Deck 8: Risk Responseperforming Tests of Controls

A)understand entity-level controls
B)understand the flow of transactions
C)identify relevant controls to test
D)determine preliminary audit strategy

A)make it less likely that transaction-level controls will operate effectively
B)make it more likely that transaction-level controls will operate effectively
C)generally increase inherent risk
D)have no bearing on inherent risk

A)understand entity-level controls
B)understand the flow of transactions
C)identify relevant controls to test
D)perform tests of controls

A)they will use their knowledge of assertions to understand what can go wrong
B)they will use their knowledge of the client's legal history to understand what can go wrong
C)they are ready to issue a clean audit opinion
D)they should request the internal audit function begin the audit

A)all five components of internal controls
B)all four components of internal controls
C)all auditor and client controls
D)all controls recommended by the internal audit function

A)to ensure that if prevention controls are not effective, errors or fraud will be detected and corrected on a timely basis
B)to ensure that if detection controls are not effective, errors or fraud will be detected and corrected on a timely basis
C)to catch errors or fraud before the transactions have been processed
D)to catch errors or fraud while the transactions are being processed

A)implemented by businesses to reduce the risk of misstatement due to error or fraud, and to ensure that business processes are operating effectively
B)implemented by the auditors to reduce the risk of misstatement due to error or fraud, and to ensure that business processes are operating effectively
C)the same as entity-level controls
D)tested by the internal auditors

A)there is an expectation that the auditor will test controls in order to support an opinion on Internal Control over Financial Reporting (ICFR)
B)there is an expectation that the auditor will audit the financial statements only in order to support an opinion on ICFR
C)the audit should be conducted in conjunction with the internal auditors
D)the auditor should request the assistance of the prior auditor

A)at both the entity and transaction levels
B)at the transaction level only
C)to each transaction during normal processing and are intended to stop fraud or errors from occurring
D)to each entity during normal processing and are intended to stop fraud or errors from occurring

A)Increase the assessed level of control risk
B)Increase the level of assessed detection risk
C)Stabilize the nature, timing, and extent of substantive tests related to the assertion
D)Rely on external controls

A)inquiry
B)observation
C)reperformance
D)recalculation

A)is an important objective of every accounting system
B)is an optional objective of every accounting system
C)is the responsibility of the auditor
D)is the responsibility of the internal auditors

A)Controls that are applied after transactions have been processed to identify whether fraud or errors have occurred, and to rectify the fraud or errors on a timely basis
B)The collective assessment of the client's control environment, risk assessment process, information system, control activities and monitoring of controls
C)Controls that affect a particular transaction cycle or group of transactions
D)Controls that determine the flow of documents through the system

A)observation
B)reperformance
C)inquiry
D)statistical testing

A)Entity-level controls
B)Transaction-level controls
C)Internal controls
D)External controls

A)should always have physical evidence indicating whether the control was performed
B)will rarely have physical evidence indicating whether the control was performed
C)do not always have physical evidence indicating whether the control was performed
D)are the same as detect controls

A)from year-to-year with the same client
B)from client to client to a greater extent than prevention controls
C)from client to client to a lesser extent than prevention controls
D)depending on managements desire to override controls

A)Internal controls
B)External controls
C)Entity-level controls
D)Transaction-level controls

A)decreases the risk that errors or fraud may occur
B)increases the risk that errors or fraud may occur
C)decreases the overall risk of the audit
D)has no bearing on the risk of the audit

A)Tests of controls
B)Financial auditing
C)External controls
D)Transaction-level controls

A)entity-level controls and transaction-level controls
B)entity-level controls
C)transaction-level controls
D)transaction-level and auditor-level controls

A)it is less likely that transaction-level controls will operate effectively
B)it is more likely that transaction-level controls will operate effectively
C)it is likely that the client has an ineffective audit committee
D)it is likely that the client has a higher assessed level of inherent risk

A)computerized batch processing system
B)locked inventory cage for high dollar-value items to which only a few authorized staff have a key to access
C)requirement for employees to login to computer systems using validating credentials
D)automated prevention and detection controls

A)observation
B)professional skepticism
C)recalculation
D)inquiry

A)only include certain procedures approved by management and the auditor
B)include any procedure used and relied upon by the client to prevent errors from occurring when processing transactions, or to detect and correct errors that may occur in these transactions
C)include any procedure used and relied upon by the auditor to prevent errors from occurring when processing transactions, or to detect and correct errors that may occur in these transactions
D)never be subject to senior management override

A)he or she performs more testing than if he or she is planning to obtain only limited assurance from tests of controls
B)he or she performs less testing than if he or she is planning to obtain only limited assurance from tests of controls
C)he or she performs the same amount of testing if he or she is planning to obtain only limited assurance from tests of controls
D)he or she performs more testing than if he or she is planning to obtain unlimited assurance from tests of controls

A)should be forwarded to the client's legal counsel for review and approval
B)should be disregarded if it contradicts management's statements and intentions
C)should be corroborated with other evidence
D)should be used in isolation

A)the auditor will want to test controls over that assertion
B)the auditor will want to test controls over other assertions
C)the auditor should request the audit be conducted by the internal audit function
D)the auditor should withdraw from the engagement, to avoid risk exposure

A)Performance
B)Observation
C)Inquiry
D)Inspection of physical evidence

A)will allow the auditor to verify that the software application is functioning as designed
B)will allow the auditor to verify manual controls within the software application are functioning as designed
C)may corrupt the client's system, and should not be attempted
D)should be performed without the knowledge of the client's senior management

A)the auditor uses a top-down approach to determine which controls to select
B)the auditor uses a bottom-up approach to determine which controls to select
C)the auditor should be careful to issue the same audit opinion for both the financial statements and internal control
D)the auditor should be careful to issue different audit opinions for the financial statements and internal control

A)is the maximum rate of deviation from a prescribed control that an auditor is willing to accept and still use the planned assessed level of control risk
B)is the minimum rate of deviation from a prescribed control that an auditor is willing to accept and still use the planned assessed level of control risk
C)refers to the extent that audit fees can go over the roughly agreed amount
D)relates to how many immaterial misstatements the auditor finds

A)an auditor's tests of controls are unrelated to the planned audit strategy
B)an auditor's tests of controls are largely dictated by the planned audit strategy
C)the auditor is not subject to reporting and notification requirements
D)the auditors should preemptively determine the entities ability to pay for the audit and request a certain percentage in advance

A)is referred to as reperformance
B)is referred to as recalculation
C)is known as inspection of physical evidence
D)is known as inspection of computer systems

A)should be delegated to the internal audit function
B)should be the responsibility of the client's legal counsel
C)is mandatory at every client audit
D)is likely to be used, but would be determined by the auditor's professional judgment

A)inquiry
B)interrogation
C)audit scanning techniques
D)professional skepticism

A)alone would be considered quality audit evidence
B)would not be considered quality audit evidence
C)should not be used in conjunction with other audit procedures
D)involves making inquiries of prior auditors

A)reperformance
B)observation
C)inquiry
D)inspection of physical evidence

A)there is no relationship between assurance and sample size
B)there is a direct relationship between assurance and sample size
C)the choice of which accounts to sample should be as non-random as possible
D)the auditors should ideally select a sample size which is larger than the population

A)inspection of physical evidence
B)inquiry
C)observation
D)reperformance

A)is the rate at which the auditor expects controls not to function as planned
B)is the rate at which the auditor expects controls to function as planned
C)relates to how many accounts within the population will be stated correctly
D)relates to how many accounts within the population will be consistent with the auditor's expectation

A)asking management which controls they would prefer the auditor to test
B)checking the same controls as the prior year
C)by understanding the entity and the business and determining the risk of material fraud or error at the financial statement level
D)by understanding the entity and all other industries and determining the risk of material fraud or error at the financial statement level

A)the auditor should inquire of management as to their preferences
B)the auditor can use statistically based sampling techniques only
C)the auditor can use either statistically based sampling techniques or nonstatistical techniques
D)the auditor can use non nonstatistical techniques only

A)the less representative a sample should be of the population, and the more testing the auditor needs to do
B)the more representative a sample should be of the population, and the less testing the auditor needs to do
C)the more representative a sample should be of the population, and the more testing the auditor needs to do
D)the less representative a sample should be of the population, and the less testing the auditor needs to do

A)requesting management complete flowcharts and questionnaires related to the audit
B)submitting certain test data into the client's software application while the auditor is in control of the software
C)allowing the internal auditors access to the external auditor's software application in order to assist with the audit
D)deleting client files and transactions to ensure that the client's software appropriately alerts the correct staff

A)a "yes or no" decision with respect to effectiveness
B)multiple decisions
C)sure that all controls are working perfectly, with no errors, material or immaterial
D)certain that he or she will ultimately be in a position to render absolute assurance on the financial statements and internal control

A)the auditors immediately issue an unqualified opinion on internal control
B)the auditors document their work in a working paper
C)the auditors should request all fees due for this part of the audit, before moving on to the financial statement audit
D)the auditors should document their understanding in a memo addressed to the client's legal counsel

A)Results of inquiries and observations
B)Evidence provided by other tests
C)Changes in the overall control environment
D)All of these answer choices are correct

A)if they are not acted upon on a timely basis, or if client personnel fail to clear items noted on an exception report
B)if they are acted upon on a timely basis, or if client personnel fail to clear items noted on an exception report
C)if they are not acted upon on a timely basis only
D)if client personnel fail to clear items noted on an exception report only

A)It is the rate at which the auditor expects controls to not function as planned.
B)It is the maximum rate of deviation from a prescribed control that an auditor is willing to accept.
C)It is the rate that represents the confidence that the evidence obtained is representative of the underlying population from which the sample was taken.
D)It is similar to the actual rate of deviation in the population.

A)if the entity is hacked or experiences some form of phishing
B)if it lists an appropriate transaction on an exception report
C)if it fails to put an invalid transaction on an exception report
D)if it is consistently used

A)the auditor revises the overall audit risk assessment for the related account and assertion, and the planned audit strategy
B)the auditor makes no changes to the overall audit risk assessment for the related account and assertion, and the planned audit strategy
C)the auditor concludes that internal control is weak, and issues an appropriate opinion
D)the auditor would lower inherent risk surrounding the engagement as a whole

A)control exception
B)significant deficiency
C)attribute sampling
D)material weakness

A)the auditor will consider whether there is a compensating control that might prevent and correct a misstatement missed by the original control being tested
B)the auditor will consider whether there is a compensating control that might detect and correct a misstatement missed by the original control being tested
C)the auditor should obtain additional written assurances from management
D)the auditor should consider withdrawing from the engagement

A)are usually carried out after the firm's financial statement date
B)are usually carried at the firm's financial statement date
C)will usually be carried out at an interim date, often about three months prior to year-end
D)will usually be carried out at an interim date, often about six months prior to year-end

A)statistical benchmarking
B)benchmarking
C)nonstatistical sampling
D)prior period inference

A)the auditor will want to make decisions about the nature, timing and extent of substantive testing
B)the auditor will want to make decisions about the nature of substantive testing
C)the auditor will want to make decisions about the timing of substantive testing
D)the auditor will want to make decisions about the extent of substantive testing

A)if it was performed
B)if it was not performed, or if it failed to function as designed
C)if it was not performed only
D)if it failed to function as designed only

A)the auditor must be alert for evidence that the control might be effective, even if only once or twice
B)the auditor must be alert for evidence that the control might be ineffective, even if only once or twice
C)the auditor should delegate audit procedures to the internal auditors where possible
D)it is possible for the auditor to rely on the opinion of the prior auditor

A)the larger the sample size
B)the lower any statistical variance should be
C)the smaller the sample size.
D)the smaller the population being sampled should be

A)all client-owned documents which will be returned to the client once audit fees are paid
B)comments on this year's audit by the prior auditor
C)the auditors' opinion of absolute assurance about control risk, and the basis for their conclusion (e.g., underlying evidence)
D)the auditors' conclusion about control risk, and the basis for their conclusion (e.g., underlying evidence)

A)Attribute sampling
B)Control exception
C)Tests of control
D)Benchmarking

A)tolerable rate of deviation
B)expected rate of deviation in the population
C)desired level of assurance
D)control exception

A)the causes and the amounts involved
B)the financial statement accounts affected
C)the potential effect on other audit procedures
D)All of these answer choices are correct.

A)Material weakness
B)Significant deficiency
C)Control deficiency
D)Insignificant deficiency