Chapter 2: Auditing and Attestation - Understanding the Entity and its Environment (Including Internal Control) Flashcards
the methods or procedures implemented by an entity to help ensure the validity and accuracy of its financial statements
Accounting Controls
an attempt to quantify the effects of future events that cannot be known with certainty, based on assumptions and projections
Accounting Estimate
the specific accounting principles, and the methods of applying those principles, that have been judged by management to be the most appropriate under the circumstances to present fairly the financial position and results of operations and statement of cash flows, in accordance with generally accepted accounting principles, and that, accordingly, have been adopted by the reporting entity for preparing financial statements
Accounting Policies
The information system relevant to financial reporting objectives, which includes the accounting system, consists of the procedures and records designed and established to:
initiate, authorize, record, process, and report entity transactions (as well as events and conditions) and maintain accountability for the related assets, liabilities, and equity;
resolve incorrect processing of transactions…;
process and account for system overrides or bypasses to controls;
transfer information from transaction processing systems to the general ledger;
capture information relevant to financial reporting for events and conditions other than transactions, such as the depreciation and amortization of assets and changes in the recoverability of accounts receivables; and
ensure information required to be disclosed by the applicable financial reporting framework is accumulated, recorded, processed, summarized, and appropriately reported in the financial statements.
Accounting System
a set of prescribed guidelines for recording and reporting the economic effects (substance) of financial events and transactions
Accounting Principle
obligations to suppliers of merchandise or of services purchased on open account, with payment usually due in 30 to 60 days
Accounts Payable
ratios that measure the efficiency with which the firm uses its resources
Activity Ratio
the principal laws and regulations used by management and those charged with governance in the preparation of the financial statements of an entity
Applicable Financial Reporting Framework (AFRF)
a set of audit procedures that examine the relationships between financial and nonfinancial data
Analytical Procedures
the transactions and data relating to each computer-based application system and are, therefore, specific to each such application
Application Controls
the measure of the quality of audit evidence, that is, its relevance and its reliability in providing support for the conclusions on which the auditor’s opinion is based
Appropriate
a transaction with an independent third party who does not have the ability to exert significant influence over the other party
Arm’s-Length Transaction
declarations or a set of declarations about whether subject matter is based on or conforms to selected criteria (AT 101.08)
Assertions
It is the practitioner’s satisfaction about the reliability of an assertion being made by one party for use by other parties
Assurance
an engagement that requires independence as defined in the AICPA Professional Standards (ET 0.400.04)
Attest Engagement
a body formed by a company’s board of directors to oversee audit operations and circumstances
Audit Committee
Another name for the goal of the audit procedures used to obtain evidence about the dollar amounts and disclosures presented in the financial statements
Audit Objective
a series of specific and specialized steps or actions auditors take to meet audit objectives
Audit Procedure
the risk that the auditor expresses an inappropriate audit opinion when the financial statements are materially misstated.
Audit Risk
the application of an audit procedure to fewer than 100% of the items within an account balance or class of transactions for the purpose of evaluating some characteristic of the balance or class
Audit Sampling
provides auditors with the ability to quickly extract data from computer files
Audit Software
the path left by a transaction when it is processed
Audit Trail
an individual who performs auditing procedures to determine the validity and fair presentation of financial information or to provide assurance to management on the effectiveness of the organization’s governance, risk management, and/or control processes
Auditor
designed to ensure that all transactions have management approval before they are executed and recorded
Authorization
the governing body of a corporation, elected by and accountable to the shareholders in a business
Board of Directors
a plan of action expressed in dollars
Budget
a specific type of input control, consisting of a single digit at the end of an identification code that is computed from the other digits in a field
Check Digit
designed to ensure that all transactions are recorded in the correct account, charged or credited to the correct customer (or vendor), applied to the correct product line, or classified as an intercompany sale (i.e., a review of a fixed asset listing to confirm that no maintenance and repair expenditures have been capitalized)
Classification
an agreement to act together, especially for fraudulent or deceitful purposes. It may be open and explicit (overt collusion) or secret and implicit (tacit collusion)
Collusion
represents the attainment and maintenance of a level of understanding and knowledge that enables a member to render services with facility and acumen
Competence
means including in reported information everything material that is necessary for the fair representation of the underlying events and conditions
Complete
a management assertion that all transactions and events that should be presented in the financial statements are included
Completeness Assertion
direct communication with external independent parties to prove that balances (e.g., cash balances, accounts receivable, accounts payable, notes payable) are correct
Confirmation
The process of obtaining and evaluating a direct communication from a third party in response to a request for information about a particular item affecting financial statement assertions is the confirmation process
Confirmation Process
the policies and procedures that help ensure that management directives are carried out
Control Activities
sets the tone of an organization, influencing the control consciousness of its people
Control Environment
he risk that a material misstatement that could occur in an assertion about a class of transaction, account balance, or disclosure will not be prevented or detected and corrected on a timely basis by the entity’s internal control
Control Risk
a joint initiative of the five private-sector organizations listed below and is dedicated to providing thought leadership through the development of frameworks and guidance on enterprise risk management, internal control, and fraud deterrence
COSO
a document issued by the seller of goods or services to the buyer, reducing the amount that the buyer owes to the seller under the terms of an earlier invoice
Credit Memorandum
may be direct, as in the case of handling cash or maintaining an inventory storeroom, or indirect, as in the case of receiving customer checks in the mail or writing checks on the organization’s bank account
Custody of Assets
the last day of the accounting period (i.e., the last day of each month or December 31, the last day of the fiscal year)
Cutoff Date
characters processed in computer systems and stored in computer files.
Data
a way for a buyer to inform the seller that it wants a refund or discount on its purchase
Debit Memorandum
the process of systematic, rational allocation of the cost of operational assets to the accounting periods benefited
Depreciation
the risk that the procedures performed by the auditor to reduce audit risk to an acceptably low level will not detect a misstatement that exists and that could be material, either individually or when aggregated with other misstatements
Detection Risk
designed to catch an error and provide the feedback necessary so corrective action may be taken
Detective Control
a negative response to a confirmation request, such as when a customer disagrees with the account balance as shown on the confirmation request
Deviation
reported in the financial statements or the notes to the financial statements
Disclosure
n computing, the instructions for operators, descriptions of procedures, and other descriptive material about a program or a system
In systems analysis, the preparation and production of documents for system analysis, programming, and system operation.
In auditing, the use of documentary evidence to support or substantiate a claim or opinion.
Documentation
the exchange of documents in standardized electronic form between different entities in an automated manner directly from a computer application in one entity to an application in another.
Electronic Data Interchange (EDI)
the degree to which objectives are achieved; producing the desired effect or result
Effectiveness
the relationship of inputs to outputs
Efficiency
essentially “checkless” system of transferring funds by debiting or crediting accounts electronically.
Electronic Funds Transfer (EFT)
an additional paragraph(s) added to the standard auditor’s report to fulfill the need to add explanatory language to the report
Emphasis-of-Matter (Other-Matter) Paragraph
a letter written by the CPA to the client that represents the contractual understanding between the CPA and the client of the work to be performed, signed by both the CPA and the client.
Engagement Letter
any person or group of people that owns economic resources, incurs economic obligations, and enters into economic transactions
Entity
a special accounting treatment for investments in equity securities used only when the investor:
can exert significant influence or control over the investee (usually with majority—greater than 50%—ownership) and
does not consolidate the financial statements of the subsidiary.
Equity Method
an unintentional misstatement or omission of amounts or disclosures in financial statements
Error
basically mistakes, usually due to carelessness or negligence (but not gross negligence)
intentional misappropriations of assets or distortions of accounting data
Errors and Fraud
he requirement of the auditor to obtain sufficient appropriate audit evidence to provide a reasonable basis for an opinion on financial statements.
Evidence
management assertion that assets and liabilities are real and exist at a specific date
Existence
the amount of audit work performed when the procedures are executed
Extent
an organizational sense, is the flow of information back to an originating source for the purpose of evaluating instructions or operations
Feedback
controls monitor both the operation of a process and the process inputs, in an attempt to predict potential problems before they occur so that adjustments may be made to avert the problems.
Feedforward
a method of providing information to external users, which is useful in making business and economic decisions
Financial Reporting
the principal means of communicating financial information to those users external to the entity
Financial Statements
a graphic depiction, using uniform symbols to show the control flow, primary actions, and interrelationships of a task or a set of tasks
Flowchart
the prediction of outcomes, trends, or expected behavior for the economy, an industry, a particular business, or an item such as sales or market prices using statistical methods
Forecast
the intentional misrepresentation or failure to disclose a material fact or facts that results in injury or loss to someone relying on it
Fraud
basic accounting principles and standards and specific conventions, rules, and regulations that define accepted accounting practice at a particular time by incorporation of consensus and substantial authoritative support
Generally Accepted Accounting Principles (GAAP)
the Statements on Auditing Standards issued by the Auditing Standards Board (ASB), the senior committee of the AICPA designated to issue pronouncements on auditing matter for nonissuers
Generally Accepted Auditing Standards (GAAS)
controls that apply to all systems components, processes, and data for an organization or IT environment
General IT Controls
a nonsense total
Hash Totals
a series of questions about specific internal controls.
Internal Control Questionnaire (ICQ)
financial statement that shows an organization’s revenues and expenses for a defined period of time
Income Statement
the susceptibility of an assertion about a class of transaction, account balance, or disclosure to a misstatement that could be material, either individually or when aggregated with other misstatements, before consideration of any related controls
Inherent Risk
a value or description that is entered into an information system or the process of entering the value or description
Input
the seeking of appropriate information from knowledgeable persons inside (both management and staff) or outside the entity (e.g., bankers, attorneys, vendors, customers, predecessor auditor) with the approval of management.
Inquiry
examination of records, documents, and tangible assets
Inspection
an audit of internal control over financial reporting being integrated with the audit of financial statements
Integrated Audit
test data is developed and integrated into the live processing of actual data resulting from business transactions
Integrated Test Facility
an unimpaired condition or firm adherence to a code of ethics or moral values
Integrity
an examination of accounting records and other evidence to establish compliance with the entity’s policies and procedures
Internal Audit
a process, effected by an entity’s board of directors, management and other personnel, which is designed to provide reasonable assurance regarding the achievement of objectives in one or more categories:
Effectiveness and efficiency of operations
Reliability of financial information
Compliance with applicable laws and regulations
Internal Control
The aggregate of items of tangible personal property owned by the business (to which the firm has legal title) intended either for internal consumption in the production of goods for sale or for sale
Inventory
involves the altering of accounts receivable when cash that is intended for the payment of a receivable is misappropriated.
Lapping
used to edit data during input or processing to validate data
Limit Test
used to describe the relationship between current assets and current liabilities
Liquidity
a service whereby deposits can be dropped off, a post office box used by organizations to accelerate collection of receivables
Lockbox Services
securities that have readily determinable fair values and are considered marketable when a day-to-day market exists and when they can be sold on short notice.
Marketable Securities
a narrative disclosure of significant aspects of financial performance and conditions required by the SEC for publicly held corporations.
Management’s Discussion and Analysis
is written representation from management which affirms (AU-C 580):
the fair presentation of the financial statements and management’s responsibility for them,
the completeness of all information provided to the auditor and in the financial statements,
representations relating to recognition, measurement, and disclosure (including the absence of knowledge of fraud or suspected fraud), and
information concerning subsequent events.
Management Representation Letter
a deficiency, or a combination of deficiencies, in internal control, such that there is a reasonable possibility that a material misstatement of the entity’s financial statements will not be prevented, or detected and corrected, on a timely basis
Material Weakness
an entity-specific aspect of relevance based on the nature or magnitude or both of the items to which the information relates in the context of an individual entity’s financial report.
Materiality
an untrue statement that misrepresents the facts and which, by its magnitude or nature, influences the decision making of the user
Materially Misstated
a very small-scale computer with limited capacities
Microcomputer
a reported amount that is over (overstated) or under (understated) the actual amount. It may result from errors (mistakes) or fraud
Misstatement
the type of audit procedure to be used, whether a class of transactions is tested by analytical procedures, tests of controls or substantive testing through confirmation, recalculation, examination of documents (tracing and vouching), reperformance, etc.
Nature
violations of laws or governmental regulations perpetrated by the entity or by the management or employees acting on behalf of the entity
Noncompliance with Laws and Regulations by Client
all entities except for those defined as issuers
Nonissuer
looking at a process or procedures being performed by others
Observation
processed with other computers or networks immediately through the Internet
Online Transaction
the auditor runs duplicate processing of the same information, and compares results obtained from the duplicate program with the actual data processed by the client system
Parallel Simulation
was established by Congress to oversee public company audits
Public Company Accounting Oversight Board (PCAOB)
a method of measuring the physical quantities in inventory under which the units (and costs) are determined at the end of the accounting period based on a physical count.
Periodic Inventory System
a method of measuring the physical quantities in inventory under which the units received (manufactured) and issued (sold) are recorded continuously during the accounting period
Perpetual Inventory
the physical count of inventory taken by the client at year-end (i.e., on the last day of the fiscal year) to obtain evidence regarding existence and completeness
Physical Inventory
a basic management function involving formulation of one or more detailed plans to achieve optimum balance of needs or demands with the available resources
Planning
include the following:
Occurrence and rights and obligations—Disclosed events, transactions, and other matters have occurred and pertain to the entity.
Completeness—All disclosures that should have been included in the financial statements have been included.
Classification and understandability—Financial information is appropriately presented and described, and disclosures are clearly expressed.
Accuracy and valuation—Financial and other information are disclosed fairly and at appropriate amounts.
Presentation
internal controls designed to prevent or minimize the chance of errors and fraud.
Preventive Controls
to bring forth, yield, or cause to exist as a result of labor, machining, thought, or knowledge
Production
the application of relevant training, knowledge, and experience, within the context provided by auditing, accounting, and ethical standards, in making informed decisions about the courses of action that are appropriate in the circumstances of the audit engagement.
Professional Judgment
the attitude an auditor must have when evaluating the reasonableness of management’s accounting estimates, assuming that the estimation process involves an inherent potential for bias due to the presence of subjective as well as objective factors
Professional Skepticism
the acquisition of goods and service by paying for them
Purchase
a business form prepared by the buyer describing the merchandise he or she wishes to purchase.
Purchase Order
a proportional relationship between two single amounts
Ratio
the degree of assurance to convince a “reasonable man” within the cost-benefit constraint
Reasonable Assurance
an action to bring two related balances into agreement, to identify differences between two related balances (as, for example, the cash balance per the accounting records and the balance per the bank statement), and to detect errors or items that were included in the preparation of one balance omitted from the other. Reconciliation is also applied to any two balances that should agree (i.e., accounts payable or receivable per the accounting records and per the creditor/debtor, investment balances per the records and per the trustee, etc.)
Reconciliation
a total of the number of input documents to a process or the number of records processed in a run.
Record Count
involves preparing source documents, maintaining journals, ledgers, or other files, preparing reconciliations, and preparing performance reports
Recording Function
management, owners, family members of owners or management, affiliates, or any party which “can significantly influence the management or operating policies” such that the entity might be “prevented from fully pursuing its separate interests.”
Related Parties (Financial Statements)
an increase in net assets from results of operations, retained by the corporation for use in the enterprise
Retained Earnings
inflows or other enhancements of the assets of an entity or settlements of its liabilities, or both, during the period from delivering or producing goods, rendering services, or other activities that constitute the entity’s ongoing major or central operations
Revenues
management assertions that all recorded assets are owned by (i.e., are rights of) the entity and that all liabilities are obligations of (i.e., are owed by) the entity at the given date
Rights and Obligations
exposure to uncertainty that is a function of volatility and impact, particularly as it relates to the impact on cash flow or earnings
Risk
a systematic process of evaluating the potential risks that are involved in an audit or attestation engagement
Risk Assessment
the combination of inherent risk (IR) and control risk (CR) for an entity
Risk of Material Misstatement (RMM)
a restriction on an audit that is caused by the client, issues beyond the control of the client, or other events that do not allow the auditor to complete all aspects of his or her audit procedures
Scope Limitation
To achieve adequate internal control in a business enterprise, the primary functions of the business should be identified. The duties of these functions should be outlined and control procedures designed to achieve adequate internal control. In designing control procedures, the duties involved in accomplishing these functions should be separated as much as possible to attain control
Segregation (or Separation) of Duties
an organization or segment of an organization that provides services to user entities that are relevant to those user entities’ internal control over financial reporting.
Service Organization
deficiencies which are considered significant to the design and operation of the internal control structure should be reported to those charged with governance
Significant Deficiency
an identified and assessed risk of material misstatement that, in the auditor’s professional judgment, requires special audit consideration
Significant Risk
states that the financial statements present fairly, in all material respects, the entity’s financial position, results of operations, and cash flows in accordance with accounting principles generally accepted in the United States of America
Standard Auditor’s Report
total residual ownership interest in the corporation: net assets and total assets in excess of total liabilities
Stockholders’ Equity
tests of transaction details and account balances and analytical procedures performed to detect material misstatements in the account balances, transaction class, and disclosure components of the financial statements.
Substantive Procedures
used to communicate with a remote computer, mainframe computer, or one or more server computers over a local or wide-area network
Terminal
specifically designed and developed to test the accuracy and completeness of a computer program
Test Data
provides evidence on a sample basis about the presence or absence of a control condition
Test of Controls
are the person(s) with responsibility for overseeing the strategic direction of the entity and obligations related to the accountability of the entity
Those Charged with Governance
the time frame during which the audit procedure is performed (e.g., interim or at year-end), which is related to the appropriateness of the audit evidence.
Timing of Audit Procedure
the maximum monetary misstatement that may exist in an account balance or class of transactions, when combined with misstatements in other accounts, without causing the financial statements to be misstated
Tolerable Misstatement
follow the course of development of some object
Trace
a particular kind of external event, namely, an external event involving transfer of something of value between two or more entities
Transaction
the entity that has engaged a service organization and whose financial statements are being audited.
User Entity
the management assertion that all assets, liabilities, revenues, and expenses have been included in the financial statements at the proper amount.
Valuation
he deviation of actual results from planned or expected results
Variance
the confirmation of the status of assets, records, transactions, events, or operating conditions
Verification
the auditor follows a transaction from origination through the company’s process, including information systems, until it is reflected in the company’s financial records
Walkthrough
document the work done and conclusions reached by the auditor, showing procedures applied, tests performed, information obtained, and pertinent conclusions reache
Workpapers
to remove an amount from the accounting records, usually by a corresponding entry to an expense or allowance account, as to write off a specific account receivable with a credit to accounts receivable and a debit to the allowance for uncollectible accounts
Write-Off
