Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Internal Auditing > Chapter 11: Data Analytics and Audit Sampling > Flashcards

Chapter 11: Data Analytics and Audit Sampling Flashcards

1
Q

What is internal audit data analytics?

A

Internal audit data analytics is the use of software to retrieve data from various sources and filtering
the data to look for anomalies. Internal auditors can use data analytics to review large volumes of data
and create the ability to review only those data items that are significant and potential issues.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are some of the key areas to which internal auditors can apply the use of data analytics?

A

Data analytics can be used to evaluate data in any business unit. Areas that are typical include:
accounts payable, procurement, travel and entertainment expenses, inventory, payroll, accounting entries, sales, and expense transactions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How is “audit sampling” defined in this chapter?

A

Audit sampling is the application of an audit procedure to less than 100 percent of the items in a population for the purpose of drawing an inference about the entire population.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the two general types of audit sampling?

A

The two general types of audit sampling are statistical sampling and nonstatistical sampling.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How is “sampling risk” defined in this chapter?

A

Sampling risk is the risk that the internal auditor’s conclusion based on sample testing may be different
than the conclusion reached if the audit procedure was applied to all items in the population.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the two aspects of sampling risk that an internal auditor considers when performing tests of controls?

A

In performing tests of controls, the internal auditor is concerned with two aspects of sampling risk: the risk
of assessing control risk too low (type II risk, beta risk) and the risk of assessing control risk too high
(type I risk, alpha risk).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How does nonsampling risk differ from sampling risk?

A

Nonsampling risk, unlike sampling risk, is not associated with testing less than 100 percent of the
items in a population. Instead, nonsampling risk occurs when an internal auditor fails to perform his
or her work correctly.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is attribute sampling?

A

Attribute sampling is a statistical sampling approach based on binomial distribution theory that
enables the user to reach a conclusion about a population in terms of a rate of occurrence.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the three variations of attribute sampling described in this chapter?

A

The three variations of attribute sampling described in the chapter are stratified attribute sampling, stop-or-go sampling, and discovery sampling.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What steps are involved in evaluating the results of an attribute sampling application?

A

Evaluating the results of an attribute sampling application involves:
■ Formulating a statistical conclusion.
■ Making an audit decision based on the quantitative sample results.
■ Considering qualitative aspects of the sample results

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How is “haphazard sampling” defined in this chapter?

A

Haphazard sampling is a nonrandom selection technique that is used by internal auditors to select a
sample that is expected to be representative of the population. Haphazard, in this context, does not
mean careless or reckless. It means that the internal auditor selects the sample without deliberately
deciding to include or exclude certain items.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the key advantage of statistical sampling over nonstatistical sampling?

A

The key advantage of statistical sampling over nonstatistical sampling is that it allows the internal
auditor to quantify, measure, and control sampling risk.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Why do internal auditors sometimes choose to use nonstatistical sampling instead of statistical sampling?

A

Nonstatistical sampling allows the internal auditor more latitude regarding sample selection and evaluation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

In which phase(s) of the internal audit engagement can data analytics be used?

I. Planning the individual engagement.

II. Testing effectiveness and efficiency of controls.

III. Assessing risk to determine which areas of the organization to audit.

a. I only.
b. II only.
c. I and III only.
d. I, II, and III.

A

D is the best answer. Data analytics can be used in all phases of the audit process, although many
times it is used for testing the effectiveness and efficiency of controls. Internal audit data analytics can
also be used as part of continuous auditing and can be performed throughout the year.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following is true?

a. Continuous monitoring is the CAE’s responsibility.
b. If a control breakdown is identified through continuous auditing, it should be reported to management on a timely basis.
c. Data analytic technologies cannot be used for substantive testing.
d. Continuous auditing routines developed by internal auditors should not be shared with management.

A

B is the best answer. The purpose for continuous auditing is to identify control breakdowns sooner so
that management can take corrective actions. Continuous monitoring is a management responsibility and internal auditors should encourage management to utilize the results of data analytics to improve
controls and processes throughout the organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the following is/are barriers to widespread use of data analytics by internal audit functions?

I. The scope of the intended use of data analytics is not well defined.

II. The amount of time required to clean and prepare data for analysis.

III. The extensive programing skills required to perform data analytics.

IV. Not understanding the data to be analyzed (its source, context, use, and meaning).

a. II and III only.
b. I and IV only.
c. I, II, and IV only.
d. I, II, III, and IV.

A

C is the best answer. With the advancement of audit software, along with tools such as Excel and
analytics software available from audit management vendors, significant programming skills are not
required.

17
Q

Which of the following is not typically a barrier to internal auditors using data analytics in achieving the engagement objective?

a. Knowing what data exists and where to find it.
b. Poorly defining the scope of the intended use of data analytics.
c. Data analytic software is limited by the number of records it can process.
d. The effort required to cleanse and prepare data for import to the data analytic tool.

A

C is the best answer. Generalized data analytic software, along with audit specific software, can handle any number of records. As data sizes increase, depending on the technology, the processing times may increase; however, the software can handle any volume of data.

18
Q

Which of the following is the most significant to the internal audit client in providing information related to the future direction and actions that can improve the operation of the organization?

a. Descriptive.
b. Diagnostic.
c. Predictive.
d. Prescriptive.

A

C is the best answer. Routines that take transaction data and predict future outcomes are of most benefit to management. It allows for management to take proactive measures on situations that may occur
in the future. Although all of the software measures are of benefit to management, predictive software
provides information related to future direction and actions.

19
Q

The primary reason for an internal auditor to use statistical sampling rather than nonstatistical sampling is to:

a. Allow the auditor to quantify, and therefore control, the risk of making an incorrect decision based on sample evidence.
b. Obtain a smaller sample than would be required if nonstatistical sampling were used.
c. Reduce the problems associated with the auditor’s judgment concerning the competency of the evidence gathered when nonstatistical sampling is used.
d. Obtain a sample more representative of the population than would be obtained if nonstatistical sampling techniques were used.

A

A is the best answer. The primary benefit of statistical sampling is that it allows the internal auditor
to quantify, measure, and control sampling risk. Sampling risk is the risk that the internal auditor’s
conclusion based on sample testing may be different than the conclusion reached if the audit procedure were applied to all items in the population. A secondary benefit of statistical sampling, because it
requires random sampling, is that it provides greater assurance than nonstatistical sampling that the
internal auditor will obtain a sample that is representative of the population. An internal auditor using nonstatistical sampling must, however, select a sample that is thought to be representative of the population, taking into consideration the factors that affect sample size. An internal auditor must obtain
competent evidence regardless of whether he or she uses statistical or nonstatistical sampling.

20
Q

Which of the following is an element of sampling risk as opposed to an element of nonsampling risk?

a. Determining a sample size that is too small.
b. Performing an inappropriate audit procedure.
c. Failing to detect a control deviation.
d. Forgetting to perform a specified audit procedure.

A

A is the best answer. Statistical sampling allows the internal auditor to quantify, measure, and control
sampling risk.

21
Q

For which of the following would an internal auditor most likely use attribute sampling?

a. Determining whether the year-end inventory balance is overstated.
b. Selecting fixed asset additions to inspect.
c. Choosing inventory items to test count.
d. Inspecting employee time cards for proper approval.

A

D is the best answer. Attribute sampling enables the user to reach a conclusion about a population in
terms of a rate of occurrence. The most common use of attribute sampling in auditing is to evaluate the
effectiveness of a particular control. The internal auditor tests the rate of deviation from a prescribed
control to determine whether the occurrence rate is “acceptable” and, accordingly, whether reliance on
that control is appropriate

22
Q

If all other factors specified in an attribute sampling plan remain constant, changing the expected population deviation rate from 1 percent to 2 percent and changing the tolerable deviation rate from 7 percent to 6 percent would cause the required sample size to:
a. Increase.

b. Decrease.
c. Remain the same.
d. Change by 2 percent.

A

A is the best answer. Whereas the expected population deviation rate has a direct effect on sample size,
the tolerable deviation rate has an inverse effect. Therefore, increasing the expected population deviation rate and decreasing the tolerable deviation rate will cause the sample size to increase.

23
Q

An internal auditor selects a sample of sales invoices and matches them to shipping documents. This procedure most directly addresses which of the following assertions?

a. All shipments to customers are recorded as receivables.
b. All billed sales are for goods shipped to customers.
c. All recorded receivables represent goods shipped to customers.
d. All shipments to customers are billed.

A

B is the best answer. Selecting a sample of sales invoices and matching them with shipping documents involves vouching, the purpose of which is to test validity. In this case, the auditor is testing the validity of billed sales. Customers should not be billed if goods were not shipped to them.

24
Q

An internal auditor is testing cash disbursement transactions. Internal control policies require every check request to be accompanied by an approved voucher (that is, a package of documents evidencing that a good or service has been received and invoiced by the vendor). The voucher approval is based on a three-way matching of a purchase order, receiving report, and vendor’s invoice. To determine whether checks have proper support, the internal auditor should begin her testing procedures by selecting items from the population of:

a. Check copies.
b. Purchase orders.
c. Receiving reports.
d. Approved vouchers.

A

A is the best answer. Selecting a sample of check copies and matching them with approved vouchers
involves vouching, the purpose of which is to test validity. In this case, the auditor is testing the validity
of cash disbursements. Checks should not be issued without proper documentary support.

25
Q

The achieved upper deviation limit is 7 percent and the risk of assessing control risk too low is 5 percent. How should the internal auditor interpret this attribute sampling outcome?

a. There is a 7 percent chance that the deviation rate in the population is less than or equal to 5 percent.
b. There is a 5 percent chance that the deviation rate in the population is less than 7 percent.
c. There is a 5 percent chance that the deviation rate in the population exceeds 7 percent.
d. There is a 95 percent chance that the deviation rate in the population equals 7 percent.

A

C is the best answer. Saying there is a 5% risk that the deviation rate in the population exceeds 7%
is equivalent to saying, with 95% confidence, that the deviation rate in the population is less than or
equal to 7%.

26
Q

An internal auditor should consider the qualitative aspects of deviations found in a sample in addition to evaluating the number of deviations. For which of the following situations should the internal auditor be most concerned?

a. There were fewer deviations in the sample than expected.
b. The deviations found are similar in nature to those found during the last audit of the area.
c. The deviations found appear to have been caused by an employee’s misunderstanding of instructions.
d. The deviations found may have been caused intentionally.

A

D is the best answer. The possibility that the deviations might be a result of fraud is of particular importance to the internal auditor. Evidence that deviations from the control found in the sample
were caused by fraud might very well offset the quantitative results and prompt the internal auditor
to conclude that the control is not effective (that is, it cannot be relied upon to reduce residual risk to
an acceptably low level). The internal auditor also must consider what, if any, impact the discovery of
fraud might have on other aspects of the engagement.

27
Q

If all other factors specified in a PPS sampling plan remain constant, changing the specified tolerable misstatement from $200,000 to $100,000 and changing the specified risk of incorrect acceptance from 10 percent to 5 percent would cause the required sample size to:

a. Increase.
b. Decrease.
c. Remain the same.
d. Change by 5 percent.

A

A is the best answer. Both the tolerable misstatement and the risk of incorrect acceptance have inverse
effects on sample size. Therefore, decreasing the tolerable misstatement and the risk of incorrect
acceptance will cause the sample size to increase.

Internal Auditing (13 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions