Engagement Planning, Obtaining an Understanding of the Client and Assessing Risks

Question 1

What statements pertain to Engagement Planning and Understanding of Client and Assessing Risks?

Answer 1

Statements on Auditing Standards

AU-C 200 - Responsbility and Functions of Ind. Auditor
210 - Relationship between the Auditor’s Appointment and Planning
220 - Quality Control for an Engagement Conducted in Accordance with GAAS
240 - Consideration of Fraud in a financial statement audit
250 - Illegal acts by clients
300 - Planning and supervision
314 - Substantive tests prior to the balance sheet date
315 - Understanding the entity and its environment and assessing the risks of material misstatement
510 - Communications between predecessor and successor auditors
520 - Analytical procedures
AT 101 - Attestation standards`

Question 2

Who is responsible for the fair presentation of financial statements?

Answer 2

Management.

Implicitly or explicitly makes assertions relating to account balances at year-end (account balances), classes of transactions and events (transactions classes) and presentations and disclosures.

They are included in AU-C 500 and presented at the transaction class, account balance, and disclosure levels.

Question 3

Transaction Classes: Occurrence

Answer 3

Transactions and events that have been recorded have occurred and pertain to the entity.

Question 4

Transaction Classes: Completeness

Answer 4

All transactions and events have been recorded.

Question 5

Transaction Classes: Accuracy

Answer 5

Amounts and other data relating to recorded transactions have been recorded appropriately

Question 6

Transaction Classes: Cutoff

Answer 6

Transactions and events have been recorded in the correct accounting period

Question 7

Transaction Classes: Classification

Answer 7

Transactions and events have been recorded in the proper accounts

Question 8

Account Balances: Existence

Answer 8

Assets, liabilities, and equity interests exist

Question 9

Account Balances: Rights and Obligations

Answer 9

The entity holds or controls the rights to assets, and liabilities are the obligations of the entity

Question 10

Account Balances: Completeness

Answer 10

All assets, liabilities, and equity interests have been recorded.

Question 11

Account Balances: Valuation and allocation

Answer 11

Assets, liabilities, and equity interests are included at appropriate amounts.

Question 12

Disclosures: Occurrence

Answer 12

Disclosed events and transactions have occurred

Question 13

Disclosures: Rights and obligations

Answer 13

Disclosed events pertain to the entity

Question 14

Disclosures: Completeness

Answer 14

All disclosures that should have been included have been included.

Question 15

Disclosures: Accuracy and valuation

Answer 15

Info is disclosed fairly and at appropriate amounts

Question 16

Disclosures: Classification and understandability

Answer 16

Information is presented and described clearly

Question 17

What are relevant assertions?

Answer 17

Those that have a meaningful bearing on whether an account balance, transaction, or disclosure is fairly stated.

E.g Valuation may not be relevant to the cash account unless currency translation is involved; however, existence and completeness are always relevant.

Question 18

AU-C 200 - What does audit risk consist of?

Answer 18

1. Risk that an account and its related assertions contains material misstatements (composed of two components, referred to as inherent risk and control risk)
2. Risk that the auditor will not detect such misstatements (referred to as detection risk)

Question 19

AU-C 200 - How is audit risk viewed mathematically?

Answer 19

Audit Risk = Risk of material misstatement * Risk auditor fails to detect misstatements

Audit RIsk = Inherent Risk * Control Risk * Detection Risk

Question 20

What does inherent risk differ by and give an example.

Answer 20

The risk differs by account and assertion.

E.g. cash is more susceptible to theft than an inventory of coal.

Question 21

How does inherent risk get assessed?

Answer 21

The risk is assessed using various analytical techniques, available information on the company and its industry, as well as, by using overall auditing knowledge.

Question 22

How does control risk get assessed?

Answer 22

Assessed using the results of tests of controls.

Question 23

How does detection risk get assessed?

Answer 23

Substantive procedures.

Question 24

What is the relationship among inherent risk, control risk, and detection risk?

Answer 24

Inherent risk and control risk differ from detection risk in that they exist independently of the audit, whereas detection risk relates to the effectiveness of auditor’s procedures.

E.g. When a question asks for the relationship b/w control risk and detection risk, it would be inverse.

E.g. If control risk (or inherent risk) increases, detection risk must decrease

Question 25

AU-C 320, 450 - What is materiality?

Answer 25

GAAP considers materiality to be the magnitude of an omission or misstatement of accounting info that, in the light of surrounding circumstances, makes it probable that the judgment of a reasonable personal relying on the info would have been changed or influenced by the omission or misstatement.

Question 26

What does determining a materiality level help auditors with?

Answer 26

1. Assess risks of material misstatements and plan the nature, timing, and extent of further audit procedures
2. Evaluate audit results

Question 27

What is performance materiality?

Answer 27

Set by auditors to reduce to an appropriately low level the possibility that the aggregate of uncorrected and undetected misstatements exceeds materiality for the financial statements - that is, performance materiality will ordinarily be set at an amount below the materiality level for the financial statements as a whole.

Question 28

What is tolerable misstatement?

Answer 28

Function of performance measure as related to the auditor’s assessment of performance materiality and is normally set at or less than performance materiality.

Question 29

What should audit documentation related to materiality include?

Answer 29

1. Materiality for the financial statements as a whole.
2. If applicable, materiality levels for particular accounts, classes of transactions, or disclosures.
3. Performance materiality
4. Any revisions of the above as the audit progressed.

Question 30

Statements on Auditing Standards - Where is Errors and Fraud discussed?

Answer 30

AU-C 240.

Question 31

What are two types of fraud considered in an audit?

Answer 31

1. Fraudulent financial reporting that makes the financial statements misleading
2. Misappropriation of assets (theft, defalcation)

Question 32

Definition of errors, an example, detection responsibility, reporting responsibility, and the primary standards.

Answer 32

• Definition: Unintentional misstatements or omissions.
• Example: Mistakes in processing accounting data, incorrect accounting estimates due to oversight, mistakes in application of accounting principles
• Detection Responsibility: (1) Assess risk of misstatement (2) Based on assessment, design audit to provide reasonable assurance of detection of material misstatements (3) exercise due care in planning, performing, and evaluating results of audit procedures, and proper degree of professional skepticism to achieve reasonable assurance of detection
• Reporting Responsibility: (1) Modify audit report for remaining departures from GAAP or scope limitations (2) Report to audit committee (unless clearly inconsequential)
• Primary Standards: AU-C 240

Question 33

Definition of fraud, an example, detection responsibility, reporting responsibility, and the primary standards.

Answer 33

• Definition: intentional misstatements or omissions
• Example: fraudulent financial reporting and misappropriation of assets (embezzlement)
• Detection Responsibility: (1) Assess risk of misstatement (2) Based on assessment, design audit to provide reasonable assurance of detection of material misstatements (3) exercise due care in planning, performing, and evaluating results of audit procedures, and proper degree of professional skepticism to achieve reasonable assurance of detection
• Reporting Responsibility: (1) Modify audit report for remaining departures from GAAP or scope limitations (2) Report to audit committee (unless clearly inconsequential)
• Primary Standards: AU-C 240

Question 34

Definition of direct effect, an example, detection responsibility, reporting responsibility, and the primary standards.

Answer 34

• Definition: violations of laws or governmental regulations having a material and direct effect on financial statement amounts and disclosures
• Examples: tax laws, accrued revenue based on government contracts
• Detection Responsibility: (1) Assess risk of misstatement (2) Based on assessment, design audit to provide reasonable assurance of detection of material misstatements (3) exercise due care in planning, performing, and evaluating results of audit procedures, and proper degree of professional skepticism to achieve reasonable assurance of detection
• Reporting Responsibility: (1) Modify audit report for remaining departures from GAAP or scope limitations (2) Report to audit committee (unless clearly inconsequential)
• Primary Standards: AU-C 240, AU-C 250

Question 35

Definition of other laws, an example, detection responsibility, reporting responsibility, and the primary standards.

Answer 35

-Definition: violations of laws or governmental regulations not having a material and direct effect on financial statement amounts and disclosures
-Examples: securities trading, occupational safety and health, food and drug administration, environmental protection, equal employment, price fixing
Detection Responsibility: (1) Be aware of possibility that they may have occurred (2) Inquire of management and those charged with governance re: compliance (3) inspect correspondence with licensing or regulatory authorities (4) if specific information comes to attention on an illegal act with a possible material indirect financial statement effect, apply audit procedures necessary to determine whether illegal act has occurred
-Reporting Responsibility: (1) Modify audit report for remaining departures from GAAP or scope limitations (2) Report to audit committee (unless clearly inconsequential)
-Primary Standards: AU-C 250

Question 36

What happens during staff discussion of the risk of material misstatement?

Answer 36

Brainstorm; consider incentives/pressures, opportunities; exercise professional skepticism

Question 37

What happens when there is need to obtain information needed to identify risks of material misstatement due to fraud?

Answer 37

Make inquiries of management and others; consider results of analytical procedures; consider fraud risk factors

Question 38

What happens when identifying risks that may result in material misstatement due to fraud?

Answer 38

Consider type of risk that may exist; significance of risk (magnitude), likelihood of risk; and pervasiveness of risk

Question 39

What happens when assessing the identified risks after considering programs and controls?

Answer 39

Consider understanding of internal control; evaluate whether programs and controls address the identified risks; assess risks taking into account this evaluation

Question 40

What happens during the response to the results of the assessment?

Answer 40

As risks increases:

• Overall response: more experienced staff, more attention to accounting policies, less predictable procedures
• For specifically identified risks: consider need to increase nature, timing, and extent of audit procedures

Question 41

What happens during evaluation of audit evidence?

Answer 41

Assess risk of fraud throughout audit; evaluate analytical procedures performed as substantive procedures and at overall review stage; evaluate risk of fraud near completion of field work; respond to misstatements that may be due to fraud

Question 42

What happens during communication about fraud?

Answer 42

Communication all fraud to an appropriate level of management;
Communicate all management fraud to audit committee
Communicate all material fraud to management and audit committee
Determine if significance deficiencies have been identified

Question 43

What happens during documentation of fraud?

Answer 43

Document the process and if improper revenue recognition not considered a risk, describe why.

Question 44

Why is an audit planned and performed?

Answer 44

To obtain reasonable, not absolute, assurance, even a properly performed audit may miss material misstatements.

Question 45

What is professional skepticism?

Answer 45

An attitude that includes a questioning mind, being alert to conditions that may indicate possible misstatement due to fraud or error, and a critical assessment of audit evidence.

Question 46

What might impede application of professional skepticism?

Answer 46

Long-term relationships, completing the audit too quickly to meet client demands, keeping audit costs low.

Question 47

What is fraudulent financial reporting?

Answer 47

Financial statements are intentionally misstated (cooked books)

Question 48

What is misappropriation of assets?

Answer 48

When its assets are stolen

Question 49

What are 3 conditions that are generally present when individuals commit fraud?

Answer 49

1. Incentive/pressure
2. Opportunity
3. Attitude/rationalization

Question 50

What are two presumptions in an audit?

Answer 50

1. Fraud exists in revenue recognition (ordinarily overstated)
2. Risk of management override of internal control is present.

Question 51

What is the response for management response?

Answer 51

1. Testing the appropriateness of journal entries and adjustments
2. Reviewing accounting estimates for biases
3. Evaluating the rationale for significant unusual transactions

Question 52

What is fraud communication responsibility?

Answer 52

1. All fraud involving management should be communicated to the audit committee
2. All material fraud should be communicated to the audit committee
3. Auditor should reach an understanding with audit committee regarding other communications

Question 53

What does AU-C 250 pertain to?

Answer 53

Laws and regulations.

Auditor responsibility with respect to identifying client noncompliance with laws and regulations.

Question 54

What are the 2 types of laws?

Answer 54

1. Those with a direct effect on the financial statement amounts and disclosures
2. Others

Question 55

What are examples of laws have a direct effect on financial statement amounts and disclosures?

Answer 55

Accounting for transactions under government contracts and the accrual of income tax and pension costs.

Question 56

What are examples of other laws that do not have a direct effect in the determination of amounts and disclosures?

Answer 56

Those relating to securities trading, occupational safety and health, food and drug admin, environmental protection, equal employment and price fixing or other anti-trust violations.

Question 57

What are additional procedures when noncompliance is identified or suspected?

Answer 57

1. Obtain an understanding of the act and the circumstances in which it has occurred.
2. Obtain further info to evaluate the possible effect on financial statements

Question 58

What is the audit report effect on noncompliance with a material effect on financial statements not properly disclosed.

Answer 58

Departure from GAAP - qualified or adverse opinion.

Question 59

What is the audit report effect when auditor is unable to obtain sufficient appropriate evidence on whether noncompliance may have a material effect on financial statements or they are unable to determine whether noncompliance has occurred due to limitations imposed by the circumstances.

Answer 59

Scope limitation - qualified opinion or disclaimer of opinion.

Question 60

What does AU-C 510 refer to?

Answer 60

Communicate with predecessor auditors

Question 61

What communication is required is required prior to client acceptance?

Answer 61

1. Initiating communication is responsibility of the successor
2. If the prospective client refuses or limits predecessor’s response, consider implications in deciding whether to accept the engagement

Question 62

What should the successor’s inquiries of the predecessor include?

Answer 62

1. Information bearing on integrity of management
2. Disagreements with management as to accounting principles, auditing procedures or other similarly significant matters
3. Communications to audit committee regarding fraud, illegal acts, and internal control related matters
4. Predecessor’s understanding of the reasons for the change in auditors

Question 63

How to establish an understanding with the client?

Answer 63

Engagement Letter. It is written communication with the client and is sent to the client, who normally indicates approval through returning a signed copy to the CPA.

Question 64

What are the four general topics of establishing understanding with the client?

Answer 64

1. Objectives of the engagement
2. Management’s responsibilities
3. Auditor’s responsibilities
4. Limitations of the audit

Question 65

What is the difference between AICPA and PCAOB requirements for recurring audits?

Answer 65

AICPA: Auditor remind management of the terms of audit and document reminder in working papers
PCAOB: requires an understanding be obtained for each engagement (documented in working papers, preferably through written communication (engagement letter) with client

Question 66

What is the audit plan?

Answer 66

The auditor should develop and document an audit plan in which the auditor determines the audit procedures to be used that, when performed, are expected to reduce audit risk to an acceptably low level.

Question 67

What should the audit plan include?

Answer 67

• Risk assessment procedures
• Further audit procedures (test of controls and substantive tests) at the relevant assertion level
• Other audit procedures (e.g. seeking direct communication with entity’s lawyers.

Question 68

What is the audit program?

Answer 68

A written audit program should be developed and used to implement audit plan.

Question 69

What is the timing of audit procedures?

Answer 69

They are often performed at an interim period, and subsequently updated through year-end.

Question 70

What factors should be considered when planning the timing of substantive tests?

Answer 70

1. Factors to be considered before applying tests at an interim date before year-end
2. Auditing procedures to be followed for the remaining period (the period after the interim date through year-end)
3. Coordination of the timing of audit procedures

Question 71

Give an example of applying procedures at an interim date.

Answer 71

A substantive test applied at an interim date, consider the confirmation of receivables as of November 30, one month prior to the client’s year end

Question 72

What is the effect on substantive tests, when control risk is assessed at a level below the max?

Answer 72

Auditor might be able to perform only limited substantive tests during the remaining period to obtain the assurance needed as of the balance sheet date.

Question 73

What are 3 items that the auditor should consider for applying audit tests at an interim date?

Answer 73

1. Significant unusual transactions
2. Other causes of significant fluctuation (or expected fluctuations that did not occur)
3. Changes in the composition of the account balances

Question 74

What does coordination of the timing of procedures apply to?

Answer 74

1. Related-party transactions
2. Interrelated accounts and cutoffs
3. Negotiable assets

Question 75

What is the auditor concerned about regarding interrelated accounts and negotiable assets?

Answer 75

Concerned that one might be substituted for another to allow the double counting of a given resource

E.g. sale of securities after they have been counted at year-end and inclusion of proceeds in year-end cash.

Question 76

What are risk assessment procedures?

Answer 76

The procedures followed to obtain an understanding of the entity.

Question 77

What do risk assessment procedures include?

Answer 77

1. Inquiries of management and others within the entity
2. Observation and inspection
3. Analytical procedures
4. Other procedures, such as inquiries of others outside entity and reviewing information from external sources

Question 78

What does AU-C 510 deal with?

Answer 78

Communicating with predecessor auditors.

Question 79

What does documentation generally include?

Answer 79

1. Planning
2. Internal Control
3. Audit results
   4/ Other matters of continuing accounting and auditing significance such as analyses of balance sheet accounts

Question 80

When would a re-audit be necessary?

Answer 80

When a change in auditors has occurred and the predecessor refuses to reissue his or her audit report on previous year financial statements that are to be reissued.

Question 81

In all audits, what should a CPA obtain an understanding of?

Answer 81

Internal control sufficient to assess the risk of material misstatement of the financial statements and to design the nature, timing, and extent of further audit procedures.

Question 82

Why should the work of each assistant be reviewed?

Answer 82

1. To determine whether it was adequately performed

2. To evaluate whether the results are consistent with the conclusions to be presented in the audit report

Question 83

What does AU-C 315 require?

Answer 83

Analytical procedures be performed as a risk assessment procedure

Question 84

What do analytical procedures help with?

Answer 84

1. Enhance the auditor’s understanding of the client business and significant transactions and events that have occurred since the prior audit
2. Help the auditor to identify the existence of unusual transactions or events and amounts, ratios, and trends that might indicate matters that have audit implications.

Question 85

What is a limitation to analytical procedures?

Answer 85

Use data aggregated at a high level and they may provide only a broad initial indication about possible existence of material misstatements.

Question 86

What is the accounts receivable turnover?

Answer 86

Net credit sales/average accounts receivable.

An accounting measure used to quantify a firm’s effectiveness in extending credit as well as collecting debts.
By maintaining accounts receivable, firms are indirectly extending interest-free loans to their clients. A high ratio implies either that a company operates on a cash basis or that its extension of credit and collection of accounts receivable is efficient.

A low ratio implies the company should re-assess its credit policies in order to ensure the timely collection of imparted credit that is not earning interest for the firm.

Question 87

Explain what increases or decreases positive ratios.

Answer 87

-Increasing the numerator of a ratio always increases the ratio
-Increasing the denominator of a ratio always decreases the ratio
-Increasing the numerator and denominator of a ratio by the same amount
-Note: It will decrease the ratio if the ratio is greater than
1
-Note: it will increase the ratio if the ratio is less than 1

Question 88

Why does the auditor perform risk assessment?

Answer 88

To identify and assess the risks of material misstatement at the financial statement level and at the relevant assertion level for classes of transactions, account balances, and disclosures.

Question 89

Routine, noncomplex transactions that are subject to systematic processing are less likely to give rise to significant risks because:

Answer 89

they have lower inherent risks.

Question 90

What should the auditor consider when evaluating risks?

Answer 90

1. Whether the risk is a risk of fraud
2. Whether the risk is related to recent significant economic, accounting or other developments
3. The complexity of transactions
4. Whether the risk involves significant transactions with related parties
5. The degree of subjectivity in the measurement of financial information
6. Whether the risk involves significant nonroutine transactions and judgmental matters

Question 91

What do the Statements on Quality Control Standards apply to?

Answer 91

To the auditing and accounting (compilation and review) practice of CPA firms.

Note: The Code of Professional Conduct is primarily directed at the individual practitioner level

Question 92

Who should have their accounting compilations and reviews reviewed by?

Answer 92

Members of the AICPA who are in public practice and have financial reporting responsibilities.

Question 93

What are the two types of peer reviews?

Answer 93

System and engagement review.

Question 94

What is system review?

Answer 94

Involves peer reviewers’ study and appraisal of a CPA firm’s system of quality control to perform accounting and auditing work.

The quality control standards serve as a criteria for a system review.

Question 95

What is the approach of a system review?

Answer 95

TO obtain understanding of the CPA firm through inquiry of CPA firm personnel, review of documentation of QC, and selection of a sample of CPA firm’s engagements for review.

Question 96

What are the 3 types of reports a peer reviewer can issue for a system review?

Answer 96

A pass rating report.
A pass with deficiencies report.
A fail.

Question 97

What is the approach of an engagement review?

Answer 97

Select a sample of a CPA firm’s actual accounting work; including accounting reports issued and CPA firm documentation to evaluate whether they appropriate.

This form of review is only available for CPA firms that do not do audits, but perform accounting work, including compilations and/or reviews.

Question 98

What are the two reports that a peer reviewer can issue for an engagement review?

Answer 98

Pass and Pass with deficiencies which include only limited (negative) assurance.

Question 99

What is the goal of a system of quality control?

Answer 99

To provide reasonable assurance that

1. The firm and its personnel comply with professional standards and applicable legal and regulatory requirements
2. Reports issued by firm or engagements partners are appropriate.

Question 100

What are the 6 elements of a firm’s system of quality control?

Answer 100

1. The tone at the top; leadership responsibilities for quality with the firm
2. Relevant ethical requirements
3. Acceptance and continuance of client relationships and specific engagements
4. Human Resources
5. Engagement performance
6. Monitoring

Question 101

How often should firm obtain written confirmation of compliance with independence policies and procedures from firm personnel?

Answer 101

At least annually.

Question 102

What should human resource policies address?

Answer 102

Recruiting
Performance evaluation, compensation, and advancement
Determining competencies and capabilities