Other Engagements Flashcards
Who is required to complete an audit over FS and operating effectiveness of IC?
Issuers
What are the three fraud risks?
Opportunity
Pressure
Rationalization
What is a top down approach used for?
Selecting controls to test
What is the top down approach?
FS Level - Accounts - Assertions
Entity level controls
Control environment, management override, company risk assessment, centralized processing
What kind of controls can you benchmark?
Automated
Audit of internal controls results in an opinion on internal control at a _______
point in time
Audit of internal controls results in an opinion on FS over ______
Period of time
When should control deficiencies be expressed in an integrated audit?
By report release date
When should control deficiencies be expressed in a financial statement audit?
60 days from report release date
What are the components of communication to management and TCWG over internal controls
Responsibility
Definitions of deficiencies
Restrict Use
Who and when should the following be communicated? (Nonissuer)
Control deficiency
Management
60 days after report release
Who and when should the following be communicated? (Nonissuer)
Significant deficiency
Management and TCWG
By report release
Who and when should the following be communicated? (Nonissuer)
Material weakness
Management and TCWG
By report release
Where is the reference to the opinion on internal control in a nonissuer report? (Separate)
Opinion paragraph
What paragraph concludes the opinion on internal controls in a nonissuer report? (Separate)
Inherent limitations
What kind of engagement is the following:
Examination
Attestation
What kind of engagement is the following:
AUP
Attestation
What kind of engagement is the following:
Review
Attestation
What attest engagement can you NOT perform on Prospective FS
Review
What attest engagement can you NOT perform on Compliance
Review
What attest engagement can you perform a review on?
Pro forma and MD&A
What rules do preparations, compilations, and reviews apply?
SSARS
What rules to AUP, Prospective, Compliance, MD&A apply?
SSAE
What do attest standards NOT reference
Historical FS or GAAP
Attestation Risk
RMM * DR
What does attestation risk not apply to?
AUP
What kind of opinion does an examination provide?
Positive, high level of assurance
How do you handle a scope restriction on a review?
Withdraw
What are the components of an examination report?
Intro
Scope
Opinion
What do you include in a report over the assertion for an examination?
We have examined management of XYZ company’s assertion
What kind of opinion does a review have?
Limited assurance, conclusion
What are the components of a review report?
Intro
Scope
Conclusion
What kind of opinion does AUP have?
None, list of findings
What are the conditions for AUP?
I AM SURE
Independence
Agreement
Measurability
Sufficient procedures
Use of report can be general or restricted
Responsibility is on client
Engagements must include a summary of significant assumptions
Financial forecast
Expected financial results
Financial projection
Hypothetical assumptions
What prospective financial statement can be general use?
Forecast
How can prospective financial statements be prepared?
preparation
compilation
examination
AUP
What guidance does preparation of prospective FS use?
SSARS
What guidance does compilation of prospective FS use?
SSARS
Negative Assurance
Nothing came to the auditor’s attention that caused the auditor to believe an entity failed to comply
SOC 1
evaluating impact that certain relevant controls at the service organization have on the FS of entity
SOC 2
Give assurance to a broad range of users regarding the controls in place
Type 1 report
Report on design and implementation of a service organization
Type 2 report
Report on design, implementation, and operating effectiveness of a service organization’s controls
Criteria for Compliance Examination
Risk assessment
design responses to risk assessment
obtain written representation
prepare report and documention
