NINJA AUD - Understanding the Entity and Its Environment (Including Internal Control) Flashcards
Holding other planning considerations equal, a decrease in the amount of misstatements in a class of transactions that an auditor could tolerate most likely would cause the auditor to:
perform the planned auditing procedures closer to the balance sheet date.
The acceptable level of detection risk relates to:
the auditing procedures applied through substantive tests.
As substantive tests becomes higher, the acceptable level of detection risk, decreases.
The ultimate purpose of assessing control risk is to contribute to the auditor’s evaluation of the risk that:
material misstatements may exist in the financial statements.
Two types of misstatements are relevant to the auditor’s consideration of fraud-misstatements arising from:
fraudulent financial reporting and misstatements arising from misappropriation of assets.
Auditor would direct fraud-related inquiries to:
Employees with varying levels of authority; and operating personnel not directly involved in the financial reporting process.
4 considerations regarding the risk of material misstatement due to fraud:
- type
- significance
- likelihood
- pervasiveness
Analytical procedures often use:
financial and nonfinancial data aggregated at a high level.
In obtaining an understanding of a manufacturing entity’s internal control concerning inventory balances, an auditor most likely would:
review the entity’s descriptions of inventory policies and procedures.
To obtain an understanding of a continuing client’s business in planning an audit, an auditor most likely would:
review prior-year working papers and the permanent file for the client.
When assessing control risk BELOW the maximum level:
identify specific control activities relevant to specific assertions.
In representing that the financial statements are in accordance with the applicable financial reporting framework, management implicitly or explicitly makes assertions regarding:
the recognition, measurement, presentation, and disclosure of information in the financial statements and related disclosures. Assertions about account balances at the period-end include that the entity holds or controls the rights to assets, and liabilities are obligations of the entity.
Procedures that result in discovery of possibly noncompliance with laws and regulations:
- Reading the minutes of the board of directors’ meetings.
- Making inquiries of the client’s management.
- Performing tests of details of transactions.
Who is responsible for making and approving the accounting estimates included in the financial statements?
Management
Lapping involves:
the altering of A/R when cash that is intended for the payment of a receivable is misappropriated.
Categories reflected in the definition of internal control:
- Reliability of financial reporting
- Effectiveness and efficiency of operations
- Compliance with applicable laws and regulations
In obtaining an understanding of internal control,
the auditor should evaluate the design of those controls and determine whether they have been implemented by performing procedures in addition to inquiry of the entity’s personnel.
Application controls are classified as:
- input controls
- processing controls
- output controls.
The extent and nature of the risk to internal control associated with IT are dependent on the nature and characteristics related to the entity’s:
information system
Application controls pertain to:
processing of individual applications in an IT environment
In order to assess control risk at a low level would mean there is an effective functioning of application controls,
and thus the auditor would initially focus on the general controls.
In order to obtain an initial understanding of internal control sufficient to assess the risk of material misstatement of the financial statements, an auditor would most likely perform:
Risk assessment procedures to evaluate the design of relevant controls
