Audit test 1

Question 1

Audit Market Takeaways - invisible hand

Answer 1

People tend to pick the optimal quality for both parties.

Question 2

How are prices in an Audited Market?

Answer 2

Prices are more stable

Question 3

Information Asymmetry market

Answer 3

Prices are unstable

Question 4

Assurance

Answer 4

Governance, Risk, and control

Question 5

objectivity

Answer 5

integrity, accountability, and independence

Question 6

5 competencies

Answer 6

competence, independence, credibility, connectivity, communication.

Question 7

competence

Answer 7

skills and knowledge required to provide assurance and advisory services.

Question 8

independence

Answer 8

the ability to inspire trust based on consistent competence and integrity.

Question 9

3 party relationship

Answer 9

assurance professional - determines the scope of the assurance initiative, sets suitable assessment of subject matter, executes engagement then communicates.
accountable party - governs and manages subject matter suitable criteria
User - uses the conclusion

Question 10

Business and audit objectives

Answer 10

sets objectives and then the auditors test to see if what management is saying is actually true.

Question 11

systematic and disciplined approach internal auditing

Answer 11

planning, performing, and communicating.

Question 12

COSO Cube - components

Answer 12

control environment, risk assessment, control activities, info & communication, monitoring activities.

Question 13

Where is the most activity spent as an internal auditor in the coso cube?

Answer 13

Monitoring activities

Question 14

Coso framework - objectives

Answer 14

operations, reporting, compliance

Question 15

best reporting structure

Answer 15

Having the CAE report to the audit committee directly and they report to the board of directors.

Question 16

Key elements of governance structure

Answer 16

Governance
Risk management
Internal control

Question 17

Three lines model

Answer 17

Governing Body
management
internal audit

Question 18

3 lines model keys

Answer 18

governing body delegates, directs, and has oversight over man. and auditors.
Management reports to the governing body and aligns and communicates internal audit.
Audit reports to governing body and aligns and communicates with management

Question 19

Audit quality

Answer 19

function of independence and competence

Question 20

Auditors role in enterprise risk management

Answer 20

Auditors can give assurance, but they shouldn’t be telling a company they need to do a specific thing.

Question 21

What are controls

Answer 21

to help prevent, detect and correct inherent risk

Question 22

inherent risk

Answer 22

All the risks associated with the audit that can’t be changed

Question 23

contol risk

Answer 23

the chances their control system prevents, detects and corrects the inherent risk.

Question 24

detection risk

Answer 24

allowable MOE - how much testing will the auditors have to do.

Question 25

What does high DR mean?

Answer 25

High detection risk means that the company’s controls are good because they have a bigger margin of error.

Question 26

what does a low DR mean

Answer 26

lower DR means that there is a lot on residual risk left over so auditors have a lower MOE and they need to catch a lot of those errors.

Question 27

Relationship between residual risk, DR, and substantive testing

Answer 27

Higher residual=Lower DR=Higher testing

Question 28

fraud triangle

Answer 28

Incentive/pressure - opportunities - attitudes

Question 29

Entity level controls

Answer 29

controls related to the control environment-controls over management override.

Question 30

process level controls

Answer 30

reconciliations of key accounts- such as inventory counts

Question 31

transaction level controls

Answer 31

authorizations-source documents

Question 32

Segregation of duties

Answer 32

separating important duties to different people to minimize the chance of fraud or theft.

Question 33

control deficiency

Answer 33

design or operation of a control that does not prevent or detect misstatements on a timely basis.

Question 34

Significant deficiency

Answer 34

is a control deficiency or combination of control deficiencies, in internal control over financial reporting that is less severe than a material weakness

Question 35

Material weakness

Answer 35

Report externally, audit committee, and management

Question 36

significant deficiency

Answer 36

report to audit committee and management

Question 37

Control deficiency

Answer 37

report to management

Question 38

Opinions of internal control effectiveness

Answer 38

unqualified, adverse, disclaimer

Question 39

unqualified opinion

Answer 39

the company maintained, in all material respects, effective internal control over financial reporting

Question 40

Adverse

Answer 40

The company had not maintained effective internal control over financial reporting - at least one material weakness.

Question 41

what are the 4 general controls?

Answer 41

logical access, program development, program change, operations

Question 42

logical access

Answer 42

Making sure the correct person is logging in - password requirements

Question 43

Program development

Answer 43

Implementation of ERP

Question 44

Program change

Answer 44

making sure updates go smoothly as planned

Question 45

Operations

Answer 45

data center, disaster recovery, etc.

Question 46

1ST LINE ROLE - 3 LINES MODEL

Answer 46

PROVISION OF PRODUCTS/SERVICES TO CLIENTS; MANAGING RISK - WORKERS DOING REVIEWS TO ENSURE THERE WERE NO MISTAKES

Question 47

2ND LINE ROLE - 3 LINES MODEL

Answer 47

PROVIDES COMPLEMENTARY EXPERTISE, SUPPORT, MONITORING AND CHALLENGES RELATED TO THE MANAGEMENT OF RISK

Question 48

Internal control components

Answer 48

control, (risk, control - inside comm/info), monitoring.

Environment, (assessment, activites comm/info), monitoring.

Question 49

Assurance Engagement IT Responsibilities

Answer 49

Include the organization’s information systems in its annual audit planning process.

Identify and assess the organization’s IT risks.

Ensure that it has sufficient IT audit expertise.

Assess IT governance, management, and technical controls.

Assign auditors with appropriate levels of IT expertise to each assurance engagement.

Use technology-based audit techniques as appropriate.