Internal Control - Concepts & Standards

Question 1

When obtaining an understanding of an entity’s internal control procedures, an auditor should concentrate on the substance of the procedures, rather than their form, because

Answer 1

Management may establish appropriate procedures but not enforce compliance with them.

Question 2

An auditor’s flowchart of a client’s accounting system is a diagrammatic representation that depicts the auditor’s

Answer 2

Understanding of the system

Question 3

What documentation is not required for an audit in accordance with generally accepted auditing standards?

Answer 3

A flowchart of each major transaction cycle documenting the origination and processing of important accounting records.

Question 4

What is a management control method that most likely could improve management’s ability to supervise company activities effectively?

Answer 4

Establishing budgets and forecasts to identify variances from expectations.

Question 5

In planning an audit of certain accounts, an auditor may conclude that specific procedures used to obtain an understanding of an entity’s internal control structure need not be included because of the auditor’s judgments about materiality and assessments of

Answer 5

Inherent Risk. If the auditor has concluded that an account is immaterial and that inherent risk is low, the auditor might decide to skip the procedures used to obtain an understanding of the related internal controls because the risk of a material misstatement occurring is low.

Question 6

Decision tables differ from program flowcharts in that decision tables emphasize

Answer 6

Logical relationships among conditions and actions.

Question 7

Obtaining an understanding of an internal control involves evaluating the design of the control and determining whether the control has been

Answer 7

Implemented. Obtaining an understanding of an entity’s internal controls over financial reporting involves evaluating the design of relevant controls and determining whether they have been implemented (sometimes referred to as “placed into operation”).

Question 8

An advantage of using systems flowcharts to document information about internal control, instead of using internal control questionnaires, is that systems flowcharts

Answer 8

Provide a visual depiction of clients’ activities

Question 9

The primary objective of procedures performed to obtain an understanding of the internal control structure is to provide an auditor with

Answer 9

Knowledge necessary for audit planning.

Question 10

An auditor’s primary consideration regarding an entity’s internal control structure policies and procedures is whether they

Answer 10

Affect the financial statement assertions.

Question 11

What procedure would an auditor most likely perform to test controls relating to management’s assertion about the completeness of cash receipts for cash sales at a retail outlet?

Answer 11

Observe the consistency of the employees’ use of cash registers and tapes.

Question 12

After assessing control risk at below the maximum level, an auditor desires to seek a further reduction in the assessed level of control risk. At this time, the auditor would consider whether

Answer 12

Additional evidential matter sufficient to support a further reduction is likely to be available.

Question 13

In addition to evaluating the frequency of deviations in tests of controls, an auditor should also consider certain qualitative aspects of the deviations.
The auditor most likely would give broader consideration to the implications of a deviation if it was

Answer 13

Initially concealed by a forged document.

Question 14

When an auditor assesses control risk at the maximum level, the auditor is required to document the auditor’s

Answer 14

Understanding of the entity’s accounting system & basis for concluding that the control risk is at the maximum level

Question 15

After obtaining an understanding of the internal control structure and assessing control risk of an entity, an auditor decided not to perform tests of controls.
The auditor most likely decided that

Answer 15

It would be inefficient to perform tests of controls that would result in a reduction in planned substantive tests.

Question 16

Which of the following is not a step in an auditor’s decision to assess control risk at below the maximum?

Answer 16

In assessing control risk below maximum, the auditor must:

1) obtain an understanding of the internal control structure;
2) identify specific controls relevant to specific financial statement assertions; and
3) test the identified controls to determine if they are operating effectively. The auditor would NOT perform tests of details of transactions. These are substantive procedures which would generally be performed after the assessment of control risk is made.

Question 17

Which of the following is a step in an auditor’s decision to assess control risk at below the maximum?

Answer 17

Identify specific internal control policies and procedures that are likely to detect or prevent material misstatements.

Question 18

The ultimate purpose of assessing control risk is to contribute to the auditor’s evaluation of the risk that

Answer 18

Material misstatements may exist in the financial statements.

Question 19

An auditor assesses control risk because it

Answer 19

Affects the level of detection risk that the auditor may accept.

Question 20

Which of the following most likely would not be considered an inherent limitation of the potential effectiveness of an entity’s internal control structure?

Answer 20

Incompatible duties.

Question 21

An auditor may decide to assess control risk at the maximum level for certain assertions because the auditor believes

Answer 21

Evaluating the effectiveness of policies and procedures is inefficient.

Question 22

The ultimate purpose of assessing control risk is to contribute to the auditor’s evaluation of the

Answer 22

Risk that material misstatements exist in the financial statements.

Question 23

When assessing control risk below the maximum level, an auditor is required to document the auditor’s

Answer 23

Understanding of the entity’s control environment & basis for concluding that control risk is at the maximum level

Question 24

What possible circumstance most likely would cause an auditor to consider whether material misstatements exist in an entity’s financial statements?

Answer 24

Transactions selected for testing are not supported by proper documentation.

Question 25

An auditor observed that a client mails monthly statements to customers. Subsequently, the auditor reviewed evidence of follow-up on the errors reported by the customers.
This test of controls most likely was performed to support management’s financial statement assertion(s) of

Answer 25

Rights & obligations

Question 26

In obtaining an understanding of an entity’s internal control structure, an auditor is required to obtain knowledge about the

Answer 26

design of policies and procedures

Question 27

After obtaining an understanding of the internal control structure and assessing control risk, an auditor decided to perform tests of controls. The auditor most likely decided that

Answer 27

It would be efficient to perform tests of controls that would result in a reduction in planned substantive tests.

Question 28

True or False::

An inherent limitation to internal control is the fact that controls can be circumvented by management override.

Answer 28

True

Question 29

Control risk should be assessed in terms of

Answer 29

financial statement assertions

Question 30

On the basis of audit evidence gathered and evaluated, an auditor decides to increase the assessed level of control risk from that originally planned. To achieve an overall audit risk level that is substantially the same as the planned audit risk level, the auditor would

Answer 30

Decrease detection risk.

Question 31

As part of understanding the internal control structure, an auditor is not required to

Answer 31

Obtain knowledge about the operating effectiveness of the internal control structure.

Question 32

An auditor would most likely be concerned with internal control structure policies and procedures that provide reasonable assurance about the

Answer 32

Entity’s ability to process and summarize financial data.

Question 33

An auditor may decide to assess control risk at the maximum level for certain assertions because the auditor believes

Answer 33

Control policies and procedures are unlikely to pertain to the assertions.

Question 34

Which of the following should an auditor do when control risk is assessed at the maximum level?

Answer 34

Document the assessment

Question 35

The objective of tests of details of transactions performed as tests of controls is to

Answer 35

Evaluate whether internal control structure procedures operated effectively.

Question 36

Regardless of the assessed level of control risk, an auditor would perform some

Answer 36

Substantive tests to restrict detection risk for significant transaction classes.

Question 37

When reporting on conditions relating to an entity’s internal control observed during an audit of the financial statements, the auditor should include a

Answer 37

Restriction on the distribution of the report.

Question 38

When communicating internal control related matters noted in an audit, an auditor’s report issued on significant deficiencies should indicate that

Answer 38

The purpose of the audit was to report on the financial statements and not to provide assurance on internal control.

Question 39

An auditor’s letter issued on significant deficiencies relating to an entity’s internal control observed during a financial statement audit should

Answer 39

Indicate that the audit’s purpose was to report on the financial statements and not to provide assurance on internal control

Question 40

In assessing the competence of an internal auditor, an independent CPA would most likely obtain information about the

Answer 40

Quality of the internal auditor’s working paper documentation.
To evaluate competence of an internal auditor, a CPA would obtain information about: 1) educational level and professional experience; 2) professional certification and continuing education; 3) audit policies, programs, and procedures; 4) assignment practices; 5) supervision and review; 6) quality of working paper documentation, reports and recommendations; and 7) performance evaluation.

Question 41

When considering the objectivity of internal auditors, an independent auditor should

Answer 41

Determine the organizational level to which the internal auditors report.

Question 42

Determine the organizational level to which the internal auditors report.

Answer 42

Determine the organizational level to which the internal auditors report.

Question 43

An internal auditor’s work would most likely affect the nature, timing, and extent of an independent CPA’s auditing procedures when the internal auditor’s work relates to assertions about the

Answer 43

Existence of fixed asset additions.
Some of the work performed by internal auditors may provide direct evidence about material misstatements in assertions. As a result, the auditor may be able to rely upon such work and reduce the nature, timing, or extent of the auditing procedures to be performed related to those assertions. Internal audit work pertaining to the existence of fixed asset additions would provide direct evidence which could be used to restrict other audit work to be performed.