Chapter 5 Flashcards
Control activities
The specific actions taken by a client’s management and employees to help ensure that management directives are carried out
Design effectiveness
A condition expressing whether controls would be expected to prevent or detect errors or fraud that could result in a material misstatement in the financial statements
Dual-purpose tests
An audit procedure used as both a test of controls and a substantive test
Enterprise risk management (ERM)
A process effected by an entity’s board of directors, management, and other personnel applied in strategy setting and across the enterprise that is designed to identify potential events that may affect the entity and to manage risks to be within its risk appetite to provide reasonable assurance regarding the achievement of entity objectives
Entity-level controls
The controls that are pervasive to the financial statements taken as a whole
Flowchart
The audit documentation that provides a visual display of the accounting system and control activities in an entity’s internal control system
Information system
An entity’s system, usually built on some type of technological platform that has been designed to produce the information necessary for the entity to operate and control its business operations
Internal control deficiency
A condition that exists when the design or operation of a control does not allow the entity’s management or employees to detect or prevent misstatements in a timely fashion
Internal control questionnaire
The audit documentation that uses a checklist of internal control–related questions to gain and document an understanding of the client’s internal control
Material weakness
A deficiency or combination of deficiencies that results in a reasonable possibility that a material misstatement would not be prevented or detected on a timely basis
Nonissuer
An entity that does not offer registered securities, such as stocks and bonds, for sale to the general public (also known as a nonpublic entity); nonissuers are not subject to mandatory audit requirements
Narrative description
The audit documentation that describes the environmental elements, the accounting system, and the control activities in an entity’s internal control
Operating effectiveness
Description of a condition expressing whether a control is operating as designed and whether the person performing the control possesses the necessary authority and qualifications to perform the control effectively, it is helping to prevent or detect misstatements
Preventive controls
The activities that prevent misstatements before they occur
Reasonable assurance
The concept that recognizes that the costs of control activities should not exceed the benefits that are expected from the control activities
Significant deficiency
A deficiency or a combination of deficiencies in internal control that is less severe than a material weakness yet important enough to merit attention by those charged with governance
System-generated report
Any report that is generated by the audit client’s information system that is used to execute its internal control procedures or produce its financial statements. It is important to test that each system-generated report is complete and accurate if it is being used for either of these purposes
Substantiave procedures
The detailed audit and analytical procedures designed to detect material misstatements in account balances and footnote disclosures
Transaction-level controls
The controls that relate to specific classes of transactions, account balances, and disclosures
Walkthrough
The tracing of one or more transactions through the audit trail from initiation of the transaction to its inclusion in the financial statements
