ch 6 quiz

Auditors obtain an understanding of an entity’s internal control for the primary purpose of:

Determining the nature, extent and timing of subsequent audit procedures to be performed.

An auditor’s primary consideration regarding an entity’s internal controls is whether they

Affect the financial statement assertions.

Which of the following statements about internal control is correct?

The cost-benefit relationship is a primary criterion that should be considered in designing an internal control system.

Internal controls are designed to achieve company objectives in all of the following areas except:

Reduction of debt financing costs.

Internal control is a process designed to provide reasonable assurance regarding the achievement of which objective?

All of the above are correct.

Which of the following is not one of the five major components of internal control?

Human resource background checks.

Monitoring is a major component of the COSO Internal Control—Integrated Framework. Which of the following is not correct in how the company can implement the monitoring component?

The independent auditor can serve as part of the entity’s control environment and continuous monitoring.

Which of the following is a proper reason for not conducting tests of controls?

The procedures require more audit effort than the projected benefits to be obtained from lowering the control risk.

After obtaining an understanding of an entity’s internal control system, an auditor may set control risk at high for some assertions because he or she

Believes the internal controls are unlikely to be effective.

Regardless of the assessed level of control risk, an auditor would perform some

Substantive procedures to restrict detection risk for material transaction classes.

With preliminary control risk assessments set at high, auditors are likely to:

Complete little or no tests of controls.

Which of the following represents the correct sequence of audit steps that come after first obtaining an understanding and documenting the entity’s internal control?

Assess control risk, test of controls, reassess control risk, determine extent of substantive testing.

A reliance strategy is chosen when the auditor:

Both A) and C).

Understanding each of the components of internal control provides knowledge about:

Both A) and C).

The effectiveness of internal control is reduced by:

Human errors or mistakes.

Which of the following statements regarding auditor documentation of the entity’s internal control is correct?

The auditor’s assessment of the level of control risk can be documented using a structured working paper, an internal control questionnaire or a memorandum.

In order to be able to set control risk at a lower level, the auditor must do all of the following except:

Identify all general IT controls.

Assessing control risk below high involves all of the following except

Concluding that controls are ineffective.

Which of the following audit techniques would most likely provide an auditor with the most assurance about the effectiveness of the operation of a control?

Reperformance of the control by the auditor.

The highest-quality and most reliable audit evidence that segregation of duties is properly implemented is obtained by

Observation by the auditor of the employees performing control activities.

An auditor may need to obtain a service auditor’s report when an entity receives accounting services such as payroll from a service organization. Which of the following statements is true regarding this service audit report?

It should include an opinion.

Type 2 reports by the service organization’s auditor typically

Assess whether the service organization’s controls are suitably designed and operating effectively.

Significant deficiencies in internal control are matters that come to an auditor’s attention that should be communicated to those charged with governance because they represent

Significant deficiencies in the design or operation of the internal control.

A primary advantage of using generalized audit software packages to audit the financial statements of an entity that uses an IT system is that the auditor may

Access information stored on computer fi les while having a limited understanding of the entity’s hardware and software features.

Which of the following is not considered a general control?

Reconciliation of payroll record count with the number of active employees.

An auditor anticipates assessing control risk at a low level in an IT environment. Under these circumstances, on which of the following controls would the auditor initially focus?

General controls.

An auditor’s flowchart of an entity’s accounting system is a diagrammatic representation that depicts the auditor’s

Understanding of the system.