Chapter 5.2 Q Flashcards
Proper segregation of functional responsibilities to achieve effective internal control calls for separation of the functions of
A. Authorization, payment, and recording.
B. Authorization, execution, and payment.
C. Custody, execution, and reporting.
D. Authorization, recording, and custody.
Answer (D) is correct.
One person should not be responsible for all phases of a transaction, i.e., for authorization of transactions, recording of transactions, and custodianship of the related assets. These duties should be performed by separate individuals to reduce the opportunities to allow any person to be in a position both to perpetrate and conceal fraud or error in the normal course of his or her duties.
Which of the following procedures is an auditor most likely to include in the planning phase of a financial statement audit?
A. Evaluate the reasonableness of the entity’s accounting estimates.
B. Perform cutoff tests of the entity’s sales and purchases.
C. Identify specific controls designed to prevent fraud.
D. Obtain an understanding of the entity’s risk assessment process.
Answer (D) is correct.
An auditor should obtain an understanding of the entity’s risk assessment process and the other components of internal control when obtaining an understanding of the entity and its environment, including its internal control (AU-C 315).
Internal control has five components: the control environment, risk assessment, information and communication, monitoring, and control activities. Control activities relevant to an audit may be categorized as policies and procedures that pertain to
A. Making a commitment to competence.
B. Reviewing actual performance.
C. Developing a proper organizational structure.
D. Maintaining effective human resource policies.
Answer (B) is correct.
According to AU-C 315, control activities are the policies and procedures that help ensure that management directives are carried out, for example, that necessary actions are taken to address the risks that threaten the achievement of the entity’s objectives. Control activities, whether automated or manual, that may be relevant to an audit pertain to (1) performance reviews, (2) information processing, (3) physical controls, (4) authorization, and (5) segregation of duties.
Internal control is a function of management, and effective control is based upon the concept of charge and discharge of responsibility and duty. Which of the following is one of the overriding principles of internal control?
A. Responsibility for accounting activities and duties must be assigned only to employees who are bonded.
B. Responsibility for accounting and financial duties should be assigned to one responsible officer.
C. Responsibility for the performance of each duty must be fixed.
D. Responsibility for the accounting duties must be borne by the audit committee of the company.
Answer (C) is correct.
Effective internal control may be obtained by decentralization of responsibilities and duties. Fixing the responsibility for each performance or duty makes it easier to trace problems to the person(s) responsible and hold them accountable for their actions.
Basic to a proper control environment are the quality and integrity of personnel who must perform the prescribed procedures. Which is not a factor in providing for competent personnel? A. Training programs. B. Segregation of duties. C. Performance evaluations. D. Hiring practices.
Answer (B) is correct.
Human resource policies and practices are an element in the control environment component of internal control. They affect the entity’s ability to employ sufficient competent personnel to accomplish its objectives. Policies and practices include those for recruitment, orientation, training, evaluation, promotion, compensation, and remedial actions. Although control activities based on the segregation of duties are important to internal control, they do not in themselves promote employee competence.
It is important for the auditor to consider the competence of the audit client’s employees, because their competence bears directly and importantly upon the
A. Timing of the tests to be performed.
B. Comparison of recorded accountability with assets.
C. Relationship of the costs of internal control and its benefits.
D. Achievement of the objectives of internal control.
Answer (D) is correct.
The control environment is the foundation of internal control. A commitment to competence is one of the factors in the control environment.
Proper segregation of duties reduces the opportunities to allow any employee to be in a position to both
A. Monitor internal controls and evaluate whether the controls are operating as intended.
B. Adopt new accounting pronouncements and authorize the recording of transactions.
C. Record and conceal fraudulent transactions in the normal course of assigned tasks.
D. Journalize cash receipts and disbursements and prepare the financial statements.
Answer (C) is correct.
Proper segregation of duties and responsibilities reduces the opportunity for an individual to commit and conceal fraud in the normal course of his or her duties. Hence, different people should be assigned the responsibilities for authorizing transactions, recordkeeping, and asset custody.
An auditor would most likely be concerned with controls that provide reasonable assurance about the
A. Appropriate prices the entity should charge for its products.
B. Decision to make expenditures for certain advertising activities.
C. Efficiency of management’s decision-making process.
D. Entity’s ability to initiate, authorize, record, process, and report financial data.
Answer (D) is correct.
The information system relevant to financial reporting objectives, which includes the accounting system, consists of the procedures, whether automated or manual, and records established to initiate, authorize, record, process, and report entity transactions (as well as events and conditions) and to maintain accountability for the related assets, liabilities, and equity (AU-C 315).
Which of the following activities by small business clients best demonstrates management integrity in the absence of a written code of conduct?
A. Documenting internal control procedures using flowcharts rather than narratives.
B. Reporting regularly to the board of directors about operations and finances.
C. Developing and maintaining formal descriptions of accounting procedures.
D. Emphasizing ethical behavior through oral communication and management example.
Answer (D) is correct.
Audit evidence for elements of the control environment of a small business client may not be documented, especially when management communication with other employees is informal but effective. Thus, a small business may not have a written code of conduct. However, it may have a culture emphasizing integrity and ethical behavior by means of oral communication and management example.
Which of the following is not a valid concept of internal control?
A. When one person is responsible for all phases of a transaction, there should be a clear designation of that person’s responsibility.
B. The recorded accountability for assets should be compared with the existing assets at reasonable intervals and appropriate action should be taken if there are differences.
C. Procedures designed to detect errors and fraud should be performed by persons other than those in a position to perpetrate fraud.
D. Controls integrated into the information system may appropriately be applied on a test basis in some circumstances.
Answer (A) is correct.
One person should not be responsible for all phases of a transaction, i.e., for authorization, recording, and custodianship of the related assets. These duties should be performed by separate individuals to reduce the opportunities to allow any person to be in a position to commit and conceal fraud in the normal course of his or her duties.
Effective internal control in a small company that has an insufficient number of employees to permit proper division of responsibilities can best be enhanced by
A. Direct participation by the owner of the business in the recordkeeping activities of the business.
B. Engaging a CPA to perform monthly write-up work.
C. Delegation of full, clear-cut responsibility to each employee for the functions assigned to each.
D. Employment of temporary personnel to aid in the segregation of duties.
Answer (A) is correct.
The manner in which control objectives are achieved varies with the size and complexity of the entity. Thus, direct participation of an owner-manager in the recordkeeping and other activities of the business facilitates monitoring of employee actions. Such effective involvement may preclude the need for extensive accounting procedures, sophisticated information systems, or written policies.
Transaction authorization within an organization may be either specific or general. An example of specific transaction authorization is the
A. Setting of automatic reorder points for material or merchandise.
B. Approval of a detailed construction budget for a warehouse.
C. Establishment of sales prices for products to be sold to any customer.
D. Establishment of requirements to be met in determining a customer’s credit limits.
Answer (B) is correct.
A specific transaction authorization is applicable to a unique decision. A general authorization establishes criteria and authorizes the routine making of decisions subject to the criteria. Approving a detailed construction budget for a warehouse is a one-time decision.
Which of the following is the best way to compensate for the lack of adequate segregation of duties in a small organization?
A. Replacing personnel every 3 or 4 years.
B. Disclosing lack of segregation of duties to the external auditors during the annual review.
C. Allowing for greater management oversight of incompatible activities.
D. Requiring accountants to pass a yearly background check.
Answer (C) is correct.
Complete segregation may not be feasible due to cost-benefit restraints. Compensating controls most likely are established when segregation of duties is not feasible. Typical compensating controls may include more management oversight.
Which of the following components of internal control would be considered the foundation for the other components? A. Control environment. B. Control activities. C. Risk assessment. D. Information and communication.
Answer (A) is correct.
The control environment component includes governance and management functions. It also includes the attitudes, awareness, and actions of those charged with governance and management regarding internal control and its importance. The control environment sets the tone of an organization, influencing the control consciousness of its people. It is the foundation for all other components, providing discipline and structure.
Which of the following is a factor in the control environment?
A. Performance reviews.
B. Management’s philosophy and operating style.
C. Segregation of duties.
D. Information processing.
Answer (B) is correct.
The control environment is the foundation for all other control components. It provides discipline and structure, sets the tone of the organization, and influences the control consciousness of employees. Its components include (1) participation of those charged with governance, (2) integrity and ethical values, (3) organizational structure, (4) management’s philosophy and operating style, (5) assignment of authority and responsibility, (6) human resource policies and practices, and (7) commitment to competence.
