Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Assurance Elective > Ch. 12 Test of Controls > Flashcards

Ch. 12 Test of Controls Flashcards

1
Q

What is internal control defined as under CAS 315?

A

The system designed, implemented, and maintained by those chargedd with governannce, management, and other personnel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the 5 interrelated components?

A
  • control environment
  • the entity’s risk assessment process
  • the entity’s process to monitor the system of internal control
  • the information system and communication
  • control acitivites
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the two types of controls?

A

Direct controls - controls that are precise enough to address risk of material misstatementsat the assertion level

indirect controls - that are not precise to prevent, detect, or correct at the assertion level but support other controls.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the different types of indirect internal controls?

A

Control environment - sets the tone of an entity, and reflects the overall attitude, awareness, and response of management

entity’s risk-assessment process - the identification, analysis and management of risks relevant to the preparation of the financial statements

monitoring controls - consist fo polciies and procedures designed to assess teh quality of internal control performance over time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the different types of direct controls?

A

information systems - consists of procedures and records designed and established specifically related to the usage of IT.

communication

control activities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Note: Because an internal control contains both manual and automated elements - the auditor must gain an understasnding on which elements are automated or manual to assess the risk of material misstatements and the procedures to be performed

A

Note: Automated controls may be more reliable than manual controlssepecially in:
- high volume recurring transactions
- controls where specific ways to performt he control can be designed and automated

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How are information systems related to IT?

A

They have general IT controls such as:

  • managing access: authentication, ahuthorization, provisions, depreovisioning, priviledged access, user-access reviews, security configuration controls, phyiscal access
  • process to manage program or other changes to the IT environment: change to management process, segregation of duties over change migration, systems development or acquistion or implementation, data conversion
  • process to manage IT operations: job scheduling, job monitoirng, back-up and recovery, intrusion detection.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the four layers that an auditor must cosnider when evaluating the general IT controls mentioned earlier?

A
  • Applications - how general IT controls will correlate to the nature and extent of application fuctionality and the accesss paths allowed in the tech
  • Database - General IT controls at the database layer addresses risks arrising from the use of IT related to unauthroized updates
  • Operating system - How general IT controls at the operating system layer addresses risk arising from the use of IT related to ADMIN accesss which can overide other controls
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Assurance Elective (14 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions