A3 A6 refinement

Why does the auditor perform risk assessment procedures

To identify and assess risks of material misstatement and plan further audit procedures

What three areas must the auditor understand during risk assessment

The entity and its environment the applicable financial reporting framework and internal control

Why are inquiries used during risk assessment

Because management and others provide information about operations controls and risks

Why are analytical procedures used during risk assessment

Because unusual relationships may identify areas with higher risk of misstatement

Why does the auditor review internal and external information during planning

Because outside conditions and internal trends may affect financial reporting risk

Why is risk assessment considered ongoing

Because new evidence may change the auditor's assessment as the audit progresses

Why does the engagement team discuss susceptibility to misstatement

Because discussion promotes professional skepticism and awareness of fraud and error risks

Why must the auditor understand the nature of the entity

Because the type of business affects which accounts and disclosures are likely to be risky

Why must the auditor understand the entity's objectives and strategies

Because business risks can lead to financial statement misstatements

Why must the auditor understand accounting policies

Because inappropriate selection or application can cause material misstatement

Why is understanding financial performance important

Because unexpected results may indicate error fraud or emerging business risk

Why must the auditor understand the information technology environment

Because technology can affect how transactions are initiated processed and reported

Why are external factors part of risk assessment

Because industry regulation economic conditions and supply chain issues can affect risk

What does the consumer price index help measure

Price stability and inflation

Why should auditors understand economic indicators

Because changes in the economy can affect business conditions and audit risk

Why must the auditor understand internal control even without planned reliance

Because internal control affects the assessment of risk of material misstatement

Why must the auditor evaluate design and implementation of controls

Because a control may exist on paper but not be capable of preventing or detecting misstatements

What is the purpose of a walkthrough

To trace a transaction through the system and confirm that controls are actually implemented

Why is inquiry alone insufficient to test controls

Because employees may describe controls that are not actually operating

Why is observation limited as evidence of operating effectiveness

Because it only provides evidence at a single point in time

Why is reperformance strong evidence

Because the auditor independently performs the control or procedure

Why must the auditor identify information technology applications subject to risk

Because weaknesses in systems may lead to material misstatements

What are general information technology controls

Controls over access program changes and information technology operations

What are information processing controls

Controls that help ensure transactions are complete accurate authorized and properly processed

Why can internal control never eliminate all risk

Because management override human error collusion and outside events limit control effectiveness

What is a financial statement level risk

A risk that affects the financial statements as a whole and changes overall audit strategy

What is an assertion level risk

A risk tied to a specific assertion for an account class of transactions or disclosure

Why do financial statement level risks affect staffing and skepticism

Because overall risk changes how the audit is managed and supervised

Why do assertion level risks affect procedure selection

Because specific risks require targeted audit responses

When might the auditor choose a substantive approach

When controls are ineffective nonexistent or inefficient to test

When might the auditor choose a combined approach

When effective controls may allow a reduction in substantive testing

Why are substantive procedures required even when controls are effective

Because direct evidence is still needed for relevant assertions

When are tests of controls performed

When the auditor plans to rely on controls or substantive procedures alone are insufficient

What happens if tests of controls show controls are effective

The auditor may rely on controls and reduce some substantive testing

What happens if tests of controls show controls are ineffective

The auditor tests alternative controls or increases substantive procedures

Why must the auditor consider compensating controls

Because other controls may reduce the risk created by a deficiency

What is a control deficiency

A problem in design or operation that could allow a misstatement to occur or remain undetected

What is a significant deficiency

A deficiency important enough to merit the attention of those charged with governance

What is a material weakness

A deficiency with a reasonable possibility that a material misstatement will not be prevented or detected on a timely basis

Why do control deficiencies often lead to more substantive work

Because weaker controls increase the risk of material misstatement

What are the two types of substantive procedures

Tests of details and substantive analytical procedures

Why are tests of details used

They directly examine transactions balances or disclosures for misstatements

Why are substantive analytical procedures used

They compare recorded amounts with expectations to identify unusual differences

Why are analytical procedures required during planning

They help identify unusual trends and possible risk areas

Why are analytical procedures required during final review

They help the auditor assess whether the financial statements make sense overall

When are analytical procedures most effective as substantive tests

When relationships are predictable and expectations can be developed reliably

Why does tracing test completeness

Because it starts with source documents and checks whether valid items were recorded

Why does vouching test existence or occurrence

Because it starts with recorded amounts and verifies supporting documentation

Why are external confirmations considered strong evidence

Because they provide direct written evidence from an independent third party

When are positive confirmations preferred

When risk is high balances are large or accounts are disputed

Why are negative confirmations less persuasive

Because no response may occur for reasons other than agreement

What should the auditor do when confirmations are not returned

Send follow up requests or perform alternative procedures

Why are oral confirmation responses not sufficient alone

Because they are less reliable than written evidence

Why is external evidence more reliable than internal evidence

Because independent sources are generally less subject to bias or manipulation

Why is evidence obtained directly by the auditor highly reliable

Because the auditor controls how the evidence is gathered

Why is oral evidence least reliable

Because it lacks documentation and is more easily misunderstood or disputed

What does sufficiency of evidence mean

The quantity of audit evidence obtained

What does appropriateness of evidence mean

The relevance and reliability of the evidence obtained

Why may the auditor revise planned procedures after obtaining evidence

Because new evidence may change the assessed risk of material misstatement

What is noncompliance with laws and regulations

An intentional or unintentional act that violates a law or regulation

Who is responsible for compliance with laws and regulations

Management and those charged with governance

What is the auditor responsible for regarding noncompliance

Obtaining reasonable assurance that the statements are free of material misstatement due to noncompliance

What opinion may result from material noncompliance

A qualified opinion or an adverse opinion depending on pervasiveness

What happens if sufficient evidence about suspected noncompliance cannot be obtained

A qualified opinion or disclaimer may be necessary depending on the possible effects

Why are accounting estimates a high risk area

Because they are imprecise and susceptible to management bias

How may the auditor respond to estimate risk

By testing management's process or developing an auditor estimate or range

What must the auditor conclude about an accounting estimate

That it is reasonable and properly recognized measured presented and disclosed

Why are related party transactions risky

They are not arm's length and may indicate fraud risk or misleading presentation

What is management responsible for regarding related parties

Identifying and disclosing related party relationships and transactions

What is the auditor responsible for regarding related parties

Identifying related party transactions encountered and verifying proper disclosure

When should the auditor send a letter of inquiry to attorneys

When audit procedures indicate actual or potential litigation claims or assessments

To what may an attorney properly limit the response

Matters to which the attorney has given substantive attention through consultation or representation

What happens if an attorney refuses to respond

A scope limitation exists and an unmodified opinion is not appropriate

What happens if management refuses to permit attorney inquiry

The auditor should disclaim an opinion or withdraw

What does substantial doubt about going concern mean

There is doubt the entity can continue for a reasonable period of time

What report change is used when going concern doubt remains for a nonissuer

A separate section titled substantial doubt about the entity's ability to continue as a going concern

What is audit sampling

Testing less than the full population and drawing conclusions about the population from the sample

What is sampling risk

The risk that the sample is not representative of the population

What is the risk of incorrect acceptance

Concluding that a balance is fairly stated when it is materially misstated

What is the risk of incorrect rejection

Concluding that a balance is misstated when it is actually fairly stated

What is the risk of assessing control risk too low

Relying on a control that is not actually effective

What is the risk of assessing control risk too high

Performing more substantive testing than necessary

What is the deviation rate in attribute sampling

The error rate found in the sample

What is the tolerable deviation rate

The maximum deviation rate the auditor will accept and still rely on the control

What is the expected deviation rate

The deviation rate the auditor expects before testing the sample

What is the upper deviation rate

The auditor's upper estimate of the population deviation rate based on sample results

How does a higher expected deviation rate affect sample size

It increases sample size

How does a higher tolerable deviation rate affect sample size

It decreases sample size

How does a lower acceptable risk of assessing control risk too low affect sample size

It increases sample size

How does the auditor decide whether to rely on the control in attribute sampling

Compare the upper deviation rate with the tolerable deviation rate

What is tolerable misstatement

The maximum monetary misstatement the auditor is willing to accept in an account balance or class of transactions

What is expected misstatement

The amount of misstatement the auditor expects before sampling

What is projected misstatement

The estimated misstatement in the population based on the sample results

How does higher expected misstatement affect sample size

It increases sample size

How does higher tolerable misstatement affect sample size

It decreases sample size

How does higher population variability affect sample size

It increases sample size

What is probability proportional to size sampling

A sampling method that gives larger recorded amounts a greater chance of selection

Why are items larger than the sampling interval automatically selected

Because they are individually significant and more likely to contain material misstatement

Why do qualitative factors matter when evaluating errors

Because fraud or unusual circumstances may be significant even if the amount is small

What is a dual purpose sample

A single sample used to test both controls and details