chap 12 assess control risk

Question 1

what is a design deficiency?

Answer 1

exists if a necessary control is missing, not properly designed, or not properly implemented

Question 2

after obtaining an understanding of internal control , the auditors makes a what?

Answer 2

preliminary assessment of control risk

Question 3

exists if a well designed control does not operate as designed or if the person performing the control is insuffienciently qualified or authorized

Answer 3

operation deficiency

Question 4

what are 2 examples of entity level controls that have the potential to undermine controls for most of the transaction related audit objectives?

Answer 4

1. an ineffective board of directors 2. managments failure to have any process to identify , assess, or manage key risk

Question 5

exists if a significant deficiency , by itself or in combo with other significant deficiencies, results in a reasonable possibility that internal control will not prevent or detect material misstatements on a timely basis

Answer 5

material weakness

Question 6

what is an example of a compensating control?

Answer 6

when a owner is actively involved in a small business

Question 7

one elsewhere in the system that offsets the absence of a key control is what kind of control?

Answer 7

compensating

Question 8

the likelihood of misstatements and their potential materiality are used to evaluate what?

Answer 8

if there are significant deficiencies or material weaknesses

Question 9

what is the 2 reason for including only key controls?

Answer 9

1. they will be sufficient to achieve the transaction related audit objectives 2. they provide audit efficiency

Question 10

entity level controls have an overarching impact on what?

Answer 10

most major types of transactions in each transaction cycle

Question 11

if there is more than a reasonalbe possibility (___) that a material misstatement (____) could result from the significant deficiency , then it is considered a what?

Answer 11

likelihood significance material weakness

Question 12

auditors start with the assessment of what kind of controls before assessing transaction specific controls

Answer 12

entity level controls

Question 13

what is a control deficiency?

Answer 13

exists if the design and implemenation or operation of controls doesnt permit company personnel to prevent or detect mistatments on a timely basis in the normal course of performing their assigned functions

Question 14

the auditor should identify and include only those controls that are expected to have what?

Answer 14

the greatest effect on meeting the transaction related audit objectives

Question 15

as part of evaluating control risk, auditors must evaluate whether key controls are ____ in the design of internal control

Answer 15

absent

Question 16

what is a material weakness?

Answer 16

exists if a significant deficiency , by itself or in combo with other significant deficiencies, results in a reasonable possibility that internal control will not prevent or detect material misstatements on a timely basis

Question 17

what are the 5 control activities that are also helpful as reminders of controls?

Answer 17

1. separation of duties 2. proper authorization 3. adequate documents and records 4. physical control over assets and records 5. independent checks on performance

Question 18

exists if a necessary control is missing, not properly designed, or not properly implemented

Answer 18

design deficienty

Question 19

what is a significant deficiency?

Answer 19

exists if one or more control deficiencies exist that are less severe than a material weakness but are important enought to merit attention by those responsible for oversight of the companys financial reporting

Question 20

when a compensating control exists, there is no longer a what?

Answer 20

significant deficiency or material weakness

Question 21

the auditor uses the preliminary assessment of control risk to plan the audit for each what?

Answer 21

material class of transactions

Question 22

what are the 3 levels of absence of internal controls?

Answer 22

1. control deficiency 2. significant deficiency 3. material weakness

Question 23

what is a operation deficiency?

Answer 23

exists if a well designed control does not operate as designed or if the person performing the control is insuffienciently qualified or authorized

Question 24

what is a compensating control?

Answer 24

one elsewhere in the system that offsets the absence of a key control

Question 25

what are the 6 steps in the preparation on the control risk matrix?

Answer 25

1. identify audit objectives- for classes of transactions, account balances, and presentation and disclosure 2. identify existing controls- that contribute to accomplishing transaction related audit objectives 3. associate controls with related audit objectives 4. identify and evaluate control deficiencies , significant deficiencies, and material weaknesses 5. associate control deficiencies with related audit objectives 6. assess control risk for each related audit objective

Question 26

exists if one or more control deficiencies exist that are less severe than a material weakness but are important enought to merit attention by those responsible for oversight of the companys financial reporting

Answer 26

significant deficiency

Question 27

what is the critical decision in the evaluation of internal control?

Answer 27

assessing control risk for transaction related audit objectives

Question 28

once auditors determine entity level controls including general controls are designed and placed in operation, they make a preliminary assessment for what?

Answer 28

each transaction related audit objective for each major type of transaction in each transaction cycle

Question 29

what are key controls?

Answer 29

those that have the greatest effect on meeting the transaction related audit objectives

Question 30

deficiencies and material weaknesses are the what?

Answer 30

absense of adequate controls

Question 31

the preliminary assessment of control risk is a measure of the auditors expectation that what?

Answer 31

internal controls will prevent material misstatements from occurring or detect and correct them if they have occurred

Question 32

what are 3 useful tools to identify where controls are lacking ?

Answer 32

1. questionnaires 2. flow charts 3. walkthroughs

Question 33

what are 2 instances where the auditor may learn that the control deficiences are significant so that the clients FSs may not be auditable and they wont accept the engagement

Answer 33

1. managment lacks integrity 2. the accounting records are deficient

Question 34

what are the 2 dimensions that must be evaluated to determine if a significant internal control deficiency/ies are a material weakness?

Answer 34

likelihood significance

Question 35

what are the 5 steps for identifying deficienies, significant deficiencies, and material weaknesses?

Answer 35

1. identify existing controls 2. identify the absence of key control 3. consider the possibility of compensating controls 4. decide whether these is a significant deficiency or material weakness 5. determine potential misstatements that could result

Question 36

before making the final assessment of control risk at the end of an audit, the auditor will do what 2 things?

Answer 36

1. test controls 2. perform substantive tests

Question 37

the auditor obtains an understanding of the design and implementation of internal control to make a preliminary assessment of what?

Answer 37

control risk

Question 38

controls that have the greatest effect on meeting the transaction related audit objectives are called ?

Answer 38

key controls

Question 39

exists if the design and implemenation or operation of controls doesnt permit company personnel to prevent or detect mistatments on a timely basis in the normal course of performing their assigned functions

Answer 39

control deficiency

Question 40

auditors should evaluate the effectiveness of what kind of controls before evaluating automated application controls or manual control dependent on IT output?

Answer 40

IT general controls

Question 41

many auditors use a control risk matrix to assist in the control risk assessment process at what level?

Answer 41

transaction