Identifying, Assessing, and Responding to Risk M3 Flashcards
What is the objective of certain audit test?
- The objective of tests of controls is to evaluate whether an internal control operated effectively.
- The objective of tests of details of transactions performed as substantive tests is to detect material misstatements in the financial statements.
Which documents is are required by GAAS?
- The auditor is not required to evaluate operating effectiveness as part of obtaining an understanding of internal control, and therefore need not document the basis for this decision. Is required to test controls to see if they are operating effectively for an Issuer. If not operating effectively, not required to rely on them or test them.
- The auditor is required to prepare a written audit plan.
- Audit documentation should be sufficient to show that the accounting records agree or reconcile with the financial statements.
- Establishing an understanding with the client is required by GAAS, and an engagement letter is a presumptively mandatory requirement.
What procedures are used to get an understanding of internal controls?
The auditor is not required to obtain knowledge about operating effectiveness as part of the understanding of internal control. This knowledge is obtained later, for specific controls on which the auditor plans to rely.
- Such knowledge may be obtained by appropriate inquiry, inspection, or observation, and based on previous experience with the client and/or an understanding of the industry in which the entity operates
Which Audit Procedures are used to perform risk assessment regarding Internal Control?
- Tests of controls are required to support the auditor’s assumption that controls are operating effectively.
- Obtaining an understanding of each of the five components (CRIME) of internal control is required before making an assessment of control risk. The entity’s accounting system (part of the information and communication component) and control environment are part of the five components.
- Considering whether control activities can have a pervasive effect on financial statement assertions is part of the auditor’s risk assessment process.
What are types of evidence for different types of test?
Testing Test of Controls
- The examination of client records documenting the use of EDP programs is a test of controls.
Substantive Test
- Obtaining letters of representation corroborating inventory pricing.
- Confirmations of receivables verifying account balances.
- Attorneys’ responses to the auditor’s inquiries.
When should an Auditor consider confirmations on complex transactions?
- The auditor would consider confirming a large complex sale when the risk of material misstatement (RMM) is high and DR is low.
- High detection risk implies a low risk of material misstatement. If the risk of material misstatement is low, the auditor is less likely to confirm the terms of a large complex sale.
What are Test of Details and test of controls used for?
Test of Controls
- Is to evaluate whether an internal control operated effectively.
Test of Details (Substantive Test)
- Is to detect material misstatements in the financial statements.
How do an Auditor determine if the risk is a significant risk?
- The auditor uses clients inherent risk alone.
- Ultimately the auditor uses professional judgment.
Which accounts should be audited closer to the balance sheet date vs. interim?
- Cash account is more efficient to focus on the ending balance.
- Fixed assets had only a few transactions, so it would make sense to audit the transactions that occurred, and then use them to adjust the beginning (audited) balance.
