Professional Documents
Culture Documents
h
tml
Auditors obtain an understanding of an entitys internal control for the primary purpose of:
A)
Gathering sufficient appropriate evidence to provide a reasonable basis for an opinion on the financial
statements.
B)
Determining the nature, extent and timing of subsequent audit procedures to be performed.
C)
D)
B)
C)
D)
Internal controls are designed to achieve company objectives in all of the following areas except:
A)
Safeguarding of assets.
B)
C)
D)
Internal control is a process designed to provide reasonable assurance regarding the achievement of which
objective?
A)
B)
C)
D)
Which of the following is not one of the five major components of internal control?
A)
Risk assessment.
B)
Control activities.
C)
D)
Monitoring is a major component of the COSO Internal ControlIntegrated Framework. Which of the following is
not correct in how the company can implement the monitoring component?
A)
B)
C)
Monitoring and other audit work conducted by internal audit staff can reduce external audit costs.
D)
The independent auditor can serve as part of the entitys control environment and continuous
monitoring.
Which of the following is a proper reason for not conducting tests of controls?
A)
B)
The procedures require more audit effort than the projected benefits to be obtained from lowering the
control risk.
C)
The company does not have any flowcharts of its system available for review.
D)
After obtaining an understanding of an entitys internal control system, an auditor may set control risk at high
for some assertions because he or she
A)
B)
Determines that the pertinent internal control components are not well documented.
C)
D)
Regardless of the assessed level of control risk, an auditor would perform some
A)
B)
C)
D)
Dual-purpose tests to evaluate both the risk of monetary misstatement and preliminary control risk.
With preliminary control risk assessments set at high, auditors are likely to:
A)
B)
C)
D)
Which of the following represents the correct sequence of audit steps that come after first obtaining an
understanding and documenting the entitys internal control?
A)
Test of controls, assess control risk, determine extent of substantive tests, reassess control risk.
B)
Assess control risk, test of controls, determine extent of substantive testing, reassess control risk.
C)
Assess control risk, determine extent of substantive testing, test of controls, reassess control risk.
D)
Assess control risk, test of controls, reassess control risk, determine extent of substantive testing.
B)
C)
D)
B)
C)
D)
A)
B)
Flowcharts.
C)
D)
Which of the following statements regarding auditor documentation of the entitys internal control is correct?
A)
B)
No documentation is necessary to satisfy auditing standards, however, oral inquiry is required at
minimum.
C)
Internal control questionnaires are specifically tailored to meet the needs of each individual entity.
D)
The auditors assessment of the level of control risk can be documented using a structured working
paper, an internal control questionnaire or a memorandum.
In order to be able to set control risk at a lower level, the auditor must do all of the following except:
A)
B)
C)
D)
Assessing control risk below high involves all of the following except
A)
B)
C)
D)
Analysing the achieved level of control risk after performing tests of controls.
Which of the following audit techniques would most likely provide an auditor with the most assurance about the
effectiveness of the operation of a control?
A)
B)
C)
D)
Walk-through.
The highest-quality and most reliable audit evidence that segregation of duties is properly implemented is
obtained by
A)
Inspection of documents prepared by a third party but which contain the initials of those applying entity
controls.
B)
C)
D)
An auditor may need to obtain a service auditors report when an entity receives accounting services such as
payroll from a service organization. Which of the following statements is true regarding this service audit report?
A)
B)
It provides the client auditor with a guarantee regarding whether the entitys control procedures have
been placed in operation.
C)
The client auditor need not inquire about the service auditors professional reputation.
D)
The client auditor should perform the procedures at the service organization to verify the information in
the report.
Provide reasonable assurance that their financial statements are free of material misstatements.
B)
Ensure that the entity will not have any misstatements in areas related to the service organizations
activities.
C)
D)
Assess whether the service organizations controls are suitably designed and operating effectively.
Significant deficiencies in internal control are matters that come to an auditors attention that should be
communicated to those charged with governance because they represent
A)
Disclosures of information that significantly contradict the auditors going concern assumption.
B)
C)
D)
Manipulation or falsification of accounting records or documents from which financial statements are
prepared.
A primary advantage of using generalized audit software packages to audit the financial statements of an entity
that uses an IT system is that the auditor may
A)
Consider increasing the use of substantive tests of transactions in place of analytical procedures.
B)
Substantiate the accuracy of data through self-checking digits and hash totals.
C)
D)
Access information stored on computer files while having a limited understanding of the entitys
hardware and software features.
B)
C)
D)
An auditor anticipates assessing control risk at a low level in an IT environment. Under these circumstances, on
which of the following controls would the auditor initially focus?
A)
B)
Application controls.
C)
Output controls.
D)
General controls.
An auditors flowchart of an entitys accounting system is a diagrammatic representation that depicts the
auditors
A)
B)
C)
Understanding of the types of fraud that are probable, given the present system.
D)