparency, regarding the engagement partner & other firms....firms are now required to file for EACH ISSUER ____

Form AP - Auditor Reporting of Certain Audit Participants

What is included in the form AP - Auditor Reporting of Certain Audit Participants

Name of engagement Partner | Name /location/extent of participation of each firm participating

How many days is the form AP supposed to be filed after the audit ____ is filed with the SEC

35 days | Audit Report

How many days is the Form AP supposed to be filed for IPOs after the audit report?

10 days

For Government Accountability Office (GAO) , independence in ___ and independence of ___ is required

Mind | Appearance

What does independence of mind mean

State of mind w/o being affect by influences

Independence in appearance is what

absence of a circumstance that would not compromise independence

What is a BIAS threat?

result of political/social view, an auditor takes a position that is not objective

What is a structural threat?

audit organizations placement within a gov. entity will impact the firm's ability to perform work & report results objectively

What rules do employee benefit plans follow for independence?

Department of Labor

Professional Skepticism is required by what general standards rule?

Due professional care

Should professional judgment be sensitive to the degree of uncertainty?

Yes

Professional Judgment should be made after the consideration of _______

Reasonable alternatives

How can confirmation be a bias for professional judgment?

Put more weight on information that is consistent with their thoughts

How Can overconfidence be a bias for professional judgment?

Overestimates their abilkity to perform tasks to make accurate assessments of risk/decisions. It can affect the willingness to involve others (2nd opinion)

how can anchoring be a bias for professional judgment?

starting from a number and adjusting insufficiently away from the initial value to form a final judgment.

how can availability be a bias for professional judgment

auditor considers information easily/readily available more rather than information that is hard to get

the auditor must communicate w/ the predecessor auditor ____ accepting the engagement

Before

The auditor must ask the client to respond fully to the successor's inquiries T/F

True

Can you contact the predecessor auditor after accepting?

Yes no prob

If multiple auditors are considering accepting the engagement, when can the predecessor auditor communicate to the potential successor?

ONLY WHEN A SUCCESSOR IS CHOSEN (auditor accepted)

An auditor should not finalize formal acceptance of the engagement until the communications w/ the predecessor are completed T/F

True

Can an auditor propose to accept, but finalize the acceptance after communication the acceptance (can reject if they dont talk to predecessor)

Yes they can

should the successor review the predecessors w/p?

Yes

should the successor make reference to the report of the predecessor?

can an auditor be asked to "reaudit" previously audited f/s?

Yes

is a successor required to communicate w/ predecessor for a review/compilation?

NOPE

Can a compilation engagement on pro form f/s be a separate engagement?

Yes

inquiries required for compilation? For Review?

Compilation: no review: yes

independence for compilation? for review?

compilation: no review: lack of independence = cant issue review report

rep letter for compilation? review?

Compilation: no Review: yes

identify AFRF in engagement letter?

yes

who signs the engagement letter -- management or governance?

either or

Should engagement letter of compilation address: Material Departure of AFRF All disclosures will be omitted References to Supplementary info

Yes

Form and content addressed in engagement letter for review and audits?

Yes

If auditor takes responsibility to design, implement, and maintenance of I/C ... engagement letter should be ___

modified stating the responsibility the auditor is doing this

can you reduce the engagement (audit to review, etc) if a restriction on the scope of audit is imposed by the client or other circumstances?

Yes

Auditor should prep documentation so a ____ who has no previous experience can understand

experienced auditor

The auditor has ___ days after the report release date to have a final audit file for non issuers how many days for issuers?

60 for nonissuers | 45 for issuers

For compilation/reviews: At a minimum, preparation engagement documentation include:

Engagement letter copy of F/S the accountant prepared if departure from AFRF, must disclose why and how alt procedures were sufficient

Minimum documentation for compilations include

engagement letter copy of f/s accountant's report if departure from AFRF, must disclose why and how alt procedures were sufficient

Minimum documentation for a pro forma compilation

engagement letter results of procedures performed copy of pro forma info copy of accountant's report

review engagements should be performed so an experienced ____ can understand

accountant -- NOT auditor

if a company prepares it F/S on an income tax basis, how do you quanitify the effects

you dont have to

Do you communicate the scope/timing of audit to governance?

yes

Do you communicate allocation of responsibilities | between management and governance to governance?

yes

communicate concept of materiality to governance?

Yes

Scope of audit to commjunicate w/ governance: RMMIME

Risk of material misstatement (RMM) Internal Control Materiality Extent of use of internal auditor

Communicate the attitute/awareness/action of governance concerning the I/C and detection of fraud?

Yes

Communicate actions taken in response to developments in financial reporting/law/acct standards

yes

How should sig deficiencies / material weaknesses be communicated to governance?

WRITING

How should sig deficiencies / material weaknesses be communicated to governance from the PY?

WRITING

How long can written communication be delayed (max time to wait) after the report release? Note: earlier the better

60 days

What does the audit report release date mean?

Entity can use the auditor's report in connection w/ the f/s

what should written communication regarding I/C include in the letter to governance regarding I/C?

that auditor doesnt express opinion on I/c -- only on the f/s

Should the auditor include the definition of material weakness / sig deficiencies in the written communications to governance ?

Yes

Is the written communication to governance regarding I/C restricted or nonrestricted?

RESTRICTED

Should the auditor write that no sig deficiencies were found?

Should the auditor write that no material weaknesses were found?

Should - no | Can - yes, IF requested by governance

Should the auditor include potential effects of sig deficencies/material weaknesses?

Yes

Should the auditor communicate to governance: auditor's views about accounting practices, accounting policeis, estimates, and f/s disclosures

yes

Should the auditor not include IMMATERIAL misstatements when communicating to governance?

No -- it should include immaterial misstatements. Only preclude trivial misstatements

Should the auditor communicate material & corrected misstatements for the CY?

Yes

Communicate representations the auditor is requesting from management to governance (management rep letter)

Yes

Should the auditor not ask about consultations w/ other accountants when communicating to governance

NO -always ask about possible other consultations

What type of issues should the auditor communicate to governance

signifciant

Communicate delays from management to gov T/F

The auditor can distinguish two types of misstatements what are they

known/factual misstatements | likely/judgmental misstatements

What are likely/judgmental misstatements?

Difference between managemnet and auditor judgments | Auditor calculating projected known misstatements after finishing a sample

If management doesn't correct all misstatements that are above triviality the auditor must obtain what

an understanding on why not making hte corrections

Should the auditor communicate the effect of not correcting misstatements from the CY and the PY?

Yes

Should fraud be communicated even if its extremely tiny

yes

If fraud is taken at the employee level, who do you communicate fraud to

upper mangement

if fraud is taken at the management level, whodo you communicate fraud to

governace

How should noncompliance be communicated

written or oral

what should the auditor do if noncompliance is communicated orally

document in w/p

how should sig. findings be communicated to governance

written

If a sig. finding arose during the audit, but was corrected, how should it be communicated to governance

it doesnt need to be communicated

Can meeting minutes be used to document oral communication w/ governance

yes

for review engagements, if management cant provide info that supports F/S are not materially misstated due to fraud or noncompliance, the auditor should:

obtain legal advice and consider withdrawal

for review engagements, if auditor expects to include emphasis of matter or other matter paragraph , auditor should communicate this to ____

management

what matters can arise when looking at interim f/s for ISSUERS

include a material modification to interim f/s whether the need to modify disclosures regarding i/c entity entity filed 10-qsb or 10-q before completion of review

what elements should a firm have relating to quality control Harlem has horrible quality control

``` Human resource Acceptance/continuance of engagement Relevant ethical requirements Leadership responsibility for quality w/in the firm Engagement performance Monitoring ```

Who takes ultimate responsibility for quality on each engagement

engagement partner

Appropriate competence includes the capacity to apply professional ___

judgment

Auditor w/ final responsibility for an audit should communicate w/ mebers of audit team regarding _____

the susceptibility of entity's f/s to material misstatement

When should an auditor evaluate the auditor's compliance w/ ethical requiremnets

beginning of engagement (planning)

When firms enter to audit governmental facilities, GAGAS requires these firms to supply:

Firms most recent peer review report | Subsequent peer review reports during period of contract

auditors performing work under GAGAS must complete

every 2 years: at least 24 hrs of cpe directly for gov auditing. People who charge 20% or more of their time to GAGAS assignments must complete 80 hrs every 2 years in CPE for gov auditing

Is planning the audit done throughout the audit

yes

What should an auditor do when audits a company for the first time (inital audit) in relation to activities

expand activities due to no previous experience

Which is more detailed: audit plan vs audit strategy

audit plan

Audit strategy identifies matters to address, audit plan documents the matters addressed in the strategy t/f

True

is an engagement plan required for nonaudits

to understand the entity/environment, it should include Measurements & Review of entity's financial performance t/f

True

to understand the entity/environment, it should include understanding I/C t/f

True

Should an accountant have an UNDERSTANDING of I/C when performing a review?

audit risk is also called

attestation risk

what does the risk assessment process do

identify, anlyze, and manage risk relevant to F/S

examples of contorl activities

segregation of duties, authorization, safeguarding, performance review

is performance review a control activity

yes

Why is monitoring performed

to ensure controls continue to operate effectively

what should the auditor consider when judging which controls to assess

materiality, size of entity, nature of business, complexity of operation, legal requirements

What 2 assertions are relevant when the auditor intends to design and perform further audit procedures

completeness and accuracy

Is preparing f/s a nonattest engagement

yes

is the auditor required to verify accuracy and completeness of info when prepping f/s

in an examination engagement, should the auditor understand i/c

yes

is audit risk applicable to agreed-upon procedures

what framework defines i/c

COSO - committee of sponsoring organizations

auditor should evaluate the ___ of controls and determine whether they have been properly ___

design | implemented

controls over management override are called

entity-wide controls

controls related to control environment are called

entity-wide controls

the design and implementation of fraud prevention and detection programs is part of the ____

control environment

how should the auditor evaluate the entity's risk assessment process. Understanding what?

``` how entity: identifies business risk relvant to financial reporting estimates significance of risks assess likelihood of their occurrence actions taken to manage them ```

smaller entities may not have a formal risk assessment process, the auditor should___

discuss w/ management how they identify and treat identified risks

information system is an entity's

ERP system and the controls within

should the auditor obtain an understanding of how IT affects control activities that are relevant to planning the audit

management is responsible for maintaining i/c to ensure controls are operating effectively.... this is called

monitoring

in relation to monitoring the auditor should obtain an understanding of:

activitieis the entity uses to monitor controls of financial reporting sources of info related to monitoring activities

should the auditor understand how the entity presents the transactions and disclosures in the f/s

yes

the auditor should document the entity's business____ and information ___

business process | information flow

evaluating the design of a control means to:

determine if its capable of preventing/detecting/correcting misstatements

Implementation of a control means that a control ____ and the entity is using it

exists

auditor should determine if the control satisfies the objective and can effectively prevent/detect/correct misstatements t/f

true

is inquiry alone sufficient to evaluate the design of a control

can you inspect documents to understand & evaluate the design of a control

yes

is understanding a control sufficient to serve as saying it is operating effectively

no -- need to test the control

when a service organization initiate, executes, and does the accounting processing of the user organization's transactions, the user organization should

not implement i/c policies over these transactions

Where can you obtain info about the nature of services provided by a service organization? Entities have to TRUST the service organization

``` The contract Reports by service auditors User manual System overview Technical manual ```

if a user auditor (the auditor auditing the company that uses aservice organization) cannot obtain information about the service organization, the auditor should

have the entity using the service organization contact the service company to obtain the info.

Can the user auditor go to the service organization and perform auditing procedures to obtain the info they need?

yes

If the auditor cannot obtain evidence to achieve the objective, they should

qualify opinion or disclaim due to scope limitation

IT can reduce the risk that contorls will be circumvented

true

IT can enhance the ability to achieve effective segregation of duties by implementing ____

security controls

IT can pose as a risk for an entity's I/C due to processing what kind of data

inaccurate

Risk assessment in an IT environment is the inclusion of a ____ of control over _____ and unauthorized _____

strict policy changes in programs access to dataincludes clear lines of ____ and ____

Control environment in an IT environment includes clear lines of ____ and ____

authority and responsibility

what is an enhanced need when considering control activities for IT

physical controls

The auditor needs to understand how ____ processing of transactions is resolved

incorrect

Can ineffective general controls cause misstatements

no, but can allow misstatements to occur and not be detected

What are general controls

policies and procedures that relate to many applications and support application controls

What are application controls

achieve specific control objectives related to specific accounting tasks they relate to the use to initiate, authorize, record, and process, and report transactions

Application controls are categorized into 3 categories

Input controls Processing Controls Output Controls

How should an auditor perform procedures against management override

JE testing Review accounting estimates Unusual transactions

Is the auditor required to assess RMM of f/s due to fraud

yes

Fraud triangle: | RIO

Rationalization Incentive Opportunity

Accounts/transactions that have high inherent risk can also have ____ risk due to ____

fraud | manipulation

auditor should always assume a risk to revenue. The risk would be

revenue recognition

an auditor should always inquire with ____ about fraud

management

Why should an auditor inquire with management about fraud

often fraud is revealed through inquiries

should the auditor obtain how the audit committee exercises oversight of mitigating fraud risks

yes

The auditor should ask the internal auditors if they:

performed procedures to detect fraud | if they think fraud is occurring

auditor should involve employees who:

intiate, authorize, process, record transactions & have some authority

should the auditor interview people regarding fraud who are in operations not directly involved in the financial reporting process

yes

Should the auditor interview in house legal counsel regarding fraud

yes

check fro mfraud on compilations?

check for fraud on reviews?

Only inquire if management is aware of raud

corroborate management's response with other evidence in a REVIEW?

in an examination should an auditor inquire about fraud

yes

how should an auditor evaluate RMM

understanding entity & environment understanding i/c considering classes of transactions/accounts/disclosures in the F/s

Risk assessment procedures help the auditor to

understand i/c and entity's environment

how should an auditor perform risk assessment procedures

observe/inspect analytical procedures inquiry

auditor should use risk assessment procedures to detremine

NTE of audit procedures

RMM affects what kind of risk

Detection

More RMM, the ___ the detection risk

lower

Test of controls reduce the need for substantive procedures

True

do effective internal controls reduce the risk of material misstatement?

Yes

The higher the risk of material misstatement, the more ____ and ___ is the audit evidence

relevant and reliable

An auditor can perform test of controls or sbustantive procedures at an interim date or period-end

true

Thee higher the RMM, the more likely the auditor may decide to test substantive procedures at YE or period end

True

The auditor will increase the extent the higher ____ goes up

RMM

if RMM at a relevant assertion level is a sig. risk, the auditor should perform ____ that are specifically responsive to that risk

substantive procedures

if management has not responded by implementing controls, this should be communicated to

governance

If a test only consists of substantive procedures, then ____ should be incorporated

tests of details

the purpose of using a specialist to obtain sufficient appropriate evidence about items ___ to the f/s for which the auditor does not have knowledge

Material

Do you reference a specialist in an unmodified report?

Do you reference a specialist in a modified report?

Only if its relevant to the understanding why the report is modified

what must the report indicate when referencing a specialist?

That it did not reduce the auditor's responsibility

Can the auditor use the work used by internal auditors?

yes -- it can reduce or change the work needed by the auditor

does an auditor have to obtain an understanding of the internal auditor function?

yes

can the work of internal auditor's affect the overall risk assessment of the auditor?

Yes

can the auditor use the internal auditors test of controls to reduce the xtent of control testing procedures

yes

How can internal auditors reduce substantive testing for theexternal auditor?

Internal auditors can already have confirmed AR accounts -- therefore auditor can reduce the amount of AR accounts

the report of the auditor is hared responsibility with internal auditors t/f

false -- only auditors responsibility

if the auditor uses internal auditors work, the auditor must look at the internal auditors

workpapers

the internal auditor can assist the auditor with the NTE

True

if the auditor uses the internal auditors work, the auditor shall direct, supervise, and ____ the work performed by the internal auditors

review

The auditor should recognize that internal auditors are NOT

independent

The auditor should pull ____ from the internal auditor to ensure quality

audit evidence for some work performed

Tax and pension laws are examples of

laws and regulations that have direct effect on determination of material amounts and disclosures in the f.s

can an auditor communicate noncompliance to parties outside the entity if it is identified or suspected

yes

can an auditor communicate noncompliance to parties outside the entity if it is identified or suspected IN A REIVEW

no only management if management is noncompliance, then governance (written or oral)

Greater RMM arise from accounting estimates from: (3)

interpretation of accounting principles complex and subjective judgment assumption of future events

Net realizable value is an example of

estimates

Audit Section 1 Flashcards

Ethics / Prof Responsibilities / General Principles