Deck 7: Understanding and Assessing Internal Control

A)determine whether the entity is a going concern.
B)determine the extent of substantive tests to be performed.
C)ascertain whether irregularities are probable.
D)ascertain whether any employees have incompatible duties.

A)The establishment and maintenance of internal control is an important responsibility of the internal auditor.
B)Properly maintained internal control reasonably ensures that collusion among employees cannot occur.
C)The cost-benefit relationship is a primary criterion that should be considered in designing internal control.
D)Exceptionally strong internal control is enough for the auditor to eliminate substantive tests on a significant account balance.

A)Total time recorded on time-clock cards should be reconciled to job reports by employees responsible for those specific jobs.
B)Payroll department employees should be supervised by the management of the personnel department.
C)Payroll department employees should be responsible for maintaining employee personnel records.
D)Total time spent on jobs should be compared with total time indicated on time-clock cards.

A)identifying specific controls to rely on.
B)concluding that controls are ineffective.
C)performing tests of controls.
D)analysing the achieved level of control risk after performing tests of controls.

A)controls have not been circumvented by collusion.
B)misstatements have been prevented or detected.
C)operational efficiency has been achieved in accordance with management plans.
D)management cannot override the system.

A)sales clerk.
B)receiving clerk.
C)inventory control clerk.
D)accounts receivable clerk.

A)assurance provided by internal control.
B)determined level of acceptable detection risk.
C)product of the understanding of internal control.
D)assessed level of control risk.

A)Responsibility for accounting and financial duties should be assigned to one responsible officer.
B)Responsibility for the performance of each duty must be fixed.
C)Responsibility for the accounting duties must be borne by the audit committee of the company.
D)All of the options listed here are correct

A)sales returns.
B)cash receipts.
C)perpetual inventory records.
D)purchase orders.

A)external policies established by parties outside the entity affect its accounting practices.
B)management is dominated by one individual.
C)internal auditors have direct access to the board of directors and the entity's management.
D)the audit committee is active in overseeing the entity's financial reporting policies.

A)may be performed concurrently in an audit.
B)needs to be documented only if the assessed level of control risk is less than high.
C)is possible but not necessary in performing an audit.
D)are necessarily sequential audit steps.

A)management's operating style.
B)access to computer programs.
C)organisational structure.
D)human resource policies and practices.

A)Differences are always disclosed on a computer exception report.
B)Management does not correct internal control deficiencies that it knows about.
C)There have been two new financial controllers this year.
D)There are numerous delays in preparing timely internal financial reports.

A)reviewing and approving time reports for subordinate employees.
B)distributing payroll cheques to employees.
C)hiring subordinate employees.
D)initiating requests for salary adjustments for subordinate employees.

A)Randomly.
B)Disproportionately.
C)Directly.
D)Inversely.

A)form a basis for evaluating employees.
B)monitor production quality.
C)avoid clerical errors.
D)meet objectives of maintaining sound documents and records and accurate financial reporting.

A)No one person should be responsible for the custodial responsibility and the recording responsibility for an asset.
B)Transactions must be properly authorised before such transactions are processed.
C)Because of the cost-benefit relationship, a client may apply control procedures on a test basis.
D)Control procedures reasonably ensure that collusion among employees cannot occur.

A)factors that raise doubts about the auditability of the financial report.
B)operating effectiveness of internal control policies and procedures.
C)risk that material misstatements exist in the financial report.
D)possibility that the nature and extent of substantive tests may be reduced.

A)changing the timing of substantive tests by omitting interim testing and performing the tests at year-end.
B)identifying specific internal controls relevant to specific assertions.
C)performing more extensive substantive tests with larger sample sizes than originally planned.
D)reducing inherent risk for most of the assertions relevant to significant account balances.

A)identify internal control weaknesses more prominently.
B)provide a visual depiction of clients' activities.
C)indicate whether controls are operating effectively.
D)reduce the need to observe clients' employees performing routine tasks.

A)Narratives.
B)Internal control questionnaires.
C)Flowcharts.
D)Organisation charts.

A)Internal control policies or procedures are unlikely to be effective.
B)Evaluating the effectiveness of the internal control policies or procedures would be more time consuming than another audit approach.
C)The auditor has assessed detection risk as high.
D)Internal control policies or procedures are unlikely to pertain to an assertion.

A)preparation of generalised computer audit programs.
B)review of the client's internal accounting controls.
C)use of statistical sampling in performing an audit.
D)performance of analytical procedures on account balances.

A)organisational structure.
B)management philosophy and operating style.
C)human resource policies and procedures.
D)tests of control.

A)Segregation of the asset-handling and record-keeping functions.
B)Company policy regarding credit and collection efforts.
C)Classification of sales and cost records by products.
D)Authorisation of additions to plant and equipment.

A)A control total for hours worked, prepared from time-cards collected by the timekeeping department and compared to the payroll sheets.
B)Requiring the accounting department to account for all pre-numbered cheques issued to the IT department for the processing of the payroll.
C)The use of check digits on employee numbers.
D)The use of a header label on the payroll input sheet.

A)the auditor's assessment of control risk.
B)the auditor's assessment of engagement risk.
C)the entity's identification and analysis of risks relevant to achievement of its objectives.
D)the entity's monitoring of the potential for material misstatements.

A)conformity of the accounting records with the accounting standards.
B)representation as to adherence to requirements of management.
C)compliance with the auditing standards.
D)the fairness of the financial report presentation.

A)design of the relevant policies, procedures and records and their operating effectiveness.
B)design of the relevant policies, procedures and records and their relationships to assertions.
C)the complexity of the entity and the sophistication of its systems and operations.
D)design of the relevant policies, procedures and records and whether they have been placed in operation.

A)I, II, III.
B)I, III, II.
C)III, II, I.
D)II, I, III.

A)prepare audit procedure manuals.
B)prepare detailed job descriptions.
C)perform walk-throughs.
D)assess the degree of accuracy of financial data.

A)inspect documents.
B)make enquiries.
C)observe procedures.
D)consider policies and procedures manuals.

A)re-performance.
B)ienquiry.
C)observation.
D)inspection.

A)Corporate governance.
B)Control procedures.
C)Control environment.
D)Information system.

A)Narrative memorandum.
B)Procedures manual.
C)Flowchart.
D)None of the given answers is correct.

A)the understanding of the entity's internal control elements obtained to plan the audit.
B)the conclusion and the basis for that conclusion.
C)the implications for the overall audit strategy.
D)All of the given answers are correct.

A)prepare a flowchart.
B)update information contained in the organisation and procedure manuals.
C)corroborate the information obtained during the initial phases of obtaining an understanding of the internal control.
D)determine the extent of compliance with quality control standards.

A)analytical procedures.
B)substantive tests.
C)tests of controls.
D)confirmations.

A)documented in the flowchart.
B)considered to be deficiencies that might allow errors to enter the accounting system.
C)considered to be strengths that the auditor plans to use as a basis for an assessed level of control risk less than high.
D)that would aid in preventing irregularities.

A)The computer librarian maintains custody of computer program instructions and detailed program listings.
B)Computer operators have access to detailed program documentation.
C)The control group maintains sole custody of all computer output before distribution.
D)Computer programmers write and debug programs.

A)The sum of the cash deposits, plus the discounts, less the sales returns.
B)The sum of the cash deposits.
C)The sum of the cash deposits, less the discounts taken by customers.
D)The sum of the cash deposits, plus the discounts taken by customers.

A)Data processing.
B)Receiving of cash.
C)Custody of securities.
D)Banking of cash.

A)Ancillary program functions.
B)Disposition of source documents.
C)Operator competence.
D)Bit storage capacity.

A)personally observing the employees who apply the control procedures.
B)reviewing job descriptions in the personnel department.
C)preparing a flowchart of duties performed by personnel.
D)performing tests to determine whether control procedures operated consistently throughout the period.

A)Systems flowcharts.
B)Record layouts.
C)Program listings.
D)Record counts.

A)Hash total.
B)Financial total.
C)Encryption.
D)Check digit.

A)machine processing is accurate.
B)only authorised personnel have access to the computer area.
C)data received for processing are properly authorised and converted to machine readable form.
D)electronic data processing has been performed as intended for the particular application.

A)IT control group.
B)system analyst.
C)supervisor of computer operations.
D)computer programmer.

A)record totals.
B)hash totals.
C)processing data totals.
D)field totals.

A)An agreement of the total number of employees to the total number of cheques printed by the computer.
B)An algebraically determined number produced by the other digits of the employee number.
C)A logic test that ensures all employee numbers have nine digits.
D)A limit check that an employee's hours do not exceed 50 hours per work week.

A)The segregation of duties within the IT department.
B)The control over source documents.
C)The documentation maintained for accounting applications.
D)The cost-benefit ratio of data processing operations.

A)test to ensure that a numerical value does not exceed some predetermined value.
B)check to ensure that the value in a field falls within an allowable range of values.
C)check to ensure that the data in a field have the proper arithmetic sign.
D)check on a field to ensure that it contains either all numeric or alphabetic characters.

A)making corroborative inquiries.
B)observing the separation of duties of personnel.
C)reviewing transactions submitted for processing and comparing them to related output.
D)reviewing the run manual.

A)computer operator.
B)key entry operator.
C)computer programmer.
D)maintenance technician.

A)Initiation of changes to master records.
B)Conversion of information to machine-readable form.
C)Correction of transactional errors.
D)Initiation of changes to existing applications.

A)The accounts payable clerk prepares data for computer processing and enters the data into the computer.
B)The systems analyst reviews output and controls the distribution of output from the IT department.
C)The control clerk establishes control over data received by the IT department and reconciles control totals after processing.
D)The systems programmer designs the operating and control functions of programs and participates in testing operating systems.

A)Developing questionnaires and checklists.
B)Understanding control policies directed towards operating efficiency.
C)Understanding the internal control and performing tests of controls.
D)Observing employee functions and making enquiries.

A)The controls appear adequate.
B)The controls duplicate operative controls existing elsewhere in the system.
C)There appear to be major deficiencies that would preclude using the stated procedure as a basis to reduce the assessed level.
D)The time and dollar costs of testing exceed the time and dollar savings in substantive testing if the tests of controls show the controls to be operative.

A)control figures.
B)cross-adding tests.
C)limit checks.
D)external labels.

A)Net pay.
B)Department numbers.
C)Hours worked.
D)Total debits and total credits.

A)at the beginning of a valid account number, only.
B)in the middle of a valid account number, only.
C)at the end of a valid account number, only.
D)consistently in any position.

A)eliminate tests of controls.
B)increase the depth of the procedures to obtain an understanding of controls directed towards operating efficiency.
C)avoid duplicating the work performed by the internal audit staff.
D)place limited reliance on the work performed by the internal audit staff.

A)The systems analyst reviews output and controls the distribution of output from the IT department.
B)The entity has been slow to update its IT system to reflect changes in billing practices.
C)No paper trail is generated, as the entity receives sales orders, bills customers and receives payment based only on information generated from IT.
D)The auditor has been unable to determine whether all changes to a client's IT were properly authorised.

A)a tape library.
B)a check-digit system.
C)computer-generated hash totals.
D)a computer log.

A)machine processing is accurate.
B)only authorised personnel have access to the computer area.
C)data received for processing are properly authorised and converted to machine-readable form.
D)electronic data processing has been performed as intended for the particular application.

A)consider the organisation level to which internal auditors report the results of their work.
B)review the quality control program in effect for the internal audit staff.
C)examine the quality of the internal audit reports.
D)consider the qualifications of the internal audit staff.

A)Hours worked.
B)Employee's identification number.
C)Number of employees.
D)Gross pay.

A)control totals.
B)validity tests.
C)process tracing data.
D)check digits.

A)chief financial officer.
B)chief executive officer.
C)audit committee.
D)shareholders.