Internal Control Concepts and IT/ Internal Control - Sales, receivables, cash receipts cycle - Gleim Chapter 5 & 6

Question 1

After identifying related party transactions the auditor should become satisfied about their purpose/ nature/ extent and effect. Among other things the auditor should obtain an understanding of the business purpose of the transaction.

Answer 1

Examine related party transactions

Question 2

One such procedure is reviewing the extent and nature of business transacted with major customers/ suppliers/ borrowers and lenders

Answer 2

Identify related party transactions

Question 3

Accomplished through the review of material investment transactions during the period

Answer 3

Determine existence of related party transactions

Question 4

After identifying related party transactions/ the auditor should become satisfied about their purpose; nature; extent and effect. To fully understand a particular transaction; the auditor may confirm the transaction amount and terms; including guarantees and other significant data; with the other parties.

Answer 4

Examine related party transactions

Question 5

Discussing significant information with intermediaries; such as banks or attorneys

Answer 5

Examine related party transactions

Question 6

Considering whether transactions are occurring but are not being given proper accounting recognition. Examples include receiving or providing accounting; management or other services at no charge or a major shareholder’s payment of corporate expenses.

Answer 6

Identify related party transactions

Question 7

Inspecting and obtaining satisfaction concerning the transferability and value of collateral may help to accomplish this.

Answer 7

Examine related party transactions

Question 8

The auditor should test for reasonableness the compilation of amounts to be disclosed or considered for disclosure.

Answer 8

Examine related party transactions

Question 9

One of these procedures is reviewing accounting records for large; unusual; or nonrecurring transactions or balances; paying particular attention to transactions recognized at or near the end of the reporting period.

Answer 9

Identify related party transactions

Question 10

An auditor should inquire of management about whether transactions occurred with related parties.

Answer 10

Determine existence of related party transactions

Question 11

An evaluation of an entity’s procedures for identifying and properly accounting for related party transactions

Answer 11

Determine existence of related party transactions

Question 12

When may an auditor refer to the work of a specialist?

Answer 12

When the opinion is modified

Question 13

Does the auditor need personal financial information from an Auditor’s Specialist?

Answer 13

The auditor does not need to request personal financial statements from the specialist. The auditor evaluates the specialist’s competence/ capabilities/ and objectivity/ not his/her financial position.

Question 14

Why would the auditor need an Auditor’s Specialist?

Answer 14

The auditor may use the work of a specialist to obtain appropriate audit evidence e.g. to estimate the fair value of mineral rights.

Question 15

Does the Auditor’s Specialist need to be independent?

Answer 15

The auditor should evaluate the relationship of the specialist with the client before selecting the specialist.

Question 16

Why would an auditor use a specialist?

Answer 16

The auditor may use the work of a specialist to obtain appropriate audit evidence when the audit staff lacks the necessary professional competence.

Question 17

If an auditor cannot consider an issue or condition; what is the effect on the opinion?

Answer 17

The auditor should express a disclaimer/ not an adverse opinion/ because of a lack of sufficient appropriate audit evidence.

Question 18

What is the first thing an auditor should do when an omitted procedure has been discovered?

Answer 18

When the auditor decides that a necessary procedure was omitted the auditor should assess its importance to the auditor’s ability to support the previously expressed opinion.

Question 19

Is it always required that an omitted procedure be performed?

Answer 19

The results of other procedures applied may compensate for an omitted procedure.

Question 20

What is the next step after determining the unmodified opinion cannot be supported without the omitted procedure?

Answer 20

The auditor may determine that the omission impairs his/her current ability to support the opinion. If the auditor believes persons are currently relying (or are likely to rely) on the report; the auditor should promptly undertake to apply the omitted procedure or alternative procedures to provide a satisfactory basis for the opinion.

Question 21

Is warranty estimation risk a high estimation uncertainty; low estimation uncertainty or not an estimate?

Answer 21

Estimation of warranty expenses is a process performed routinely by firms having sufficient data to perform the task. The auditor typically concludes that it involves low estimation uncertainty.

Question 22

Are contingent liabilities a high estimation uncertainty; low estimation uncertainty or not an estimate?

Answer 22

Contingent liabilities that are probable and can be estimated should be recorded. Litigation is a complex process where there are few external predictable factors on which to base an estimate. This would create high estimation uncertainty for the auditor.

Question 23

Are derivatives a high estimation uncertainty; low estimation uncertainty or not an estimate?

Answer 23

Derivatives that are not publically traded and for which the fair value is based on a model create high estimation uncertainty. The value is not based on market-based objective data.

Question 24

Are current sales a high estimation uncertainty; low estimation uncertainty or not an estimate?

Answer 24

Sales are recorded based on objective data regardless of the terms of shipment. The amount is not subject to an estimated value and there is no need for an estimate.

Question 25

Is determination of obsolete inventory a high estimation uncertainty; low estimation uncertainty or not an estimate?

Answer 25

Determination of inventory obsolescence is a process performed routinely by firms having sufficient data to perform the task. The auditor typically concludes that determination of inventory estimates involves low estimation uncertainty.

Question 26

What is the entity’s identification and analysis of relevant risks as a basis for their management?

Answer 26

Risk assessment is the entity’s identification and analysis of relevant risks as a basis for their management. Expansion to foreign markets may result in changes in risk for example from currency exchange.

Question 27

What are the policies and procedures that help ensure the achievement of management directives?

Answer 27

Control activities are the policies and procedures that help ensure the achievement of management directives. Direct functional or activity management such as the daily interaction between supervisors and line personnel is an example of a control activity.

Question 28

The review of performance indicators such as daily and weekly sales revenue figures may be used as a

Answer 28

Control activity. Reviewing these indicators provides information as to whether or not entity objectives are being achieved.

Question 29

These systems support the identification/ capture and exchange of information in a form and time frame that enable people to carry out their responsibilities.

Answer 29

Information and communication systems. The use of a job-order costing system by an airplane manufacturer is an example of an information system.

Question 30

Customers and suppliers may provide information about the effectiveness of internal control.

Answer 30

Information and communication systems. An entity’s communication system affects both internal and external parties. In addition the entity must make clear to external parties that bribes and kickbacks are not allowed. The entity may accomplish this by providing its written policies to external parties on an annual basis

Question 31

Sets the tone of an organization; influencing the control consciousness of its people. This component is the foundation for the other components.

Answer 31

An entity’s control environment. Management must reduce or remove incentives that increase the probability of dishonest or unethical acts. An example of this kind of incentive is making a manager’s bonus dependent on a high rate of growth in revenues.

Question 32

Human resources represents what internal control component?

Answer 32

Control Environment. HR policies and practices include hiring individuals who display evidence of integrity and ethical behavior.

Question 33

Corporate restructuring affects which internal control component?

Answer 33

Risk Assessment. Corporate restructuring is a factor that may change risk.

Question 34

The process that assesses the quality of internal control performance over time.

Answer 34

Monitoring is the process that assesses the quality of internal control performance over time. Just as control systems change over time the way controls are applied may change as well. The monitoring process includes ongoing activities built into normal recurring operations such as supervision possibly combined with separate evaluations.

Question 35

Encoding data before transmission over communications lines makes it more difficult for someone with access to the transmission to understand or modify its contents.

Answer 35

Access Control

Question 36

This feature requires the remote user to call the computer/ give identification/ hang up and wait for the computer to call an authorized number. This control ensures acceptance of data only from authorized modems. However a call-forwarding device may thwart this control by transferring access from an authorized to an unauthorized number.

Answer 36

Access Control

Question 37

This log records all uses and attempted uses of the system. The date and time codes used mode of access data involved and interventions by operators are recorded.

Answer 37

Access Control

Question 38

Computer effort is expended most efficiently when data are processed in a logical order such as by customer number. This check ensures the batch is sorted in this order before processing begins

Answer 38

Processing Control

Question 39

Certain amounts can be restricted to appropriate amounts or ranges such as hours worked less than 10 per day or invoices over $100K requiring supervisor approval.

Answer 39

Input Control

Question 40

Automatic log-off (disconnection) of inactive data terminals may prevent the viewing of sensitive data on an unattended data terminal.

Answer 40

Access Control

Question 41

A self-checking digit system is used to detect incorrect or nonexistent identification numbers. The digit is generated by applying an algorithm to the ID number. During the input process the check digit is recomputed by applying the same algorithm to the code actually entered.

Answer 41

Input Control

Question 42

A device authorization table restricts access to those physical devices that should logically need access

Answer 42

Access Control

Question 43

Run-to-run control totals (e.g. record counts or certain critical amounts) should be generated and checked at designated points during processing.

Answer 43

Processing Control

Question 44

The data entry screen prevents certain types of incorrect data from entering the system. For example the system rejects any attempt to enter numerals in a name box or letters in an amount box.

Answer 44

Input Control

Question 45

The use of passwords and identification numbers is an effective control in an online system to prevent unauthorized access to computer files. Lists of authorized persons are maintained in the computer. The entry of passwords or identification numbers; a prearranged set of personal questions; and the use of badges/magnetic cards/optically scanned cards may be combined

Answer 45

Access Control

Question 46

Includes the policies and procedures to address specific control risks

Answer 46

The COSO component of Internal Control

Question 47

Segregation of duties involves the separation of the functions of authorization/record keeping/and asset custody so as to minimize the opportunities for a person to be able to perpetrate and conceal errors or fraud in the normal course of his/her duties.

Answer 47

Decreases control risk

Question 48

Collusion

Answer 48

Inherent limitation in internal control

Question 49

Employing a new person

Answer 49

Increases control risk

Question 50

Rapid growth of a client

Answer 50

Increases control risk

Question 51

The control environment

Answer 51

The COSO component of Internal Control

Question 52

Physical Controls involving the safeguarding of assets/records/periodic counts and recons that create asset accountability

Answer 52

Decreases control risk

Question 53

Corporate restructuring change staffing and supervision assignments and does what to control risk?

Answer 53

Increases control risk

Question 54

The potential for management to override a control

Answer 54

Inherent limitation in internal control