7) Internal Control

0.0(0)
Studied by 0 people
call kaiCall Kai
Locked
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/64

encourage image

There's no tags or description

Looks like no tags are added yet.

Last updated 4:15 PM on 7/7/26
Name
Mastery
Learn
Test
Matching
Spaced
Call with Kai
Chat

No analytics yet

Send a link to your students to track their progress

65 Terms

1
New cards

According to PSA 400, which of the following is correct regarding internal control system?

a. Internal control system refers to all the policies and procedures adopted by the auditor to assist in achieving management's objective.

b. A strong control environment, by itself, ensures the effectiveness of the internal control system.

c. In the audit of financial statements, the auditor is only concerned with those policies and procedures within the accounting and internal control systems that are relevant to the financial statements.

d. The internal control system is confined to those matters which relate directly to the functions of the accounting system.

c. In the audit of financial statements, the auditor is only concerned with those policies and procedures within the accounting and internal control systems that are relevant to the financial statements.

2
New cards

Which of the following is correct about internal control?

a. Accounting and internal control systems provide management with conclusive evidence that objectives are reached.

b. One of the inherent limitations of accounting and internal control systems is the possibility that the procedures may become inadequate due to changes in conditions, and compliance with procedures may deteriorate.

c. Most internal controls tend to be directed at non-routine transactions.

d. Management does not consider costs of the accounting and internal control systems.

b. One of the inherent limitations of accounting and internal control systems is the possibility that the procedures may become inadequate due to changes in conditions, and compliance with procedures may deteriorate.

3
New cards

Corporate directors, management, external auditors, and internal auditors all play important roles in creating a proper control environment. Top management is primarily responsible for

a. Establishing a proper environment and specifying overall internal control.

b. Reviewing the reliability and integrity of financial information and the means used to collect and report such information.

c. Ensuring that external and internal auditors adequately monitor the control environment.

d. Implementing and monitoring controls designed by the board of directors.

a. Establishing a proper environment and specifying overall internal control.

4
New cards

Which of the following best describes the interrelated components of internal control?

a. Organizational structure, management philosophy, and planning.

b. Control environment, risk assessment, control activities, information and communication systems, and monitoring.

c. Risk assessment, backup facilities, responsibility accounting, and natural laws.

d. Legal environment of the firm, management philosophy, and organizational structure.

b. Control environment, risk assessment, control activities, information and communication systems, and monitoring.

5
New cards

In an audit of financial statements, an auditor's primary consideration regarding a control is whether it

a. Reflects management's philosophy and operating style.

b. Affects management's financial statement assertions.

c. Provides adequate safeguards over access to assets.

d. Enhances management's decision-making processes.

b. Affects management's financial statement assertions.

6
New cards

Effective internal control

a. Eliminates risk and potential loss to the organization.

b. Cannot be circumvented by management.

c. Is unaffected by changing circumstances and conditions encountered by the organization.

d. Reduces the need for management to review exception reports on a day-to-day basis.

d. Reduces the need for management to review exception reports on a day-to-day basis.

7
New cards

Which of the following statements about internal control is correct?

a. Properly maintained internal controls reasonably assure that collusion among employees cannot occur.

b. Establishing and maintaining internal control is the internal auditor's responsibility.

c. Exceptionally strong control allows the auditor to eliminate substantive tests.

d. The cost-benefit relationship should be considered in designing internal control.

d. The cost-benefit relationship should be considered in designing internal control.

8
New cards

The ultimate purpose of assessing control risk is to contribute to the auditor's evaluation of the risk that

a. Tests of controls may fail to identify controls relevant to assertions.

b. Material misstatements may exist in the financial statements.

c. Specified controls requiring segregation of duties may be circumvented by collusion.

d. Entity policies may be overridden by senior management.

b. Material misstatements may exist in the financial statements.

9
New cards

A proper understanding of the client's internal control is an integral part of the audit planning process. The results of the understanding

a. Must be reported to the shareholders and the SEC.

b. Bear no relationship to the extent of substantive testing to be performed.

c. Are not reported to client management.

d. May be used as the basis for withdrawing from an audit engagement.

d. May be used as the basis for withdrawing from an audit engagement.

10
New cards

An entity should consider the cost of a control in relationship to the risk. Which of the following controls best reflects this philosophy for a large peso investment in heavy machine tools?

a. Conducting a weekly physical inventory.

b. Placing security guards at every entrance 24 hours a day.

c. Imprinting a controlled identification number on each tool.

d. Having all dispositions approved by the vice president of sales.

c. Imprinting a controlled identification number on each tool.

11
New cards

Audit evidence concerning segregation of duties ordinarily is best obtained by

a. Performing tests of transactions that corroborate management's financial statement assertions.

b. Observing the employees as they apply specific controls.

c. Obtaining a flowchart of activities performed by available personnel.

d. Developing audit objectives that reduce control risk.

b. Observing the employees as they apply specific controls.

12
New cards

Which of the following statements about preliminary assessment of control risk is correct?

a. After obtaining an understanding of the accounting and internal control systems, the auditor should make a preliminary assessment of control risks for all accounts or transaction classes.

b. The preliminary assessment of control risk can be done only after completing tests of controls.

c. The preliminary assessment of control risk for a financial assertion is normally low unless weaknesses are identified.

d. The auditor ordinarily assesses control risk at a high level for some or all assertions when it is not cost-efficient to do tests of controls.

d. The auditor ordinarily assesses control risk at a high level for some or all assertions when it is not cost-efficient to do tests of controls.

13
New cards

Which of the following statements concerning control risk is correct?

a. When control risk is at the maximum level, an auditor is required to document the basis for that assessment.

b. Control risk may be assessed sufficiently low to eliminate substantive testing for significant transaction classes.

c. When assessing control risk, an auditor should not consider evidence obtained in prior audits about the operation of controls.

d. Assessing control risk and obtaining an understanding of an entity's internal control may be performed concurrently.

d. Assessing control risk and obtaining an understanding of an entity's internal control may be performed concurrently.

14
New cards

Based on a consideration of internal control completed at an interim date, the auditor assessed control risk at a low level and performed interim substantive tests. The records and procedures would most likely be tested again at year-end if

a. Tests of controls were not performed by the internal auditor during the remaining period.

b. Internal control provides a basis for limiting the extent of substantive testing.

c. The auditor used nonstatistical sampling during the interim period testing of controls.

d. Inquiries and observations lead the auditor to believe that conditions have changed.

d. Inquiries and observations lead the auditor to believe that conditions have changed.

15
New cards

Although substantive tests may support the accuracy of underlying records, these tests frequently provide no affirmative evidence of segregation of duties because

a. Substantive tests rarely guarantee the accuracy of the records if only one person performs incompatible functions.

b. The records may be accurate even though they are maintained by a person who performs incompatible functions.

c. Substantive tests relate to the entire period under audit, but tests of controls ordinarily are confined to the period during which the auditor is on the client's premises.

d. Many computerized procedures leave no audit trail of who performed them.

b. The records may be accurate even though they are maintained by a person who performs incompatible functions.

16
New cards

After obtaining an understanding of internal control and assessing control risk, an auditor decided not to perform additional tests of controls. The auditor most likely concluded that

a. Additional evidence to support a further reduction in control risk was not cost-beneficial to obtain.

b. Assessed level of inherent risk exceeded the assessed level of control risk.

c. Internal control was properly designed and justifiably may be relied on.

d. Evidence obtainable through tests of controls would not support an increased assessment of control risk.

a. Additional evidence to support a further reduction in control risk was not cost-beneficial to obtain.

17
New cards

The objective of tests of details of transactions performed as tests of controls is to

a. Monitor the design and use of entity documents such as prenumbered shipping forms.

b. Determine whether controls have been placed in operation.

c. Detect material misstatements in account balances.

d. Evaluate whether controls operated effectively.

d. Evaluate whether controls operated effectively.

18
New cards

An auditor wishes to perform tests of controls on a client's cash disbursements procedures. If the controls leave no audit trail of documentary evidence, the auditor most likely will test the procedures by

a. Confirmation and observation.

b. Observation and inquiry.

c. Analytical procedures and confirmation.

d. Inquiry and analytical procedures.

b. Observation and inquiry.

19
New cards

Which of the following would not be a method used to conduct tests of controls?

a. Inquiry

b. Walk-through

c. Confirmation

d. Observation

c. Confirmation

20
New cards

The auditor is examining copies of sales invoices only for the initials of the person responsible for checking the extensions. This is an example of a

a. Test of controls.

b. Substantive test.

c. Dual-purpose test.

d. Test of balances.

a. Test of controls.

21
New cards

Which of the following types of evidence would an auditor most likely examine to determine whether controls are operating as designed?

a. Confirmations of receivables verifying account balances.

b. Letters of representation corroborating inventory pricing.

c. Attorneys' responses to the auditor's inquiries.

d. Client records documenting the use of computer programs.

d. Client records documenting the use of computer programs.

22
New cards

Which procedure concerning accounts receivable is an auditor most likely to perform to obtain evidential matter supporting an assessed control risk below maximum?

a. Sending confirmation requests to customers.

b. Inspecting the aging of accounts receivable.

c. Comparing bad debt expense to actual write-offs.

d. Observing an employee prepare the schedule of past due accounts receivable.

d. Observing an employee prepare the schedule of past due accounts receivable.

23
New cards

An auditor is least likely to test controls that provide for

a. Classification of revenue and expense transactions by product line.

b. Approval of the purchase and sale of trading securities.

c. Segregation of recording disbursements and reconciling the bank account.

d. Comparison of receiving reports, vendor invoices, and purchase orders.

a. Classification of revenue and expense transactions by product line.

24
New cards

In a small company that doesn't employ enough employees to permit proper segregation of duties, effective internal control can be strengthened by

a. Direct participation by the owner in the recordkeeping activities of the business.

b. Employment of temporary personnel.

c. Delegation of full responsibility to each employee.

d. Engaging a CPA to perform monthly write-up work.

a. Direct participation by the owner in the recordkeeping activities of the business.

25
New cards

Which of the following is true regarding communication to management of material weaknesses?

a. Communication must always be in writing.

b. Oral communication, when appropriate, should be documented in the audit working papers.

c. The communication should indicate that the auditor extensively examined the internal control system.

d. The communication should indicate that the examination was designed primarily to determine whether internal control is adequate.

b. Oral communication, when appropriate, should be documented in the audit working papers.

26
New cards

Transaction authorization within an organization may be either specific or general. An example of specific transaction authorization is

a. Approval of a construction budget for a new warehouse.

b. Setting automatic reorder points.

c. Establishing customer credit limits.

d. Establishing sales prices.

a. Approval of a construction budget for a new warehouse.

27
New cards

Internal control should provide reasonable (not absolute) assurance. This means

a. The cost of control activities should not exceed the benefits.

b. Internal control is management's, not the auditor's, responsibility.

c. An attestation engagement may not detect all reportable conditions.

d. There is always a risk that reportable conditions may result in material misstatements.

a. The cost of control activities should not exceed the benefits.

28
New cards

Which of the following is an example of an inherent limitation of internal control?

a. Errors may arise from mistakes in judgment.

b. Effectiveness depends on segregation of duties.

c. Procedures ensure transactions are executed as authorized.

d. Computers process large numbers of transactions.

a. Errors may arise from mistakes in judgment.

29
New cards

Proper segregation of functional responsibilities calls for separation of the functions of

a. Authorization, execution, and recording.

b. Authorization, execution, and payment.

c. Custody, execution, and reporting.

d. Authorization, payment, and recording.

a. Authorization, execution, and recording.

30
New cards

Which responsibility should not be assigned to only one employee?

a. Access to securities.

b. Custody of the cash working fund.

c. Reconciliation of the bank statement.

d. Custody of tools and equipment.

a. Access to securities.

31
New cards

Which activity would be least likely to strengthen internal control?

a. Maintaining insurance for fire and theft.

b. Separating accounting from other financial operations.

c. Fixing responsibility for employee duties.

d. Carefully selecting and training employees.

a. Maintaining insurance for fire and theft.

32
New cards

The audit committee of a publicly held company should generally be composed of

a. Members of the board of directors who are not officers or employees.

b. Representatives of major equity interests.

c. The audit partner, CFO, legal counsel, and an outsider.

d. Representatives of management, investors, suppliers, and customers.

a. Members of the board of directors who are not officers or employees.

33
New cards

When considering internal control, the auditor's primary concern is to determine

a. The reliability of the accounting information system.

b. The possibility of fraud occurring.

c. Compliance with company policies.

d. The type of opinion to issue.

a. The reliability of the accounting information system.

34
New cards

The CPA's primary objective in considering internal control is to provide

a. A basis for reliance on the system and determining the scope of other auditing procedures.

b. Reasonable protection against fraud.

c. Suggestions for improving internal control.

d. Assurance that the financial statements are reliable.

a. A basis for reliance on the system and determining the scope of other auditing procedures.

35
New cards

When an auditor assesses control risk below the maximum level, the auditor is required to document

Basis for concluding that control risk is below the maximum level, Understanding of the entity’s internal control structure elements

a. Yes, Yes

b. No, No

c. Yes, No

d. No, Yes

a. Yes, Yes

36
New cards

The proper sequence of gathering audit evidence is

a. Substantive tests → Documentation → Tests of controls.

b. Documentation of control structure → Tests of controls → Substantive tests.

c. Documentation → Substantive tests → Tests of controls.

d. Tests of controls → Documentation → Substantive tests.

b. Documentation of control structure → Tests of controls → Substantive tests.

37
New cards

In obtaining an understanding of internal control, the auditor is required to obtain knowledge about the

Operating effectiveness of policies and procedures, Design of policies and procedures

a. Yes, Yes

b. No, Yes

c. Yes, No

d. No, No

b. No, Yes

38
New cards

Which audit technique provides the most assurance about the effectiveness of internal control?

a. Confirmation.

b. Observation of client personnel.

c. Recomputation of account balance.

d. Inquiry.

b. Observation of client personnel.

39
New cards

The correct order of the following procedures is:

A = Tests of Controls

B = Preparation of Flowchart

C = Substantive Tests

a. ABC

b. BAC

c. ACB

d. BCA

b. BAC

40
New cards

After concluding that internal control is well designed and functioning effectively, the auditor would most likely

a. Cease substantive tests.

b. Not increase the extent of planned substantive tests.

c. Increase analytical procedures.

d. Perform all tests of controls originally planned.

b. Not increase the extent of planned substantive tests.

41
New cards

After considering internal control, an auditor might decide to

a. Increase both tests of controls and substantive tests where controls are strong.

b. Increase substantive tests where controls are weak.

c. Reduce tests of controls where controls are strong.

d. Reduce both tests of controls and substantive tests where controls are strong.

b. Increase substantive tests where controls are weak.

42
New cards

To obtain an understanding of the relevant policies and procedures of internal control, the auditor performs all of the following except

a. Make inquiries.

b. Design substantive tests.

c. Make observations.

d. Inspect documents and records.

b. Design substantive tests.

43
New cards

In an auditor's consideration of internal control, the completion of an internal control questionnaire is most closely associated with

a. Separation of duties.

b. Understanding the system.

c. Flowchart accuracy.

d. Tests of controls.

b. Understanding the system.

44
New cards

Before relying on the system of internal control, the auditor obtains reasonable assurance that the procedures are operating as planned by performing

a. Substantive tests.

b. Tests of controls.

c. Transaction tests.

d. Tests of trends and ratios.

b. Tests of controls.

45
New cards

After obtaining an understanding of a client's controls, an auditor may decide to omit tests of controls. Which of the following is not an appropriate reason?

a. The controls duplicate other controls.

b. The controls appear adequate.

c. Reportable conditions preclude assessing control risk below maximum.

d. The effort to test controls exceeds the effort saved by reducing substantive tests.

b. The controls appear adequate.

46
New cards

A material weakness in internal control may be defined as a condition in which material errors or irregularities may occur and not be detected within a timely period by

a. An independent auditor.

b. Management when reviewing interim financial statements.

c. Employees in the normal course of performing their assigned functions.

d. Outside consultants.

c. Employees in the normal course of performing their assigned functions.

47
New cards

Internal control procedures are not designed to provide reasonable assurance that

a. Transactions are executed in accordance with management's authorization.

b. Access to assets is permitted only in accordance with management's authorization.

c. Irregularities will be eliminated.

d. Recorded accountability is compared with existing assets.

c. Irregularities will be eliminated.

48
New cards

A secondary purpose of the auditor's consideration of internal control is to provide

a. A basis for assessing control risk.

b. Assurance that records comply with company policies.

c. A basis for constructive suggestions about improvements in internal control.

d. A basis for determining the extent of audit procedures.

c. A basis for constructive suggestions about improvements in internal control.

49
New cards

The auditor's review of the client's internal control is documented to substantiate

a. Conformity with GAAP.

b. Adherence to management requirements.

c. Compliance with generally accepted auditing standards.

d. Fair presentation of the financial statements.

c. Compliance with generally accepted auditing standards.

50
New cards

A consideration of internal control during an audit is usually not sufficient to express an opinion because

a. Weaknesses may go unnoticed.

b. Internal control is not always considered.

c. Only those controls on which the auditor intends to rely are reviewed, tested, and evaluated.

d. Controls can change each year.

c. Only those controls on which the auditor intends to rely are reviewed, tested, and evaluated.

51
New cards

The accountant's report expressing an opinion on internal controls should state that

a. Internal control objectives are being met.

b. Internal control was evaluated under GAAS.

c. Establishment and maintenance of internal control is the responsibility of management.

d. Inherent limitations were examined.

c. Establishment and maintenance of internal control is the responsibility of management.

52
New cards

The primary objective of procedures performed to obtain an understanding of internal control is to provide

a. Audit evidence to reduce detection risk.

b. A basis to modify tests of controls.

c. Knowledge necessary to plan the audit.

d. Information necessary to prepare flowcharts.

c. Knowledge necessary to plan the audit.

53
New cards

Which of the following is not part of the control environment?

a. Management philosophy and operating style.

b. Organizational structure and assignment of authority.

c. Information and communication systems.

d. The function of the board of directors and its committees.

c. Information and communication systems.

54
New cards

When obtaining an understanding of the accounting and internal control system, tracing a few transactions through the accounting system is called

a. Reperformance test.

b. Walk-through test.

c. Test of transactions.

d. Validity test.

b. Walk-through test.

55
New cards

Which of the following least likely affects the nature, timing, and extent of procedures performed to obtain an understanding of internal control?

a. Materiality considerations.

b. The auditor's assessment of inherent risk.

c. The level of acceptable detection risk.

d. The size and complexity of the entity.

c. The level of acceptable detection risk.

56
New cards

The evaluation of deviations observed during tests of controls

a. May require more understanding of controls.

b. May require more extensive tests of controls.

c. Always requires documentation of the assessment basis.

d. May require modification of the nature, timing, and extent of planned substantive procedures.

d. May require modification of the nature, timing, and extent of planned substantive procedures.

57
New cards

The following statements are true about observation used as a test of controls, except

a. The auditor may supplement his observations with other tests of control capable of providing audit evidence.

b. Audit evidence obtained by doing observation pertains only to the point in time at which the procedure was applied.

c. Observation of who applies a control procedure is useful as a test of control procedures when evaluating control effectiveness of both computerized and manual system

d. Ordinarily, making inquiries provides more reliable audit evidence than doing observation when testing segregation of functional responsibilities.

d. Ordinarily, making inquiries provides more reliable audit evidence than doing observation when testing segregation of functional responsibilities.

58
New cards

Tests of controls may include the following, except

a. Reperformance.

b. Inquiry and observation.

c. Inspection of documentary evidence.

d. Analytical procedures comparing operating expenses with budget.

d. Analytical procedures comparing operating expenses with budget.

59
New cards

Tests of controls are performed to obtain audit evidence about the effectiveness of the

a. Operation of controls at the time of testing.

b. Operation of controls in eliminating fraud.

c. Design of controls in eliminating fraud.

d. Design of the accounting and internal control systems.

d. Design of the accounting and internal control systems.

60
New cards

The auditor should consider whether the assessment of control risk is confirmed

a. After obtaining an understanding of internal control.

b. After completing tests of controls.

c. Before completing the audit program.

d. Upon the conclusion of the audit, based on substantive procedures and other audit evidence.

d. Upon the conclusion of the audit, based on substantive procedures and other audit evidence.

61
New cards

Which of the following is least likely considered by the auditor when determining the significance of service organization activities?

a. Terms of contract and relationship between the client and the service organization.

b. The material financial statement assertions that are affected by the use of the service organization.

c. Client's internal controls that are applied to the transactions processed by the service organization.

d. The control policies and procedures of the client of requiring that all payments for goods and services be supported by receiving reports.

d. The control policies and procedures of the client of requiring that all payments for goods and services be supported by receiving reports.

62
New cards

When the auditor considers that the service organization activities are significant to the client and relevant to the audit and he concludes that it would be efficient to obtain audit evidence from tests of control to support an assessment of control risk at a lower level. Such evidence may be

obtained by, except

a. Performing tests of the client's controls over activities of the service organization.

b. Obtaining a service organization auditor's report that expresses an opinion as to the operating effectiveness of the service organization's accounting and internal control systems for the processing applications relevant to the audit.

c. Visiting the service organization and performing tests of control.

d. Review the service contract between the client and the service organization.

d. Review the service contract between the client and the service organization.

63
New cards

Which statement is incorrect regarding the client auditor’s use of service organization auditor’s report?

a. When using a service organization auditor’s report, the client auditor should consider the nature of and content of that report.

b. The client auditor should consider the scope of work performed by the service organization auditor and should assess the usefulness and appropriateness of reports issued by the service organization auditor.

c. When a Type B report is to be used as evidence to support a lower control risk assessment, a client auditor would consider whether the controls tested by the service organization auditor are relevant to the client's transactions (significant assertions in the client's financial statements) and whether the service organization auditor's tests of control and the results are adequate.

d. Since Type A reports may be useful to a client auditor in gaining the required understanding of the accounting and internal control systems, an auditor may use such reports as a basis for reducing the assessment of control risk.

d. Since Type A reports may be useful to a client auditor in gaining the required understanding of the accounting and internal control systems, an auditor may use such reports as a basis for reducing the assessment of control risk.

64
New cards

Which of the following is the least concern of the client auditor in reviewing the service auditor's report?

a. Accuracy of the description of the system.

b. Controls have been placed in operation.

c. Controls are suitably designed.

d. The type of documentation used by the service organization.

d. The type of documentation used by the service organization.

65
New cards

Which of the following is least likely entitled to the service organization's report?

a. Service organization's management.

b. Service organization's customers.

c. Client's auditors.

d. Service organization's stockholders.

d. Service organization's stockholders.