A2: Engagement Quality and Acceptance, Planning, and Internal Control

0.0(0)
Studied by 0 people
call kaiCall Kai
Locked
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/45

encourage image

There's no tags or description

Looks like no tags are added yet.

Last updated 11:36 PM on 7/16/26
Name
Mastery
Learn
Test
Matching
Spaced
Call with Kai
Chat

No analytics yet

Send a link to your students to track their progress

46 Terms

1
New cards

A2-M1: What are the functions of the audit commitee?

Selects and appoints the independent auditor and sets the audit fees

Reviews the nature and details of the audit engagement

Reviews the quality of the auditor’s work

Reviews the scope of the audit

Determines that any recommendations made by the auditor are given proper attention

Maintains lines of communication between the auditor and the board of directors

Helps solve any disagreements related to the accounting treatment of material items in the financial statements

Evaluates the system of internal control of the company with the help of the independent auditor

Makes reports to the board of directors and the stockholders when necessary

Assures that the auditor is independent of the company

Note: The audit committee has additional responsibilities under Sarbanes-Oxley

2
New cards

A2-M1: What should the auditor assess when considering the firm’s client acceptance and continuance policies?

The firm’s ability to meet reporting deadlines

The firm’s ability to staff the engagement

Independence

Integrity of client management

The group engagement team’s ability to obtain sufficient appropriate audit evidence (if a group audit)

3
New cards

A2-M1: What is the purpose of an engagement letter?

The engagement letter is a written agreement between the auditor and the client. The purpose of the agreement is to reduce the risk that either the auditor or the client may misinterpret the needs or expectations of the other party

4
New cards

A2-M1: What topics should be included in the agreement to audit engagement terms?

Objectives and the scope of the audit

Mnagement’’s responsibilities

The auditor’s responsibilities

The inherent limitations of the engagement

Identification of the applicable financial reporting framework

Reference to the expected form and content of any reports

An engagement latter may also refer to other matters, such as timing, client assistance, fees and billing, etc.

5
New cards

A2-M1: Before the auditor accepts an engagement, what communication between the predecessor and the auditor should be made?

Obtain client’s permission to make inquiries of the predecessor auditor regarding:

Identified or suspected fraud

Noncompliance or suspected noncompliance with laws and regulations

Management integrity

Disagreement with management

Reasons for the change of auditors

Communications to management and others regarding internal control

Nature of any significant, unusual, or related party relationships and transactions

6
New cards

A2-M1: Name the elements of a CPA firm’s system of quality management for its auditing, attest, and accounting and review services

Firm’s risk assessment process

Governance and leadership

Relevant ethical requirements

Acceptance and continuance of client relationships

Engagement performance

Resources (human, technological, and intellectual)

Information and communication

Monitoring and remediation

7
New cards

A2-M2: Explain the relationship between quality management standards and GAAS standards

Quality management standards pertain to the conduct of all professional activities of an entity’s practice as a whole

GAAS standards relate to the conduct of each individual audit engagement

8
New cards

A2-M2: What are the objectives of an auditor when implementing quality management procedures at the engagement level for a nonissues?

The objectives of the auditor are to provide reasonable assurance:

That the auditor has fulfilled their responsibilities, and that the audit complies with professional standards and any legal or regulatory requirements

That the report issued by the auditor is appropriate in the circumstances

9
New cards

A2-M2: Describe the required characteristics of the engagement quality reviewer

The engagement quality reviewer can be a partner, another person in the firm, a suitably qualified external person, or a team of such individuals, none of whom is part of the engagement team. The engagement quality reviewer must have the appropriate competence and capabilities to perform the review, comply with all ethical requirements (including independence), and comply with all relevant laws and regulations

10
New cards

A2-M2: When does a significant deficiency exist?

  1. The engagement team failed to obtain sufficient appropriate evidence

  2. The engagement team reached an inappropriate overall conclusion

  3. The engagement report is not appropriate for the circumstances

  4. The firm is not independent of the client

11
New cards

A2-M3: How long must audit documentation be retained for issuers and nonissuers?

PCAOB rules require that auditors retain audit documentation of public companies (issuers) for seven years from the report release date

SAS rules require that auditors keep audit documentation for nonissuers for at least five years from the report release date

The report release date is the date on which the auditor gives the client permission to use the report (often the date the report is delivered to the client).

12
New cards

A2-M3: Define permanent (continuous) file and provide examples of audit documentation that may be included within

The permanent files includes audit documentation that has a continuing interest from year to year. Examples of audit documentation that may appear in the permanent file include:

Contracts

Pension plans

Leases

Stock options

Bylaws

Articles of incorporation

Bond indentures

13
New cards

A2-M4: What are the objectives of internal control?

To promote efficiency and effectiveness of operations

To ensure reliable financial reporting

To encourage compliance with applicable laws and regulations

14
New cards

A2-M4: Name and describe the three objectives within the COSO framework

The three framework objectives within COSO are:

  1. Operating objectives pertain to the effectiveness and efficiency of the entity’s operations

  2. Reporting objectives pertain to the reliability, timeliness, and transparency of an entity’s reporting

    1. Compliance objectives are necessary to ensure the entity is adhering to all laws and regulations

15
New cards

A2-M4: What are some inherent limitations of internal control?

  1. Management override of internal controls

  2. Human error, which may include errors in the design or use of automated controls

  3. Deliberate circumvention of controls by collusion of two or more people

16
New cards

A2-M4: How does the principles-based approach support an effective system of internal control under the COSO framework?

An effective system of internal control requires the use of judgment in determining the sufficiency of controls, applying the proper controls, and assessing the effectiveness of the system of internal controls

The principles-based approach of the COSO framework emphasizes the importance of management judgment

17
New cards

A2-M4: What is the purpose of the COSO cube?

The COSO cube shows a graphical three-dimensional depiction of the relationship between an entity’s three objectives, its five integrated control components, and the entity’s organizational structure

18
New cards

A2-M4: What are the components of the Committee of Sponsoring Organizations’ (COSO) Internal Control Integrated Framework? CRIME

  1. Control Environment

  2. Risk Assessment

  3. Information and Communication

  4. Monitoring

  5. Existing Control Activities

19
New cards

A2-M4: What are the five principles associated with the control environment component of COSO? EBOCA

  1. Commitment to ethics and integrity

  2. Board independence and oversight

  3. Organizational structure

  4. Commitment to competence

    1. Accountability

20
New cards

A2-M4: What are the four principles associated with the risk assessment component of COSO? SAFR

  1. Specify objectives

  2. Identify and analyze risks

  3. Consider potential for fraud

  4. Identify and assess changes

21
New cards

A2-M4: What are the three principles associated with the information and communication component of COSO? OIE

  1. Obtain and use information

  2. Internally communicate information

  3. Communicate with external parties

22
New cards

A2-M4: What are the two principles associated with the monitoring component of COSO? (SOD)

  1. Ongoing and separate evaluations

  2. Communication of deficiencies

23
New cards

A2-M4: What are the three principles associated with the existing control activities component of COSO? CATP

  1. Select and develop control activities

  2. Select and develop technology controls

  3. Deployment of policies and procedures

24
New cards

A2-M4: Why does an auditor obtain an understanding of the client’s internal control?

An auditor obtains an understanding of internal control to evaluate the design of controls and determine whether they have been implemented; to assess the risk of material misstatement; and to design the nature, extent, and timing of further audit procedures

25
New cards

A2-M4: What are the five components of internal control? CRIME

Control environment

Risk assessment

Information and communication systems

Monitoring

Existing control activities

26
New cards

A2-M4: Why is the control environment particularly important to internal control?

The control environment sets the tone of the organization, influencing the control consciousness of its employees, and providing the foundation for the other components of internal control

27
New cards

A2-M4: Describe the risk assessment component of internal control

Risk assessment is an entity’s identification and analysis of risks to the achievement of its objectives with respect to financial reporting. Risk assessment involves identification, analysis, and management of business risks relevant to the preparation of financial statements

28
New cards

A2-M4: What functions are served by an entity’s information system with respect to financial reporting?

Identify and record all valid transactions

Process and account for system overrides or bypasses to control

Incorporate information from transaction processing in the general ledger

Capture and process information relevant to the preparation of the financial statements for events and conditions other than transactions, such as depreciation and amortization of assets or changes to asset recoverbility

Ensure information required to be disclosed is accumulated, recorded, processed, summarized, and appropriately reported in the financial statements

Present transactions and related disclosures properly in the financial statements

29
New cards

A2-M4: What functions should an auditor understand about an entity’s communication system with respect to financial reporting?

The methods used to communicate roles, responsibilities, and significant matters related to financial reporting

Communications between management and those charged with governance, and between management and external parties

30
New cards

A2-M4: What activities may be considered part of the monitoring component of internal control?

The monitoring process may include:

Management and supervisory activities

Separate internal control evaluations

The internal audit function

Evaluation of communications from external parties

31
New cards

A2-M4: Name some control activities that are relevant to an audit PAIDTIPS

Prenumbering of documents

Authorization of transactions

Independent checks to maintain asset accountability

Documentation

Timely and appropriate performance reviews

Information processing general and application controls

Physical controls for safeguarding assets

Segregation of duties

32
New cards

A2-M4: What is the function of logical access controls?

Logical access controls use software and protocols to monitor and control access to information and an organization’s IT infrastructure

33
New cards

A2-M4: What is the function of physical controls?

Physical controls monitor and control the workplace environment and computing facilities

34
New cards

A2-M4: What is meant by the term segregation of duties?

Segregation of duties reduces opportunities for anyone to both perpetrate and conceal errors or fraud in the normal course of one’s duties

35
New cards

A2-M4: What functions should be segregated? ARC

Authorizing transactions

Recording transactions

Maintaining Custody of the related assets

36
New cards

A2-M4: What factors are included in the control environment?

Integrity

Competence

Participation of those charged with governance

Management philosophy

Organizational structure

Assignment of responsibility

Human resource policies

37
New cards

A2-M5: What factors affect the nature and extent of necessary planning activities?

The size and complexity of the company

The auditor’s previous experience with the company

Changes in circumstances that occur during the audit

38
New cards

A2-M5: What factors indicate less complex operations?

Fewer business lines

Less complex business processes and financial reporting systems

More centralized accounting functions

Extensive involvement of senior management in day-to-day operations

Fewer levels of management

39
New cards

A2-M5: The engagement partner is responsible for what three functions?

Planning the audit

Supervising the work of engagement team members

Complying with relevant audit standards

40
New cards

A2-M5: What are the responsibilities of auditors when there are disagreements among members of the audit team?

Auditors have a responsibility to exercise due professional care and to observe the standards of fieldwork. They should bring any disagreements with the conduct of the audit to the attention of the auditor-in-charge (generally a partner).

The auditor also has the right to document the disagreement, and, if necessary, to disassociate from the opinion

41
New cards

A2-M5: Is an auditor required to have prior experience with a client’s business or industry before accepting an engagement?

No, the auditor is not required to have prior experience with a client’s business or industry before accepting an engagement. However, once an engagement has been accepted, the auditor must obtain an understanding of the client’s industry and business. For example, an auditor may obtain an understanding by attending conferences or reading appropriate publications.

42
New cards

A2-M5: What is the audit strategy?

The audit strategy outlines the:

Scope of the audit engagement

Reporting objectives

Timing of the audit

Required communications

Factors that determine the focus of the audit

The audit strategy also includes the preliminary assessment of materiality and tolerable misstatement

43
New cards

A2-M5: What is an audit plan?

A written audit plan (required for every audit) is a listing of audit procedures that the auditor believes are necessary to accomplish the objecties of the audit. The audit plan outlines the nature, extent, and timing of procedures to be performed at the relevant assertion level. The audit plan typically follows development of the audit strategy.

44
New cards

A2-M5: Name the six main financial statement assertions. COVERUP

Completeness

CutOff

Valuation, allocation, and accuracy

Existence and occurrence

Rights and obligations

Understandability of Presentation and classification

45
New cards

A2-M5: Name the relevant assertions for transactions, events, and related disclosures

Completeness

(Proper period) cutoff

Accuracy

Understandability of presentation and classification

Occurrence

46
New cards

A2-M5: Name the relevant assertions for account balances and related disclosures

Completeness

Allocation and valuation

Rights and obligations

Existence

Accuracy

Understandability of presentation and classification