Ch 4

Question 0

Enterprise risk management (ERM)

Answer 0

Facilitate assessment and mitigation of business risks that
Entity faces

Management, boards and personnel have to assess what can go
Wrong with business and how to prevent it

Question 1

Business risks

Answer 1

Risk that could adversely affect companies’ ability to achieve
Objectives and execute strategies

Question 2

Inherent risk

Answer 2

In absence of internal controls

Risk frauds and errors can occur through information processing
And financial statements are misstated

Question 3

Information risk

Answer 3

Probability that information distributed by entity will be materially
False and misleading

Question 4

Control risk

Answer 4

Management builds in controls so errors and fraud are less likely
To occur,

but there is risk internal controls will fail to detect fraud or error

Question 5

Audit risk

Answer 5

Risk of incorrect audit opinion when financial statements are
Materially misstated

Question 6

8 elements of ERM (enterprise risk management framework)

Answer 6

1 internal environment
2 objective setting
3 event identification
4 risk assessment
5 risk response
6 control activities
7 information and communication
8 monitoring

Question 7

ERM: internal environment define, what 4 items does it include?

Answer 7

Risk consciousness of organization

Includes organization’s risk management philosophy and risk
Appetite, ethical values, operating environment

Question 8

ERM: Objective setting

Answer 8

Managements responsibility to determine goals and objectives of
Organization

Question 9

ERM: event identification, define, examples

Answer 9

Identification of conditions and events that could adversely
Affect management’s objectives

Ex. Supplier problems, poor weather

Question 10

ERM: risk assessment, define, example

Answer 10

Systematic process for estimating likelihood of adverse conditions
Occurring

Ex. Chance of Bad weather and financial damage it might cause

Question 11

ERM: risk response

Answer 11

How organization will prevent of respond to adverse conditions
If they actually occur

Question 12

ERM: control activities

Answer 12

Policies/procedures to ensure risk responses are appropriate

Given circumstances

Question 13

ERM: information and communication

Answer 13

Link all components of ERM

Ex. Provide management with all info to minimize/eliminate risk

Question 14

ERM: monitoring

Answer 14

Regular management and supervisory activities over risk
Management activities

to make sure they remain in place and operate smoothly

Question 15

3 ways management can mitigate risk

Answer 15

1 avoid it

2 control it

3 share it

Question 16

Fraud

Answer 16

Act of knowingly making material misrepresentation of fact

With intent of inducing someone to believe in falsehood and
Act on it, suffering a loss or damage

Question 17

3 ways fraud and aggressive financial reporting occur

Answer 17

1 overstating revenues and assets

2 understating expenses and liabilities

3 giving disclosures that are misstated or omit important info

Question 18

Fraud that affect financial info and causes financial statements to be materially misstated often arise from need to…

Answer 18

Get through difficult period

Question 19

3 Examples of difficult periods where fraud occurs

Answer 19

1 cash shortage
2 increase in competition
3 cost overruns

Question 20

Management fraud AKA fraudulent financial reporting

Answer 20

Deliberate fraud committed by management that injures investors
And creditors through materially misstated info

Question 21

White collar crime

Answer 21

Fraud perpetrated by people who work in offices and steal
With pencil or computer

Not through violence

Question 22

Employee fraud

Answer 22

Use of fraudulent means to misappropriate funds or other

Property from an employer

Question 23

3 phases of employee fraud

Answer 23

1 fraudulent act
2 conversion of funds/property to fraudster’s use
3 coverup

Question 24

Embezzlement

Answer 24

Type of fraud involving employees or non employees wrongfully Misappropriating funds or property entrusted to their care Often accompanied by false accounting entries and other Forms of deception and coverup

Question 25

Larceny

Answer 25

Simple theft Stealing what hasn't been entrusted to you

Question 26

Defalcation

Answer 26

Another name for employee fraud, embezzlement or larceny Misappropriation of assets

Question 27

Errors

Answer 27

Unintentional misstatements or omissions of amounts or | Disclosures in financial statements

Question 28

Significant account or disclosure

Answer 28

Account or disclosure that has reasonable possibility of | containing material misstatement regardless of effect of controls

Question 29

Relevant assertions

Answer 29

Management assertions that have reasonable possibility of Containing material misstatements without regard to effect of Controls

Question 30

Audit risk can be broken down into 3 parts

Answer 30

Risk of: 1 material misstatement occurs (inherent risk) 2 not prevented or detected by client internal controls (control risk) 3 not detected by auditors procedures (detection risk)

Question 31

Inherent risk and control risk are combined into what kind of risk?

Answer 31

Risk of material misstatement

Question 32

Risk of material misstatement (RMM)

Answer 32

Risk a material misstatement exists in financial statements before Auditors apply their procedures

Question 33

Inherent risk, text book definition

Answer 33

Probability that in absence of internal controls, material errors or Frauds could enter accounting system used to develop financial Statements Susceptibility of account to misstatement

Question 34

Detection risk

Answer 34

Probability that auditors procedures will fail to detect material Misstatements that haven't been prevented by client's internal Controls

Question 35

Audit risk model (equation)

Answer 35

``` Audit risk (AR) = Inherent risk (IR) X Control Risk (CR) X Detection Risk (DR) ```

Question 36

Inherent risk is high if...

Answer 36

Material misstatement is likely to enter the accounting info system

Question 37

Control risk is high if...

Answer 37

Material misstatement is not likely to be detected by client's Internal controls

Question 38

High detection risk means...

Answer 38

We can afford less effective testing

Question 39

Low detection risk means we...

Answer 39

Need more effective testing

Question 40

Impact of detection Risk Allowed: Lower detection risk allowed vs. Higher detection risk allowed: nature

Answer 40

Nature: Lower detection risk allowed = more effective tests Higher detection risks allowed = less effective tests

Question 41

Impact of detection Risk Allowed: Lower detection risk allowed vs. Higher detection risk allowed: timing

Answer 41

Timing: Lower detection risk = testing performed at year end Higher detection risk = testing can be performed at interim

Question 42

Impact of detection Risk Allowed: Lower detection risk allowed vs. Higher detection risk allowed: extent

Answer 42

Extent: Lower detection risk allowed = more tests Higher detection risk allowed = fewer tests

Question 43

Susceptibility of accounts to misstatement or fraud: dollar size of account

Answer 43

The higher the account balance, the greater the chance of | Having errors or fraud in the account

Question 44

Susceptibility of accounts to misstatement or fraud: liquidity Example

Answer 44

The greater the accounts liquidity, the more susceptible the account is to fraud Ex. Cash is more susceptible to theft than a building

Question 45

Liquidity define

Answer 45

Ability it be easily converted into cash

Question 46

Susceptibility of accounts to misstatement or fraud: volume of transactions

Answer 46

The higher the volume if transactions, the higher the chance | Of error or fraud occurring in the transactions

Question 47

Susceptibility of accounts to misstatement or fraud: complexity of transactions Ex.

Answer 47

Very complex transactions have higher percentage of errors Ex. Derivatives and hedging transactions

Question 48

Susceptibility of accounts to misstatement or fraud: subjective measurements Ex.

Answer 48

Subjective measurements have more fraud and error as subjective (Estimating allowance for doubtful accounts Than objective measurements (counting petty cash) Measurement is easier to manipulate

Question 49

5 aspects auditors must understand about nature of company

Answer 49

1 company's organizational structure and management personnel 2 sources of funding for operation and investment activities 3 company's significant investments 4 company's operating characteristics 5 sources of company's earnings

Question 50

Company's organizational structure and management personnel

Answer 50

Whether company is centralized or decentralized

Question 51

Company's operating characteristics

Answer 51

Its size and complexity Whether it operates internationally or has subsidiaries in Diverse industries

Question 52

Related parties

Answer 52

individuals and organizations that can influence or be influenced By decisions of company Possibly though family ties or investment relationships

Question 53

Accounting estimates

Answer 53

Approximations of financial statement numbers, often included In financial statements Numerous fraud cases have involved manipulation of estimates

Question 54

3 early information gathering activities of auditors

Answer 54

1 reviewing the corporate charter and bylaws or partnership Agreement 2 reviewing contracts, agreements, legal proceedings 3 reading minutes if meetings of directors and committees Of board of directors

Question 55

Analytical procedures

Answer 55

Reasonableness tests where auditors compare their expectation For each account balance with those recorded by management

Question 56

5 steps auditors should perform when completing analytical procedures

Answer 56

``` 1 develop an expectation 2 define a significant difference 3 compare expectation with recorded amount 4 investigate significant differences 5 document each of preceding steps ```

Question 57

Define a significant difference

Answer 57

What percentage or dollar difference from you expectation is | Still considered reasonable

Question 58

Horizontal analysis

Answer 58

Comparative financial statements and calculate year to year | Changes in balance sheet and income statement accounts

Question 59

Vertical analysis

Answer 59

Calculate common size statements where amounts are expressed As percentage of base (sales of income statement, or total assets Of balance sheet)

Question 60

Significant risks, ex

Answer 60

Risks that require special audit consideration Because nature of risk or likelihood and potential magnitude of Misstatement related to risk Ex. Fraud risks

Question 61

Extended procedures

Answer 61

Audit procedures used in response to heightened fraud awareness As result of identification of significant risks

Question 62

Fraud at the management level should be reported to who?

Answer 62

The audit committee

Question 63

Audit committees

Answer 63

Composed of independent, outside members of board of directors Not involved in company's daily operations Provide buffer between audit firm and managment

Question 64

2 types of noncompliance dealt with by auditing standards

Answer 64

1 direct effect noncompliance 2 indirect effect noncompliance

Question 65

Direct effect noncompliance

Answer 65

Violations of laws or government regulations by entity or its Management or employees That produce direct and material effects on dollar amounts In financial statements

Question 66

Indirect effect noncompliance

Answer 66

Violation of laws and regulations that doesn't directly effect Specific financial statement accounts or disclosures Ex. Insider trading, OSHA violations, FDA regulations, environmental protection, equal employment

Question 67

Private Securities Litigation Reform Act 1995: reporting obligations

Answer 67

If auditors believe a serious illegal act has occurred, they must Inform company's board, and board must inform SEC in 1 business Day If board doesn't inform SEC, auditors should resign and give SEC report in 1 business day

Question 68

Audit strategy memorandum

Answer 68

Scope, timing and direction for auditing each relevant assertion Based on results of audit risk model