Flashcards in Audit 18 Deck (18)
What test of control would you use to test if employees are properly signing a log when accessing a computer system
Inspection of the log - and if possible compare the log to the records of computer usage
Identify the correct statement(s) regarding analytical procedures conducted while obtaining an understanding of the entity and its environment, including its internal controls, during an audit:
I. Analytical procedures conducted while obtaining an understanding of the entity and its environment are considered risk assessment procedures and are required.
II. As a planning analytical procedure an auditor may plan walkthroughs of internal control processes in order to gather information for risk assessment on the client’s internal control environment.
III. As a planning analytical procedure an auditor may develop an expectation for the current period’s net income on the basis of the client’s interim forecasts and interim financial statements
III - /One analytical procedure may involve developing an expectation of the entity’s net income for the period, which may involve reviewing the client’s forecasts and interim financial statements, and comparing that amount to reported net income to determine, at the highest level, if it appears as if there is a high risk that the financial statements are materially misstated
What assertion do you test when examining repairs and maintenance equipment accounts
When there has been a change in accounting principles, but the effect of the change on the comparability of the financial statements is not material, the auditor should
Not refer to the change in an explanatory paragraph
Which of the following procedures would be most appropriate for testing the completeness assertion as it applies to inventory?
Performing cutoff procedures for shipping and receiving
When an auditor is to conduct an audit of a service organization, what considerations should the auditor make in planning regarding internal controls of the organization?
The auditor should obtain an understanding of the effect of the user organization upon the service organization.
When unaudited financial statements of a nonpublic entity are presented in comparative form with audited financial statements in the subsequent year, the unaudited financial statements should be clearly marked to indicate their status and
I. The report on the unaudited financial statements should be reissued.
II. The report on the audited financial statements should include a separate paragraph describing the responsibility assumed for the unaudited financial statements.
Either I or II.
For an issuer (public) company audit of internal control, walkthroughs provide the auditor with primary evidence to
Evaluate the effectiveness of the design of controls and confirm whether controls have been implemented.
this is effectiveness of the design - NOT the effectiveness of the control -
going concern issues are inadequately disclose - what two opinions can you express
qualified or adverse
If you discover fraud EVEN if it is immaterial - what do you have to do
Report the fraud to those charged with governance
There is no materiality threshold in determining when awareness or suspicion of fraud must be communicated by the auditor to management and/or those charged with governance, which in smaller entities could be equivalent. In any circumstance where fraud is either detected or suspected, the auditor is required to communicate it accordingly.
what is an example of how specific internal controls in a database environment differ from control in a non-dtatbase environment
Controls should exist to ensure that users have access to and can update only the data elements that they have been authorized to access.
In a database environment, a wide range of data is stored in a single location to reduce redundancy and improve access. As a result, it is important to establish controls that prevent individuals from accessing data inappropriately. Since different users have different needs and different levels of authority, controls will be unique to individuals or groups of individuals, not the same of every user.
comfort letter is addressed to client's underwrite and signed by
the independent auditor
In reporting on an entity's internal control structure over financial reporting, a practitioner should include a paragraph that describes the
Inherent limitations of any internal control structure.
To ensure that the audit report for an issuer is prepared in accordance with Section 404 of the Sarbanes-Oxley Act of 2002, the report must
Attest to and report on the internal control assessment made by the management of the issuer.
An accountant is required to comply with the provisions of Statements on Standards for Accounting and Review Services when
Reproducing client-prepared financial statements, without modification, as an accommodation to a client.
Preparing standard monthly journal entries for depreciation and expiration of prepaid expenses
Neither I nor II.
The auditor’s opinion of an issuer’s internal control applies as of which date?
The date of the financial statements.
In its annual report to shareholders, Lake Co. included a separate management report that contained an assertion about the effectiveness of its internal control over financial reporting. Lake's auditor is expressing an unqualified opinion on Lake's financial statements but has not been engaged to examine and report on this management assertion. What is the auditor's responsibility concerning such report?
The auditor should read the management report and consider whether it contains any material inconsistencies.