Understanding the Entity & Its Environment (Including Internal Control)

Question 1

What are we looking for when we are gaining an understanding of the entity, its environment, and internal control?

Answer 1

a

Question 2

What are some examples of entities, environments, and internal control?

Answer 2

a

Question 3

What is materiality? Why must we determine and document it?

Answer 3

a

Question 4

What is risk assessment? Why must we conduct and document it?

Answer 4

a

Question 5

Risk of what?

Answer 5

a

Question 6

Why must we have discussions among the audit team regarding these procedures?

Answer 6

a

Question 7

Why must we discuss a susceptibility of a material misstatement of the entities financial statements due to fraud?

Answer 7

a

Question 8

What is fraud?

Answer 8

a

Question 9

What are characteristics of fraud?

Answer 9

a

Question 10

What are we discussing when we document required discussions regarding risk of fraud?

Answer 10

a

Question 11

What kinds of inquiries are we making when we make and document inquiries of management about fraud?

Answer 11

a

Question 12

What are we looking for when we identify and assess risks that may result in material misstatements due to fraud?

Answer 12

a

Question 13

What are we doing when we perform and document risk assessment procedures?

Answer 13

a

Question 14

What are we taking a risk assessment of?

Answer 14

a

Question 15

How do we identify, conduct, and document appropriate inquiries of management and others within the entity?

Answer 15

a

Question 16

How do we perform appropriate analytical procedures to understand an entity and identify areas of risk?

Answer 16

a

Question 17

How do we obtain information to support inquiries through observation and inspection (including reading corporate minutes, etc)?

Answer 17

a

Question 18

How do we consider additional aspects of the entity and its environment, including: industry, regulatory and other external factors; strategies and business risk; financial performance?

Answer 18

a

Question 19

How do we consider internal control in evaluating the entity we are auditing and its environment?

Answer 19

a

Question 20

How do we perform procedures to assess the control environment, including consideration of the COSO framework and identifying entity-level controls?

Answer 20

a

Question 21

What are entity-level controls?

Answer 21

a

Question 22

What are business processes and information flows? Why do we need to obtain and document an understanding of them?

Answer 22

a

Question 23

What is the effect of information technology on the effectiveness of an entity’s internal control?

Answer 23

a

Question 24

How do we perform risk assessment procedures to evaluate the design and implementation of internal controls relevant to an audit of financial statements?

Answer 24

a

Question 25

How do we identify key risks associated with general controls in a financial IT environment,?

Answer 25

a

Question 26

What is change management?

Answer 26

a

Question 27

What is backup/recovery?

Answer 27

a

Question 28

What is network access (e.g. administrative rights)?

Answer 28

a

Question 29

What are financial transaction cycles?

Answer 29

a

Question 30

What is application access control (e.g. administrative access rights)?

Answer 30

a

Question 31

What are controls over interfaces?

Answer 31

a

Question 32

What are controls over integrations?

Answer 32

a

Question 33

What are controls over e-commerce?

Answer 33

a

Question 34

What are controls over significant algorithms?

Answer 34

a

Question 35

What are controls over reports?

Answer 35

a

Question 36

What are controls over validation?

Answer 36

a

Question 37

What are controls over edit checks?

Answer 37

a

Question 38

What are controls over error handling?

Answer 38

a

Question 39

How do we assess whether the entity has designed controls to mitigate key risks associated with general controls or application functionality?

Answer 39

a

Question 40

What are general controls?

Answer 40

a

Question 41

What is application functionality?

Answer 41

a

Question 42

How do we identify controls relevant to reliable financial reporting and the period-end reporting process?

Answer 42

a

Question 43

What are limitations of internal control?

Answer 43

a

Question 44

What are the effects of service organizations on internal control?

Answer 44

a

Question 45

What is the risk of management override of internal controls?

Answer 45

a

Question 46

How do we document an understanding of the entity and its environment? Including each component of the entity’s internal control in order to assess risks?

Answer 46

a

Question 47

How do we assess and document the risk of material misstatements?

Answer 47

a

Question 48

How do we identify and document financial statement assertions and formulate audit objectives? Including significant financial statement balances, classes of transactions, disclosures, and accounting estimates?

Answer 48

a

Question 49

How do we relate the identifies risks to relevant assertions and consider whether the risks could result in a material misstatement to the financial statements?

Answer 49

a

Question 50

How do we assess and document the risk of material misstatement that relates to both financial statement level and specific assertions?

Answer 50

a

Question 51

What is the meaning of financial statement level?

Answer 51

a

Question 52

What is the meaning of specific assertions?

Answer 52

a

Question 53

How do we identify and document conditions and events that may indicate risks of material misstatement?

Answer 53

a

Question 54

How do we identify and document significant risks that require special audit consideration?

Answer 54

These risks include: significant recent economic, accounting, or other developments; related parties and related party transactions; improper revenue recognition; non-routine or complex transactions; significant accounting estimates; and illegal acts.