Audit Chapter 9 (Control Risk Assessment)

0.0(0)
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/16

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

17 Terms

1
New cards

Goal of Risk Assessment Procedures

The goal for the auditor is to:

  • obtain an understanding of internal control

  • evaluate the components of the system of internal control

2
New cards

Risk Assessment Consist of:

Inspection

Inquiry of entity personnel

Observation

Reperformance

3
New cards

Types of Risk Assessment Procedures

  • Update and evaluate auditor’s previous experience with the entity

  • Make inquiries of client personnel

  • Examine documents and records

  • observe the entity’s activities and operations

  • Perform walk-throughs the information system

  • Understand IT general controls

4
New cards

Walk Through

Tracing of selected transactions through the accounting system

5
New cards

Ways of documentating the system of internal control

Narrative — written description of a client’s internal controls, including the origin, processing and disposition of documents and records

Flowchart — diagrammatic representation of the client’s documents and records and the sequence in which they are processed

Internal control questionnaire — series of questions about the controls in each audit used as a means of gaining an understanding of internal control

6
New cards

Three levels of the absence of internal controls

Control deficiency, significant deficiency, material weakness

7
New cards

Control Deficiency

Exists if the design or operation of contro. s does not detect and correct misstatements in a timely manner

8
New cards

Significant Deficiency

Exists if one or more control deficiencies exist that are of sufficient importance to merit attention by those in governance

9
New cards

Material Weakness

Exists if a significant deficiency results ina reasonable possibility that internal control will not prevent or detect material financial misstatements on a timely basis

10
New cards

Compensating/Mitigating Controls

A control elsewhere in the system that offsets a weakness.

When a compensative control exists, the weakness is no longer a concern because the potential for misstatement has been sufficiently reduced.

11
New cards

Assessment of Control Risk

A measure of the auditor’s expectation that internal controls will neither prevent material misstatements at the assertion level from occurring nor detect and correct them if they have occured.

12
New cards

Audit Approach

Auditors have choices when developing an appropriate audit approach to address the identified risk of material misstatement at the assertion level

13
New cards

Substantive vs Combined Approach

Substantive Approach — the audit approach used in which the auditor decides not to rely upon controls and collects audit evidence primarily through substantive test

Combined Approach — the audit approach used in which the auditor decides to rely upon controls and collects audit evidence through a combination of control test and substantive tests

14
New cards

Test of Controls

Shows whether the controls actually worked throughout the period and were effective in preventing, detecting, correcting misstatements

15
New cards

Types of Audit Procedures to test effectiveness of controls

Make inquiries of appropriate entity personnel

Inspect documents, records, reports

Observe control-related activities

Reperform client procedures

16
New cards

Internal Control Letter

Description of the internal control deficiency and recommendation, sent to the audit committee

17
New cards

Management Letter

auditor’s observation of less significant internal control-related matters and opportunities for client to make operational improvements