Objectives Question E9-1 True or False _____ 1. The auditor should obtain an understanding of all internal controls of an audit client. _____ 2. Internal control is a designed and implemented to address all business risks that threaten the achievement of the objectives of internal control. _____ 3. The auditor’s primary consideration regarding controls is the provision of constructive suggestions to management regarding the company’s internal controls. _____ 4. Smaller entities use more formal means and simpler processes and procedures to achieve their objectives. _____ 5. The control environment is the foundation for effective internal control providing disciplines and structure. _____ 6. The effectiveness of controls cannot rise above the integrity and ethical values of the people who create administer, and monitor them. _____ 7. An entity’s organizational structure provides the framework within which its activities for achieving entitywide objectives are planned executed, controlled, and reviewed. _____ 8. The entity’s risk assessment process may address how the entity considers the possibility of unrecorded transactions or identifies and analyzes significant estimates recorded in the financial statements. _____ 9. For financial reporting purposes, an entity’s risk assessment is its identification, analysis and management of risk relevant to the preparation of financial statement following GAAP. _____ 10. The accounting system refers to the series of task and records of an entity by which transactions are processed as a means of maintaining financial records. _____ 11.Control activities may be applied within manual systems only. _____ 12. Examples of segregation of duties include reporting, reviewing and approving reconciliation, and approval and control documents. _____ 13. An important responsibility of management is the establishment and maintenance of internal control on an ongoing basis. _____ 14. Monitoring is done to ensure that controls continue in operation. _____ 15. There is a direct relationship between an entity’s objectives and the controls it implements. _____ 16. All controls are relevant to the auditor’s risk assessment. _____ 17. The relevance of a control to the auditor’s risk assessment is a matter of professional judgement. _____ 18. Obtaining an understanding of internal controls involves evaluating the design and effectiveness of controls. _____ 19. A weakness in internal control that could have a material effect on the financial statements is known as a material misstatement of fact. _____ 20. The assessment of inherent risk is based on the understanding of the entity and its environment.
_____ 21. A “less than high” risk assessment means that the auditor believes that internal controls are not effective, in design, in operation, or both. _____ 22. Test of controls can be eliminated, while substantive test cannot be eliminated in an auditor’s program of procedures. _____ 23. A significant risk refers to a risk that requires special audit consideration. _____ 24. Further audit procedures include risk assessment procedures, test of controls and substantive test. _____ 25. Test of controls focus on the effectiveness of controls. _____ 26. If the preliminary controls risk assessment is high, the auditor must perform test of controls to confirm the risk assessment. _____ 27. Documentation of the understanding of controls is one of the requirements of PSAs. _____ 28. The controls risk assessment may never be revised after the audit program is finalized. _____ 29. The higher the control risk assessment, the higher the reliance on substantive tests. _____ 30. One of the inherent limitations of internal control is the lack of segregation of duties.
E – 9 Multiple Choice. 1. What is the primary purpose of effective internal control on an organization. A. The achievement of certain organizational goals. B. Completion of a successful audit for the entity. C. Shareholders’ involvement in the company’ success. D. Obtaining profitability and financial strength. 2. Which of the following is most correct concerning the understanding of internal control needed by auditors to plan the audit. A. The auditors must understand the control environment, but not the accounting system or the control procedures of an entity. B. The auditors must understand the control environment and the accounting system, but not the control procedures. C. The auditors must understand the control environment, the accounting system, and must use judgement as to the control procedures. D. The auditors must understand the control environment, the accounting system and all control procedures. 3. This is the process designed and effected by those charged with governance, management and other personnel to provide reasonable assurance about the achievement of the entity’s objectives on financial reporting, operations and compliance A. Risk assessment C. Internal control B. Strategies D. Operational plans 4. The auditor uses the understanding of internal control to : A. Identity types of potential misstatement B. Consider factors that affect the risk of material C. Design the nature timing and extent of further audit procedures (i.e, tests of controls and substantive tests) D. All of theses
5. The following statement relate to internal control. Which of the following is incorrect? A. Internal control system refer to all the policies and procedures adopted by the management’s objectives. B. A strong environment does not, by itself, ensure the effectiveness of the internal control system. C. The internal control system is confined to those matters which relate directly to the functions of the accounting system. D. In the audit of financial statement, the auditor is only concerned with those policies and procedures within the accounting and internal control system that are relevant to the financial statement. 6. Internal control are not designed to provide reasonable assurance that A. Transactions are executed in accordance with management’s authorization. B. Irregularities will be eliminated. C. Access to assets is permitted only in accordance with management’s authorization. D. The recorded accountability for assets is compared with the existing assets at reasonable intervals. 7. In an audit of financial statement, an auditor’s primary consideration regarding a control is whether it : A. Enhances management’s decision – making processes. B. Reflects management’s decision – making process. C. Affects management’s financial statement assertions. D. Provides adequate safeguards over access to assets. 8. The following statements relate to internal control. Which statement is correct? A. The entity’s objectives, and therefore controls, relate to: financial reporting, efficiency and effectiveness of operation, and compliance with applicable law and regulations. B. All objectives and controls are relevant to the auditor’s risk assessment. C. Ordinarily, controls that relevant to an audit pertain to the entity’s objective of preparing fairly stated financial statements for external purposes. D. The determination of which controls are relevant to an audit is a matter of professional judgement. 9. What is the relationship between an entity’s objectives and the controls it implements to provide reasonable assurance about their achievement? A. Direct B. Adverse B. Inverse D. None of these 10. Which of the following statement best describe “control environment”? A. This is the entity’s process for identifying business risks relevant to financial reporting objectives and deciding about actions to address those risks, and the result thereof. B. This is the system for transferring information from transaction processing system to the general ledger or the financial reporting system. C. These are the policies and procedures that help ensure that management directives are carried out. D. This includes the governance and management functions and the attitudes, awareness, and actions of those charged with governance and management concerning the entity’s internal control and its importance to the entity. 11. Management’s attitude towards aggressive financial reporting and its emphasis on meeting projected profit goals most likely would significantly influence an entity’s control environment when: A. The audit committee is active in overseeing the entity’s financial reporting policies. B. External policies established by parties outside the entity affect its accounting practices. C. Management is dominated by one individual who is also a shareholder. D. Internal auditors have direct access to the board of directors and entity management. 12. Transaction authorization within an organization may be either specific or general. An example of specific transaction authorization is the: A. Setting of automatic reorder points B. Approval of a construction budget for a new warehouse. C. Establishment of a customer’s credit limits. D. Establishment of sales prices.
13. Risk can arise or change due to circumstances such as the following, except: A. A new law has passed which prohibits the use of a chemical which is a maintain ingredient of the company’s major product. B. New employees have been hired by the company. C. The company switched from manual information system to a computerized system. D. The accounting and financial reporting framework has reminded stable for the past five years, and no new pronouncements have been made. 14. An entity’s risk assessment process include how management: A. Identifies risk B. Assesses significance and likelihood of occurrence of these identified risks. C. Decides upon actions to manage these risk D. All of these 15. Proper segregation of functional responsibilities in an effective system of internal control calls for separation of the functions of: A. Authorization, execution and payment. B. Authorization, recording and custody. C. Custody, execution and reporting. D. All of these 16. An entity’s ongoing monitoring activities often include: A. Periodic audits by the audit committee. B. Reviewing the purchasing function. C. The audit of the annual financial statements D. Control risk assessment in conjunction with quarterly reviews. 17. Obtaining understanding of internal control involves: I.Evaluating the design of a control. II. Determining whether the control has been implemented III. Testing the effectiveness of controls A. I and II C. I and III B. II and III D. I, II and III 18. The understanding internal control that relates to a financial statement assertion should be used to do all of the following except: A. Determine inherent risk for the assertion. B. Identify types of potential misstatement for the assertion C. Consider factors that affect the risk of material misstatement for that assertion and assess control risk. D. Design substantive test that correspond with the assessment of control risk. 19. When obtaining an understanding of an entity’s internal control, an auditor should concentrate on the house substance of controls rather than their form because: A. The controls may be operating effectively but may not be documented. B. Management may establish appropriate controls but not act on them C. The controls may be so inappropriate that no reliance is contemplated by the auditor D. Management may implement controls with cost in excess of benefits. 20. As part of obtaining an understanding internal controls, an auditor is not required to: A. Consider factors that affect the risk of materials misstatement. B. Ascertain whether internal control policies and procedures have been placed in operation. C. Identify the types of potential misstatement that may occur. D. Obtain knowledge about the operating effectiveness of internal control. 21. When obtaining an understanding of the accounting ad internal control system the auditor may trace few transactions through the accounting system. This technique is: A. Reperformance test C. Test of transactions B. Walkthrough test D. Validity Times
22. Narratives, flowcharts, and internal control questionnaires are three commonly used methods of A. Documenting the study of internal controls B. Testing the internal control structure C. Designing the audit manual and procedures D. Documenting re weakness of internal control 23. After obtaining a sufficient understanding of internal control, the auditor: A. Assesses the need to apply GAAS. B. Determine the preliminary assessment of control risk. C. Assesse detection risk to determine the acceptable level of inherent risk. D. Determines the assessed levels of detection risk and inherent risk. 24. The ultimate purpose of assessing control risk is to contribute to the auditors evaluation of the risk that; A. Test of contols may fail to identify control relevant to assertions. B. Material misstatements may exist in the financial statements. C. Specified controls requiring segregation of duties may be circumvented by collusion. D. The entity policies may be circumvented by senior management. 25. After obtaining an understanding of internal control an auditor assessed control risk as high. Which of the following are possoble reasons for this preliminary assessment? A. The entity's internal control system is not effective. B. Evaluating the effectiveness of the entity's internal control system would not be efficient. C. The internal control system may be effective. D. None of the answers. 26. When control risk is assessed at high for all financial statements assertions, an audtor should document the auditor's: I. Understand of the entity's internal control structure II. Conclusion that control risk is high III. Basis for concluding that control risk is high A. A. I & II C. I & III B. B. II & III D. I, II & III 27. Which of the following statements about preliminary assessment of control risk is correct? A. The auditor ordinarily assesses control risk at high level for some or all assertions when it is not cost efficient to perform test of controls. B. The preliminary assessment of control risk can be done only after performing the required test of controls. C. The preliminary assessment control risk for a financial statement assertion is normally less than high ,unless the auditor is able to identify weaknesses that may indicate ineffectiveness of the accounting and internal control system D. After obtaining an understanding of the accounting and internal control systems, the auditor should make a preliminary assessment of control risks, at the assertion level, for all accounts or transaction classes. 28. The following statements relate to control risk. Select the correct statement: A. When control risk is set at high, an auditor required by GAAS to document the basis for that risk assessment. B. For significant classs of transactions, control risk may be assessed sufficiently low to warrant elimination of substantive testing. C. When assessing control risk, an auditor should disregard evidence obtained in prior audits about the operation of controls
29.
30.
31. 32.
33.
34.
35.
36.
D. Assessing control risk and obtaining an understanding of entity’s internal control may be performed concurrently. After obtaining an understanding of an entity;s internal control structure and assessing control risk, an auditor may next: A. Perform tests of control to verify management’s assertions that are embodied in the financial statements. B. Apply analytical procedures as substantive tests to validate the assessed level of control risk. C. Consider whether evidential matter is available to support a further reduction in the assessed level of control risk D. Evaluate whether the internal controls structure policies and procedures detected material misstatement. When the auditor identifies a area of the accounting system with missing controls i.e., a material weakness , this would lead to a modification of the audit program in that area that would: A. Increase the amount of tests of controls B. Increase the reliance on tests of controls C. Cause the issuance of a qualified or adverse opinion, D. Eliminate the need for test of cotrols Which of the following procedures most likely would be included as part of an auditor’s tests od controls? A. Inspection C. Confirmation B. Reconciliation D. Analytical procedures Test of controls are used to test whether control are; A. Operating activity B. Placed in the operation or implemented C. Properly incorporated in the financial statements D. Properly documented by the client Which of the following is least likely to be evidence the auditor examines to determine whethernoperations are in compliance with the internal control structure? A. Records documenting usage of IT programs. B. Confirmations of account receivable. C. Canceled supporting documents D. Signatures on authorization forms. After considering a client’s internal control structure, an auditor has concluded that it is well designed and is functioning as intended. Under these circumtances the auditors would most likely: A. Perform tests of control to the extent outlined in the audit program. B. Determine the control procedures that should prevent or detect errors and irregularities. C. Not increase the extent of predetermined substantive tests. D. Determine whether transactions are recorded to permit preparation of financial statements in conformity with GAAP. Test of controls may include the following except: A. Reperformance of internal control procedures B. Inquiries about, and observation of, internal controls which leave no audit trail. C. Analytical procedures involving comparison of operating expenses with budgeted amount. D. Inspection of documentary support for transaction evidencing authorization Tests of controls are concerned primarily with each of the following questions:
I. How were the controls applied? II. Were the necessary controls consistently performed? III. By whom were controls applied?
A. I and II C. I and III B. II and III D. I,II and III 37. If the auditor uses the primarily substantive approach: A. A higher level of understanding of internal control is required. B. The auditor plans to assess control risk at a lower level C. The auditor plans heavier reliance to substantive tests D. The auditor plans to restrict sunstantive tests 38. Which of the following is correct response of the auditor when he allows a lower acceptable level of detection risk? Nature Timing Extent A. Less effective Year-end More Extensive B. Less effective Interim Less Extensive C. More effective Year-end More Extensive D. More effective Interim Less Extensive 39. The development of constructive suggestions to clients for improvements in internal control is a/as A. Requirement of the auditors consideration of internal control B. Desirable by-product of the audit engagement. C. Addressed by the auditor only during a special engagement D. Important as establishing a basis for reliance upon the internal control structure. 40. Which of the following circumtances most likely would cause an auditor to consider whether material misstatements exist in an entity’s financial statements? A. Supporting records that should be readily available are frequently not produced when requested. B. Reportable conditions previously communicated have not been corrected C. Clerical error are listed on a monthly computer-generated exception report. D. Difference are discovered during the client’s annual physical inventory count