Deck 6: Internal Control in a Financial Statement Audit

A) Hardware components.
B) Programmers.
C) Software.
D) Data provided by the system.

A) Performance reviews.
B) Information processing.
C) External auditor's tests of controls.
D) Segregation of duties.

A) An external auditor.
B) An effective audit committee.
C) An internal audit function.
D) The internal revenue service.

A) The internal audit function reports directly to management.
B) Management is dominated by one individual.
C) Accurate management job descriptions delineate specific duties.
D) The audit committee actively oversees the financial reporting process.

A) Reduction in the risk that controls will be circumvented.
B) More accurate accounting estimates.
C) Consistent application of predefined business rules.
D) More timely information.

A) Reasonable assurance.
B) Management responsibility.
C) Limited liability.
D) Management by exception.

A) Efficiency of management's decision-making process.
B) Appropriate prices that the entity should charge for its products.
C) Methods of assigning production tasks to employees.
D) Entity's ability to accurately process and summarize financial data.

A) External policies established by parties outside the entity affect its accounting practices.
B) Management is dominated by one individual.
C) Internal audit personnel have direct access to the board of directors and the entity's management.
D) The audit committee is active in overseeing the entity's financial reporting policies.

A) Transactions are executed in accordance with management's authorization.
B) Embezzlement will be eliminated.
C) Access to assets is permitted only in accordance with management's authorization.
D) Amounts recorded for assets are compared with the actual existing assets at reasonable intervals.

A) Form a basis for evaluating employees.
B) Monitor production quality.
C) Avoid clerical errors.
D) Meet objectives of maintaining reliable documents and records and accurate financial reporting.

A) Is optional.
B) Must be exclusively in narrative, questionnaires, or flowchart form.
C) Must include flowcharts.
D) Can include any combination of narratives, questionnaires, or flowcharts.

A) Organizational controls.
B) Data validation controls.
C) Access security controls.
D) Application system acquisition controls.

A) Provide reasonable assurance that their financial statements are free of material misstatements.
B) Ensure that the entity will not have any misstatements in areas related to the service organization's activities.
C) Ensure that the auditee is billed correctly.
D) Assess whether the service organization's controls are suitably designed to achieve internal control objectives.

A) Analytical procedure.
B) Test of controls.
C) Substantive procedure.
D) Functional test.

A) Affect the financial statement assertions.
B) Prevent management override.
C) Relate to the control environment.
D) Reflect management's philosophy and operating style.

A) Test to ensure that a numerical value does not exceed some predetermined value.
B) Check to ensure that the value in a field falls within an allowable range of values.
C) Check to ensure that the data in a field have the proper arithmetic sign.
D) Check on a field to ensure that it contains either all numeric or alphabetic characters.

A) Prepare audit procedure manuals.
B) Prepare detailed job descriptions.
C) Perform walkthroughs.
D) Assess the degree of accuracy of financial data.

A) Operational efficiency has been achieved in accordance with management plans.
B) Errors and fraud have been prevented, or detected and corrected.
C) Controls have not been circumvented by collusion.
D) Management cannot override the system.

A) Authorization, execution, and payment.
B) Authorization, recording, and custody.
C) Custody, execution, and reporting.
D) Authorization, payment, and recording.

A) Scanning the journals produced by the internal control system.
B) Performing analytical procedures using data aggregated at a high level.
C) Vouching a sample of transactions directly related to the controls.
D) Observing the entity's personnel applying the controls.

A) Administrative.
B) Specific.
C) Application.
D) Authorization.

A) Tests of the specific items making up the balance in a given general ledger account.
B) Tests comparing inventory pricing to vendors' invoices.
C) Tests of the signatures on canceled checks to the board of directors' authorizations.
D) Tests of the additions to property, plant, and equipment by physical inspections.

A) If transactions are recurring.
B) For nonrecurring, unusual transactions.
C) If control risk is very low.
D) If the entity has a well-designed automated system.

A) Test to ensure that a numerical value in a field does not exceed some predetermined value.
B) Check to ensure that the value in a field falls within an allowable range of values.
C) Check to ensure that the data in a field have the proper arithmetic sign.
D) Check on a field to ensure that it contains either all numeric or all alphabetic characters.

A) Hash total.
B) Parity check.
C) Encryption.
D) Check digit.

A) Preparation of generalized computer audit programs.
B) Review of the entity's internal controls.
C) Use of statistical sampling in performing an audit.
D) Performance of analytical procedures of account balances.

A) The maintenance of the system of internal control is an important responsibility of the internal audit function.
B) Administrative controls relate directly to the safeguarding of assets.
C) Because of the cost/benefit relationship, tests of controls may be applied on a test basis in some circumstances.
D) Well designed internal control activities always prevent collusion among employees.

A) It is independent of management.
B) It is comprised almost exclusively of members of management, ensuring detailed knowledge of the company's operations.
C) It asks management difficult questions.
D) It interacts regularly with internal audit personnel.

A) Identify whether segregation of duties prevent collusion.
B) Provide a visual depiction of the entity's activities.
C) Indicate whether controls are operating effectively.
D) Reduce the need to observe the entity's employees performing routine tasks.

A) Inquiry.
B) Analytical procedures.
C) Calculation.
D) Confirmation.

A) Consider factors that affect the risk of material misstatement.
B) Ascertain whether internal control policies and procedures have been placed in operation.
C) Identify the types of potential misstatements that can occur.
D) Obtain knowledge about the operating effectiveness of the internal control.

A) Assessing control risk and obtaining an understanding of an entity's internal controls may be performed concurrently.
B) When control risk is high, an auditor is required to document the basis for that assessment.
C) Control risk may be assessed sufficiently low to eliminate substantive procedures for significant accounts.
D) When assessing control risk, an auditor should not consider evidence obtained in prior audits about the operation of control activities.

A) Management's operating style.
B) Access to computer programs.
C) Organizational structure.
D) Human resource policies and practices.

A) Understanding of the internal control.
B) Reasons for deciding not to extend the review.
C) Basis for concluding that errors and fraud will be prevented.
D) Completed internal control questionnaire.

A) Identifying and recording all valid transactions.
B) Determining the time period in which transactions occurred.
C) Communicating price changes to customers.
D) Properly presenting transactions and related disclosures in the financial statements.

A) Allows management to identify all relevant risks.
B) Creates a commitment to competence.
C) Guarantees that all controls are followed as prescribed.
D) Requires an internal audit function.

A) Increased implementation of detailed tests of transactions and balances.
B) Extra tests of controls.
C) Increased emphasis on verbal representations from management.
D) Setting control risk at a minimum level.

A) Data are shared extensively among systems.
B) The entity participates heavily in electronic commerce.
C) The system has not changed from the prior year.
D) Significant audit evidence is in electronic form.

A) Internal audit programs, audit documents, and reports can eliminate the need for the independent auditor's staff.
B) The procedures performed by the internal audit staff may eliminate the independent auditor's need for an extensive study and evaluation of internal control.
C) The work performed by internal audit personnel may be a factor in determining the nature, timing, and extent of the independent auditor's procedures.
D) The understanding of the internal audit function is an important substantive procedure to be performed by the independent auditor.

A) Determine whether the control activities have been placed in operation.
B) Perform procedures to understand the design of the internal control policies.
C) Document the understanding of the entity's internal control components.
D) Search for significant deficiencies in the operation of the internal control.

A) The auditor's assessment of control risk.
B) The auditor's assessment of client risk.
C) The entity's identification and analysis of risks relevant to achievement of its objectives.
D) The entity's monitoring of the potential for material misstatements.

A) Reflects management's philosophy and operating style.
B) Affects management's financial statement assertions.
C) Provides adequate safeguards over access to assets.
D) Enhances management's decision-making processes.

A) Can never be circumvented.
B) Should function consistently in the absence of program changes.
C) Need not be tested by the auditor.
D) Must be tested using the same techniques as a manual control.

A) Cost/benefit relationship of the system of internal control.
B) Achievement of the objectives of the system of internal control.
C) Comparison of recorded accountability with assets.
D) Timing of the tests to be performed.

A) Auditors may fail to detect material misstatements.
B) Proper internal controls guarantee that material misstatements will not occur.
C) Proper internal controls preclude fraud.
D) The costs of some controls may be too high to implement in relation to potential benefits.

A) Incompatible duties.
B) Management override.
C) Mistakes in judgment.
D) Collusion among employees.

A) Ensuring proper accountability.
B) Defining areas of authority.
C) Creating clear lines of reporting.
D) Ensuring a proper commitment to controls.

A) Influence the design of internal controls.
B) Affect the auditor's overall materiality levels.
C) Assist in evaluating the planned audit assertions.
D) Determine the auditor's acceptable level of audit risk.

A) Changing the timing of substantive procedures by omitting interim testing and performing the tests at year-end.
B) Identifying specific internal controls relevant to specific assertions.
C) Performing more extensive substantive procedures with larger sample sizes than originally planned.
D) Reducing inherent risk for most of the assertions relevant to significant account balances.

A) Employment of temporary personnel to aid in the separation of duties.
B) Direct participation by the owner of the business in the recordkeeping activities of the business.
C) Engaging a CPA to perform monthly bookkeeping.
D) Delegation of full, clear-cut responsibility to each employee for the functions assigned to each.

A) Disclosures of information that significantly contradict the auditor's going concern assumption.
B) Material fraud or illegal acts perpetrated by high-level management.
C) Significant design flaws in internal controls or poor implementation of internal controls.
D) Manipulation or falsification of accounting records or documents from which financial statements are prepared.

A) Approval of the purchase and sale of marketable securities.
B) Classification of revenue and expense transactions by product line.
C) Segregation of the functions of recording disbursements and reconciling the bank account.
D) Comparison of receiving reports and vendors' invoices with purchase orders.

A) Top to bottom and left to right.
B) Bottom to top and left to right.
C) Top to bottom and right to left.
D) Bottom to top and right to left.

A) Reperformance.
B) Inquiry.
C) Observation.
D) Inspection.

A) The collection of like transactions which are sorted and processed sequentially against a master file.
B) Keypunching of transactions, followed by machine processing.
C) The production of numerous printouts.
D) The posting of a transaction, as it occurs, to several files, without intermediate printouts.

A) Identify specific internal control activities relevant to management's financial statement assertions.
B) Perform tests of controls to evaluate the effectiveness of the entity's accounting system.
C) Determine whether procedures are suitably designed to prevent or detect material misstatements.
D) Document the auditor's understanding of the entity's internal control.

A) Absence of appropriate reviews of transactions.
B) Evidence of willful wrongdoing by lower-level employees.
C) Inadequate provisions for safeguarding assets.
D) Inventory is highly subject to obsolescence.

A) Extent of tests of details.
B) Level of inherent risk.
C) Extent of tests of controls.
D) Level of detection risk.

A) Identifying specific controls to rely on.
B) Concluding that controls are ineffective.
C) Performing tests of controls.
D) Analyzing the achieved level of control risk after performing tests of controls.

A) Interim testing.
B) Reduced testing of transactions.
C) Heavy reliance on analytical procedures as substantive procedures.
D) Audit work only completed at year-end.

A) Compliance tests were not performed by the internal audit staff during the remaining period.
B) The internal control system provides a basis for reliance in reducing the extent of substantive procedures.
C) The auditor used nonstatistical sampling during interim compliance testing.
D) Inquiries and observations lead the auditor to believe that conditions within the internal control system have changed.

A) The level of control risk.
B) Scheduling conflicts in the audit firm that make interim testing more convenient.
C) Whether business conditions will change after the interim date.
D) The ability to examine the remaining period.

A) Assess control risk at high for the assertions embodied in the accounts selected for interim testing.
B) Determine that the accounts selected for interim testing are not material to the financial statements taken as a whole.
C) Consider the availability of information at a later date that will be necessary for the auditor's procedures (e.g., electronic data).
D) Obtain written representations from management that all financial records and related data will be made available.

A) Pictorial presentation of the flow of instructions in an entity's internal computer system.
B) Diagram which clearly indicates an organization's internal reporting structure.
C) Graphic illustration of the flow of operations which is used to replace the auditor's internal control questionnaire.
D) Symbolic representation of a system or series of sequential processes.

A) Reperformance and corroboration.
B) Observation and inquiry.
C) Inspection and vouching.
D) Confirmation and recomputation.

A) Required to enable the auditor to state that the examination has been made in accordance with generally accepted auditing standards.
B) The principle reason for studying and evaluating the system of internal controls.
C) Incidental to the auditor's objective of forming an opinion as to the fair presentation of the financial statements.
D) Required to be included as part of the audit opinion.

A) Grandfather-father-son record retention.
B) Input and output validation routines.
C) Systems documentation.
D) Check digit verification.

A) Narratives.
B) Internal control questionnaires.
C) Flowcharts.
D) Organization charts.

A) Inspection.
B) Reconciliation.
C) Confirmation.
D) Analytical procedures.

A) Additional tests are seldom conducted for the remaining period.
B) Additional control tests are required in the remaining period.
C) The entity's controls likely are ineffective.
D) Additional tests likely will be performed in the remaining period.