Chapter 11: Internal Control and COSO Framework Flashcards
Which of the following is notone of the three primary objectives of effective internal control?
A) reliability of financial reporting
B) efficiency and effectiveness of operations
C) compliance with laws and regulations
D) assurance of elimination of business risk
D) assurance of elimination of business risk
With which of management’s assertions with respect to implementing internal controls is the auditor primarily concerned?
A) efficiency of operations
B) reliability of financial reporting
C) effectiveness of operations
D) compliance with applicable laws and regulations
B) reliability of financial reporting
Internal controls
A) are implemented by and are the responsibility of the auditors.
B) consist of policies and procedures designed to provide reasonable assurance that the company achieves its objectives and goals.
C) guarantee that the company complies with all laws and regulations.
D) only apply to SEC companies.
B) consist of policies and procedures designed to provide reasonable assurance that the company achieves its objectives and goals.
Internal controls are notdesigned to provide reasonable assurance that
A) all frauds will be detected.
B) transactions are executed in accordance with management’s authorization.
C) the company’s resources are used efficiently and effectively.
D) company personnel comply with applicable rules and regulations.
A) all frauds will be detected.
Section 404 of the Sarbanes-Oxley Act requires that both private and public companies issue an internal control report.
TRUE OR FALSE
FALSE
Management has a legal and professional responsibility to be sure that the financial statements are prepared in accordance with reporting requirements of applicable accounting frameworks.
TRUE OR FALSE
TRUE
Who is responsible for establishing a private company’s internal control?
A) senior management
B) internal auditors
C) FASB
D) audit committee
A) senior management
Two key concepts that underlie management’s design and implementation of internal control are
A) costs and materiality.
B) absolute assurance and costs.
C) inherent limitations and reasonable assurance.
D) collusion and materiality.
C) inherent limitations and reasonable assurance.
The PCAOB places responsibility for the reliability of internal controls over the financial reporting process on
A) the company’s board of directors.
B) the audit committee of the board of directors.
C) management.
D) the CFO and the independent auditors.
C) management.
An act of two or more employees to steal assets and cover their theft by misstating the accounting records would be referred to as
A) collusion.
B) a material weakness.
C) a control deficiency.
D) a significant deficiency.
A) collusion.
6) Sarbanes-Oxley requires management to issue an internal control report that includes two specific items. Which of the following is one of these two requirements?
A) a statement that management is responsible for establishing and maintaining an adequate internal control structure and procedures for financial reporting
B) a statement that management and the board of directors are jointly responsible for establishing and maintaining an adequate internal control structure and procedures for financial reporting
C) a statement that management, the board of directors, and the external auditors are jointly responsible for establishing and maintaining an adequate internal control structure and procedures for financial reporting
D) a statement that the external auditors are solely responsible for establishing and maintaining an adequate system of internal control
A) a statement that management is responsible for establishing and maintaining an adequate internal control structure and procedures for financial reporting
When one material weakness is present at the end of the year, management of a public company must conclude that internal control over financial reporting is
A) insufficient.
B) inadequate.
C) ineffective.
D) inefficient.
C) ineffective.
The auditors primary purpose in auditing the client’s system of internal control over financial reporting is
A) to prevent fraudulent financial statements from being issued to the public.
B) to evaluate the effectiveness of the company’s internal controls over all relevant assertions in the financial statements.
C) to report to management that the internal controls are effective in preventing misstatements from appearing on the financial statements.
D) to efficiently conduct the Audit of Financial Statements.
B) to evaluate the effectiveness of the company’s internal controls over all relevant assertions in the financial statements.
The internal control framework used by most U.S. companies is the ________ framework.
A) FASB
B) PCAOB
C) COSO
D) SEC
C) COSO
In performing the audit of internal control over financial reporting, the auditor emphasizes internal control over classes of transactions because
A) the accuracy of accounting system outputs depends heavily on the accuracy of inputs and processing.
B) the class of transaction is where most fraud schemes occur.
C) account balances are less important to the auditor then the changes in the account balances.
D) classes of transactions tests are the most efficient manner to compensate for inherent risk.
A) the accuracy of accounting system outputs depends heavily on the accuracy of inputs and processing.
Internal controls can never be regarded as completely effective. Even if company personnel could design an ideal system, its effectiveness depends on the
A) adequacy of the computer system.
B) proper implementation by management.
C) ability of the internal audit staff to maintain it.
D) competency and dependability of the people using it.
D) competency and dependability of the people using it.
When considering internal controls,
A) auditors can ignore controls affecting internal management information.
B) auditors are concerned with the client’s internal controls over the safeguarding of assets if they affect the financial statements.
C) management is responsible for understanding and testing internal control over financial reporting.
D) companies must use the COSO framework to establish internal controls.
B) auditors are concerned with the client’s internal controls over the safeguarding of assets if they affect the financial statements.
Of the following statements about internal controls, which one is least likely to be correct?
A) No one person should be responsible for the custodial responsibility and the recording responsibility for an asset.
B) Transactions must be properly authorized before such transactions are processed.
C) Because of the cost-benefit relationship, a client may apply controls on a test basis.
D) Control procedures reasonably ensure that collusion among employees cannot occur.
D) Control procedures reasonably ensure that collusion among employees cannot occur.
The Sarbanes-Oxley Act requires
A) all public companies to issue reports on internal controls.
B) all public companies to define adequate internal controls.
C) the auditor of public companies to design effective internal controls.
D) the auditor of public companies to withdraw from an engagement if internal controls are weak.
A) all public companies to issue reports on internal controls.
Which of the following is an accurate statement regarding the auditor’s responsibility for understanding internal control?
A) Transaction-related audit objectives typically have no impact on the rights and obligations objectives.
B) Transaction-related audit objectives typically have a significant impact on the balance-related audit objective of realizable value.
C) Auditors generally emphasize internal control over account balances rather than classes of transactions.
D) Auditors and management are both equally concerned about controls that affect the efficiency and effectiveness of company operations.
A) Transaction-related audit objectives typically have no impact on the rights and obligations objectives.
The primary emphasis by auditors is on controls over
A) classes of transactions.
B) account balances.
C) both A and B, because they are equally important.
D) both A and B, because they vary from client to client.
A) classes of transactions.
An auditor should consider two key issues when obtaining an understanding of a client’s internal controls. These issues are
A) the effectiveness and efficiency of the controls.
B) the frequency and effectiveness of the controls.
C) the design and operating effectiveness of the controls.
D) the implementation and operating effectiveness of the controls.
C) the design and operating effectiveness of the controls.
Reasonable assurance allows for
A) low likelihood that material misstatements will not be prevented or detected by internal controls.
B) no likelihood that material misstatements will not be prevented or detected by internal control.
C) moderate likelihood that material misstatements will not be prevented or detected by internal control.
D) high likelihood that material misstatements will not be prevented or detected by internal control.
A) low likelihood that material misstatements will not be prevented or detected by internal controls.
Which of the following is most correct regarding the requirements under Section 404 of the Sarbanes-Oxley Act?
A) The audits of internal control and the financial statements provide reasonable assurance as to misstatements.
B) The audit of internal control provides absolute assurance of misstatement.
C) The audit of financial statements provides absolute assurance of misstatement.
D) The audits of internal control and the financial statements provide absolute assurance as to misstatements.
A) The audits of internal control and the financial statements provide reasonable assurance as to misstatements.