Auditing and Attestation 5

Class Questions
1. CPA-02588
For which of the following audit tests would an auditor most likely use attribute sampling?
a.
b.
c.
d.

Selecting accounts receivable for confirmation of account balances.

Inspecting employee time cards for proper approval by supervisors.
Making an independent estimate of the amount of a LIFO inventory.
Examining invoices in support of the valuation of fixed asset additions.

CPA-02588
Choice "b" is correct. Attribute sampling is used to test controls. Inspecting employee time cards for
proper approval by supervisors is a test of controls. Controls often relate to authorization, validity,
completeness, accuracy, appropriate classification, accounting in conformity with GAAP, and proper
period. Look for these terms in identifying which option is a test of controls. Words such as account
balance, amount, valuation, presentation, and disclosure are more likely to relate to substantive tests.
Choice "a" is incorrect. Selecting accounts receivable for confirmation of accounts balances is a
substantive test.
Choice "c" is incorrect. Making an independent estimate of the amount of a LIFO inventory is a
substantive test.
Choice "d" is incorrect. Examining invoices in support of the valuation of fixed asset additions is a
substantive test.
2. CPA-02602
As a result of tests of controls, an auditor assessed control risk too low and decreased substantive
testing. This assessment occurred because the true deviation rate in the population was:
a.
b.
c.
d.

Less than the risk of assessing control risk too low, based on the auditor's sample.
Less than the deviation rate in the auditor's sample.
More than the risk of assessing control risk too low, based on the auditor's sample.
More than the deviation rate in the auditor's sample.

CPA-02602
Choice "d" is correct. If the actual deviation rate in the population exceeds the maximum deviation rate
based on the sample, control risk will be understated, since the control will be less effective than sample
results would indicate.
Choice "a" is incorrect. No comparison should be made between the true deviation rate and the risk of
assessing control risk too low.
Choice "b" is incorrect. If the true deviation rate is lower than the deviation rate in the sample, control risk
may be assessed at a rate that is too high, potentially leading to audit inefficiencies.
Choice "c" is incorrect. No comparison should be made between the true deviation rate and the risk of
assessing control risk too low.

1
2009 DeVry/Becker Educational Development Corp. All rights reserved.

Auditing and Attestation 5

Class Questions
3. CPA-02620
While performing a test of details during an audit, an auditor determined that the sample results
supported the conclusion that the recorded account balance was materially misstated. It was, in fact, not
materially misstated. This situation illustrates the risk of:
a.
b.
c.
d.

Assessing control risk too high.

Assessing control risk too low.
Incorrect rejection.
Incorrect acceptance.

CPA-02620
Choice "c" is correct. Erroneously concluding that an account balance is materially misstated is an
example of incorrect rejection.
Choice "a" is incorrect. The assessment of control risk relates to tests of controls, not to tests of details
(substantive testing).
Choice "b" is incorrect. The assessment of control risk relates to tests of controls, not to tests of details
(substantive testing).
Choice "d" is incorrect. If the auditor had concluded that the account was fairly presented when, in fact, it
was not, it would be an example of incorrect acceptance.
4. CPA-02594
An auditor who uses statistical sampling for attributes in testing internal controls should reduce the
planned reliance on a prescribed control when the:
a.
b.
c.
d.

Sample rate of deviation plus the allowance for sampling risk equals the tolerable rate.
Sample rate of deviation is less than the expected rate of deviation used in planning the sample.
Tolerable rate less the allowance for sampling risk exceeds the sample rate of deviation.
Sample rate of deviation plus the allowance for sampling risk exceeds the tolerable rate.

CPA-02594
Choice "d" is correct. The auditor will reduce reliance on a control if the upper deviation rate exceeds the
tolerable rate. The upper deviation rate consists of the sample deviation rate plus an allowance for
sampling risk. Therefore, if the sample deviation rate plus the allowance for sampling risk exceeds the
tolerable rate, that is equivalent to the upper deviation rate exceeding the tolerable rate.
Choice "a" is incorrect. If the sample deviation rate plus the allowance for sampling risk equals the
tolerable rate, the auditor may still place the planned amount of reliance on the control.
Choice "b" is incorrect. Whether the actual sample deviation rate is less than the expected deviation rate
is irrelevant for making decisions about planned reliance levels.
Choice "c" is incorrect. If the tolerable rate less the allowance for sampling risk exceeds the sample rate
of deviation, then the upper deviation rate is less than the tolerable rate. This situation supports the
planned reliance, and no reduction in planned reliance would be necessary.

2
2009 DeVry/Becker Educational Development Corp. All rights reserved.

Auditing and Attestation 5

Class Questions
5. CPA-02607
In statistical sampling methods used in substantive testing, an auditor most likely would stratify a
population into meaningful groups if:
a. Probability proportional to size (PPS) sampling is used.
b. The population has highly variable recorded amounts.
c. The auditor's estimated tolerable misstatement is extremely small.
d. The standard deviation of recorded amounts is relatively small.
CPA-02607
Choice "b" is correct. The auditor may be able to reduce the required sample size by separating items
subject to sampling into relatively homogenous groups on the basis of some characteristic related to the
specific audit objective.
Choice "a" is incorrect. While PPS sampling results in a stratified sample, it is a result of the sampling
method employed and does not require the auditor to perform stratification since it occurs automatically.
Choice "c" is incorrect. The estimated tolerable misstatement does not affect the decision to stratify.
Choice "d" is incorrect. The standard deviation of the recorded amounts represents the population's
variability. Therefore, the auditor would be most likely to stratify when the standard deviation is high, not
low.
6. CPA-02617
Which of the following sample planning factors would influence the sample size for a substantive test of
details for a specific account?

a.
b.
c.
d.

Expected
amount of
misstatements
No
Yes
No
Yes

Measure of
tolerable
misstatement
No
Yes
Yes
No

CPA-02617
Choice "b" is correct. When planning a particular sample for a substantive test of details, the auditor
should consider how much monetary misstatement in the account might exist without causing the
financial statements to be materially misstated (tolerable misstatement) as well as the expected size and
frequency of misstatements.
Choices "a", "c", and "d" are incorrect, per the above explanation.

3
2009 DeVry/Becker Educational Development Corp. All rights reserved.

Auditing and Attestation 5

Class Questions
7. CPA-02584
In a probability-proportional-to-size sample with a sampling interval of $10,000, an auditor discovered that
a selected account receivable with a recorded amount of $5,000 had an audited amount of $4,000. If this
were the only misstatement discovered by the auditor, the projected misstatement of this sample would
be:
a.
b.
c.
d.

$1,000
$2,000
$5,000
$10,000

CPA-02584
Choice "b" is correct. The sample error of $1,000 ($5,000 $4,000) is projected to the entire interval
through use of a "tainting factor" of 20% ($1,000/$5,000). If this were the only misstatement discovered
by the auditor, the projected misstatement of this sample would be 20% of $10,000, or $2,000.
Choice "a" is incorrect, as the sample error of $1,000 needs to be projected to the entire interval.
Choices "c" and "d" are incorrect, per the above explanation.
8. CPA-02596
In addition to evaluating the frequency of deviations in tests of controls, an auditor should also consider
certain qualitative aspects of the deviations. The auditor most likely would give broader consideration to
the implications of a deviation if it was:
a.
b.
c.
d.

The only deviation discovered in the sample.

Identical to a deviation discovered during the prior year's audit.
Caused by an employee's misunderstanding of instructions.
Initially concealed by a forged document.

CPA-02596
Choice "d" is correct. The auditor should consider both the qualitative and the quantitative aspects of
deviations in tests of controls. Qualitative aspects might include whether deviations are indicative of an
error or fraud. Such an evaluation is important because fraud is intentional, has implications beyond the
direct monetary effect, and requires consideration of the implications for other aspects of the audit. Thus,
a deviation initially concealed by a forged document is very serious and deserves broader consideration
than a deviation of the same dollar amount due to an error.
Choice "a" is incorrect. The fact that a deviation was the only one discovered would have no importance
beyond its impact on the computation of the upper deviation rate.
Choice "b" is incorrect. Discovery of a deviation identical to one discovered during the prior year's audit is
not necessarily cause for additional concern.
Choice "c" is incorrect. Employee misunderstanding of instructions is an inherent limitation of internal
control and is not necessarily cause for concern.

4
2009 DeVry/Becker Educational Development Corp. All rights reserved.

Auditing and Attestation 5

Class Questions
9. CPA-02927
Which of the following computer-assisted auditing techniques allows fictitious and real transactions to be
processed together without client operating personnel being aware of the testing process?
a.
b.
c.
d.

Integrated test facility.

Input controls matrix.
Parallel simulation.
Data entry monitor.

CPA-02927
Choice "a" is correct. An integrated test facility uses test data commingled with actual data to test
transactions.
Choice "b" is incorrect. An input controls matrix is an input control.
Choice "c" is incorrect. Parallel simulation involves writing a computer program that duplicates the logic
of a client's program, using identical data as input, and comparing output.
Choice "d" is incorrect. A data entry monitor is an input control.
10. CPA-02920
Which of the following computer-assisted auditing techniques processes client input data on a controlled
program under the auditor's control to test controls in the computer system?
a.
b.
c.
d.

Test data.
Review of program logic.
Integrated test facility.
Parallel simulation.

CPA-02920
Choice "d" is correct. Parallel simulation is a technique in which the auditor reprocesses the client's data
using the auditor's own software. The auditor then compares his or her results to those obtained by the
client.
Choice "a" is incorrect. The test data approach uses the auditor's input data on the client's system, offline.
Choice "b" is incorrect. Reviewing program logic is not a computer-assisted audit technique.
Choice "c" is incorrect. An integrated test facility uses the auditor's input data on the client's system, online.

5
2009 DeVry/Becker Educational Development Corp. All rights reserved.

Auditing and Attestation 5

Class Questions
11. CPA-02924
A primary advantage of using generalized audit software packages to audit the financial statements of a
client that uses an EDP system is that the auditor may:
a. Access information stored on computer files while having a limited understanding of the client's
hardware and software features.
b. Consider increasing the use of substantive tests of transactions in place of analytical procedures.
c. Substantiate the accuracy of data through self-checking digits and hash totals.
d. Reduce the level of required tests of controls to a relatively small amount.
CPA-02924
Choice "a" is correct. One of the primary benefits of using generalized audit software is the ability to
access client data stored in computer files without having a detailed understanding of the client's
hardware and software features.
Choice "b" is incorrect. The use of generalized audit software would not affect the auditor's decision with
respect to using substantive tests of transactions in place of analytical procedures.
Choice "c" is incorrect. Generalized audit software is used to extract and analyze data. Self-checking
digits and hash totals are controls embedded in client software applications to ensure accuracy. They are
not a part of generalized audit software.
Choice "d" is incorrect. The use of generalized audit software does not reduce the need to perform tests
of controls if reliance on controls is planned.
12. CPA-02542
An auditor's letter issued on significant deficiencies relating to a nonissuer's internal control observed
during a financial statement audit should:
a. Include a brief description of the tests of controls performed in searching for significant deficiencies
and material weaknesses.
b. Indicate that the significant deficiencies should be disclosed in the annual report to the entity's
shareholders.
c. Include a paragraph describing management's assertion concerning the effectiveness of internal
control.
d. Indicate that the audit's purpose was to report on the financial statements and not to provide
assurance on internal control.
CPA-02542
Choice "d" is correct. Conditions noted by the auditor that are significant deficiencies or material
weaknesses should be reported in writing. Any report issued on such conditions should (1) indicate that
the purpose of the audit was to report on the financial statements and not to provide assurance on
internal control; (2) include the definition of significant deficiencies and, if applicable, material
weaknesses; (3) include a restriction on use (i.e., the report is intended solely for the information and use
of management).
Choice "a" is incorrect. During an audit, the auditor is not required to design tests specifically to detect
significant deficiencies in internal control.
Choice "b" is incorrect. Significant deficiencies in internal control are not generally disclosed in the annual
report, and the auditor's letter on such conditions observed during a financial statement audit is intended
solely for the information and use of management, those charged with governance, and others within the
organization.
Choice "c" is incorrect. Management does not provide an assertion concerning the effectiveness of
internal control as part of a financial statement audit (but would provide such an assertion in a separate
engagement related to internal control).
6
2009 DeVry/Becker Educational Development Corp. All rights reserved.

Auditing and Attestation 5

Class Questions
13. CPA-02547
Brown, CPA, has accepted an engagement to examine and report on Crow Company's written assertion
about the effectiveness of Crow's internal control. Crow is a nonissuer. In what form may Crow present
its written assertion?
I. In a separate report that will accompany Brown's report.
II. In a representation letter to Brown.
a.
b.
c.
d.

I only.
II only.
Either I or II.
Neither I nor II.

CPA-02547
Choice "c" is correct. An engagement to examine and report on a written assertion by management is an
example of an attest engagement. Management may present its written assertion either in 1) a separate
report that will accompany the practitioner's report, or 2) a representation letter to the practitioner.
Choices "a", "b", and "d" are incorrect, based on the above explanation.
14. CPA-02551
In reporting on a nonissuer's internal control over financial reporting in an attest engagement, a
practitioner should include a paragraph that describes the:
a.
b.
c.
d.

Documentary evidence regarding the control environment factors.

Changes in internal control since the prior report.
Potential benefits from the practitioner's suggested improvements.
Inherent limitations of any internal control.

CPA-02551
Choice "d" is correct. In reporting on a nonissuer's internal control over financial reporting in an attest
engagement (not an audit), the practitioner's report should include a paragraph stating that, because of
inherent limitations of any internal control, errors or fraud may occur and not be detected.
Choice "a" is incorrect. Documentary evidence need not be provided in the practitioner's report.
Choice "b" is incorrect. The practitioner need not mention any changes in internal control since the last
report.
Choice "c" is incorrect. The practitioner should not describe any potential benefits that might result from
the practitioner's suggested improvements.

7
2009 DeVry/Becker Educational Development Corp. All rights reserved.

Auditing and Attestation 5

Class Questions
15. CPA-05612
Jackson is auditing the financial statements of Saffer Company, an issuer. Which of the following is true?
a. Jackson is not required to audit internal control, but should report any significant deficiencies or
material weaknesses noted.
b. Saffer is required to obtain an audit of its internal control, but a professional other than Jackson may
be hired for this purpose.
c. Jackson is required to audit and report on Saffers internal control.
d. If Jackson provides an adverse opinion on the financial statements, an audit of Saffers internal
control is not permitted.
15. CPA-05612
Choice "c" is correct. PCAOB Auditing Standard No. 5 requires Jackson to perform an integrated audit,
auditing both the financial statements and management's assessment of the effectiveness of internal
control.
Choice "a" is incorrect. Jackson is required to perform an integrated audit, which includes an audit of
internal control.
Choice "b" is incorrect. PCAOB Auditing Standard No. 5 requires Saffer to have an audit of internal
control. Because the objectives and the work involved in an audit of internal control and in a financial
statement audit are so closely related, the two audits must be performed together. Each of these two
audits provides information that is relevant to the other.
Choice "d" is incorrect. An audit of internal control is required, regardless of the type of opinion rendered
on the financial statements.

8
2009 DeVry/Becker Educational Development Corp. All rights reserved.

Auditing and Attestation 5

Class Questions
16. CPA-03517
In auditing a not-for-profit entity that receives governmental financial assistance, the auditor has a
responsibility to:
a. Issue a separate report that describes the expected benefits and related costs of the auditor's
suggested changes to the entity's internal control.
b. Assess whether management has identified laws and regulations that have a direct and material
effect on the entity's financial statements.
c. Notify the governmental agency providing the financial assistance that the audit is not designed to
provide any assurance of detecting errors and fraud.
d. Render an opinion concerning the entity's continued eligibility for the governmental financial
assistance.
CPA-03517
Choice "b" is correct. The auditor must assess whether management has identified laws and regulations
that have a direct and material effect on the determination of amounts in an entity's financial statements
and obtain an understanding of the possible effects on the financial statements of such laws and
regulations.
Choice "a" is incorrect. The auditor must issue a separate report on the consideration of the entity's
internal control, not on the expected benefits and related costs.
Choice "c" is incorrect. Government Auditing Standards (the Yellow Book) specify that the auditor should
design the audit to provide reasonable assurance that material errors and fraud are detected.
Choice "d" is incorrect. The auditor may be required to express an opinion on whether the entity has
complied with the requirements applicable to its major federal financial assistance programs, but not
whether it is still eligible to receive assistance.
17. CPA-03542
Which of the following statements is a standard applicable to financial statement audits in accordance
with Government Auditing Standards?
a. An auditor should assess whether the entity has reportable measures of economy and efficiency that
are valid and reliable.
b. An auditor should report on the scope of the auditor's testing of internal controls.
c. An auditor should briefly describe in the auditor's report the method of statistical sampling used in
performing tests of controls and substantive tests.
d. An auditor should determine the extent to which the entity's programs achieve the desired level of
results.
CPA-03542
Choice "b" is correct. Auditors should report on the scope of their testing of compliance with laws and
regulations and of internal controls.
Choice "a" is incorrect. The auditor would assess whether the entity has reportable measures of
economy and efficiency that are valid and reliable as part of an economy and efficiency (performance)
audit.
Choice "c" is incorrect. The auditor may report the methods of statistical sampling used as part of a
performance audit.
Choice "d" is incorrect. A program audit would determine the extent to which the entity's programs
achieve the desired level of results.

9
2009 DeVry/Becker Educational Development Corp. All rights reserved.

Auditing and Attestation 5

Class Questions
18. CPA-05604
In auditing compliance with requirements governing major federal financial assistance programs under
the Single Audit Act, the auditor's consideration of materiality differs from materiality under generally
accepted auditing standards. Under the Single Audit Act, materiality is:
a.
b.
c.
d.

Calculated in relation to the financial statements taken as a whole.

Determined separately for each major federal financial assistance program.
Decided in conjunction with the auditor's risk assessment.
Ignored, because all account balances, regardless of size, are fully tested.

CPA-05604
Choice "b" is correct. Under the Single Audit Act, materiality is determined separately for each major
federal financial assistance program.
Choice "a" is incorrect. Under a GAAS audit, materiality is determined in relation to the financial
statements taken as a whole. Under a GAGAS audit, materiality levels may be lower due to the public
accountability of the entity, the various legal requirements, and the visibility and sensitivity of
governmental programs, activities, and functions.
Choice "c" is incorrect. Materiality must be determined before risk assessments.
Choice "d" is incorrect. Under the Single Audit Act, all balances need not be tested.
19. CPA-03579
Wolf is auditing an entity's compliance with requirements governing a major federal financial assistance
program in accordance with Government Auditing Standards. Wolf detected noncompliance with
requirements that have a material effect on the program. Wolf's report on compliance should express:
a.
b.
c.
d.

No assurance on the compliance tests.

Reasonable assurance on the compliance tests.
A qualified or adverse opinion.
An adverse or disclaimer of opinion.

CPA-03579
Choice "c" is correct. If material instances of noncompliance are identified, the auditor should express
either a qualified or adverse opinion on compliance.
Choice "a" is incorrect. The auditor's report directs the reader to a separate schedule of findings after
stating the importance of compliance testing and indicating that providing an opinion on compliance is not
an objective of the audit.
Choice "b" is incorrect. The auditor's report directs the reader to a separate schedule of findings after
stating the importance of compliance testing and indicating that providing an opinion on compliance is not
an objective of the audit.
Choice "d" is incorrect. If material instances of noncompliance are identified, a disclaimer of opinion is not
appropriate.

10
2009 DeVry/Becker Educational Development Corp. All rights reserved.

Auditing and Attestation 5

Class Questions
20. CPA-04628
For financial statement audits, generally accepted government auditing standards (GAGAS) incorporate
the Statements on Auditing Standards (SAS) that are issued by the AICPA. GAGAS prescribe additional
standards on:

a.
b.
c.
d.

Direct reporting
of illegal acts
Yes
Yes
No
No

Reporting on
internal controls
Yes
No
Yes
No

CPA-04628
Choice "a" is correct. Government auditing standards (GAS) prescribe additional standards on the direct
reporting of illegal acts. For example, the auditor is required to directly report illegal acts discovered
during the audit to federal inspector generals if management fails to disclose such illegal acts to the
grantor or fails to take appropriate remedial action. In addition, GAS also prescribe additional standards
related to internal control reporting, such as requiring that the auditor provide a written report on internal
control in every financial statement audit.
Choices "b", "c", and "d" are incorrect, based on the above explanation.
21. CPA-03514
Although the scope of audits of recipients of federal financial assistance in accordance with federal audit
regulations varies, these audits generally have which of the following elements in common?
a. The auditor is to determine whether the federal financial assistance has been administered in
accordance with applicable laws and regulations.
b. The materiality levels are lower and are determined by the government entities that provided the
federal financial assistance to the recipient.
c. The auditor should obtain written management representations that the recipient's internal auditors
will report their findings objectively without fear of political repercussion.
d. The auditor is required to express both positive and negative assurance that illegal acts that could
have a material effect on the recipient's financial statements are disclosed to the inspector general.
CPA-03514
Choice "a" is correct. Audits of federal financial assistance under the Single Audit Act require that the
auditor determine if the auditee has complied with laws, regulations, and provisions of the contracts or
grant agreements.
Choice "b" is incorrect. Materiality in audits of federal financial assistance is set at the program level and
is not determined by the government entities that provided the federal financial assistance to the
recipient.
Choice "c" is incorrect. If the internal auditors are considered organizationally independent for internal
auditing purposes, then they can be considered independent when conducting audits external to the
government entity to which they are routinely assigned. Organizationally independent refers to the audit
organization being outside of line management, reporting to the chief executive or administrative officer;
that is, the internal auditors will report their findings objectively without fear of political repercussion.
However, in this case, an external auditor need not be involved in the audit, and no written management
representations regarding the internal auditors need be obtained.
Choice "d" is incorrect. In audits of federal financial assistance under the Single Audit Act, the auditor
does not express negative assurance on those items not tested.

11
2009 DeVry/Becker Educational Development Corp. All rights reserved.

Auditing and Attestation 5

Class Questions
22. CPA-02540
Which of the following statements is correct about an auditor's required communication with those
charged with governance? Assume those charged with governance are not involved in managing the
entity.
a. Any matters communicated to those charged with governance also are required to be communicated
to the entity's management.
b. The auditor is required to inform those charged with governance about significant errors discovered
by the auditor and subsequently corrected by management.
c. Disagreements with management about the application of accounting principles are not required to be
communicated to those charged with governance if they have been appropriately resolved.
d. Significant deficiencies in internal control previously reported to those charged with governance that
have not been corrected need not be communicated again.
CPA-02540
Choice "b" is correct. If those charged with governance are not involved with managing the entity, the
auditor should communicate material, corrected misstatements brought to management's attention as a
result of the audit.
Choice "a" is incorrect. Certain matters communicated to those charged with governance, such as those
related to the competence and integrity of management, might not be appropriate for discussion with
management.
Choice "c" is incorrect. The auditor should communicate disagreements with management, whether or
not resolved.
Choice "d" is incorrect. Previously communicated significant deficiencies that have not been corrected
should be communicated again, in writing, during the current audit.

23. CPA-02533
Which of the following matters would an auditor most likely include in a management representation
letter?
a.
b.
c.
d.

Communications with those charged with governance concerning weaknesses in internal control.
The completeness and availability of minutes of stockholders' and directors' meetings.
Plans to acquire or merge with other entities in the subsequent year.
Management's acknowledgment of its responsibility for the detection of employee fraud.

CPA-02533
Choice "b" is correct. The purpose of the management representation letter is to confirm management's
oral evidence supplied during the engagement. Specific written representations obtained by the auditor
should include acknowledgment as to the completeness and availability of minutes of stockholders' and
directors' meetings.
Choice "a" is incorrect. Communications those charged with governance are generally not included in the
management representation letter, whereas communications from regulatory agencies regarding
noncompliance with, or deficiencies in, financial reporting practices would be included.
Choice "c" is incorrect. Management's subsequent plans need not be included in the management
representation letter, unless they will affect the carrying value or classification of assets and liabilities.
Choice "d" is incorrect. Management acknowledges its responsibility for the fair presentation of the
financial statements and states that they are unaware of any employee fraud, but does not acknowledge
responsibility for the detection of employee fraud.

12
2009 DeVry/Becker Educational Development Corp. All rights reserved.