When control risk is assessed at below the maximum level an auditor is required to document the basis for that assessment?

An auditor's flowchart of a client's accounting system is a diagrammatic representation that depicts the auditor's

A. Assessment of control risk.

B. Identification of weaknesses in the system
.
C. Assessment of the control environment's effectiveness.

D. Understanding of the system.

D

Decision tables differ from program flowcharts in that decision tables emphasize

A. Ease of manageability for complex programs.

B. Logical relationships among conditions and actions.

C. Cost benefit factors justifying the program.

D. The sequence in which operations are performed.

B

Which of the following is a management control method that most likely could improve management's ability to supervise company activities effectively?

A. Monitoring compliance with internal control requirements imposed by regulatory bodies.

B. Limiting direct access to assets by physical segregation and protective devices.

C. Establishing budgets and forecasts to identify variances from expectations.

D. Supporting employees with the resources necessary to discharge their responsibilities.

C

An auditor's primary consideration regarding an entity's internal control structure policies and procedures is whether they

A. Prevent management override.

B. Relate to the control environment.

C. Reflect management's philosophy and operating style.

D. Affect the financial statement assertions.

D

When obtaining an understanding of an entity's internal control procedures, an auditor should concentrate on the substance of the procedures, rather than their form, because

A.The procedures may be operating effectively but may not be documented.

B. Management may establish appropriate procedures but not enforce compliance with them.

C. The procedures may be so inappropriate that no reliance is contemplated by the auditor.

D. Management may implement procedures whose costs exceed their benefits.

B

In planning an audit of certain accounts, an auditor may conclude that specific procedures used to obtain an understanding of an entity's internal control structure need not be included because of the auditor's judgments about materiality and assessments of

A. Control risk.

B. Detection risk
.
C. Sampling risk.

D. Inherent risk.

D

Obtaining an understanding of an internal control involves evaluating the design of the control and determining whether the control has been

A. Authorized.

B. Implemented.

C. Tested.

D. Monitored.

B

An advantage of using systems flowcharts to document information about internal control, instead of using internal control questionnaires, is that systems flowcharts

A. Identify internal control weaknesses more prominently.

B. Provide a visual depiction of clients' activities.

C. Indicate whether control procedures are operating effectively.

D. Reduce the need to observe clients' employees performing routine tasks.

B

Which of the following most accurately describes the process of a walkthrough?

A. Testing and documenting the results of tests of selected controls

B. Inspection of selected documents, records, and internal control documentation

C. Observation of an entity's activities and operations

D. Following a transaction from its origination until it is reflected in the financial statements

D

Assessing control risk at below the maximum level most likely would involve

A. Performing more extensive substantive tests with larger sample sizes than originally planned.

B. Reducing inherent risk for most of the assertions relevant to significant account balances.

C. Changing the timing of substantive tests by omitting interim-date testing and performing the tests at year end.

D. Identifying specific internal control structure policies and procedures relevant to specific assertions.

D

Control risk should be assessed in terms of

A. Specific control procedures.

B. Types of potential irregularities.

C. Financial statement assertions.

D. Control environment factors.

C

After obtaining an understanding of the internal control structure and assessing control risk of an entity, an auditor decided not to perform tests of controls.

The auditor most likely decided that

A. The available evidential matter obtained through tests of

B. controls would not support an increased level of control risk.

C. A reduction in the assessed level of control risk is justified for certain financial statement assertions.
It would be inefficient to perform tests of controls that would result in a reduction in planned substantive tests.

D. The assessed level of inherent risk exceeded the assessed level of control risk.

C

Which of the following statements about internal control structure is correct?

A. A properly maintained internal control structure reasonably ensures that collusion among employees cannot occur.

B. The establishment and maintenance of the internal control structure are important responsibilities of the internal auditor.

C. An exceptionally strong internal control structure is enough for the auditor to eliminate substantive tests on a significant account balance.

D. The cost-benefit relationship is a primary criterion that should be considered in designing an internal control structure.

D

Which of the following most likely would not be considered an inherent limitation of the potential effectiveness of an entity's internal control structure?

A. Incompatible duties

B. Management override

C. Mistakes in judgment

D. Collusion among employees

A

Which of the following auditor concerns could most likely be so serious that the auditor concludes that a financial statement audit cannot be conducted?

A. The entity has no formal written code of conduct.

B. The integrity of the entity's management is suspect.

C. Procedures requiring segregation of duties are subject to management override.

D. Management fails to modify prescribed controls for changes in conditions.

B

After assessing control risk at below the maximum level, an auditor desires to seek a further reduction in the assessed level of control risk. At this time, the auditor would consider whether

A. It would be efficient to obtain an understanding of the entity's accounting system.

B. The entity's internal control structure polices and procedures have been placed in operation.

C. The entity's internal control structure polices and procedures pertain to any financial statement assertions.

D. Additional evidential matter sufficient to support a further reduction is likely to be available.

D

Which of the following statements is correct concerning an auditor's assessment of control risk?

A. Assessing control risk may be performed concurrently during an audit with obtaining an understanding of the entity's internal control structure.

B. Evidence about the operation of control procedures in prior audits may not be considered during the current year's assessment of control risk.

C. The basis for an auditor's conclusions about the assessed level of control risk need not be documented unless control risk is assessed at the maximum level.

D. The lower the assessed level of control risk, the less assurance the evidence must provide that the control procedures are operating effectively.

A

When assessing control risk at below the maximum level, an auditor is required to document the auditor's understanding of the

I. Entity's control activities that help ensure management directives are carried out.

II. Entity's control environment factors that help the auditor plan the engagement.

I only.
II only.
Both I and II.
Neither I nor II.

Both I and II

The ultimate purpose of assessing control risk is to contribute to the auditor's evaluation of the

A. Factors that raise doubts about the auditability of the financial statements.

B. Operating effectiveness of internal control policies and procedures.

C. Risk that material misstatements exist in the financial statements.

D. Possibility that the nature and extent of substantive tests may be reduced.

C

After obtaining an understanding of the internal control structure and assessing control risk, an auditor decided to perform tests of controls. The auditor most likely decided that

A. It would be efficient to perform tests of controls that would result in a reduction in planned substantive tests.

B. Additional evidence to support a further reduction in control risk is not available.

C. An increase in the assessed level of control risk is justified for certain financial statement assertions.

D. There were many internal control structure weaknesses that could allow errors to enter the accounting system.

A

Which of the following statements concerning control risk is correct?

A. Assessing control risk and obtaining an understanding of an entity's internal control structure may be performed concurrently.

B. When control risk is at the maximum level, an auditor is not required to document the basis for that assessment.

C. Control risk may be assessed sufficiently low to eliminate substantive testing for significant transaction classes.

D. When assessing control risk, an auditor should not consider evidence obtained in prior audits about the operation of control procedures.

A

Management's attitude toward aggressive financial reporting and its emphasis on meeting projected profit goals most likely would significantly influence an entity's control environment when

A. The audit committee is active in overseeing the entity's financial reporting policies.

B. External policies established by parties outside the entity affect its accounting practices.

C. Management is dominated by one individual who is also a shareholder.

D. Internal auditors have direct access to the board of directors and entity management.

C

When assessing control risk at below the maximum level, an auditor is required to document the auditor's understanding of the

I. Entity's control activities that help ensure management directives are carried out.

II. Entity's control environment factors that help the auditor plan the engagement.

I only.
II only.
Both I and II.
Neither I nor II.

Both I and II

Which of the following elements of an entity's internal control structure includes the development of personnel manuals documenting employee promotion and training policies?

A. Control activities.

B. Control environment.

C. Accounting system.

D. Quality control system.

B

After obtaining an understanding of an entity's internal control structure, an auditor may assess control risk at the maximum level for some assertions because the auditor

A. Believes the internal control policies and procedures are unlikely to be effective.

B. Determines that the pertinent internal control structure elements are not well documented.

C. Performs tests of controls to restrict detection risk to an acceptable level.

D. Identifies internal control policies and procedures that are likely to prevent material misstatements.

A

An auditor would most likely be concerned with internal control structure policies and procedures that provide reasonable assurance about the

A. Efficiency of management's decision-making process.

B. Appropriate prices the entity should charge for its products.

C. Methods of assigning production tasks to employees.

D. Entity's ability to process and summarize financial data.

D

Which of the following is not a component of internal control?

A. Control environment
.
B. Control activities.

C. Inherent risk.

D. Monitoring.

C

For certain controls, such as segregation of duties, documentary evidence may not exist. auditor would most likely test the procedures by

A. Reperformance and corroboration.

B. Observation and inquiry.

C. Inspection and vouching.

D. Confirmation and recomputation.

B

An auditor should obtain sufficient knowledge of an entity's accounting system to understand the

A. Safeguards used to limit access to computer facilities.

B. Process used to prepare significant accounting estimates.

C. Procedures used to assure proper authorization of transactions.

D. Policies used to detect the concealment of irregularities.

B

Which of the following is the best way to compensate for the lack of adequate segregation of duties in a small organization?

A. Disclosing lack of segregation of duties to the external auditors during the annual review.

B. Replacing personnel every three or four years.

C. Requiring accountants to pass a yearly background check.

D. Allowing for greater management oversight of incompatible activities.

D

In obtaining an understanding of an entity's internal control structure in a financial statement audit, an auditor is not obligated to

A. Determine whether the control procedures have been placed in operation.

B. Perform procedures to understand the design of the internal control structure policies.

C. Document the understanding of the entity's internal control structure elements.

D. Search for significant deficiencies in the operation of the internal control structure.

D

In obtaining an understanding of an entity's internal control structure policies and procedures that are relevant to audit planning, an auditor is required to obtain knowledge about the

A. Design of the policies and procedures pertaining to the internal control structure elements.

B. Effectiveness of the policies and procedures that have been placed in operation.

C. Consistency with which the policies and procedures are currently being applied.

D. Control procedures related to each principal transaction class and account balance.

A

During consideration of the internal control structure in a financial statement audit, an auditor is not obligated to

A. Search for significant deficiencies in the operation of the internal control structure.

B. Understand the internal control environment and the accounting system.

C. Determine whether the control procedures relevant to the audit have been implemented.

D. Perform procedures to understand the design of the internal control structure policies.

A

Which of the following actions should the auditor take in response to discovering a deviation from the prescribed control procedure?

A. Make inquiries to understand the potential consequence of the deviation.

B. Assume that the deviation is an isolated occurrence without audit significance.

C. Report the matter to the next higher level of authority within the entity.

D. Increase sample size of tests of controls.

A

Which of the following audit techniques most likely would provide an auditor with the most assurance about the effectiveness of the operation of an internal control procedure?

A. Confirmation with outside parties.

B. Inquiry of client personnel.

C. Recomputation of account balance amounts.

D. Observation of client personnel.

D

When considering the internal control structure, an auditor should be aware of the concept of reasonable assurance, which recognizes that

A. Internal control policies and procedures may be ineffective due to mistakes in judgment and personal carelessness.

B. Adequate safeguards over access to assets and records should permit an entity to maintain proper accountability.

C. Establishing and maintaining the internal control structure is an important responsibility of management.

D. The cost of an entity's internal control structure should not exceed the benefits expected to be derived.

D

Which of the following auditor concerns most likely could be so serious that the auditor concludes that a financial statement audit cannot be performed?

A. Management fails to modify prescribed internal controls for changes in information technology.

B. Internal control activities requiring segregation of duties are rarely monitored by management.

C. Management is dominated by one person who is also the majority stockholder.

D. There is a substantial risk of intentional misapplication of accounting principles.

D

When the operating effectiveness of a control is not evidenced by written documentation, an auditor should obtain evidence about the control's effectiveness by

A. Mailing confirmations.

B. Inquiry and other procedures such as observation.

C. Analytical procedures.

D. Recalculating the balance in related accounts.

B

What should an auditor do when control risk is assessed at the maximum level?

How is control risk assessed by an auditor?

What is a low assessed level of control risk?

When planning a financial statement audit the auditor should assess inherent risk at the?