Auditors' Fraud-Related Responsibilities Flashcards
Which of the following is required of auditors during an audit of internal control over financial reporting conducted in accordance with PCAOB Auditing Standard No. 5?
A. Assessing controls over journal entries and adjustments made during the end of the period
B. Evaluating controls specifically designed to mitigate the motivations for management to engage in financial statement fraud
C. Evaluating the controls enacted to address the risk of management override of other controls
D. All of the above
D. All of the above
According to PCAOB Auditing Standard No. 5, the auditor should test both the design and operating effectiveness of the company’s internal control over financial reporting (ICOFR). In testing the design effectiveness of the controls, the auditor should determine whether the controls, if operated as prescribed, satisfy the company’s control objectives and can effectively prevent or detect errors or fraud that could result in material misstatements. In testing the operating effectiveness of the controls, the auditor should determine whether each control is operating as designed, as well as whether the person operating the control has the appropriate authority and competence to perform the control effectively.
Additionally, the auditor must specifically evaluate (1) the controls enacted to address the risk of management override of other controls and (2) whether the company’s internal controls adequately address the risk of material misstatement due to fraud. These controls include:
Controls over significant unusual transactions
Controls over journal entries and adjustments made during the end of the period financial reporting process
Controls over related-party transactions
Controls related to significant management estimates
Controls that mitigate the motivations for, and pressures on, management to engage in inappropriate earnings management and financial statement fraud
PCAOB Auditing Standard No. 5 provides guidance for auditors on:
A. Performing an audit of management’s assessment of internal control over financial reporting
B. Evaluating management’s discussion and analysis
C. Determining whether an entity’s financial statements are affected by fraud
D. None of the above
A. Performing an audit of management’s assessment of internal control over financial reporting
In May 2007, the PCAOB adopted Auditing Standard No. 5, An Audit of Internal Control Over Financial Reporting That Is Integrated with An Audit of Financial Statements, as a replacement to Auditing Standard No. 2, the previous standard governing audits of internal control over financial reporting (ICOFR) as mandated by the Sarbanes-Oxley Act. Auditing Standard No. 5 lays out the requirements and provides guidance for auditors who are engaged to perform an audit of management’s assessment of the internal controls that is integrated with an audit of the financial statements.
AU Section 240 delineates two types of frauds that are relevant for audit purposes: those that involve intentional fraudulent omissions or inclusions in the financial statements and those that involve the theft or misuse of company assets. T/F
True
AU Section 240 outlines the two primary types of fraud-related misstatements that are considered relevant for audit purposes: misstatements arising from fraudulent financial reporting and misstatements arising from misappropriation of assets. Fraudulent financial reporting occurs through intentional fraudulent omissions or inclusions in the financial statements. Asset misappropriation involves the theft or misuse of company assets.
At the close of an integrated audit performed under PCAOB Auditing Standard No. 5, the auditor may choose to issue a single report containing both an opinion on the company’s financial statements and an opinion on its internal control over financial reporting, or to issue a separate report for each opinion. T/F
A. True CORRECT
According to PCAOB Auditing Standard No. 5, at the close of the integrated audit, the auditor may choose to issue a single report containing both an opinion on the company’s financial statements and an opinion on its internal control over financial reporting (ICOFR), or to issue a separate report for each opinion
Under the Institute of Internal Auditors’ International Standards for the Professional Practice of Internal Auditing, an organization’s internal audit function is required to hold primary responsibility for all internal fraud investigations. T/F
False
The role that internal audit plays in fraud investigations varies by organization. Internal audit might have primary responsibility for fraud investigations, might serve as a resource for the investigations, or might have no involvement at all in the investigations
The Private Securities Litigation Reform Act requires public company audits to include procedures designed to provide reasonable assurance of detecting __________ that would have a direct and material effect on the financial statements.
A. Illegal acts
B. Fraud
C. Corruption
D. None of the above
A. Illegal acts
The Private Securities Litigation Reform Act (PSLRA), passed in 1995, sets forth several responsibilities for independent auditors of public companies. One of the requirements is that each audit of the financial statements of a public company includes procedures designed to provide reasonable assurance of detecting illegal acts that would have a direct and material effect on the determination of financial statement amounts.
According to The Institute of Internal Auditors’ International Standards for the Professional Practice of Internal Auditing, internal auditors must apply the care and skill of an expert whose primary responsibility is investigating fraud
T/F
False
Internal Auditing Standard 1220 states that internal auditors must apply the care and skill expected of a reasonably prudent and competent internal auditor. The standard also states, however, that due professional care does not imply infallibility
According to PCAOB Auditing Standard No. 5, an auditor should implement a bottom-up approach when auditing an entity’s internal control over financial reporting. T/F
False
According to PCAOB Auditing Standard No. 5, auditors should implement a top-down approach in performing an audit of internal control over financial reporting. A top-down approach “begins at the financial statement level and with the auditor’s understanding of the overall risks to internal control over financial reporting. The auditor then focuses on entity-level controls and works down to significant accounts and disclosures and their relevant assertions.” (Paragraph 21) This approach focuses auditors on those accounts, disclosures, and assertions that are most likely to result in material misstatement of the company’s financial statements. The standard makes explicit mention, however, that this approach describes the auditor’s thought process when identifying risks and the controls to test, rather than the order in which the auditor should perform the audit procedures.
Which of the following is NOT one of the responsibilities that the internal auditor should carry out in conducting audit engagements?
A. Be alert to opportunities that could allow fraud, such as control deficiencies.
B. Report all findings of fraud to the Securities and Exchange Commission within 10 working days.
C. Consider fraud risks in the assessment of internal control design and determination of audit steps to perform.
D. Have sufficient knowledge of fraud to identify red flags indicating fraud might have been committed.
B. Report all findings of fraud to the Securities and Exchange Commission within 10 working days.
To help auditors comply with their responsibilities pertaining to fraud, the IIA released IPPF—Practice Guide: Internal Auditing and Fraud. Although not mandatory, the guidance included in the Practice Guide is strongly recommended. Specifically, this Guide states that, in conducting audit engagements, the internal auditor should:
• Consider fraud risks in the assessment of internal control design and determination of audit steps to perform.
• Have sufficient knowledge of fraud to identify red flags indicating fraud may have been committed.
• Be alert to opportunities that could allow fraud, such as control deficiencies.
• Evaluate whether management is actively retaining responsibility for oversight of the fraud risk management program, whether timely and sufficient corrective measures have been taken with respect to any noted control deficiencies or weaknesses, and whether the plan for monitoring the program continues to be adequate for the program’s ongoing success.
• Evaluate the indicators of fraud and decide whether any further action is necessary or whether an investigation should be recommended.
• Recommend investigation when appropriate.
According to The Institute of Internal Auditors’ International Standards for the Professional Practice of Internal Auditing, the internal audit team must evaluate the potential for the occurrence of fraud, as well as the organization’s fraud risk management initiatives.
A. True
B. False
A. True
According to The Institute of Internal Auditors’ Standard 2120.A2, the internal audit activity must evaluate the potential for the occurrence of fraud and how the organization manages fraud risk.
According to AU Section 240, judgments about a company’s risk of material misstatement due to fraud have an effect on which of the following aspect(s) of an audit?
A. Consideration of accounting principles used
B. Assignment and supervision of personnel
C. Choice of auditing procedures
D. All of the above
D
Government Auditing Standards, also known as the Yellow Book, apply to which of the following types of engagements? A. Government financial audits B. Government review engagements C. Government performance audits D. All of the above
D
According to PCAOB Audit Standards No. 5, the external auditor should integrate the audit of the company’s internal controls over financial reporting (ICOFR) with the audit of the company’s financial statements. t/f
t
According to Government Auditing Standards, as part of a performance audit, the auditor should make a determination as to whether any questionable acts discovered during the engagement legally constitute fraud. t/f
f
Governmental Auditing Standards, paragraph 6.30, states, “In planning the audit, auditors should assess risks of fraud occurring that are significant within the context of the audit objectives.” Fraud is a type of illegal act involving the obtaining of something of value through willful misrepresentation. Whether an act is, in fact, fraud is a determination to be made through the judicial or other adjudicative system and is beyond auditors’ professional responsibility.
The primary purpose of AU Section 240 is to:
A. Emphasize that the primary responsibility for establishing internal controls rests with auditors
B. Establish standards for auditors in fulfilling their responsibilities related to fraud during a financial statement audit
C. Establish auditors as being primarily responsible for the prevention and detection of fraud within an organization
D. All of the above
B
