Understanding The Entity And It's Environment And Assessing The Risk Of Material Miss Statement Flashcards
Name the three risk assessment procedures.
- Inquiries of management and others within the organization
- Analytical procedures performed as risk assessment procedures
- Observation and inspection
Significant risks are often related to what two things?
- Non-routine transactions – transactions that are unusual, either due to size or nature and therefore occur in frequently
- Judgmental matters – may include the development of accounting estimates for which a significant measurement uncertainty exists
And exercising judgment about whether a risk is significant, The auditor should consider what six things?
- Whether the risk is a risk of fraud
- Whether risk is related to significant economic, accounting or other developments
- Complexity of transactions
- Whether the risk involved significant transactions with related parties
- Degree of subjectivity of measurement
- Whether risk involves significant transactions outside the normal course of business
When a significant risk exist, the auditor should obtain an understanding of what two things?
- And understanding of the entities relevant controls including control activities relevant to that risk, And based on that understanding
- Evaluate whether such controls have been suitably designed and implemented to mitigate such risks
What are the five components of internal control?
- Control environment
- Entity risk assessment process
- Information system
- Control activities
- Monitoring of controls
What are the three limitations of internsl controls?
- Limitations of human judgment
- Collusion to circumvent controls
- Management and other employee override of controls
What are the six benefits of IT in internal control?
- Consistent application of business rules and performance of complex calculations
- Enhanced timeliness, availability, and accuracy of information
- Facilitate additional analysis of information
- Enhanced ability to monitor performance of entities activities and its policies and procedures
- Reduce risk that controls will be circumvented
- Enhanced ability to achieve effective segregation of duties
What are the eight risks of IT in internal controls?
- Reliance on system and programs
- Unauthorized access to data
- IT personnel gaining an appropriate access privileges
- Unauthorized changes to data and masterfiles
- Unauthorized changes to systems or programs
- Failure to make necessary changes to systems
- Inappropriate manual intervention
- Potential loss of data or inability to access data as required
What are the five types of information used for analytical procedures?
- Prior period Information
- Anticipated results
- Similar industry information
- Relationships among elements of financial information
- Financial and nonfinancial information
Analytical procedures are required in what 2 phases of an audit?
- Initial planning as part of the risk assessment procedures required in the audit, which also include inquires of mgmt. and others, and observation and inspection
- as an overall review near the end of the audit to assist the auditor in forming an overall conclusion on whether the FS are consistent with the understanding of the entity.
Risk assessment procedures should include what 3 things?
- inquires of mgmt. and others
- analytical procedures
- observation and inspection
What is the purpose of applying analytical procedures in the planning stage of an audit?
To assist in the nature, timing and extent of auditing procedures that will be used to obtain audit evidence for specific account balances or classes of transactions
