Audit Exam 3 - Bryan

0.0(0)
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/48

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

49 Terms

1
New cards

Ensure assets are safeguarded

Promote Reliable Financial Reporting

What do controls do? (2)

2
New cards

Obtain an understanding of internal controls

Assess control risk using risk assessment procedures

Auditor has the responsibility to:

3
New cards

Control Environment

Risk

Information and Communication

Monitoring

Existing (Controls)

Components of Internal Controls (CRIME)

4
New cards

Control Environment

The tone at the top relates to which aspect of internal controls

5
New cards

False

True or False: COSO is a set of rules that every publicly traded entity must follow

6
New cards

Ethics

Board Independence (Oversight)

Organizational Structure (Segregation of Duties)

Competence (Employees)

Accountability

What are the principles of the control environment in the COSO Framework?

7
New cards

Specify Objectives (Identify)

Assess Changes

Fraud Potential Consideration

Risk Analysis (Management)

What are the principles of Client’s Risk Assessment in the COSO Framework

8
New cards

  • Obtain and use information

    • FACT

  • Internally communicate information

  • External Party Communication

What are the components of Information and Communication

9
New cards

Separate

Ongoing Evaluations

Deficiency Communications

What are the important aspects of the Monitoring section of the COSO Framework

10
New cards

Control Activities

Technology Controls

Policies and Procedures Deployment

What are the main points of Existing Controls section of the COSO Framework

11
New cards

Do they prevent, detect, and correct material misstatemetns

What are the three questions we ask regarding existing controls?

12
New cards

Completeness

Accuracy

Validity

Restricted Access

What are the objectives of the Existing Control Activities part of the COSO Framework

13
New cards

Authority

Control

Recording

What are the aspects of Separation of Duties

14
New cards

Enables personnel to understand internal control responsibilities

What does information and communication do?

15
New cards

Monitoring Activities

Ongoing, separate, or combined evaluations to determine if the principles of each component are present and functioning

16
New cards

True

True or False: If control risk is high the audit firm will use a non-reliance strategy

17
New cards

Procedure Manuals and Org Charts

Internal Control Questionnaires

Flowcharts

Narrative Descriptions

What are some ways one could document the understanding of internal controls in a client

18
New cards

Management Override

Human Error

Collusion

What are the limitations of an entity’s internal controls

19
New cards

Inquiry

Inspection of Documents

Observation of the application of the control

Reperformance

What are the 4 tests of controls a firm could perform

20
New cards

Description of the controls. (SOC Report)

What is a Type 1 Report

21
New cards

Opinion on the effectiveness of controls

What is a Type 2 Report

22
New cards

Control Deficiency

Internal Control Deficiencies

  • Not Material

  • Not Significant

  • Can still give unqualified opinion

  • Will still report to management

23
New cards

Significant Deficiency

Internal Control Deficiencies

  • Not Material

  • Significant

  • Reported to Management and Board

  • Still Results in Unqualified Opinion

24
New cards

Material Weakness

Internal Control Deficiencies

  • Significant

  • Material

  • Results in Adverse Opinion

  • Report to management, board, and everyone else

25
New cards

General Controls

Application Controls

What are the types of IT Controls

26
New cards

Management’s Responsibilities under 404

Evaluate the effectiveness of ICFR using a suitable control criterion

Support the evaluation with sufficient evidence

Present a written report as of the end of the fiscal year

27
New cards

prevent, detect, and correct

Effectiveness of Controls relates to the controls abilities to _______, ______, and ______ material misstatements

28
New cards

Internal Controls over Financial Reporting (ICFR)

  • Maintenance of records that accurately and fairly reflect the transactions and dispositions of the assets of the company

  • Reasonable assurance that transactions are properly authorized and recorded in accordance with GAAP

  • Reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use, or disposition of the company’s assets

29
New cards

Control Environment

EBOCA is associated with which aspect of COSO

30
New cards

Risk Assesment

SAFR is associated with which aspect of COSO

31
New cards

Information and Communication

OIE is associated with which aspect of COSO

32
New cards

Monitoring

SOD is associated with which aspect of COSO

33
New cards

Existing Controls Activities

CATP is associated with which aspect of COSO

34
New cards

Ethics

Board Independence

Organizational Structure

Competence

Accountability

What does EBOCA stand for

35
New cards

Specify Objectives

Assess Changes

Fraud Potential Consideration

Risk Analysis

What does SAFR stand for

36
New cards

Obtain and Use Information

Internally Communicate Information

External Party Communication

What does OIE stand for

37
New cards

Separate

Ongoing Evaluations

Deficiency Communication

What does SOD stand for regarding Monitoring Activities

38
New cards

Control Activities

Technology Controls

Policies and Procedures Deployment

What does CATP stand for

39
New cards

Control Environment

Risk Assessment

Information and Communication

Monitoring

Existing (Controls) Activities

What does CRIME stand for

40
New cards

Special Consideration on using the work of others

Evaluate the nature of the controls subjected to the work of others

Evaluate competence and objectivity of those who performed the work

Test some of the work performed by others

41
New cards

Reasonable Assurance

The basic concept of internal control that recognizes the cost of internal control should not exceed the benefits expected to be derived is known as

42
New cards

Assess Control Risk

Test of Controls

Reassess Control Risk

Determine Extent of Substantive Testing.

What is the correct sequence of audit steps that come after first obtaining an understanding and documenting the entity's internal control?

43
New cards

Material Weaknesses and Significant Deficiencies

The auditor must report the following to the audit committee or others charged with governance:

44
New cards

General Controls

broad, foundational policies and procedures that apply across an organization's entire IT environment

45
New cards

Application Controls

specific to individual applications and focus on ensuring the accuracy and security of data within those applications

46
New cards

deficiency in operation.

A control deviation caused by an employee performing a control procedure that he or she is not authorized to perform is always considered a:

47
New cards

Entity-Level Controls

overarching policies and procedures designed to ensure that management directives are implemented and enforced across an entire organization, impacting the overall control environment and risk management

48
New cards

Understanding of the System

An auditor’s flowchart of an entity’s accounting system is a diagrammatic representation that depicts the auditor’s:

49
New cards

Substantive (Tests/Testing)

The following are tested during what kind of tests

  • Existence/Occurrence

  • Valuation/Allocation

  • Rights & Obligations

  • Completeness

  • Accuracy

  • Cutoff

  • Classification & Presentation