Final Exam Flashcards
What are the 5 organizations involved with the Committee of Sponsoring Organizations (COSO)?
- AICPA
- AAA
- FEI
- IIA
- IMA
What is the most important factor in fighting fraud?
Proper tone at the top.
What are 3 examples of schemes involved with management fraud?
- Improper revenue recognition schemes
- Overstate assets
- Improperly capitalized expenditures
Who almost always has complete, well documented, accurate audit traits?
Fraud perpetrators
A person who provides reasonable assurance of F.S. being free of material misstatements.
Auditor
What 3 things are involved with the fraud triangle?
- Pressure or incentive
- Perceived opportunity
- Attitudes/Rationalization
True or false.
Potentially material fraud = Material misstatement
False.
Potentially material fraud does NOT = Material misstatement
What are typical fraudsters?
Trusted employees
What is the 80/10/10 rule of internal controls?
- 10% will never steal
- 10% would always steal
- 80% of the population involved in internal controls
How are most fraud perpetrators caught?
Internal auditors
What are the 2 types of fraud?
- Fraud for entity
- Fraud against entity
SAS 99 was codified to what Au-C?
Au-C 240
What are the 6 changes from SAS 82?
- Required planning communication
- Broader guidance (professional skepticism)
- Expanded inquiries of management and others
- 3rd fraud condition: attitudes and rationalization
- Broader guidance (assessing fraud risk)
- Expanded revenue recognition (fraud risk)
To set aside previous beliefs about management honesty and integrity.
Professional Skepticism
What is the overall process of fraud risk assessment? (3 steps)
- Identifying risks of material fraudulent misstatements
- Consider relevant entity programs and controls
- Respond to fraud risk
True or false.
People usually will volunteer to offer information about fraud.
False.
People usually WON’T volunteer to offer information about fraud.
Must inquire to have people offer information of fraud.
What are the 4 steps to identifying risks of material fraud?
- Audit team brainstorming sessions
- Inquiries of management to identify fraud risks
- Inquiries of audit committees, internal auditors, and others to identify fraud risks
- Consider results of planning stage analytical procedures
_____% of recent Accounting and Audit Enforcement Releases (AAER) reveal alleged or actual fraudulent revenue overstatement.
70%
Auditors must presume ________ risk of fraudulent revenue.
High risk of fraudulent revenue
Auditors must develop an appropriate response to each identified material fraud risk that is ______________________________________________.
NOT effectively addressed by entity programs and controls
Fraudsters are usually familiar in ________.
Auditing
Forensic elements disrupt predictability by….. (3 things)
- Changing time of testing
- Different sampling methods
- Unannounced basis
Which law is used for detecting material fraud under scope which uses normally reoccurring numbers?
Benford’s Law
When improper revenue recognition is performed, you must…. (3 things)
- Perform analysis
- Confirm customer absence of “side agreements”
- Inquiry of sales personnel or in house council
Management override risk response involves 3 tests. What are they?
- substantive procedures using std/non-std JEs
- revenue estimates
- evaluating unusual transactions
Auditor assessment of fraud risk is _______.
Ongoing
If immaterial fraud risk is found (for nonmanagers and high-level managers), then…..
For:
Non-management: No testing, refer to their boss, no investigation.
High-level management: Revaluate initial fraud risk, question about pervasiveness, change nature, timing, and extent.
If fraud is found, report to……
Internally - Management and audit committee
Externally - Outsiders if confidentiality is waived
What are incentive red flags that can lead to fraud? (list 3)
- Vulnerability to change in tech, interest rates, or products
- Reoccurring negative cash flows when reporting earnings
- New accounting, statutory, or regulatory requirements
What are pressure red flags that can lead to fraud? (list 3)
- Need to achieve financial targets for bond covenants
- Need to obtain additional debt or equity financing to stay competitive
- Perceived or real adverse effects of reporting poor financial statements
What are opportunity red flags that can lead to fraud? (list 3)
- Contractual agreements lacking a business purpose
- Using business intermediaries where there is no clear business justification
- The exertion of dominant influence by or over a related party
What are attitudes and rationalization red flags that can lead to fraud? (list 3)
- Management’s interest to increase stock price
- Low morale among senior management
- Owner-manager makes no distinction between business and personal transactions
A confirmation that the recipient responds only if the balance is inaccurate. Very low acceptation rates
Negative confirmation
A confirmation that requests that the recipient complete a form confirming account balances (for example, how much a customer owes the company)
Positive confirmation
What are 4 A/R confirmation issues?
- External evidence
- Suited for identifying overstated or invalid account balances
- overstatement bias
- SAP 1 - Must confirm A/R and observe inventory
Auditors must confirm _____% of A/R subledger balances exceeding _______ _________.
- 100%
- Performance materiality
Reconcilable timing differences are not _________ for purposes of projecting likely error.
Misstatements
What is the legal go to for shipping?
FOB shipping point
Alternative procedures are required when positive confirmations are not responded to unless two conditions are met……
- the nonresponses in the aggregate, projected as 100
percent misstatements to the population and added to the sum of all other unadjusted differences, would not affect the auditor’s decision about whether the financial statements are materially misstated - the auditor has not identified unusual qualitative factors or systematic characteristics related to the nonresponses, such as that all nonresponses pertain to year-end transactions
(Issues of alternative procedures) Receipt of an A/R confirmation provides _____ _______ about possible misstatements.
External evidence
(Issues of alternative procedures) Alternative procedures are performed on documents provided by the _______.
Client
Alternative procedures may be omitted for nonresponding positive confirmations if both…..
- There is no identifiable nonresponse bias
- Aggregate nonresponses with required AJEs in total are not material.
HAS TO BE BOTH
Alternative procedures will NOT provide sufficient appropriate evidence. Why is that?
Because sufficient appropriate evidence can only come from external parties.
A/R assertions must be directly verified by other audit procedures. What are the 2 procedures?
- Performing alternative procedures
- Analytical review (like gross profit test)
What are 3 examples of electronic external confirmation buffers that help provide reliability?
- Electronic signatures
- Affixed codes to each confirmation request
- Web portals
If management provides access codes to the auditor, such evidence doesn’t constitute as an _________ confirmation.
External confirmation
For alternative procedures, you must do these two things in order. What are they?
- Examine subsequent cash collections (must apply to receivables)
- If not collections, examine supporting documentation
What are the 2 cut-off procedures for the sales and collection cycle?
- Detailed cut-off testing
- Examining sales returns after year-end
Application of a primary substantive test should be on a _________ date.
Interim date
For public companies samples, ______ is a greater risk for samples.
Cut-off
For small companies/businesses, _______ is a greater risk for samples.
Completeness (transaction level tests)
Tracing is used for ________ assertion.
Completeness
Vouching is used for _______ assertion.
Cut-off
True or false.
Auditors need to implement a large audit plan for payroll.
False.
Auditors usually don’t do a lot of audits in payroll.
When testing controls in a controls rely audit of the payroll cycle, select ___ - ____ pay checks.
15-25 paychecks
When testing controls in a controls rely audit of the payroll cycle, you examine… (5 things)
- Authorization form in HR
- Employee signed w-4
- Employee signed benefit forms
- Time cards
- Signatures and compare between forms
When doing substantive tests for payroll cycle, RMM is _____ and AP is ______.
RMM is low
AP is low
When doing payroll tests, scan ______ _____, test for ______ employees, and check _______ compensation.
- Payroll register
- Test for fictitious employees
- Check officer compensation
What are the 3 steps of year-end substantive testing of the payroll cycle?
- Test for year-end payroll accrual
- Analytical testing (compare salary expense account balance)
- Develop expectation.
When evaluating internal controls in payroll cycle, look for controls that ……
Address manager assertions
Acquisition and payment cycle is where most ____ __________ occurs.
Cash embezzlement
What are the usual concerns with acquisition and payment cycles? (2 things)
- Asset overstatement
- Liability understatement
Existence and occurrance violations
For the acquisition and payment cycle, ______ and ______ assertion usually risky. Also, _________.
- Occurrence
- Existence
- Completeness
For the acquisition and payment cycle, its best to not focus on earnings overstatement risk because… (2 things)
- Asset reserves overstated, which lead to
- Accrued liabilities overstatement
Usually called rainy day/cookie jar reserves
(SEC increasingly concerned)
What are the 3 year-end substantive testing procedures for the acquisition and payment cycle??
- Audit a sample of year-end vender statement reconciliations to books (confirm A/P)
- Search for unrecorded liabilities
- Purchase cut-off testing
A/P is typically not confirmed because…. (4 things)
- Limited value of completeness concerns
- Concern is what isn’t on books
- Venders don’t usually send out statements about A/P
- Trial balance of A/P ineffective if no balance on book (confirmation)
What is the 1st primary test when auditing the acquisition and payment cycle(in lieu of confirming A/P)?
Audit year-end venders statement reconciliations with books
What is the 2nd primary test for auditing acquisition and payment cycle?
Search for unrecorded liabilities
-focus on where liabilities are entered into system
-examine supporting documents
If A/P is to be confirmed, it is recommended to confirm from…
Confirm from list of authorized vendors, regardless of balances, rather than using trial balance
When expanding search for unrecorded liabilities for the 1st month, you vouch all entries > _____% of PM.
25% of planning materiality
When expanding search for unrecorded liabilities for the 2nd month, you vouch all entries > _____% of PM.
50% of planning materiality
When expanding search for unrecorded liabilities for the 3rd month, you vouch all entries > _____% of PM.
75% of planning materiality
The 3rd primary test for auditing acquisition and payment cycle is ____ _____ _______.
Purchases cut-off testing
Other considerations of acquisitions and payment cycle… (3 things)
- Last day search - Invoices not yet entered
- Examine receiving reports at year end not matched with invoices until after year end.
- Numerous unrecorded liabilities? Lower scope
Audit assumption - Title passes in FOB- destination unless…
Material amounts in transit at year end
When auditing year-end A/P, you use….
Vendor statements
When testing controls, including substantive testing at transaction level, use….
Vendor invoices
When a company, to receive payment for a product not in stock, orders from a supplier to send to a customer.
Drop shipment
A documenting and confirmation system that banks use to disburse cash for checks.
Positive pay system
A process where if ink is removed, there’s still a shadow left over after.
Anchor sunk ink process
Auditors perform 4 column cash tracing (proof of cash) when _____ is high or ______.
- Control risk is high
- or fraud
What are 5 ways a bank reconciliation can be manipulated to cover a cash shortage?
- Overstate balance per bank
- Overstate deposits in transit (DIT)
- Include fictitious DITs
- Omitted outstanding checks
- Include fictitious bank debit memos
_____ banks make it very difficult for fraudsters to kite.
FED member banks
_____ banks can still have kite kits done by fraudsters where float may still exist.
Non-FED member banks
How does a company reduce the risk of manipulated bank reconciliations?
Have it done by people with no cash recording or custody functions
An issue with bank reconciliations involving cash balances are that it should be done at least _______.
Monthly
An issue with bank reconciliations involving cash balances are that companies with large volumes of cash transactions must reconcile ______.
Daily
An issue with bank reconciliations involving cash balances are that independent reconcilers don’t have…..
Full access to needed files. They only have read-only access to online books
What is the legal equivalent of actual cancelled checks?
Electronic bank records
What is a control over the bank reconciliation process for cash balances?
Bank statement must go to reconciler unopened.
What is the most fundamental year-end substantive test for cash balances?
Audit of client bank reconciliations
What are 4 audit concerns for auditing a client’s bank reconciliations?
- Do reconciliation items exist?
- are reconciling items complete?
- Are reconciling properly valued?
- Were transaction cutoffs accurate?
What is used to combat addressed bank rec. auditing issues? Is considered fundamental to auditing bank reconciliations.
Cutoff bank statement (usually ask for first two weeks of following year)
What is the first audit activity that new auditors do?
Audit year-end bank recs.
What are the 3 steps to auditing a clients year-end bank reconciliations?
- Obtain a copy of client prepared year-end recs.
- Cutoff bank statement details used to verify manager assertions
- Obtain AICPA standard cash confirmation request (Unless RMM low for cash existence assertion)
When done with cutoff bank statement, the auditor must have….
The client sign off acknowledging return.
What 4 assertions are cutoff bank statements meant to prove?
- Existence
- Completeness
- Valuations
- Cutoff
Always obtain a standard AICPA cash confirmation request unless….
RMM is low for cash existence assertion
What are the 2 issues AICPA cash confirmation requests are meant to prove?
- Bank account balances
- Bank loan balances
Cash confirmations are therefore _______ assertion oriented.
Existence
Why do many auditors over audit cash?
Cash is highly vulnerable to manipulation and theft
IF there are many bank accounts, mail ______ ____ _______ on all active accounts and on samples of remaining “PR purposes” bank accounts.
AICPA cash confirmations
Trace samples of _____ dated in December to compared to cutoff bank statement to year-end outstanding ______.
Checks or EBR
When should 4 column cash tracing be performed? (2 options)
- Very high control risk
- cash fraud suspected
4 column cash tracing verify ….. (2 things)
- Cash inflows with bank deposits
- Cash outflows with bank charges
True or false.
Audit of petty cash is not usually done. When it is done, a client employee must be present (for all assets).
True.
What are 2 seperate year end considerations in audit of cash?
Receipt and disbursement cut off tests
A primary substantive test of cash balances involves the schedule of ________/_________ cash transfers.
Interbank/intercompany
What does scheduling interbank/intercompany cash transfers help combat?
Kiting schemes
- Bank float
- Creating fictitious cash
True or false.
Schedule of interbank/intercompany cash transfers aren’t done when controls are effective.
False.
Schedule of interbank/intercompany cash transfers are generally done, regardless of internal controls.
