test 2 Flashcards
three controls to separate
authorization
custody of assets
record keeping
vouching
existence
acct records —> source docs
tracing
completeness
source docs —> acct records
audit evidence
inquiry
inspection
observation
analytical procedures
confirmation
reperformance
recalculation
requirements of audit documentation
keep for 7 years
keep organized
auditors responsibility
prelim analytical procedures
gain understanding
set NET
substantive analytical procedures
optional
gather evidence
final analytical procedures
review
persuasive audit evidence
sufficient (#)
appropriate (quality)
relevant
reliable
assertions and testing
occurrence/existence — inspection (vouching)
completeness — inspection (tracing)
rights/obligations – confirmation
cutoff – inspection
valuation – reperformance
accuracy -inspection
classification – analytical procedures
COSO framework
control environment
risk assessment
information and communication
control activities
monitoring
substantive strategy
less test of controls
more NET testing
control risk set at high
reliance strategy
trust controls
more test of controls
less NET
control risk set at low
type one report
design of controls
type 2 report
operation of controls
integrated audit
audit of controls
audit of financial statements
non accelerated
doesn’t need to audit controls
design deficiency
control is missing
or
control not properly designed
operating deficiency
control doesn’t operate as designed
or
person performing control doesn’t have proper authorization
significant deficiency
reasonable possibility
significant magnitude
material weakness
reasonable probability
material magnitude
likelihood
probability
remote, reasonable, probable
magnitude
insignificant, significant, material
adverse report
material weakness identified
unqualified report
no material weakness
disclaimer
serious scope limitiation
accelerated
SOX
accept responsibility for effectiveness
evaluate effectiveness
support evaluation w evidence
present written assessment
remediattion
correcting material weaknesses
ICFR
process to provide reasonable assurance regarding reliability of financial reporting
NET
Nature – effectiveness
Extent – sample size
Timing – yearend/interim
control environment
set of standards that provide basis (tone at top)
HR policies
risk assessment
process for identifying and analyzing risks
control activites
actions established to ensure management mitigates risk
information and communication
enables personnel to understand internal control responsibilities
monitoring activities
evaluate if other coso components are functioning
auditor needs to
understand controls
and
assess control risk