Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Auditing > Auditing Exam 3 > Flashcards

Auditing Exam 3 Flashcards

(132 cards)

Start Studying
1
Q

What is Professional Skepticism?

A

A state of mind that is characterized by appropriate questioning and critical assessment of audit evidence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What applies professional skepticism?

A

Professional Judgement is often needed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is Professional Judgement?

A

Making informed decisions regarding obtaining auditing evidence and reaching conclusions based on this evidence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What makes professional judgement important?

A

Evaluating the reasonableness of various management estimates used in preparing financial statements

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Skepticism?

A

Appropriate questioning and critical assessment of evidence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Judgement?

A

Application of training, knowledge, and experience in making informed decisions during audit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What prevents auditors from exercising good professional judgment in order to be professional skeptical?

A

Biases and Heuristics
External Factors/ Pressures
Not utilizing good judgement process/framework

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Biases?

A

Systematic errors in judgement resulting from use of heuristics and/ or the influence of external factors
-> Can be conscious or sub-conscious

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Heuristics?

A

Are mental shortcuts that make the judgement process more efficient and less cognitively demanding
-> Individuals make mental shortcuts every day
-> Mental shortcuts are not inherently bad
-> But can lead to biased judgement

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What causes conscious bias?

A

Due to influences of some sort of self-interest. Judgement is biased because individual “wants” to reach a particular conclusion.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What causes Sub-conscious?

A

Can be due to mental shortcuts. Heuristics, which individuals take when making judgements.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Availability?

A

-> Using easily retrievable information (first thing to mind)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the risk with the heuristics?

A

Giving greater weight to easily retrievable information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Representativeness

A

Determining that an item belongs to a population based on the extent that the item shares representative properties of the population.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Anchoring and Adjustment?

A

Occurs when making a judgement, you begin at a particular starting point and then adjust from the starting point based on the available information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Halo Effect

A

Auditor’s judgements about specific attributes of management can be influenced by their overall assessment of the organization.
-> If an auditor has an overall positive view of an organization, the halo effect could lead to under assessments, regarding the existence of accounting errors, and thus, ineffective audits.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Confirmation Bias?

A

Auditors often subconsciously search for and overweight evidence that is consistent with their expectations.
->A client’s inventory has significantly increased
-> The client has not had a misstatement in several years.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Self-serving Biases affecting Auditors?

A

Auditor judgement can be biased in a manner consistent with their self-interest. Typically, this means that the auditor will be more likely to judge client- preferred accounting methods as appropriate for several reasons
-> Does not want to upset management due to long-term friendships
->Identify problems could lead to working longer hours and potential budget overruns
->Substantial estimation in financial statements creates substantial room for rationalization and bias.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Overconfidence?

A

Unwarranted confidence in one’s ability to make a decision

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Strategies for Specific Heuristics/Biases

A

Availability-> Consider why something comes to mind, consider alternative explanations
Confirmation-> Consider alternative explanations, Consider disconfirming evidence
Anchoring-> Develop an independent judgement without an anchor, Consider alternative anchors, Consult with others without giving them an anchor
Overconfidence-> Challenges reasons for confidence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Why do accountants not always exercise good Professional judgement?

A

Heuristics and Biases
External Factors/ Pressures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

External Factors

A

Client Demands-> Avoid delivering “Bad News”, Deadlines, Fees
Regulatory Expectations-> Accounting Regulators

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Professional Judgement Framework?

A

Training-> Awareness of heuristics and biases
Decision Support Tools-> Judgement frameworks and those tailored to specific accounting judgements
-> Group decision making and consultation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Applying Professional Skepticism

A

->Recognize the biases and heuristics that you bring to your decision making
-> Inquiry alone is never enough. The auditor must obtain sufficient corroborative evidence
-> Unusual financial trends need investigation
->Documents need to checked for authenticity or possible alteration.
-> Ask questions, get answers, then verify the answers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Fraud
The act of knowingly making material misrepresentations of fact with the intent of inducing someone to believe the falsehood and act upon it and, thus, suffer a loss or damage.
26
Fraud and Auditor Responsibility
Auditors are responsible detecting material misstatements either caused by error or fraud
27
Fraud Risk Factors
Fraud risk factors are events or conditions that indicate ->Incentive or pressure to perpetrate fraud -> Provide an opportunity to commit fraud ->Rationalizations or attitudes to justify fraudulent actions Based on the relevance and pervasiveness of the fraud risk factors will determine if there an identified fraud risk
28
Fraud Risk
Special case of risk of material misstatement related to those situations where management intended to mislead the marketplace by issuing fraudulent financial statements.
29
Types of Fraud that can cause misstatements?
Misappropriation of assets upon an entity Fraudulent financial reporting by an entity
30
Misappropriation of Assets
Intentional theft of funds or other property from an employer
31
Embezzlement
Is a type of fraud involving employees or nonemployees wrongfully misappropriating funds or property entrusted to their care, custody and control, often accompanied by false accounting entries and other forms of deceptions and cover-up.
32
Larceny
Is simple theft. For example, an employee misappropriates an employer's funds or property that has not been entrusted to the custody of the employee.
33
Defalcation
Is another name for employee fraud, embezzlement, and larceny -> Fraud upon the entity
34
Examples of Misappropriation of Assets
-> Using a company credit card for personal use -> Employees remaining on the payroll after ceasing employment -> Unauthorized discounts or refunds to customers -> Theft of inventory by employees or others -> Using a company car for unauthorized personal use -> Writing checks to fictitious vendors
35
Fraudulent Financial Reporting
Intentional misstatements or omissions of amounts or disclosures intended to deceive financial statement users Often referred to a "Management Fraud" Fraud committed by management that injures investors and creditors through materially misstated financial information.
36
Examples of Fraudulent Financial Reporting
-> Improper Asset Valuations -> Unrecorded Liabilities -> Timing Differences such as brining forward the recognition of revenues and delaying the recognition of expenses -> Recording fictitious sales -> Capitalizing items that should be expensed -> Inappropriate application of accounting principles.
37
Fraud Risk Factors
-> Incentive or pressure to perpetrate fraud -> Provide an opportunity to commit fraud -> Rationalizations or attitudes to justify a fraudulent action
38
Motive
Fraud context, is some kind of pressure a person experiences and believes to be unshareable with friends and confidants.
39
Types of Motives
-> Actual or perceived need for money (Economic Motive) -> Habitual Criminal" who steals for the sake of stealing (Psychotic Motive) -> Committing fraud for personal prestige (Egocentric motive) -> Cause is morally superior, justified in making others victims (Ideological motive) -> The perceived need to support or protect an individual or organization.
40
Incentive or Pressure to Commit Fraud
-> Management or other employees have an incentive or are under pressure which provides a reason to commit fraud.
41
Fraud Risk Factors Entry-Specific
-> Pressure to meet market expectations and profit targets -> A significant proportion of remuneration tied to earnings. -> Pressure to meet debt covenants -> A significant decline in demand for the client's products or services -> Falling profits or ongoing losses -> A threat of bankruptcy or takeover -> Planning to raise debt or renegotiate a loan
42
Opportunity
An opportunity is an open door for solving the unshareable problem by violating a trust ->Weak internal controls -> Circumvention of internal controls -> The greater the position, the greater the trust and exposure to unprotected assets.
43
Opportunity Circumstances
-> The absence of controls -> Ineffective Controls -> Ability of Management to Override Controls -> Provide an Opportunity for a fraud to be perpetrated.
44
Fraud Risk Factors related to Opportunity Condition
-> Ineffective system of internal control -> A nonexistent or ineffective whistleblower system -> A high turnover of staff with accounting or internal control responsibilities -> Related-party transactions -> Complex transactions to require estimates and judgement -> A high volume of transactions close to year-end -> Significant adjusting entries and reversals after year-end.
45
Segregation Duties
The same individual in an entity should not perform the following tasks -> Authorizing Transactions -> Recording Transactions -> Maintaining custody of assets associated with a transactions.
46
Rationalization and Attitude
When people do things that are contrary to their personal beliefs, outside their normal behavior, they provide an argument to make the action seem like it is in line with their moral and ethical beliefs.
47
Rationalization to Justify a Fraud
Those involved are able to rationalize committing a fraudulent act or possess and attitude, character, or set of ethical values that allow them to knowingly and intentionally commit a dishonest act.
48
Attitudes and Rationalizations Fraud Risks
-> Management attempts to justify marginal or inappropriate accounting on the basis or materiality, on a recurring basis. -> Rationalization that other companies make the same inappropriate accounting choices -> An excessive focus on maximization of profits and / or stock price -> A poor attitude regarding compliance with accounting regulations -> Management and employees who do not place a high priority on the entity's values or ethical standards.
49
Management and Auditor Fraud Responsibilities
The primary responsibility for the prevention and detection of fraud rests with both the entity's management and those charged with governance.
50
Specific Inquiries w/ Management
-> Knowledge of fraud, alleged fraud or suspected fraud affecting the company -> Management's process for identifying fraud risks -> Controls established to address identified fraud risks -> Inquiries should not be limited to accounting and finance personnel.
51
Specific Fraud Risks
A fraud risk is often presumed for the following -> Management override of controls -> Improper revenue recognition
52
Management Override of Controls
-> Conflict of Interest between Management and Auditors -> Management always has the ability to override their system on internal control
53
Improper Revenue Recognition
Fraud schemes often involve overstating revenue through fictitious sales transactions and / or recording revenue before it has been earned.
54
Communication of Fraud
-> Auditors must always exercise significant care because accusations of fraud are taken very seriously by audit clients. -> Evidence that fraud may exist must be communicated to appropriate level of management, usually at least one level above the people involved. -> Fraud by management should be reported by the board of directors.
55
Purpose of Risk Assessment Procedures
Professional standards require the auditor to gain an understanding of the entity and its -> Business and Environment -> Applicable financial reporting frameworks -> System of internal control
56
Management's Financial Reporting Responsibility
Management's policies and procedures around financial reporting should result in: -> Accounting records maintained in reasonable detail to accurately reflect transactions -> All transactions are recorded to permit financial statements to be prepared in accordance with generally accepted accounting principles -> Transactions executed in accordance with authorization from the entity's management -> Unauthorized acquisition use or disposition the entity's assets are prevented or detected on a timely basis.
57
System of Internal Control
Actions designed and implemented by management with oversight by those charged with governance to provide reasonable assurance regarding the achievement of reliable financial reporting.
58
Achievement of Internal Control Objectives
Effectiveness and efficiency of operations Compliance with applicable laws and regulations
59
Limitations of Internal Control
Internal control provides reasonable assurance, not absolute assurance, that management's objectives will be achieved. -> Human Error -> Deliberate circumvention -> Collusion
60
Auditor's Understanding of Entity's System
Risk assessment procedures require auditors to obtaining an understanding of the system of internal control, specifically over financial reporting.
61
Five Interrelated components
-> Control Environment -> The entity's risk assessment process -> The entity's process to monitor the system of internal control -> The information system and communication -> Control Activities
62
Entity-Level Indirect Control Components
-> May not address assertion-level risks of material misstatements -> Often do not directly prevent or detect or correct misstatements. These allow for people to understand the system of internal control.
63
A Control Environment Component
A control environment is the set of standard, processes and structures that provide the basis for carrying out the system of internal control across an entity. -> Sets the "tone at the top" of an organization, influencing the control consciousness of its people -> It is the foundation for all other components -> As a result, an auditor must obtain a detailed understanding of the control environment and document that understanding.
64
CEP: Principle 1
The entity demonstrates a commitment to integrity and ethical values -> Communication and enforcement of integrity and ethical value -> Management's philosophy and operating style: approach to taking and managing risks and attitude, and actions toward financial reporting
65
CEP: Principle 2
The board of directors demonstrates independence from management and exercises oversight of the development and performance of internal control -> Participation by those charged with governance -> Board and audit committee oversight
66
CEP: Principle 3
Management establishes with board oversight, structures, reporting lines and appropriate authorities and responsibilities in pursuit of financial reporting objectives. -> Organization structure -> Assignment of authority and responsibility
67
CEP: Principle 4
The entity demonstrates a commitment to attract, develop and retain competent individuals in alignment with financial reporting objectives. -> Commitment to competence -> Human resource policies and practices
68
CEP: Principle 5
The entity holds individuals accountable for their control responsibilities in the pursuit of financial reporting objectives -> Human resource policies and practices -> Management's philosophy and operating style -> Attitude toward information processing and accounting functions and personnel.
69
Evaluation of the Entity's Control Environment
Based on the auditor's understanding of the entity's control environment. Evaluate: -> Has management, with the oversight of those charged with governance, created and maintained a culture of honesty and ethical behavior. ->Does the control environment provide an appropriate foundation for the other components of internal control. ->Are there control deficiencies identified in the control environment and do they undermine the other components of the entity's system if internal control.
70
Risk Assessment Component
For financial reporting purposes, the entity's risk assessment process. -> How management identifies business risks relevant to the preparation of financial statements -> Estimates their significance, assessing the likelihood of their occurrence and decides upon actions to manage them.
71
Business risk that the risk assessment process should consider?
-> Changes in operating environment: Regulatory, economic, changes in competitive pressures ->New Personnel: New personnel may have a different focus on or understanding the entity's system of internal control. ->New or revamped information system: Significant and rapid changes in information systems can change entity's system of internal control. ->Rapid Growth: Significant and rapid expansion of operations can strain controls and increase the risk of breakdown in controls.
72
Business Risk Assessment Process
New Technology-> May change the risk associated with the entity's system of internal control. New Business Models, Products, or Activities-> Entering into business areas or transactions with which an entity has little experience may introduce new risks. New Accounting Pronouncements-> Adoption of new accounting principles or changing accounting principles may affect risks in preparing financial statements.
73
Conclusion of Risk Assessment
-> Identifies its business risks relevant to the preparations of financial statements -> Whether and how these business risks affect an entity's ability to initiate, record, process, and report financial information consistent with the assertions of management in the financial statements.
74
Monitoring Activities Component
A well functioning monitoring system: -> Ongoing and separate evaluations ->Reporting deficiencies The purpose of the monitoring activities component is to evaluate the effectiveness of the other control components.
75
Examples of Monitoring Activities
Management process that involves ongoing evaluation of the controls. -> Periodic evaluation by internal auditing -> Supervisory review of controls ->Follow-up of reporting errors ->Follow-up of customer complaints -> Audit committee inquiries
76
Difference between process and a control
Process: The actual steps necessary to account for transactions and record them into the accounting records all the way through to the financial statements Control: The specific actions to mitigate risks that can occur as transactions move through financial reporting process
77
Process Risk Points
->The points in a process where a risk of misstatement could occur. -> The description of a process risk point describes "where" and "how" a misstatement could occur.
78
ESME
Entered, Stored, Manipulated, Exchanged and Extracted
79
Risk of Material Misstatement
The risk of material misstatement is the likelihood that a material error exists in the financial statements.
80
Roles Often Found in the Payroll Cycle
Human Resources: Hires and Onboards in New Employees, Updates Employee Master Files Operations: Makes Hiring Requests, Approves of time records, changes to pay rates and changes in staff Payroll Department: Prepares payroll checks and ACH disbursements, Prepare Payroll Register Accounting: Records payroll information to general ledger.
81
Information-Processing Controls
-> Information processing control are controls relating to the processing of information in IT applications or manual information processes in the entity's information system. -> Address process risk points.
82
Activities of Transaction Controls
SAS 145 -> Authorization and Approval -> Reconciliations ->Verifications -> Physical or Logical Controls against unauthorized access, acquisitions, use of disposal ->Management Review Controls -> Separating incompatible responsibilities
83
Incompatible Responsibilities
Combinations of responsibilities that place a person alone in a position to create and conceal misstatements due to errors or frauds in her or his normal job
84
Four Types
Authorization to Execute Transactions Recording Transactions Custody of assets involved in the transactions Periodic reconciliation of existing assets to recorded amounts.
85
Authorization and Approvals
Authorization: Affirms that a transaction is valid
86
Reconciliations
Reconciliations compare two or more data elements and if differences are identified, action is taken to bring the data into agreement.
87
Verifications
-> Verifications compare two or more items with each other or compare an item with a policy. Completeness, accuracy and validity of processing transactions.
88
Identified Controls?
An auditor is required to test and implement these types of controls.
89
What are some identified Controls?
-> Controls over the posting of journal entries. -> Controls that address a risk that is determined to be a significant risk. -> Controls for which the auditor plans to test operating effectiveness because substantive procedures alone do not provide sufficient appropriate evidence. -> Other controls that, based on the auditor's professional judgement, the auditor considers appropriate and efficient to enable the auditor to assess the risks of material misstatement at the assertion level and to design further audit procedures.
90
Testing the Design
Control Design-> The control activity created in such as way that it mitigates the assigned risk. Control Implementation-> The control activity performed as designed.
91
Characteristics of design?
The nature of control-> Manuel vs. Automated The Type of Control >Detective vs. preventive Frequency of The Control Operation > Recurring, Daily Weekly, Monthly The competence and authority of the individual performing the control activity. The specific attributes or steps that make up the control activity.
92
Process Owner
Individual who is responsible for initiating, processing and recording transactions
93
Control Operator
Individual who performs specific actions to mitigate risks of material misstatements introduced during the process of
94
Control Attributes
The specific procedures performed by the control operator that make-up activity and are important to the design of the control. The parts of the control hat address the risks that the control is intended to address.
95
CA- Control Description
Fixed asset subledger to general ledger reconciliation.
96
Is it designed appropriately?
-> Judgement used in performing the control attributes -> Precision of the operation of the control attribute -> Information relied upon in performing each control attribute.
97
Judgement with Control Attributes
-> Determine and apply the criteria for investigation -> Identify Outliers -> Determine whether the outliers are reasonable or correct
98
Precision of Control Attributes
-> Predictability of Expectation= Does control attributes involve developing expectations -> Level of Aggregation= Summary vs. Detailed Information -> Consistency of Performance= Each time the control operates either pre-defined or ad hoc. -> Criteria for Investigation= Does the criteria for investigation identify outliers.
99
Information Sources
Reports generated directly from the entity's IT system also known as system generated reports. Reports generated using report writer that interface with the IT system or custom report. Schedules created using end-user computing applications. Information created by external parties.
100
Information Characteristics
When information is used by the control operator to perform a control activity, the following need to be determined on the information. -> Is the information relevant to the objective of the control
101
Parts of Information Characteristics
Is the source of information reliable? -> free of error, unbiased ->Information should be authentic and come from a reputable source What is the source of the information- Internal or external? Nature of Information-Electonic format or hard copy Circumstances of how the information is obtained? -> Provided by the entity or from the third party Is the information complete and accurate? -> Has management performed a control to determine if the information is completely accurate -> Does the auditor need to directly test the information used in the operation of completeness and accuracy.
102
Automated Controls
The nature of a can control can be either manual or automated or consist of control attributes that consist of a combination of two. -> Automated controls are controls performed within various IT layers of technology. ->If designed and implemented properly, automated controls perform the same way each time they operate
103
Categories of Automated Controls
System Access Control-> Access to information from a data warehouse is limited to previously- defined job functions. System Configuration Control-> An entity sales application is configured to completely and accurately trade receivables and revenue only for "shipped orders" and using sales from the invoice. Interface Control-> Information cannot be exchanged between applications or databases certain criteria is met.
104
Data and Information Integrity
-> Automated controls also help ensure the integrity of data and information within the entity's IT system. -> Control operators rely on information in the performance of activities and attributes -> Auditors need to perform procedures to conclude that the information used in the performance of a control activity is correct and accurate. -> Auditors identify the risks that could cause information not to be complete and accurate.
105
Automated control activities Include?
Application Database Operating System Network
106
IT processes found in each layer of Tech?
Access to programs and data Program changes. Program acquisition and development. Computer Operations.
107
Risks of Arising form IT
-> Risks exists in each of the IT processes and are often referred to as risks arising from IT. (Rafit) A relevant RAFIT could prevent the effective operation of the related automated control and / or integrity of data and information within the IT system.
108
General IT Controls
General It controls GITCs are in a place to address relevant risks arising from It or RAFITS. (GITCS) Maintain integrity and security of data by addressing relevant RAFITS.
109
Business Processes Activities
An entity's business processes include the activities designed to -> develop, purchase, produce, sell, and distribute and entity's products and services -> Ensure compliance with laws and regulations -> Capture information, including accounting and financial reporting information. -> Results in the transactions that are recorded, processed and reported by the information system -> The information system includes the financial reporting process to prepare the entity's financial statements.
110
COSO view regarding information
Information is necessary for the entity to carry out internal control responsibilities to support the achievement of its objectives. Information systems play a key role in the system of internal control as they produce reports, including operational, financial and compliance-related information, which make the operation and control of the business possible.
111
COSO view of Communication
Communication is the continual, iterative process of providing, sharing and obtaining necessary information.
112
Internal Communication
The means by which information is disseminated throughout the organization, flowing up, down and across the entity.
113
External Communication
It enables inbound communication of relevant external information, and it provides information to external parties in response to requirements and expectations.
114
Flows of transactions
To understand how information flows through the entity's information system for significant classes, accounts and disclosures -> How transactions are initiated, and how information about these transactions are recorded, processed, corrected as necessary, incorporated in the general ledger, and reported in the financial statements. -> How information about events and conditions, other than transactions captured, processed, and disclosed in the financial statements.
115
Information Processing Activities part 2
-> The accounting records, specific accounts in the financial statements, and other supporting records relating to the flows of information in the information system -> Financial reporting process used to prepare the entity's financial statements, including disclosures. -> The tools, software and applications, including the IT environment, use financial reporting process.
116
Relevant IT Environment
In obtaining an understanding of the flows of transactions and information processing activities in the information system. -> The nature and characteristics of the IT applications used as well as the support infrastructure. -> Complexity of customization level related to IT applications. -> in house environment vs third-party service organizations or cloud applications. -> The use of data warehouses -> System-generated reports vs. report writers -> End-user applications such as spreadsheets.
117
IT application
A program set of programs that are used in the initiation, processing, recording, and reporting of transactions or information.
118
IT infrastructure
Comprises the network, operating systems, and databases and their related hardware and software.
119
Application
Technology designed to perform one or many functions, tasks or activities. Applications are often used to capture, process or extract data.
120
Database
Technology that organize a collection of data or information so that it can be easily accessed, managed and updated.
121
Operating System
Technology that control the basic operations of a computer and provides a software platform or which to run other software , such as applications or databases.
122
Network
Technology that transports information or data between computers, either within an organization or between organizations.
123
How to gain an understanding of information flows
-> Inquiries with management -> Inspection of documents -> performing a walkthrough -> Prepare a flowchart -> Prepare an IT system diagram based on the layers of technology.
124
Walkthroughs
A walkthrough is an audit procedure used to trace a transaction from its origin through the company's information systems to the point where it is reflected in the financial statements. -> Involve inquiries with entity personnel, observation or employee actions and inspection of transaction documents.
125
Flowcharts
Flowcharts use symbols, lines, and arrows to explain the actions and steps of accounting processes from the initiation of the transaction through its posting to the general ledger. -> Often prepared with walkthroughs.
126
Component of Entity's System
Risk assessment procedures require auditors to obtain an understanding of internal control over financial reporting.
127
Process
Consists of ongoing tasks and activities
128
Risk
The possibility that an event will adversely impact a process from completing its tasks, activities or objects through the generation of errors and frauds.
129
Control
An action established through policies and procedures to help ensure that the process completes its tasks and objectives.
130
Indirect Controls
Controls that support direct controls
131
Direct Controls
Controls that are precise enough to address risks of material misstatements at the assertion level.
132
Identification and Assessment of Risks
The auditors identification and assessment of risks of material misstatement at the assertion level is influenced by: -> The auditors understanding of the entity's information processing activities in the information system and communication component. -> The auditors identification and evaluation of identified controls in the control activities component.

Auditing (3 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions