Chapter 5 (Internal Controls)

Question 1

the quality of internal control over financial reporting is a part of good…

Answer 1

corporate governance

Question 2

provides accountability of those entrusted to run the company to those who have provided the resources

Answer 2

good internal controls

Question 3

a response to the risks that stand in the way of achieving your objectives

Answer 3

internal controls

Question 4

the better the quality of internal control the better the

Answer 4

control risk

Question 5

responsibility for internal controls includes what two responsibilities

Answer 5

• management responsibility

- auditor responsibility

Question 6

• management has primary responsibility for internal control

- Sarbanes-Oxley Act of 2002 (publicly traded companies)

Answer 6

management responsibilities

Question 7

• second stand of fieldwork
• PCAOB auditing standard No. 5 (AS 5)
• For each fraud risk identified during planning stage, auditor should verify that client has attempted to mitigate through controls

Answer 7

auditor responsibility

Question 8

company annual reports must include

Answer 8

• A statement that management is responsible for establishing and maintaining adequate internal control over financial reporting.
• A statement identifying the framework (usually COSO) management uses to evaluate the effectiveness of the company’s internal control.
• A statement providing management’s assessment of the effectiveness of the company’s internal control.

Question 9

An Audit of Internal Control over Financial Reporting That Is Integrated with an Audit of Financial Statements

Answer 9

PCAOB Auditing Standard No. 5 (AS 5)

Question 10

an integrated audit meaning you cannot go out and hire one firm to do one thing and then another to do another. it is either both or none.

Answer 10

integrated audit

Question 11

auditors must provide their ___ on the effectiveness of client’s internal controls

Answer 11

opinion

Question 12

committee of sponsoring organizations of the national commission of fraudulent financial reporting

Answer 12

coso

Question 13

A process, effected by an entity’s board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives

Answer 13

COSO definition by Internal control

Question 14

Internal control - An integrated framework (COSO) has what three categories

Answer 14

(1) Reliability of financial reporting,
(2) Compliance with applicable laws and regulations,
(3) Effectiveness and efficiency of operations.

Question 15

___ are the most important in analysis. they establish control objective, put controls in place and operate them

Answer 15

people

Question 16

Control breakdowns that can cause failure to achieve control objectives:

Answer 16

• Human error
• Deliberate circumvention
• Management override
• Improper collusion

Question 17

C.R.I.M.E

Answer 17

• Control activities
• Risk Assessment
• Information and Communication
• Monitoring
• Control Environment

Question 18

• Sets the tone of an organization, influencing the control consciousness of its people.
• It is the foundation for all other components.
• It includes the integrity, ethical values and competence of the people

Answer 18

control environment

Question 19

Management must set strategy, ID risks, understand the likelihood and manage.

Answer 19

Risk Assessment

Question 20

control procedures include

Answer 20

• Physical controls over the security of assets
• Segregation of duties
• Information Processing
• -Approvals and authorization
• -Verifications and reconciliations
• Performance reviews

Question 21

Management is charged with ensuring that control objectives are being met, so they must be active, doing things like:

Answer 21

• Studies of budget variances
• Bank reconciliations
• Counts of inventory
• Counts of cash on hand, etc.

Question 22

the more active they are the more chance they have to catch

Answer 22

errors and fraud

Question 23

CBA stands for…

Answer 23

Cost Benefit Analysis

Question 24

Person should not be in position to create and conceal errors and fraud.

Answer 24

Separation of Duties

Question 25

Physical access to assets and important records, documents, and blank forms should be limited to authorized individuals.

Answer 25

Physical Controls

Question 26

An example of a physical controls

Answer 26

blank checks

Question 27

Information Processing Controls

Answer 27

• Information technology general controls (ITGC)

- Information technology application controls (ITAC)

Question 28

include controls over-data center operations, system software acquisition and maintenance, access security, etc. Apply overall to your IT environment.

Answer 28

information technology general controls

Question 29

steps within the app. to control info processing.

Answer 29

information technology application controls

Question 30

• Create inventory of spreadsheets used, including, name, description, department, frequency and extent of changes.
• Evaluate the use and complexity
• Determine the necessary level of controls
• Evaluate existing controls
• Develop an action plan for remediating control deficiencies

Answer 30

spreadsheet auditing

Question 31

The identification, capture, and exchange of information in the form and time frame that enables people to carry out their responsibilities.

Answer 31

information and communication

Question 32

In order to make effective decisions, mgmt must have access to

Answer 32

timely, relevant, reliable information.

Question 33

produces a trail of operations

Answer 33

information system