Test 2 - Ch.6 Flashcards
A substantive strategy is used when control risk has been set at maximum (T/F)
True
Once a level of control risk has been established, it cannot be changed (T/F)
False
Potential benefits of an entity’s control in an IT environment include what?
- Reduction in the risk that controls will be circumvented
- Consistent application of predefined business rules
- More timely information
Proper segregation of functional responsibilities in an effective system of internal control call for separation of what functions?
Authorization
Recording
Custody
A well-prepared flowchart should make it easier for the auditor to do what?
Perform Walkthroughs
To obtain evidential matter about control risk, an auditor selects tests from a variety of techniques including what?
Inquiry
Inspection
Observation
Reperformance
Where computer processing is used in significant accounting applications, internal control activities may be defined by classifying controls activities into what two types?
General & Application
The concept of reasonable assurance in the context of an entity’s internal controls recognizes what?
The costs of some controls may be too high to implement in relation to potential benefits.
An effective control environment does what?
Creates a commitment to competence.
A substantive strategy differs from a reliance strategy in what way?
Substantive strategy includes increased implementation of detailed test of transactions and balances
A high detection risk strategy includes what?
- Interim Testing
- Reduced testing of transactions
- Heavy reliance on analytically procedures as substantive test
An auditor’s primary consideration regarding an entity’s internal controls is whether they…
Affect the financial statement assertion
A properly maintained internal control system reasonably ensures that collusion among employees cannot occur (T/F)
False
The establishment and maintenance of internal control is an important responsibility of the internal auditor (T/F)
False
An exceptionally strong internal control system is enough for the auditor to eliminate substantive procedures on significant account balances (T/F)
False
The cost-benefit relationship is a primary criterion that should be considered in designing an internal control system (T/F)
True
Internal control is a process designed to provide reasonably assurance regarding the achievement of what 3 objectives?
- Effectiveness and Efficiency of operations
- Reliability of Financial Reporting
- Compliance with applicable laws and regulations
The independent auditor can serve as part of the entity’s control environment and continuous monitoring (T/F)
False
After obtaining an understanding of an entity’s internal control system, an auditor may set control risk at the maximum level for some assertions because he or she…
Believes the internal controls are unlikely to be effective
Regardless of the assessed level of control risk , an auditor would perform what?
Substantive procedures to restrict detection risk for significant transaction classes.
Assessing control risk below maximum involves what?
- Identifying specific controls to rely on
- Performing tests of controls
- Analyzing the achieved level of control risk after performing tests of controls.
What audit technique would most likely provide an auditor with the most assurance about the effectiveness of the operation of a control?
Reperformance of the control by the auditor
The highest quality and most reliable audit evidence that segregation of duties is properly implemented is obtained by…
Observation by the auditor of the employees performing control activities
Reports by the service organization’s auditor typically…
Assess whether the service organization’s controls are suitably designed and operate effectively
Significant deficiencies are matters that come to an auditor’s attention that should be communicated to an entity’s audit committee because they represent…
Significant deficiencies in the design or operation of the internal control.
An auditor’s flowchart of a client’s accounting system is a diagrammatic representation that depicts the auditor’s…
Understanding of the system
An auditor anticipates assessing control risk at a low level in an IT environment. Under these circumstances, on what type of controls would the auditor initially focus?
General Controls
