Exam 2 Ch 5-9

The inspection of a vendor's invoice by the auditors is:

a. Direct evidence about occurrence of a transaction
b. Physical evidence about occurrence of a transaction
c. Documentary evidence about occurrence of a transaction
d. Part of the client's accounting system

c. Documentary evidence about occurrence of a transaction

Which of the following best describes the reason that auditors are concerned with the detection of related party transactions?

a. The financial statements must often be adjusted for the effects of material-related party transactions.
b. Material-related party transactions must be disclosed in the notes to the financial statements.
c.The substance of related party transactions will differ from their form.
d.In a related party transaction, one party has the ability to exercise significant influence over the other party.

b.Material related party transactions must be disclosed in the notes to the financial statements.

Which of the following is generally true about the sufficiency of audit evidence?

a. The amount of evidence that is sufficient varies inversely with the acceptable risk of material misstatement.
b. The amount of evidence concerning a particular account varies inversely with the materiality of the account.
c.The amount of evidence concerning a particular account varies inversely with the inherent risk of the account.
d. When evidence is appropriate with respect to an account it is also sufficient.

a. The amount of evidence that is sufficient varies inversely with the acceptable risk of material misstatement.

During an audit engagement pertinent data are prepared and included in the audit working papers. The working papers primarily are considered to be:

a. A client-owned record of conclusions reached by the auditors who performed the engagement
b.Evidence supporting financial statements.
c. Support for the auditors' representations as to compliance with generally accepted auditing standards
d. A record to be used as a basis for the following years engagement

c. Support for the auditors' representations as to compliance with generally accepted auditing standards

The permanent file section of the working papers that is kept for each audit client most likely contains:

a. Review notes pertaining to questions and comments regarding the audit work performed.
b. A schedule of time spent on the engagement by each individual auditor.
c. Correspondence with the client's legal counsel concerning pending litigation.
d. Narrative descriptions of the client's accounting procedures and controls.

d. Narrative descriptions of the client's accounting procedures and controls.

During financial statement audits, auditors seek to restrict which type of risk?

a. Control
b. Inherent
c. Detection
d. Account

c. Detection

In auditing an asset valued at fair value, which of the following potentially provides the auditor with the strongest evidence?

a. A price for a similar asset obtained from an active market.
b. An appraisal obtained discounting future cash flows.
c. Management's judgment of the cost to purchase an equivalent asset.
d. The historical cost of the asset

a. A price for a similar asset obtained from an active market.

Which of the following is true about analytical procedures?


a. Performing analytical procedures results in the most reliable form of evidence.
b. Analytical procedures are tests of controls used to evaluate the quality of a client's internal control.
c. Analytical procedures are used for planning, but they should not be used to obtain evidence as to the reasonableness of specific account balances.
d. Analytical procedures are used in risk assessment, as a substantive procedure for specific accounts, and near the completion of the audit of the audited financial statements.

d. Analytical procedures are used in risk assessment, as a substantive procedure for specific accounts, and near the completion of the audit of the audited financial statements.

The audit time budget is an example of:

a. A supporting schedule
b. An administrative working paper
c. A lead schedule
d. A corroborative working paper

b. An administrative working paper

An independent auditor finds that the Simmer Corporation occupies office space, at no charge, in an office building owned by a shareholder. This finding indicates the existence of:

a. Management fraud.
b. Related party transactions.
c. Window dressing
d. Weak internal control

b. Related party transactions.

Which of the following factors would most likely cause a CPA to decide not to accept a new audit engagement?

a. Lack of understanding of the potential client's internal auditors' computer-assisted audit techniques.
b. Management's disregard for internal control.
c. The existence of difficult to audit transactions.
d. Management's goal to meet earnings per share growth rate targets

b. Management's disregard for internal control.

To best test existence, an auditor would sample from the:

a. General ledger to source documents.
b. General ledger to the financial statements.
c. Source documents to the general ledger.
d. Source documents to journals

a. General ledger to source documents.

An auditor selects a sample from the file of shipping documents to determine whether invoices were prepared. This test is performed to satisfy the audit objective of:

a. Existence
b. Completeness
c. Accuracy
d. Control

b. Completeness

Audits of financial statements are designed to obtain reasonable assurance of detecting material misstatements due to:

a. Errors and Missappropriation of Assets
b. Errors only
c. Missappropriation of assets only
d. None of the above

a. Errors and Missappropriation of Assets

The risk of a material misstatement occurring in an account, assuming an absence of internal control, is referred to as:

a. Account Risk
b. Control Risk
c. Detection Risk
d. Inherent Risk

d. Inherent Risk

Which of the following is an example of fraudulent financial reporting?

a. Company management falsifies inventory count tags thereby overstating ending inventory and understating cost of goods sold.
b. An employee diverts customer payments to his personal use, concealing his actions by debiting an expense account, thus overstating expenses.
c. An employee steals inventor and the "shrinkage" is recorded in cost of goods sold.
d. An employee "borrows" tools from the company and neglects to return them; the cost is reported as a miscellaneous operating expense.

a. Company management falsifies inventory count tags thereby overstating ending inventory and understating cost of goods sold.

A successor auditor is required to attempt communication with the predecessor auditor prior to:

a. Testing Internal Controls
b. Testing beginning balances for the current year.
c. Making a proposal for the audit engagement.
d. Accepting the engagement

d. Accepting the engagement

Which of the following statements is correct regarding the auditor's determination of materiality?

a. The planning level of materiality should normally be the larger of the amount considered for the balance sheet versus the income statement.
b. The auditors' planning level of materiality may be disaggregated into smaller "tolerable misstatements" for the various accounts.
c. Auditors may use various rules of thumb to arrive at an evaluation level of materiality, but not for determining the planning level of materiality.
d. The amount used for the planning should equal that used for evaluation

b. The auditors' planning level of materiality may be disaggregated into smaller "tolerable misstatements" for the various accounts.

Determining that receivables are presented at net-realizable value is most directly related to which management assertion?

a. Existence
b. Rights and Obligations
c. Valuation
d. Presentation and disclosure

c. Valuation

Preliminary arrangements agreed to by the auditors and the client should be reduced to writing by the auditors. The best place to set forth these arrangements is in:

a. A memorandum to be placed in the permanent section of the auditing working papers.
b. An engagement letter
c. A representation letter
d. A confirmation letter attached to the constructive services letter

b. An engagement letter

What are the 6 financial statement assertions?

1. Existence and Occurrence
2. Rights and Obligation
3. Completeness
4. Cutoff
5. Valuation, Allocation, and Accuracy
6. Presentation and Disclosure

1. Existence and Occurrence

Assets, liabilities, and equity interests exist and recorded transaction and events have occurred

2. Rights and Obligation

The company holds rights to the assets, and liabilities are the obligations of the company

3. Completeness

All assets, liabilities, equity interested, and transactions that should have been recorded have been recorded

4. Cutoff

Transactions and events have been recorded in the correct accounting period

5. Valuation, Allocation, and Accuracy

All transactions, assets, liabilities, and equity interests are included in the financial statements at a proper amounts

6. Presentation and Disclosure

Accounts are described and classified in accordance with GAAP, and financial statement disclosures are complete, appropriate, and clearly expressed

Audit Risk formula

AR = IR X CR X DR

Risk of Material Misstatement

The combination of inherent ricks and control risk

RMM = IR X CR

Detection Risk

The only risk that the auditor has control over. We can reduce detection risk by increasing the nature and extent of our audit procedures

Illustration of Audit Risk

Identify and review each aspect

Test of Controls

Are designed to test the operating effectiveness of controls in preventing or detecting material misstatements

Substantive Procedures

Are designed to detect material misstatements of relevant assertions. Substantive procedures include (a) analytical procedures and (b) test of details of account balances, transactions, and disclosures

What is a Representation Letter?

A single letter or separate letters prepared by the officers of the client company at the auditor's request setting forth certain representations about the company's financial position or operations.

Summarizes the most important oral representations made by management during the engagement

Tests of controls do not ordinarily address:

a. How a control was applied.
b. The cost effectiveness of the control.
c. By whom the control was applied.
d. The consistency with which a control was applied

b. The cost effectiveness of the control.

Which of the following is not considered one of the five major components of internal control?

a. Risk Assessment
b. Segregation of duties
c. Control Environment
d. Information and Communication System

b. Segregation of duties

The Sarbanes-Oxley Act of 2002 requires that the audit committee:

a. Require that the company's CPA firm rotate the partner in charge of the audit.
b. Review the level of management compensation.
c. Be directly responsible for the appointment, compensation and oversight of the work of the CPA firm.
d. Annually reassess control risk using information from the CPA firm.

c. Be directly responsible for the appointment, compensation and oversight of the work of the CPA firm.

When tests of controls reveal that controls are operating as anticipated, it is most likely that the assessed level of control risk will:

a. Be less than the actual control risk
b. Equal to the preliminary assessed level of control risk.
c. Equal the actual control risk.
d. Less than the preliminary assessed level of control risk

b. Equal to the preliminary assessed level of control risk.

During financial statement audits, the auditors' consideration of their clients' internal control is integral to both assess the risk of material misstatement and to:

a. Assess compliance with the Foreign Corrupt Practices Act.
b. Design further audit procedures.
c. Assess inherent risk.
d. Provide a reasonable basis for an opinion on compliance with applicable laws.

b. Design further audit procedures.

Which of the following is not a responsibility that should be assigned to a company's internal audit department?

a. Evaluating internal control.
b. Reporting on the effectiveness of operating segments.
c. Investigating potential merger candidates.
d. Approving disbursements

d. Approving disbursements

Which of the following is an advantage of describing internal control through the use of a standardized questionnaire?

a. Questionnaires are more flexible than other methods of describing internal control.
b. Questionnaires usually identify situations in which internal control weaknesses are compensated for by other strengths in the system.
c. Questionnaires provide a clearer and more specific portrayal of a client's system than other methods of describing internal control.
d. Questionnaires highlight weaknesses in the system.

d. Questionnaires highlight weaknesses in the system.

If the auditors' assessment of the design of internal control reveals that it cannot be relied upon, the auditors are not required to prepare any documentation of internal control for their working papers.

a. False
b. True

a. False

An integrated audit performed under Section 404b of the Sarbanes-Oxley Act addresses financial statements and:

a. Compliance with laws.
b. Suitable criteria.
c. Internal control over asset safeguarding.
d. Internal control over financial reporting.

d. Internal control over financial reporting.

Which of the following is generally not true about statistical sampling as compared to nonstatistical sampling?

a. Statistical sampling may assist the auditors in designing more efficient samples.
b. Statistical sample plans involve additional costs of evaluation.
c. Statistical samples are more representative of the population.
d. Statistical sampling allows a more objective evaluation of sample results

c. Statistical samples are more representative of the population.

When the auditors have chosen to test a control, what relationship will the tolerable rate normally have when compared to the expected rate of deviations in the sample?

a. Exceed
b. Indefinite
c. Equal
d. Be less than

a. Exceed

The auditors expect a population deviation rate of billing errors of two percent, and have established a tolerable rate of five percent. The sampling approach most likely to be used is:

a. Attributes sampling.
b. Stratified sequential sampling.
c. None, as sampling does not seem appropriate in this situation.
d. Discovery sampling

a. Attributes sampling.

The auditors' failure to recognize a misstatement in an amount or a deviation in an internal control data processing procedure is described as a:

a. Nonsampling error.
b. Sampling misstatement.
c. Statistical error.
d. Standard error of the mean.

a. Nonsampling error.

During the final planning of the accounts receivable program a CPA specified a tolerable misstatement of $30,000, instead of the $20,000 contained in the preliminary audit program. What would be the impact of this change?

a. A decrease in population standard deviation.
b. A decrease in the required sample size.
c. An increase in sample standard deviation.
d. An increase in required sample size.

b. A decrease in the required sample size.

Stratification of the population generally results in a more efficient sampling plan.

a. True
b. False

a. True

The definition of a "deviation" for a test of a control should include only those deviations that result in misstatements in the financial statements.

a. True
b. False

b. False

Using ratio and difference estimation for a sample is an example of a dual purpose test.

a. True
b. False

b. False

Which of the following procedures would an entity most likely include in its disaster recovery plan?

a. Convert all data from external formats to an internal company format.
b. Store duplicate copies of files in a location away from the computer center.
c. Develop an auxiliary power supply to provide uninterrupted electricity.
d. Maintain a program to prevent illegal activity

b. Store duplicate copies of files in a location away from the computer center.

Which of the following is not a data transmission control?

a. File labels.
b. Data encryption.
c. Echo checks.
d. Parity checks.

a. File labels.

Which of the following personnel is responsible for determining the computer processing needs of the various users?

a. The computer operator
b. The systems analyst
c. The systems programmer
d. The application programmer

b. The systems analyst

The best method of achieving internal control over advanced IT systems is through the use of:

a. Batch controls.
b. Controls written into the computer system.
c. Documentation controls.
d. Equipment controls

b. Controls written into the computer system.

An example of an access control is a:

a. Read only memory.
b. Test facility.
c. Check digit.
d. Password

d. Password

Software that is designed to disable or damage computer systems or data is referred to as:

a. Malfeasance.
b. Cloud.
c. Malware.
d. Improper programming intelligence.

c. Malware.

Smith Corporation has numerous customers. Customer files are kept on disk storage. Each account in the customer file contains name, address, credit limit, and account balance. The auditor wishes to test these files to determine whether

a. Use generalized audit software to develop test data that would cause some account balance to exceed the credit limit and determine if the system properly detects such situations.
b. Request a printout of a sample of account balances so they can be individually checked against the credit limits.
c. Use generalized audit software to compare credit limits with account balances and print out the details of any account with a balance exceeding its credit limit.
d. Require a printout of all account balances so they can be manually checked against the credit limits

c. Use generalized audit software to compare credit limits with account balances and print out the details of any account with a balance exceeding its credit limit.

A control feature in a computer application program that involves comparing a customer number to the customer database:

a. Validity Test
b. Authorization Test
c. Limit Test
d. Check digit Tes

a. Validity Test

Analytical procedures

Involve evaluations of financial statement information by a study of relationships among financial and nonfinancial data. Involves comparisons of f/s balances and ratios for the CY under audit to PY audit.

When do we use analytical procedures in an audit?

To assist the auditor in planning the nature, timing, and extent of other auditing procedures. As a substantive test to obtain evidential matter about particular assertions related to account balances or classes of transactions.

What are sources of information for analytical procedures?

1. Financial information for comparable prior periods.
2. Anticipated results, such as budgets and forecasts.
3. Relationships among elements of financial information within a period.
4. Information derived from similar firms in the same industry, such as industry averages.
5. Relationships between financial information and relevant nonfinancial information

What are different types of analytical procedures?

- Trend Analysis
- Regression Analysis
- Reasonableness tests
- Ratio Analysis: liquidity, leverage, profitability, and activity ratios

Related Party Transactions

Refers to individuals or entities who may have dealings with the client in which one party is significantly influenced by the other such that is may not pursue in separate interests

Ex. officers, directors, principal owners, and members of their immediate families; affiliated companies, such as subsidiaries

Ex. A corporation buys a parcel of real estate from one of its executive officers

What are working papers (workpapers)?

The record of the audit procedures performed, relevant audit evidence obtained, and the conclusions the auditors reach

Administrative Workpapers

Include audit plans, internal control questionnaires and flowcharts, engagement letters, and time budgets.

Memoranda of the planning process and significant discussions with client management

Lead Schedules

Set up to combine similar general ledger accounts, the total of which appears on the working trial balance as a single amount

Permanent File

Serves three purposes:
1. To refresh the auditors' memories on items applicable over a period of many years
2. To provide new staff members with a quick summary of the policies and organization of the client
3. To preserve working papers on items that show relatively few or no changes, thus eliminating the necessity for their preparation year after year.

Ex. Articles of Incorporation

Current File

Then auditors report for a particular year is supported by this.

It is used to maintain audit documentation specific to the current year and would not necessarily be useful in future audits. This would include audit reports, financial statements, representation letters, etc.

Client Acceptance

Management ethics and proper internal controls are key factors. New auditors are required to contact predecessor auditors to confirm that the company is not "opinion shopping", rom to determine other issues.

New auditors must determine that it is independent with regard to the client, and has the necessary resources and expertise to complete the audit

What is the Audit Process?

1. Plan the audit
2. Obtain an understanding of the client and its environment, including internal controls
3. Assess the risks of misstatement and design further audit procedures
4. Perform further audit procedures
5. Complete the audit
6. Form an opinion and issue the audit report

1. Plan the Audit

Planning the audit really involves the first three steps, things learned in 2 and 3 will cycle back and impact this step.

- Identify the type of financial statements to be issued
- Identify any additional regulatory reports required
- Timing of the engagement (when are the reports due?)
- Staffing, time budget, etc.
- Engagement letter signed

Engagement Letter

A contract between the auditor and the client. Typically contains a (1) the objective and scope of the audit, (2) auditor and management responsibilities, (3) inherent limitations of the audit, (4) the applicable financial reporting framework, and (5) the expected form and content of the reports to be issued by the auditors

*May also include a billing method (often with an estimate of total fee), and if any specialists may need to be hired

2. Obtain an understanding of the client and its environment, including internal controls

The gathering of sufficient background information to assess the risks of material misstatement of the F/S and to design the nature, timing, and extent of further audit procedures

- Review of prior working papers (perhaps provided by a predecessor auditor)
- Inquires of management
- Completion of planning checklists
- Analytical procedures
- Information about the BUSINESS RISKS (nature of client, industry, regulatory, internal
control, macroeconomic issues, etc.)
- Tour of facilities
- Determining Materiality (the amount that would make a difference to a user)

3. Assess the risks of misstatement and design further audit procedures

- AUDIT RISK
- Identify the risks
- Relate the risks to what can go wrong at the relevant assertion level
- Consider whether the risks could result in a material misstatement
- Consider the likelihood that the risks could result in a material misstatement.
- Consider the RMM due to Fraud
- Design audit procedures

Audit Risk

The risk that auditors will fail to modify their report, when the financial statements are in fact materially misstated

Defalcation

Primarily refers to an act committed by professionals who are in charge of handling money or other resources. This typically entails the theft, misuse, or misappropriation of money or funds held by an official trustee, or other senior-level fiduciary. As such, it's considered a form of embezzlement, either through the misallocation of funds, or the failure to account for received funds

*May not rise to the level of fraud (difference)

Management Fraud

Is a crime that occurs when someone intentionally misleads the public, including investors, by up financial statements.

*difference of Defalcation is the intention

What is the auditor’s responsibility when Fraud is detected?

The auditor has a responsibility to plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement, whether caused by error or fraud.

1. A modification in approach having an overall effect on how the audit is conducted
2. An alteration in the nature, timing, and extent of the procedures performed
3. Performance of procedures to further address the risk of management override of internal control

4. Perform further audit procedures

Substantive procedures to test details of an account and lower risk

COSO

Internal control is a process to provide reasonable assurance about the internal control objectives:

1. Reliability of financial reporting (this is the part we focus on in a f/s audit)
2. Effectiveness and efficiency of operations
3. Compliance with applicable laws and regulations (this is also considered in a f/s audit)

Types of Controls

1. Preventative
2. Detective
3. Corrective

*These controls can overlap (complementary, redundant, and/or compensating)

Preventative Controls

Aimed at avoiding the occurrence of misstatements in the financial statements BEFORE it happens.

*Often operate at the individual transaction level

Ex. segregation of duties or requiring approval of period-ending journal entries

Detective Controls

Designed to discover misstatements AFTER they have occurred.

*Operate at the transaction level or at a higher level

Ex. preparation of monthly bank reconciliations

Corrective Controls

When detective controls discover a misstatement this is needed to remedy the situation.

Ex. Copies of key transactions and master files to allow the correction of data entry errors

What control is this an example of?

Annual physical inventory

Detective

What control is this an example of?

Mostly reconciliation of bank accounts

Detective

What control is this an example of?

Segregation of duties over purchasing

Preventative

What control is this an example of?

Supervisory approval of time cards

Preventative

What control is this an example of?

Dual signatures for checks

Preventative

What control is this an example of?

Adjustment of perpetual inventory records to physical counts

Corrective

What control is this an example of?

Management review of budget/actual information

Detective

Complementary Controls

Are in function together to achieve the same control objective

Redundant Controls

They address the same financial statement assertion or control objective

Compensating Controls

Reduces the risk that an existing or potential control weakness will result in a misstatement, when a control cannot be met

5 Components of an Internal Control System

Control Activities
Risk assessment
Information System
Monitoring of Controls
Environment

Control Activities

Policies and procedures that help mitigate the risk that organizations objectives are not met. (page 266)

Ex. Performance reviews, info processing controls, physical controls, segregation of duties

Risk Assessment

Management process for identifying, analyzing, and responding to such risks. (page 265)

Information System

Needed at all levels of an organization to assist management in meeting the organization's objectives. (page 269)

Ex. Identify and record valid transactions, a timely basis, proper period with the correct value

Monitoring

Assessing the quality of internal control performance over time. (page 270)

Ex. Ongoing; regularly performed supervisory and management activities. Separate evaluation; performed on non routine basis