Auditing 3- Day 2

Question 1

When is auditor’s risk identified in the auditor’s report?

Answer 1

“Arises because the auditor obtains REASONABLE assurance about whether the F/S are free of material misstatement”

Question 2

Why do you perform the test of controls (related to control risk)?

Answer 2

To ASSESS the level of control risk (this does not play a factor in increasing the work with the inverse relationship to detection risk, the ASSESSED level plays into that)

Question 3

What are the types of misstatements that can occur from unintentional or intentional error (fraud)?

Answer 3

1. Inaccuracies in the collection/processing of data
2. Departures/misapplication of GAAP
3. Omissions
4. Incorrect estimates/judgement + disagreements
5. Inappropriate selection/application of accounting policies.

Question 4

What is audit risk?

Answer 4

The risk that the auditor may unknowingly fail to appropriately modify the opinion on the financial statements that are materially misstated. It arises no matter what because you can only obtain REASONABLE assurance, and should be mitigated to a low enough level to be satisfied in expressing an opinion.

Question 5

What is the Audit Risk Model? (AR =)

Answer 5

AR = (RMM= IR x CR) x DR

Question 6

What is inherent Risk?

Answer 6

The susceptibility of a relevant assertion to a material misstatement assuming their are no related controls. Includes complex transactions/estimates like derivatives.

Question 7

What is Control Risk?

Answer 7

The risk that a material misstatement will occur in a relevant assertion will not be prevented or detected in a TIMELY BASIS OR MANNER

Question 8

What is Detection Risk?

Answer 8

The risk that the auditor will not detect a material misstatement in a related assertion.

Question 9

RMM has an INVERSE relationship with what?

Answer 9

Detection Risk

Question 10

Detection Risk has an INVERSE relationship with what?

Answer 10

Amount of SUBSTANTIVE PROCEDURES (test of details) to be performed (NOT test of controls)

Question 11

RMM has a DIRECT relationship with what?

Answer 11

The Amount of SUBSTANTIVE PROCEDURES to be performed. (Less RMM = Less Work)

Question 12

How can the auditor DECREASE Detection Risk?

Answer 12

Decrease DR = MORE WORK:

1. Nature of substantive test is MORE EFFECTIVE
2. Change in extent of substantive tests (LARGE SAMPLE SIZE)
3. Change in timing of tests (more tests at year end)

Question 13

Which of the risks (IR CR DR) can be assessed in NON-QUANTITATIVE TERMS?

Answer 13

ALL THREE

Question 14

When talking about Fraud Risk (not controls because that would be the intelligent thing for this question) what STRENGTHENS CONTROL ENVIRONMENT?

Answer 14

1. Internal audit communicates with those charged with governance
2. Influence of external parties that oversee certain controls
3. Those charged with governance ACTIVELY oversee CONTROL SHIT
   * ** MGMT BEING DOMINATED BY 1 INDIVIDUAL HURTS THE CONTROL ENVIRONMENT (MGMT OVERRIDE)

Question 15

When should fraud be reported to THOSE CHARGED WITH GOVERNANCE (AUDIT COMMITTEE/two reasons)?

Answer 15

1. MATERIAL MISSTATEMENT on F/S

2. Fraud involving SENIOR MGMT

Question 16

Is there an increase in possible fraudulent reporting when MGMT/BoD SELLS or BUYS the company’s stock?

Answer 16

NEITHER. They both don’t mean a goddamn thing haha

Question 17

What is a transaction that could be for an immaterial amount, but have a material effect on fraud risk of the F/S?

Answer 17

ILLEGAL PAYMENTS

Question 18

What is the attitude any auditor on the team must maintain while considering fraud risk?

Answer 18

A QUESTIONING mind and a CRITICAL assessment of audit evidence.

Question 19

What is the auditor’s responsibility in relation to fraud?

Answer 19

To plan and perform the audit with reasonable assurance about whether they are free from material misstatement AND THIS INCLUDES A SPECIFIC ASSESSMENT OF FRAUD RISK.

Question 20

What kind of assurance does an auditor provide for noncompliance with a DIRECT effect on the F/S?

Answer 20

Reasonable Assurance

Question 21

What kind of assurance does an auditor provide for noncompliance with an INDIRECT effect on the F/S?

Answer 21

NO ASSURANCE

Question 22

What are the steps for Assessing and Responding to the Risk of Material Misstatement (IMACPA)

Answer 22

I- Internal Control, Entity, Environment- Obtain Understanding by PERFORMING RISK ASSESSMENT
M- Material Misstatement- Assess the risk
A- Assessed level of risk response
C- Control Testing TO EVALUATE THEIR OPERATING EFFECTIVENESS (NOT DONE IN OBTAINING UNDERSTANDING)
P- Perform Substantive Testing
A- Audit Evidence- Evaluate that it is sufficient and appropriate.

Question 23

What is REQUIRED when obtaining an understanding of the entity and environment? (2 things, bonus if you can name what is NOT REQUIRED)

Answer 23

1. Risk Assessment Procedures
2. Analytical Procedures
   NOT REQ- Test of Oper. Effectiveness of Controls

Question 24

What are the Risk Assessment Procedures?

Answer 24

1. Inquiries of MGMT (possible BoD and External Party)
2. Analytical Procedures (REQ at BEG AND END)
3. Observation and Inspection
4. Risk Assessment Discussion with Audit Team
5. Other Procedures (External Info- like the trade journals described before about industry, Prior Period Evidence)

Question 25

What are the Analytical Procedures performed during PLANNING?

Answer 25

1. Compare F/S to budgeted/forecasted results
2. Non-Financial Data can be used
3. Identify any Unusual Transactions, events, ratios, trends that may represent significant risk to the audit.

Question 26

What do TESTS OF DETAILS support?

Answer 26

The planned level of assurance to a related assertion level

Question 27

What do TESTS OF CONTROLS support?

Answer 27

The planned level of control risk and whether it is operating effectively and if it can be used in determining the test of details and detection risk.

Question 28

What are the three fraud risk factors (ROI)?

Answer 28

R- Rationalization/Attitude- attempt to justify fraud behavior
O- Opportunity- lack of effective controls to monitor
I- Incentive/Pressures- a reason to commit fraud.

Question 29

What are the three entity objectives that Internal Control is designed to provide reasonable assurance for?

Answer 29

1. Reliability of Financial Reporting
2. Effectiveness and Efficiency of Operations
3. Compliance with Applicable Laws and Regulations

Question 30

The auditor should obtain an understanding of I/C to do what three things?

Answer 30

1. Design and Implementation of the I/Cs.
2. Assess the risk of material misstatements
3. Design the NET of audit procedures (substantive and TOC)

Question 31

When are service by another organization not considered to be part of the client’s information system?

Answer 31

When it is specifically authorized by the client.

Question 32

What are test of controls used for?

Answer 32

To evaluate the operating effectiveness of I/C in preventing or detecting material misstatements.

Question 33

What are the inherent limitations to internal control?

Answer 33

Mgmt override
Collusion between two parties
Inappropriate manual intervention
Unauthorized changes to the data

Question 34

What is the relationship between the complexity of the IT system and documentation?

Answer 34

DIRECT relationship. The more complex the IT system the more documentation that is required.

Question 35

What are the three things that internal control is relevant to in relation to the audit?

Answer 35

1. Entire Entity
2. Entity Operating Unit
3. Business Functions

Question 36

What types of controls are considered to be an entity level control?

Answer 36

The Control Environment, the risk assessment procedures, and risk management processes

Question 37

What does allowing for greater management oversight do for segregation of duties in a small organization?

Answer 37

THIS IS ABSOLUTELY GOING TO BE A QUESTION BECAUSE IT IS SO CONTRADICTING:
This HELPS COMPENSATE for the lack of segregation of duties in a small organization.

Question 38

What are test of controls? Again

Answer 38

After obtaining an understanding knowledge of client and internal control the auditor must make a risk assessment that the controls are operating effectively. To support this assessment (of control risk, they ask you this in so many fucking ways its nauseating) the auditor performs test of controls to obtain sufficient and appropriate evidence.

Question 39

What does the NATURE element of Auditing Procedures mean?

Answer 39

The nature includes both its purpose (test of control or substantive) and its type (inspection, observation, inquiry, confirmation, recalc, reperformance, analytical procedure)

Question 40

What does the EXTENT element of Auditing Procedures mean?

Answer 40

The extent refers to the quantity to be performed, such as the number of observations to be made or the sample size to be used.

Question 41

What does the TIMING element of Auditing Procedures mean?

Answer 41

The timing refers to when audit tests may be performed at either interim dates or at period end (year end).

Question 42

What are the tests of controls in the order of how much evidence they provide (most evidence to least evidence)?

Answer 42

Reperformance, Inspection, Observation, Inquiries

Question 43

What does the auditor NOT have to do when OBTAINING AN UNDERSTANDING ABOUT INTERNAL CONTROL?

Answer 43

NOT REQUIRED to evaluate operating effectiveness, that is more dealt with in the risk assessment procedures.

Question 44

During the planning phase of the audit what does the auditor consider when UNDERSTANDING internal control?

Answer 44

The risk and types of misstatements that could occur
Factors that influence the design of TOC and Substantive tests
Assessment of Inherent Risk
Complexity of Entity’s Operations
Manual v. Computer Operating Systems

Question 45

WHAT IS NOT CONSIDERED DURING PLANNING/UNDERSTANDING OF INTERNAL CONTROL?

Answer 45

THE OPERATING EFFECTIVENESS