Audit Section 2 Flashcards
Which of the following would an auditor most likely consider in evaluating the control environment of an audit client?
Management’s operating style.
According to COSO, each of the following is a principle relating to the risk assessment component of internal control
1) The organization considers the potential for fraud in assessing risks to the achievement of objectives.
2) The organization identifies and assesses changes that could significantly impact the system of internal control.
3) The organization specifies objectives with sufficient clarity to enable the identification and assessment of risks relating to objectives.
obtain and use information is applied when
the organization obtains or generates and uses relevant, high-quality information to support the functioning of the control. In this case, management is using the exception report (information) to support the control of monitoring overtime costs.
Objectives of an entity include
1) Reliable Financial Reporting
2) Effective and Efficient Operations
The monitoring component of internal control is
1) Assessing information derived from external parties.
2) Assessing the quality of control performance over time.
3) Improving controls that are not operating effectively.
Risk assessment component of internal control
An auditor evaluates an entity’s risk assessment to understand how management addresses risks relevant to financial reporting
Audit Strategy includes:
1) Provide a preliminary assessment of materiality and tolerable misstatement.
2) Outline reporting objectives.
3) Provide the scope of the
Required documentation in an audit in accordance with generally accepted auditing standards?
An audit plan setting forth in detail the procedures necessary to accomplish the engagement’s objectives.
Substantive procedures and tests of controls at the relevant assertion level to test a client’s
significant account balances, transaction classes, and disclosure items in the financial statements.
What is substantive procedures
test a client’s financial statement assertions
Test of controls is
audit procedure to test a client’s financial statement assertions
Auditor most likely to rely on work done by internal auditors?
For financial statement amounts judged by the auditor to require little or no subjectively evaluated audit evidence.
When an audit specialist is used for a client audit
Make no reference to the specialist in the audit report.
An auditor of a nonissuer intends to reference the work of an auditor’s external specialist in the audit report because the reference was relevant to understanding a modification to the auditor’s opinion. In this case, the auditor should indicate in the report
The reference to the auditor’s external specialist does not reduce the auditor’s responsibility for that opinion.
Auditor’s use of the work of an actuary in assessing a client’s pension obligations?
The auditor is required to understand the objectives and scope of the actuary’s work.
The company being audited has an internal auditor that is both competent and objective. The independent auditor wants to assign tasks for the internal auditor to perform. Under these circumstances, the independent auditor may:
Allow the internal auditor to perform tests of internal controls.
Under which of the following circumstances would an auditor be considered to be using the work of a specialist?
The auditor engages a lawyer to interpret the provisions of a complex contract.
An internal auditor’s work would most likely affect the nature, timing, and extent of an independent CPA’s auditing procedures when the internal auditor’s work relates to assertions about the:
Existence of fixed asset additions.
Testing the existence of contingencies, intangiable assets, related party transactions involves
much subjectivity, and should, therefore, be performed by the auditor.
The work of internal auditors may affect the independent auditor’s:
1) Procedures performed in obtaining an understanding of the system of internal control.
2) Procedures performed in assessing the risk of material misstatement.
3) Substantive procedures performed in gathering direct evidence.
Use in determining the auditor’s preliminary judgment about materiality?
The entity’s financial statements of the prior year.
Regard to the consideration of materiality when an auditor is planning and performing a financial statement audit of an issuer?
When determining a tolerable misstatement threshold, an auditor should take into account the amount of misstatements that were accumulated in prior periods.
Materiality should be reevaluated when:
1) There is a substantial likelihood that misstatements of amounts less than the materiality level established for the financial statements as a whole would influence the judgment of a reasonable investor.
2) Materiality levels and tolerable misstatement were originally based on estimated or preliminary financial statement amounts that differ significantly from actual amounts.
3) Changes that occurred after the materiality levels were originally set are likely to affect investor’s perceptions about the company’s financial statements.
What is being considered when establishing materiality
1) Both quantitative and qualitative factors are considered.
2) Materiality is based on the smallest level of misstatement for any one financial statement.
3) The auditor uses his or her professional judgment when assessing materiality.
If new information becomes available that could require a reevaluation of the quantitative level of materiality applied during an audit of an issuer, then the auditor should
Raise or lower the materiality level as appropriate to the situation.
Materiality levels are generally considered in terms of
the smallest aggregate level of misstatement that could be considered material to any one of the financial statements.
How to Calculate Materiality
Overall materiality = Applicable benchmark × Applicable percentage
Overall materiality = $4,200,000 (annualized revenue = $2,100,000 × 2) × 0.01
Inherent risk that an auditor should consider
Technological developments that may render inventory obsolete.
An appropriate response to an increase in risk of material misstatement is to
perform testing at year-end.
Should an auditor consider confirming the terms of a large complex sale
When the combined assessed level of inherent and control risk over the sale is high.
Would heighten an auditor’s concern about the risk of material misstatements in an entity’s financial statements?
The entity’s industry is experiencing declining customer demand.
In an audit of financial statements for which an auditor’s assessment of risk is judgmental and may not be sufficiently precise to identify all risks of material misstatement, the auditor should take which of the following actions?
Perform substantive procedures for all relevant assertions related to each significant class of transactions.
As the acceptable level of detection risk decreases, an auditor may:
Postpone the planned timing of substantive tests from interim dates to the year-end.
Which of the following matters relating to an entity’s operations would an auditor most likely consider as an inherent risk factor in planning an audit?
The entity enters into derivative transactions as hedges.
On the basis of audit evidence gathered and evaluated, an auditor decides to increase the assessed risk of material misstatement from that originally planned. To achieve an overall audit risk level that is substantially the same as the planned audit risk level, the auditor would:
Decrease detection risk.
Detection risk is inversely related to
the risk of material misstatement. Therefore, an increase in the risk of material misstatement would cause a decrease in allowable detection risk.
A reduction in control risk would result in a
lower substantive testing sample size.
As the acceptable level of detection risk increases, an auditor may change the:
Timing of substantive tests from year-end to an interim date.
The auditor should design the audit to provide reasonable assurance of
detecting material errors and fraud.
Evidence (photocopy of vendor invoices)
The auditor should reevaluate the risk of fraud and design alternate tests for the related transactions as the evidence (photocopy of vendor invoices) is not reliable.
Fraud encountered during an audit engagement of a nonissuer
It is often difficult to detect fraudulent intent in matters involving accounting estimates and the application of accounting principles.
Given the auditor’s preliminary assessment of potential control weaknesses, the auditor would be most concerned with the
opportunity for employees to commit fraud within the organization.
Audit documentation is required to include a
description of the discussion among engagement personnel regarding the risk of material misstatement due to fraud.
When the auditor has obtained evidence that fraud exists, it is important that the matter be brought to the attention of
the appropriate level of management as soon as practicable. This is true even if the matter is considered inconsequential.
Although documentation that is lost may be a result of error (e.g., the client misplaced the document), the auditor should approach lost documentation with a
heightened risk that fraud may have occurred (e.g., the client intentionally destroyed the documentation).
Missing or unavailable documents or electronic evidence may be indicative of
an intentional material misstatement in the entity’s financial statements (fraud).
The average duration of unemployment is a lagging
Lagging economic indicators
Lagging economic indicators tend to follow
economic activity if the average duration of unemployment increases, it is likely a result of employers being reluctant to hire due to economic results.
Building permits for new residences and new unemployment claims is an example of
leading economic indicator. Leading indicators tend to occur before the fact or predict economic activity. A decrease in the number of new building permits is one factor that would tend to signal the economy is heading toward a downturn.
Manufacturing and trade sales are
coincident indicators and occur contemporaneously with economic activity. Industrial production is another example of a coincident indicator.
Performed during the planning phase of the audit:
1) Obtaining selected client financial ratios and comparing to industry averages.
2) Comparing the client’s current year’s same-store sales with budgeted amounts.
3) Comparing current year’s sales per store square foot with the prior year.
Leading economic indicators of business cycles
Manufacturers’ new orders for consumer goods in constant dollars, number of new building permits, and change in manufacturers’ unfilled orders for durable goods in constant dollars.
An inherent limitation to a system of internal control is the fact that
controls can be circumvented by management override.
A continuous activity that an auditor would be expected to perform throughout an audit engagement
1) Understanding the entity and its environment
2) Assessing the risk of material misstatement
3) Considering client continuance
An auditor would most likely perform risk-assessment procedures to evaluate
the design of relevant controls when obtaining an initial understanding of the system of internal control sufficient to assess the risk of material misstatement of the financial statements.
General controls are
policies and procedures that relate to many applications and support the effective functioning and proper operation of the information system.
General controls include procedures to ensure appropriate
systems software acquisition
If a budgetary reporting system provides adequate reports, but the reports are not analyzed and acted upon:
The control has been implemented but is not operating effectively.
In performing interviews and examining documents related to preliminary work in a financial statement audit of a nonissuer, an auditor identifies a business risk associated with plans for a new product line by
analyzing the newly identified risk and consider whether there is an immediate consequence for the risk of material misstatement at various levels of the audit.
A client maintains a large data center where access is limited to authorized employees. How may an auditor best determine the effectiveness of this
The auditor’s direct personal observation provides the most reliable evidence about whether access to the data center is being appropriately limited.