C6 Internal Control

Question 1

Who is required to implement quality control?

Answer 1

Engagement Partner ( Audit Firms)

Question 2

Components of Internal Control

Answer 2

CCRIM

✔ Control Environment
✔ Control Activities
✔ Risk Assessment
Information and Communications Systems
✔ Monitoring

Question 3

Internal Control

Answer 3

Process designed and effected by those charged with governance, mgmt, and other personnel TO PROVIDE REASONABLE ASSURANCE about the achievement of the entity’s objectives with regard to

1. Reliability of FR (FR Objective)
2. Effective and efficient ops (Operational Obj)
3. Compliance objective

Question 4

4 essential concepts in the definition of IC

Answer 4

✔ Process
✔ Effected by those charged with governance, mgmt
✔ IC can be expected to provide REASONABLE assurance of achieving the Obj
✔ Designed to help achieve the obj

Question 5

Examples of Inherent Limitations to IC’s effectiveness

Answer 5

✔ Cost benefit principle
✔ directed at routine transactions
✔ potential for human errors (mistakes of judgment, careless, etc)
✔ circumvention through collusion
✔ overriding of mgmt
✔ Inadequate procedures due to CHANGES IN CONDITIONS

Question 6

Operational and compliance objectives may be relevant to the audit?

Answer 6

Yes, as long as it relates to the data the auditor evaluates

Question 7

Responsibility of MGMT and Those charged with governance

Answer 7

MGMT - to establish a control environment and maintain policies and procedures to assist in achieving the objs.

Those charged with governance - ensure the integrity of fr systems through OVERSIGHT of mgmt.

Question 8

Attitudes, awareness, and actions of mgmt. It sets the tone of an organization; the foundation providing discipline and structure.

Answer 8

Control Environment

Question 9

A factor of Control Environment that discourages employees from engaging in dishonest, illegal, and unethical acts that could materially affect the FS.

Answer 9

Integrity and ethical values

Question 10

Who is responsible for overseeing the financial reporting policies and practices of the entity?

Answer 10

The audit committee

Question 11

A control environment factor that assesses mgmt attitude towards FR; their emphasis on meeting projected profit gosls

Answer 11

Mgmt philosophy and operating style

Question 12

What CE factor requires an entity to have an audit committee?

Answer 12

Active participation of those charged with governance

Question 13

A CE factor that provides a framework for planning, directing, and controlling the operations

To avoid incompatible functions

Answer 13

Organizational structure / assignment of responsibility

Question 14

The risk that the business objectices will not be attained due to internal and external factors

Answer 14

Business risk

Question 15

Policies and procedures that help ensure that mgmt directives are carried out

Answer 15

Control activities

Question 16

Control activities:

Answer 16

PIPS
✔ performance reviews
✔ information processing
✔ physical controls
✔ segregation of duties

Question 17

Assessing the quality of IC over time and on a timely basis taking corrective actions

Answer 17

Monitoring

Question 18

Monitoring activities performed on a non-routine basis (by internal auditors)

Answer 18

Separate evaluations

Question 19

Monitoring activities built into the normal recurring activities (ex. Bank recon)

Answer 19

Ongoing monitoring activities

Question 20

IC in small businesses tend to be weak compared to larger entities

Answer 20

True

Question 21

Weakness of IC in small business can be compensated by how?

Answer 21

If the owner/manager actively participates in the business operations

Question 22

Are auditors responsible for establishing and maintaining accounting and IC systems?

Answer 22

No. Only give an adequate consideration because the ICS can have a SIGNIFICANT impact on the audit

Question 23

5 steps in Considering the Internal Control

Answer 23

1. Obtaining understanding of the internal control
2. Documenting the understanding of accounting and internal control systems
3. Assessimg the level of control risk
4. Performing tests of control
5. Documenting the assessed level of control risks

Question 24

1. Obtaining an understanding of IC involves: (objectives)

Answer 24

✔ Evaluating the design of a control
✔ determining whether it has been implemented

Question 25

Initial understanding of the design is obtained by:

Answer 25

✔ inquiries
✔ inspection
✔ observation

Question 26

Tracing one or two transactions through the entire accounting systems, from their initial recording to their final destination as a component of account balance.

Answer 26

walk-through test

Question 27

This process confirms the auditor’s understanding of how the accounting systems and control procedures function.

Answer 27

walk-through test

Question 28

Is the auditor required to obtain knowledge about the operating effectiveness of IC when doing step 1?

Answer 28

No. Go back to the objectives/definition of Step 1:
✔ Evaluating the design of a control
✔ determining whether it has been implemented

Question 29

The auditor’s understanding of IC should be adequate to”

Answer 29

✔ Identifying types of potential misstatement
✔ Consider factors that affect ROMMS
✔ Design the nature, timing, and extent of AP

Question 30

Commonly used forms of documentation for auditor’s understanding of IC (2)

Answer 30

✔ Narrative description
✔ Flowchart
✔ Questionnaire

Question 31

What is the 3rd step in ICC?

Answer 31

Assessment of Control Risk

Question 32

Levels to be obtained in preliminary assessment of CR

Answer 32

✔ At a high level
✔ At less than high level

Question 33

What is the level of assessment when the controls are ineffective?

Thus, can the auditor perform TOC?

Answer 33

At a high level

not necessary anymore due to efficient manner obj; auditor should proceed to ST directly

Question 34

When the controls appear to be reliable, the auditor should not determine whether it is efficient to obtain evidence to justify assessing it at a less-than-high level.

Answer 34

False. not

Question 35

To exercise professional skepticism, the auditor should perform what when he assessed the assertion at a less than high level/ as a reliable control?

Answer 35

test of control (Step 4)

• to determine the effectiveness

Question 36

The auditor should also identify specific internal control policies and procedures that are likely to prevent / detect and correct FS MMs.

Answer 36

True

Question 37

TOCs are performed to obtain evidence about the effectiveness of the :

Answer 37

✔ Design of accounting and ICS
✔ Operation of the IC throughout the period

Question 38

Will the auditor test all controls to determine their effectiveness?

Answer 38

No, only those they plan to rely upon; or likely to detect or prevent MMs.

Question 39

The greater reliance on control, the _____ substantive tests are required to support the preliminary assessment at less than high level

Answer 39

greater / more

Question 40

Evidence-gathering techniques in TOC:

Answer 40

1. Inquiry
2. Observation
3. Inspection
4. Reperformance