Test 2 Overviews Flashcards
1
Q
Three goals for adequate audit planning
A
- Obtain sufficient appropriate evidence
- Keep audit costs reasonable
- Avoid misunderstandings with client
2
Q
Acceptable audit risk (AAR)
A
how willing the auditor is to accept that the F/S may be materially misstated AFTER the audit is done and an unmodified report issued
3
Q
Lower AAR means two things
A
more certainty, more testing
4
Q
High vs. low AAR implies about client
A
high AAR: not risky client
low AAR: risky client
5
Q
risk of material misstatement
A
risk that the FS contain a material misstatement due to fraud or error PRIOR to the audit
6
Q
client business risk
A
risk that the entity fails to achieve its objectives because of changes in industry, regulations, economic conditions, or aggressive firm goals
7
Q
engagement letter
A
letter to the client clarifying what work will be done–to be signed by client prior to work beginning
8
Q
6 items used to understand the client’s business
A
- tour facilities
- identify related parties
- Code of Ethics
- minutes of meetings
- common size F/S
- ratios
9
Q
making the preliminary judgment about materiality
A
determine the materiality amount of the COMBINED amount of misstatements in FS BEFORE audit begins
10
Q
lower materiality means
A
more evidence and larger sample required
11
Q
risk assessment is not a precise measurement, but rather…
A
a matter of professional judgment
12
Q
risk areas include (2)
A
- the FS as a whole
- the assertion level for classes of transactions, account balances, presentation and disclosures
13
Q
audit objective’s are developed to address…
A
management’s assertions
14
Q
3 management assertion categories
A
transactions, account balances, presentation and disclosure
15
Q
2 components of material misstatements at the assertion level
A
- inherent risk
- control risk
16
Q
inherent risk is
A
risk assessed about an assertion prior to considering effectiveness of client’s IC
17
Q
control risk is
A
risk in an assertion that the client’s IC fails to prevent or detect
18
Q
4 main risk assessment procedures
A
- inquiries of management
- analytical procedures
- observation and inspection
- engagement team discussions
- other risk assessment procedures
19
Q
professional skepticism (2 components)
A
questioning mind and critically assess all audit evidence
20
Q
identifying material misstatements due to fraud is often more difficult because…
thus, it requires…
A
it involves complex schemes to hide the fraud
professional skepticism
21
Q
a significant risk is
A
an identified and assessed risk of material misstatement that requires special audit consideration
22
Q
4 examples of significant risks
A
- nonroutine transactions
- judgmental estimates
- new business models
- new transactions
23
Q
Audit risk model
A
PDR = AAR / (IR x CR)
24
Q
helps auditors decide how much and what types of evidence to collect for each audit objective
A
the audit risk model
25
planned detection risk
the risk that the audit evidence for an audit objective will fail to detect material misstatements (false negative)
26
audit assurance equals __ __ or __ (formula)
equals confidence level or 1-AAR
27
the relationship between AAR and PDR is
direct
28
As AAR decreases, PDR
decreases
29
AAR and planned evidence relationship
indirects
30
AAR goes down, the planned evidence
increases
31
3 management objectives for internal controls
1. reliability of reporting
2. efficiency and effectiveness of operations
3. compliance with laws and regulations
32
collusion
the act of two or more employees who conspire to steal assets or misstate records
33
what level of assurance to IC provide that FS are fairly stated
reasonable, but not absolute
34
requires public company management to issue an internal control report using an approved framework
SOX 404
35
provides a commonly used IC framework
Committee of Sponsoring Organizations of the Treadway Commission (COSO)
36
auditor's focus on controls over classes of __ rather than __ __ because the accuracy of the outputs depends on the inputs
transactions rather than account balances
outputs (balances) depend on inputs (transactions)
37
5 components of IC framework
1. control environment
2. risk assessment
3. control activities
4. information and communication
5. monitoring
(mostly concerned with reliability of reporting)
38
standards/role of audit committee (5)
1. independent directors
2. hires/fires external auditors
3. establishes whistleblowing procedures
4. can hire experts
5. funded
39
most important control activities (5)
1. adequate separation of duties
2. proper authorization of transactions and activities
3. adequate documents and records
4. physical control over assets and records
5. independent checks on performance
40
3 duties that must be separated (4)
custody, authorization, record-keeping (and IT duties separated from user departments)
41
4 steps in understanding controls
1. obtain and document auditor's understanding of IC
2. assess control risk
3. design, perform, evaluate ToCs
4. decide PDR and substantive tests
42
3 levels of control deficiencies
1. control deficiency
2. significant deficiency
3. material weakness
43
opinions on IC and condition (3)
1. unqualified (no material weaknesses)
2. adverse opinion (one or more material weaknesses exist)
3. qualified or disclaimer of opinion (scope limitation)
44
audit procedures for control risk
tests of controls
45
audit procedures for control risk and PDR
STOT
46
audit procedures for PDR
SAPs, TDB
47
sufficient appropriate evidence formula
TOC + STOT + SAP + TDB
48
control test types/procedures (4)
1. inquiries
2. examine docs and records
3. observe control-related activities
4. reperform client procedures
49
a TOC where the auditor traces one or more transactions all the way through the process to posting to the GL and FS
walkthrough
50
3 types of substantive tests
STOT< SAP< TDB
51
used to determine whether all 6 transaction-related audit objectives have been satisfied for each class of transactions
STOT
52
develop expectations of whether ending balances are correct
SAP
53
example of SAP
sales increased, so COS should increase YOY with similar percentage or common sizing of FS
54
focus on ending balance sheet items, using confirmations, physical inventory, vendor's statements, bank statements, etc.
TDB
55
steps in the sales and collection cycle (7)
1. processing customer orders
2. granting credit
3. shipping goods
4. billing customers and recording sales
5. processing and recording cash receipts
6. sales returns and allowances
7. writing off uncollectible AR and providing for bad debt allowance
56
internal controls over sales and collection cycle (5)
1. adequate separation of duties
2. proper authorization
3. adequate documents and records
4. prenumbered documents
5. monthly customer statements
57
audit efficiency is gained by
doing TOCs and STOTs at the same time
58
misstatements in occurrence of recorded sales and related control (3)
1. sales in journals but not shipped (vouch)
2. sales recorded twice (prenumbering, cancellation)
3. shipments to nonexistent customers (trace credit to AR to corresponding debit to...)
59
completeness - existing sales are recorded - is not normally tested; why?
concern is for overstatement--tracing thus not needed
60
omitted transactions (completeness) control
tracing from source docs to journals
61
nonexistent transactions (occurrence) control
vouching from journals back to source docsc
62
cash embezzlement is most difficult to detect if it occurs
BEFORE cash is recorded in the cash receipts journal
63
tracing cash receipts
trace prenumbered remittance advices (from customer) or prelists of cash receipts to the cash receipts journal and subsidiary AR records
64
proof of cash receipts
total cash receipts recorded in the CR journal are reconciled with actual deposits made to the bank (reconciling items like deposits in transit, outstanding checks, etc.)
65
lapping of AR
to conceal a cash shortage, fraudsters apply cash receipts to various customers to cover the shortage with receipts to one customer
66
lapping control
required vacations of at least one week
67
uncollectible AR fraud concern
embezzlement cover up by writing off AR that has already been collected
68
control for uncollectible AR fraud
authorization for write-offs
69
bad debt expense
estimation for allowance for doubtful accounts based on aging reports and policies for collection and write-off
70
control for bad debt expense
credit controls, policies for collection and write-off
71
the audit efficiency process of testing IC while also completing substantive transaction testing (not all IC testing can be done this way)
dual testing
72
representative sample
represents the characteristics of the population; never fully assured of this but can use statistical probabilities
73
sampling unit based on (2)
population being examined and audit objective
74
sampling risk
risk the auditor reaches an incorrect conclusion because the sample is not representative of the population (Type 1 error--reject that control is effective when it is--or Type II error--fail to reject control is effective when it isn't)
75
nonsampling risk
risk that the auditor reaches an incorrect conclusion not related to sampling risk (failure to recongize exceptions, inappropriate procedures)
76
allows the auditor to quantify (measure) sampling risk
statistical sampling
77
the auditor does not quantify the sampling risk
nonstatistical sampling
78
probabilistic sample selection
random selection such that each item has a known probability of being included in the sample
79
3 probabilistic sampling methods
1. simple random
2. systematic
3. probability proportional to size
80
nonprobabilistic sample selection
selection not based on statistical methods
81
2 nonprobabilistic sampling methods
1. haphazard
2. block sampling
82
occurrence or exception rate
auditor's estimate of the percent of the attribute that is not present/working; percentage of exceptions over sample size
83
the difference between the auditor's estimate and the actual population exception rate
sampling error
84
computed upper exception rate
upper limit of the probable population exception rate; highest exception rate in the population at a given ARO
85
acceptable risk of overreliance
risk that the auditor is willing to take of accepting a control as effective or a rate of monetary misstatements as tolerable when the true population exception rate is greater than teh TER
86
TER
exception rate the auditor estimates/permits in the population while still willing to conclude the control is working or the amount of monetary misstatements in transactions is acceptable
87
estimated population exception rate
exception rate the auditor will permit in the population and still conclude the control is working or monetary misstatement in transactions is acceptable
88
SER
number of exceptions in a sample divided by the sample size
89
nonstatistical audit sampling--four options when SER > EPER
1. revise TER or ARO (not recommended)
2. expand sample size (recommended)
3. revise assessed control risk (possibly better but must increase transaction testing
4. communicate to audit committee or management
90
ARO relationship to sample size
inverse: high ARO less tesing/samples
91
EPER relationship to sample size
direct: high EPER, more testing/samples
92
TER relationship to sample size
inverse: TER high, less testing/samples
93
precision formula
TER-EPER
94
small precision leads to __ sample size
large
