Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CITP > Evaluate, Test and Report 1(a)(iv) > Flashcards

Evaluate, Test and Report 1(a)(iv) Flashcards

1
Q

What is SAS 94 (SAS 109)?

A
  • Adoption of SAS 94, “The Effect of IT on Auditor’s Consideration of IC in a FS Audit” (SAS 94) addressed issues of control risk embedded in IT
  • Basic IT consideration in SAS 94 was that auditor must gain understanding of how IT impacts system of IC, like SAS 109 did later (SAS 109-110 supersede SAS 94)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are Key Principles under SAS 94 (SAS 109)?

A

Key principles:

(1) Need to audit systems more often
- “Not practical to restrict detection risk to acceptable level by performing only substantive tests”
- CAATs needed to test automated systems controls, and states when not appropriate to use CAATs
(2) Concept of sample size of one being sufficient to test automated control
- SAS 94 states sample size of one may be sufficient to gain assurance over effectiveness of certain automated controls
- Key factor in test of controls (ToC)
- PCAOB stipulate same principle in AS2
(3) Key statement about IT risk and control risk: level of IT risk is proportional to nature and complexity of IT in systems and not entity size
- Small size company w/ complex IT in systems and business processes has high IR revolving around IT
- PCAOB agrees w/ this concept in “AS5 Guidance”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are 2 effective applications of the “Risk-Based Audit” (RBA) approach that auditors are required to do?

A

(1) Understand risks represented by IT and to link risks to FS assertions
(2) Incorporate IT risk assessment and IT control tests into audit plans

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the primary objective of the Risk-Based Audit (RBA) Standards?

A
  • To enhance auditors’ application of audit risk model in practice by specifying, among other things:
    • More in-depth understanding of entity and its environment including its internal control, to ID RMM in FS and what entity is doing to mitigate them
    • More rigorous assessment of the RMM of the FS based on that understanding
    • Improved linkage btwn assessed risks and nature, timing and extent of audit procedures performed in response to those risks
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are examples of potential IT risks affecting financial reporting?

A

• Reliance on systems or programs inaccurately processing data, processing
inaccurate data, or both
• Unauthorized access to data that may result in destruction of data or improper changes to data, including recording of unauthorized or nonexistent transactions or inaccurate recording of transactions
• Unauthorized changes to data in master files
• Unauthorized changes to systems or programs
• Failure to make necessary changes to systems or programs
• Inappropriate manual intervention
• Potential loss of data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CITP (29 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions