Topics

Explore all topics

Universities

uni logo
University of North Carolina at Chapel Hill
uni logo
University of Notre Dame
uni logo
Clemson University
Explore all Universities

Professors

Overall Quality
-/5
c c
Overall Quality
-/5
Billt Camp
Overall Quality
-/5
mathio g
Explore all Professors
Add Browser Extension
Start Free Trial
Need Help? Contact us
title
Textbook Solutions
Step-by-step solutions verified by experts
title
24/7 Homework Help
Complete assignments with the help of our community
title
Flashcards
Stimulate your visual memory & walk into test day with confidence
title
DocuAssist
Upload your study materials and we’ll help fill in the answers.
title
Campus Reps
Become a Campus Rep and earn up to 20% commission, plus weekly and monthly cash prizes.
title
My Courses
Add the courses you're enrolled in for tailored study material to meet your requirements
Explore all services
Add Browser Extension
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
العربية
search
ai logoChat with AI
Servicesarrow
Textbook Solutions icon
Textbook Solutions
24/7 Homework Help icon
24/7 Homework Help
Flashcards icon
Flashcards
DocuAssist icon
DocuAssist
Campus Reps icon
Campus Reps
My Courses icon
My Courses
Mobile App icon
Mobile App
Explore All Services
Discoverarrow

Topics

Explore All Services

Universities

uni logo
University of North Carolina at Chapel Hill
uni logo
University of Notre Dame
uni logo
Clemson University
Explore all Universities

professors

/5
c c
/5
Billt Camp
/5
mathio g
Explore all Professors
Explore all topics
Discover more topics
HomeSchoolingAsk a question

Deck 8: Internal Controls and Control Risk

Full screen (f)
exit full mode
Question
Joan is the owner of a small manufacturing company. In prior years, your firm has conducted a review engagement of the company. However, this year, Joan obtained a loan from the federal business development bank and is required to have an audit of her financial statements. When you started asking about controls and procedures at the company, Joan got pretty upset.
"All you need to be concerned about is the numbers! Why are you asking all of these questions? It takes too much time away from my staff to answer these questions! Just check the numbers and let us get on with our work!"
You calmed her down a bit, and reminded her about the general discussion that occurred with the engagement letter. You have invited her for coffee to briefly explain the following items:
1. Why auditors are concerned about internal controls
2. Why auditors are required to be concerned about internal controls
3. What you need to do to understand internal controls
4. What you will do once you have documented your understanding of internal controls
Required:
Explain what you will say to Joan.
Use Space or
up arrow
down arrow
to flip the card.
Question
The board of directors is essential for effective corporate governance because it has ultimate responsibility to

A) make sure management implements proper internal control and financial reporting processes.
B) assist management in the preparation of the financial statements.
C) test internal controls and ensure they are working properly.
D) provide a report to the auditor confirming that internal controls are working properly.
Question
It is important for the public accountant to consider the competence of the audit clients' employees because their competence bears directly and importantly upon the

A) cost/benefit relationship of internal controls.
B) achievement of the objectives of the system of internal control.
C) comparison of recorded accountability with assets.
D) timing of the tests to be performed.
Question
The essence of an effectively controlled organization lies in the

A) effectiveness of its auditor.
B) effectiveness of its internal auditor.
C) attitude of its employees.
D) attitude of its management.
Question
Which of the following is an example of a general authorization?

A) The highest credit limit allowed for accounts receivable is $50 000.
B) ABC Company has a credit limit of $25 000.
C) Each supervisory wage rate must be approved by the executive manager.
D) Grocery supervisors approve each transaction reversal over five dollars.
Question
Management's objectives with respect to internal control include

A) having reasonable assurance that the financial statements are in accordance with IFRS or ASPE.
B) ensuring that all policies and procedures are clearly documented to reduce employee training costs.
C) preventing fraud and illegal activities at all costs.
D) providing reasonable assurance that the goals and objectives important to the entity have been met.
Question
The accuracy of the results of the accounting system (account balances) is heavily dependent upon the

A) knowledge and skills of the auditor.
B) adequacy of the entity-level controls.
C) accuracy of the inputs and processing (transactions).
D) training provided to the personnel.
Question
Management safeguards assets by

A) having the internal auditors conduct periodic counts of physical assets.
B) controlling access and by comparing physical items to records.
C) requiring the external auditors to do surprise audits.
D) having management sign a management representation letter.
Question
A) Describe the four broad objectives of management when designing an effective system of internal control.
B) Describe the aspect of internal control with which auditors are primarily concerned with for a financial statement audit.
Question
A system of internal control consists of policies and procedures designed to provide management with

A) reasonable assurance that the company achieves its objectives.
B) assurance that fraud will be prevented.
C) reasonable assurance that fraud will be detected.
D) assurance that the firm's resources will be used in the optimal way.
Question
To help with corporate governance and a positive "tone at the top," the board of directors and its committees, such as the audit committee, should

A) rubber-stamp the financial statements once per year.
B) consist of all members of executive management.
C) follow the policies and procedures approved by management.
D) take an active role in overseeing the company.
Question
A) Describe the three basic concepts (assumptions) underlying the study of internal control and assessment of control risk.
B) Describe the inherent limitations of internal control.
Question
Carrie is the manager of the Bay Street Pharmacy. Carrie is considering implementing a security tag system to reduce the losses related to stolen goods at their store. The system Carrie is looking at currently costs $60 000 and is expected to be effective for 5 years. In order to justify the implementation of the security tag system, average theft per year should be at least

A) $1000.
B) $12 000.
C) $60 000.
D) Theft should be prevented at all costs.
Question
A well-designed organizational structure at an entity

A) has operations and programming personnel tasks combined.
B) clearly defines authority and responsibility assignments.
C) requires that wage rates are recorded and tracked by the human resources department.
D) has the internal audit department report to the Chief Financial Officer.
Question
To comply with auditing standards, the auditor need not be concerned with all areas of internal control that apply to management. The auditor's primary concerns are with the system's ability to

A) maintain reliable control systems pertaining to financial transactions.
B) promote efficiency and encourage adherence to policy.
C) prevent and detect financial statement fraud and error.
D) provide reliable data and safeguard assets.
Question
Which of the following best describes the inherent limitations that should be recognized by an auditor when considering the potential effectiveness of an accounting system?

A) Procedures whose effectiveness depends on segregation of duties can be circumvented by collusion.
B) The competence and integrity of client personnel provides an environment conducive to accounting control and provides assurance that effective control will be achieved.
C) Procedures designed to assure the execution and recording of transactions in accordance with proper authorizations are effective against irregularities perpetrated by management.
D) The benefits expected to be derived from an effective accounting system usually do not exceed the costs of such control.
Question
Internal controls can never be regarded as completely effective. Even if systems personnel could design an ideal system, its effectiveness depends on the

A) adequacy of the computer system.
B) proper implementation by management.
C) ability of the internal audit staff to maintain it.
D) competency and dependability of the people using it.
Question
The control environment consists of actions, policies, and procedures that

A) reflect the overall attitudes of top management, the directors, and the owners of an entity about control and its importance.
B) govern access to particular applications, such as how employees use passwords to change master file payroll rates.
C) are recorded on the web site (for example, access policies to data).
D) help implement the ethical attitudes at the organization, such as a computer usage policy.
Question
The methods that management uses to supervise the entity's activities are called

A) personnel practices.
B) management control methods.
C) methods of assigning authority and responsibility.
D) management's operating style.
Question
An act of two or more employees to work together to misstate records is called

A) malfeasance.
B) collusion.
C) defalcation.
D) felony.
Question
An example of general computer control systems that provide reasonable assurance of authorization of application systems is

A) operations and information systems support.
B) systems, acquisition, development, and maintenance controls.
C) organization and management controls.
D) application system control procedures.
Question
HomeTown Tanning Company is the largest leather tanning operation in Canada. Hides from various animals are stretched and treated, then cut into shapes for shipment to wholesalers.
Computer-assisted operations are important in maintaining temperature, humidity, and proper mix proportions in chemical solutions used for the tanning process. Computer assistance has helped improve the quality of the tanning process, as well as provide a safer environment for employees. Computer operations and backup are supported by the warehouse manager, Joe.
Individual hides are tagged with a bar code and tracked for quality control purposes. The HomeTown Tanning Company uses a centralized microcomputer-based system for its manufacturing and accounting operations. The two owners of the company are active in the business and approve all new hardware and software acquisitions.
The controller is responsible for network upgrades as well as for maintaining passwords and user identification codes on the network. Accounting transactions are entered by accounting staff, although the controller has the ability to review and correct transactions.
Required:
List the six categories of functions that need to be separated from each other. Does HomeTown Tanning have these functions separated? For any functions that are not separated, indicate the potential impact upon controls and upon the audit.
Question
A) List the four types of general computer control systems.
B) Adequate segregation of duties is an important control procedure. Describe the specific functions that should be separated for segregation of duties to prevent both intentional and unintentional misstatements that are of significance to auditors.
C) Adequate documents and records are important for effective internal control. Five principles dictate the proper design and use of documents and records. One principle is that documents and records should be prenumbered consecutively to facilitate control over missing documents and to aid in locating documents when they are needed at a later date. Discuss each of the other four principles of adequate documents and records.
Question
After considering a client's internal controls, an auditor has concluded that it is well designed and is functioning as intended. Under these circumstances, the auditor would most likely

A) perform tests of controls to the extent outlined in the audit program.
B) determine the control procedures that should prevent or detect errors and irregularities.
C) use a combined audit approach that includes tests of controls and substantive tests.
D) determine whether transactions are recorded to permit preparation of financial statements in accordance with generally accepted accounting principles.
Question
Dimple Leather is a chain of retail stores that sells leather clothing and accessories across Canada. Each store has point-of-sale equipment that is linked to a local server. At night, local accounting information is transmitted to the head office computer and any updates to prices or other adjustments are transferred to the local office.
Required:
Define the control environment. List the components of the control environment. For each component, provide an example of a control that might exist at Dimple Leather.
Question
Why is it important to separate systems development (or acquisition) and program maintenance activities from accounting?

A) Accounting personnel have the expertise to evaluate program changes that have been implemented.
B) Custody of media is important to help ensure ongoing operations.
C) This allows accounting to reconcile transaction totals to transaction details.
D) Lack of separation could result in unauthorized changes to programs and systems.
Question
FiddleWare Limited uses a purchased software package to handle the processing of its transactions. An important control that management should implement with respect to information systems is the

A) use of a formal systems development methodology.
B) evaluation of potential new systems against organizational objectives.
C) use of appropriate checkpoints and milestones during development.
D) tracking of routine program maintenance changes.
Question
Which of the following controls would be of concern to management but not to the auditor?

A) controls over the collection of accounts receivable amounts
B) controls over the entry of payroll wage rates into the computer systems
C) controls over the distribution of promotional information to potential clients
D) controls over the cost of inventory items as recorded in the perpetual inventory system
Question
An essential characteristic of the persons performing internal check procedures is

A) independence from the original data preparer.
B) a thorough knowledge of accounting.
C) an analytical and inquisitive mind.
D) competence in data entry skills.
Question
Narratives, flowcharts, and internal control questionnaires are three commonly used methods of

A) documenting the auditor's understanding of internal controls.
B) testing internal controls.
C) designing the audit manual and procedures.
D) documenting the auditor's understanding of client's organizational structure.
Question
Management assesses risks as a part of designing and operating internal controls to minimize fraud and errors. Auditors assess risks to

A) decide the evidence needed in the audit.
B) fully implement the audit risk model.
C) enable them to assess the completeness of internal controls.
D) make sure that the company will continue to operate over the next year.
Question
Bravo Design had IMB consulting design a custom software system to record the job costs and sales in progress. What acquisition process did Bravo design follow?

A) in-house development
B) systems acquisition
C) turnkey software development
D) outsourcing
Question
A) The COSO internal control framework consists of five components. Describe each of these components.
B) Custody of assets and reconciliation should be separated to contribute to strong internal control. List the general categories of activities that should be separated.
Question
An important type of protective measure for safeguarding assets and records is

A) adequate segregation of duties among personnel.
B) proper authorization of transactions.
C) the use of physical precautions.
D) adequate documentation.
Question
The operational responsibility and the recording of transactions are normally kept separate

A) to centralize activities in order to be more cost efficient.
B) to ensure unbiased information is recorded.
C) because operational personnel rarely have the necessary accounting skills to record transactions.
D) to avoid confusion of responsibilities and duplication of efforts.
Question
The chart of accounts is an important control because it provides the framework for determining the information presented to management and other financial statement users. What type of error is the chart of accounts helpful in preventing?

A) errors of occurrence
B) errors of completeness
C) errors of accuracy
D) errors of classification
Question
Paul is in the process of performing procedures to obtain the necessary understanding of the client's internal controls. As part of this process, Paul received from the client completed narratives, flowcharts, and internal control questionnaires. Paul can use this information from the client

A) if the entity-level controls and tone at the top were found to be effective.
B) if there has not been any significant change in the internal controls since the prior year.
C) as long as any subsequent reliance on controls is adequately substantiated with testing.
D) since it was prepared by management, which is unbiased.
Question
A) Discuss what is meant by the term "control environment" and identify four control environment subcomponents that the auditor should consider.
B) List the steps that management follows in assessing risks relevant to the preparation of financial statements in conformity with an applicable financial reporting framework.
C) How does the auditor obtain knowledge about management's risk assessment process?
D) Explain how management's risk assessment process differs from the auditor's risk assessment process.
E) What is the relationship between management's risk assessment process and audit evidence?
Question
External auditor Mary Smith may not rely on the work of internal auditor Ray Jones unless

A) Jones is certified (CA, CGA, or CMA).
B) Jones is independent of the client.
C) Jones is supervised by Smith.
D) Smith obtains evidence that supports the competence, integrity, and objectivity of Jones.
Question
The first step for management in the risk assessment process is to identify factors that may increase risk, for example failure to meet prior objectives. Then, management will

A) assess the likelihood of the risk occurring.
B) make sure that procedures are developed to eliminate the risk.
C) estimate the significance of that risk.
D) develop specific actions to reduce the risk to an acceptable level.
Question
Jenny is the information technology support manager at CMH. Jenny is considered to be a super-user at CMH since she can circumvent normal controls. In order to address the risk of super-users, management should

A) remove the super-user.
B) establish effective compensating controls.
C) update the background check on the super-user on a yearly basis.
D) ensure that the super-user is familiar with the code of conduct of the company.
Question
A procedure that would most likely be used by an auditor in performing tests of control procedures that involve segregation of functions and that leave no transaction trail is

A) inspection.
B) observation.
C) reperformance.
D) reconciliation.
Question
When a compensating control exists, a weakness in the system

A) is no longer a concern because the potential for misstatement has been sufficiently reduced.
B) is reduced but not removed; therefore, it is still of concern to the auditor.
C) could cause a material loss, so it must be tested using substantive procedures.
D) is magnified and must be removed from the sampling process and examined in its entirety.
Question
The auditor may identify some risks that cannot be effectively tested by substantive tests alone. For example, when there are paperless transactions (perhaps using EDI - electronic data interchange). To address these risks, the auditor is required to

A) assess the design effectiveness of relevant controls and test them.
B) obtain an understanding of the controls and test them if reliance is intended.
C) obtain an understanding of the controls and assess their design effectiveness.
D) test the controls that address the paperless aspects of the transactions.
Question
You have just finished documenting your understanding of cycle controls at an audit engagement.
Required:

A) Explain how you will identify the controls that will be tested.
B) What process will you follow for weakness in internal controls?
Question
A) The first step in the auditor's study and evaluation of internal control is obtain understanding of internal control for audit planning purposes. List the remaining steps.
B) Once the auditor has an understanding of internal control, what two assessments must be made prior to testing controls?
C) Describe five common procedures an auditor can use to obtain an understanding of internal control design.
Question
A secondary objective of the auditor's study and evaluation of internal control is that the study and evaluation provide

A) a basis for constructive suggestions concerning improvements in internal control.
B) a basis for reliance on the accounting system.
C) an assurance that the records and documents have been maintained in accordance with existing company policies and procedures.
D) an indication that management and employees are trustworthy.
Question
Each key control that the auditor intends to rely on must be supported by sufficient

A) tests of details of balances.
B) tests of controls.
C) analytical review procedures.
D) reperformance procedures.
Question
Ideally, tests of controls should be applied to controls

A) at the balance sheet date.
B) at each quarterly interim period.
C) for the entire period under audit.
D) at the beginning of the fiscal period.
Question
Effective internal control in a small company that has an insufficient number of employees to permit proper division of responsibilities can best be enhanced by

A) employment of temporary personnel to aid in the segregation of duties.
B) direct participation by the owner of the business in the record-keeping activities of the business.
C) engaging a public accountant to perform monthly "write-up" work.
D) delegation of full, clear-cut responsibility to each employee for the functions assigned to each.
Question
When the auditor attempts to determine the operation of the accounting system by tracing one or a few transactions through the accounting system, this is referred to as

A) tracing.
B) vouching.
C) tests of controls.
D) a walk-through.
Question
If an external auditor's client has used a service organization during the year for some of its payroll processing and accounting, which of the following steps should the external auditor take if he or she decides to use the service organization auditor's report as audit evidence that the entity's controls are operating effectively for certain assertions?

A) Consider the sufficiency and appropriateness of the evidence provided by the service organization auditor's report about the effectiveness of controls intended to prevent or detect material misstatements in the particular assertions.
B) Double-date the audit report to show the date of the service organization's audit and the date of the client's audit.
C) The auditor should make reference to the report of the service auditor as a basis, in part, for his or her own opinion on the entity's financial statements.
D) Re-perform each of the audit tests used by the service organization auditor.
Question
When the auditor identifies opportunities for the client to make operational improvements in the internal control system, it will be communicated to the client's audit committee in the

A) management letter.
B) reportable conditions letter.
C) engagement letter.
D) audit report.
Question
Control risk is a measure of the auditor's expectation that internal controls will

A) prevent material misstatements from occurring.
B) detect and correct material misstatements.
C) either prevent material misstatements or detect and correct them.
D) neither prevent material misstatements nor detect and correct them.
Question
The procedures to test effectiveness of control policies and procedures in support of a reduced assessed control risk are called

A) tests of details of balances.
B) tests of controls.
C) analytical procedures.
D) a walk-through.
Question
Which one of the following is an example of a specific authorization?

A) The computer systems automatically reorder inventory when quantities fall below the economic order quantity.
B) The highest credit limit allowed for accounts receivable customers is $100 000.
C) Each sales transaction that exceeds the credit limit of a customer must be approved by the controller.
D) Grocery sales clerks may approve returns of goods less than ten dollars in value.
Question
Once an understanding of internal controls is obtained that is sufficient for audit planning, then the auditor must first assess

A) whether a lower level of control risk could be supported.
B) whether the financial statements are auditable.
C) the level of control risk supported by the understanding obtained.
D) the level of control risk to use.
Question
Which of the following duties would indicate a weakness in internal controls?

A) The accounting function is under the controller.
B) The custodianship of cash is the responsibility of the treasurer's function.
C) The internal auditor reports to the board of directors.
D) The custodianship of buildings and equipment is the responsibility of the controller's function.
Question
A major control available in a small company, which might not be feasible in a large company, is

A) a wider segregation of duties.
B) use of sequentially numbered documents.
C) fewer transactions to process.
D) the owner-manager's personal interest in and close relationship with personnel.
Question
When planning the audit, the auditor's decision on the appropriate assessed level of control risk to use is

A) an economic issue, trading off the costs of testing controls against the cost of testing balances.
B) calculated by using the audit risk model.
C) calculated by using a standard formula.
D) determined by using actuarial tables.
Question
The Sarbanes Oxley Act has had consequences for many areas of corporate activities, including the following impact on the work of the auditor:

A) The auditor is now required to report all fraudulent activities he/she uncovers directly to the Securities and Exchange Commission.
B) The auditor must prepare a report verifying the information in the financial statements.
C) The auditor must monitor how well management is carrying out its financial reporting responsibilities.
D) The auditor is specifically required to evaluate the internal controls used by management to prepare financial information.
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/61
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 8: Internal Controls and Control Risk
1
Joan is the owner of a small manufacturing company. In prior years, your firm has conducted a review engagement of the company. However, this year, Joan obtained a loan from the federal business development bank and is required to have an audit of her financial statements. When you started asking about controls and procedures at the company, Joan got pretty upset.
"All you need to be concerned about is the numbers! Why are you asking all of these questions? It takes too much time away from my staff to answer these questions! Just check the numbers and let us get on with our work!"
You calmed her down a bit, and reminded her about the general discussion that occurred with the engagement letter. You have invited her for coffee to briefly explain the following items:
1. Why auditors are concerned about internal controls
2. Why auditors are required to be concerned about internal controls
3. What you need to do to understand internal controls
4. What you will do once you have documented your understanding of internal controls
Required:
Explain what you will say to Joan.
1.Auditors are concerned about internal controls because management uses internal controls to help ensure that business operations run in accordance with the goals and objectives of the company.The internal controls are also used to reduce the risk of fraud and illegal acts, and to help prevent and detect errors in the financial statements.
2.Auditors have rules, called generally accepted auditing standards (GAAS)that require them to understand and document internal controls so that they can plan the audit.It helps auditors to know that internal controls are in place to help prevent and detect errors, fraud, and illegal acts.
3.Interviews, walkthroughs and documentation examination will be used to document internal controls so that they can be evaluated for each major transaction cycle and audit objective (such as completeness and accuracy).This is done for control environment, general controls and procedures, accounting systems, and control procedures.
4.Once the internal controls have been documented, the auditor decides whether it is more efficient to test internal controls or to simply do tests of details ("looking at the numbers").Overall, enough evidence needs to be gathered to provide a high level of assurance on the financial statements.
2
The board of directors is essential for effective corporate governance because it has ultimate responsibility to

A) make sure management implements proper internal control and financial reporting processes.
B) assist management in the preparation of the financial statements.
C) test internal controls and ensure they are working properly.
D) provide a report to the auditor confirming that internal controls are working properly.
A
3
It is important for the public accountant to consider the competence of the audit clients' employees because their competence bears directly and importantly upon the

A) cost/benefit relationship of internal controls.
B) achievement of the objectives of the system of internal control.
C) comparison of recorded accountability with assets.
D) timing of the tests to be performed.
B
4
The essence of an effectively controlled organization lies in the

A) effectiveness of its auditor.
B) effectiveness of its internal auditor.
C) attitude of its employees.
D) attitude of its management.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
5
Which of the following is an example of a general authorization?

A) The highest credit limit allowed for accounts receivable is $50 000.
B) ABC Company has a credit limit of $25 000.
C) Each supervisory wage rate must be approved by the executive manager.
D) Grocery supervisors approve each transaction reversal over five dollars.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
6
Management's objectives with respect to internal control include

A) having reasonable assurance that the financial statements are in accordance with IFRS or ASPE.
B) ensuring that all policies and procedures are clearly documented to reduce employee training costs.
C) preventing fraud and illegal activities at all costs.
D) providing reasonable assurance that the goals and objectives important to the entity have been met.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
7
The accuracy of the results of the accounting system (account balances) is heavily dependent upon the

A) knowledge and skills of the auditor.
B) adequacy of the entity-level controls.
C) accuracy of the inputs and processing (transactions).
D) training provided to the personnel.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
8
Management safeguards assets by

A) having the internal auditors conduct periodic counts of physical assets.
B) controlling access and by comparing physical items to records.
C) requiring the external auditors to do surprise audits.
D) having management sign a management representation letter.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
9
A) Describe the four broad objectives of management when designing an effective system of internal control.
B) Describe the aspect of internal control with which auditors are primarily concerned with for a financial statement audit.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
10
A system of internal control consists of policies and procedures designed to provide management with

A) reasonable assurance that the company achieves its objectives.
B) assurance that fraud will be prevented.
C) reasonable assurance that fraud will be detected.
D) assurance that the firm's resources will be used in the optimal way.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
11
To help with corporate governance and a positive "tone at the top," the board of directors and its committees, such as the audit committee, should

A) rubber-stamp the financial statements once per year.
B) consist of all members of executive management.
C) follow the policies and procedures approved by management.
D) take an active role in overseeing the company.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
12
A) Describe the three basic concepts (assumptions) underlying the study of internal control and assessment of control risk.
B) Describe the inherent limitations of internal control.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
13
Carrie is the manager of the Bay Street Pharmacy. Carrie is considering implementing a security tag system to reduce the losses related to stolen goods at their store. The system Carrie is looking at currently costs $60 000 and is expected to be effective for 5 years. In order to justify the implementation of the security tag system, average theft per year should be at least

A) $1000.
B) $12 000.
C) $60 000.
D) Theft should be prevented at all costs.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
14
A well-designed organizational structure at an entity

A) has operations and programming personnel tasks combined.
B) clearly defines authority and responsibility assignments.
C) requires that wage rates are recorded and tracked by the human resources department.
D) has the internal audit department report to the Chief Financial Officer.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
15
To comply with auditing standards, the auditor need not be concerned with all areas of internal control that apply to management. The auditor's primary concerns are with the system's ability to

A) maintain reliable control systems pertaining to financial transactions.
B) promote efficiency and encourage adherence to policy.
C) prevent and detect financial statement fraud and error.
D) provide reliable data and safeguard assets.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
16
Which of the following best describes the inherent limitations that should be recognized by an auditor when considering the potential effectiveness of an accounting system?

A) Procedures whose effectiveness depends on segregation of duties can be circumvented by collusion.
B) The competence and integrity of client personnel provides an environment conducive to accounting control and provides assurance that effective control will be achieved.
C) Procedures designed to assure the execution and recording of transactions in accordance with proper authorizations are effective against irregularities perpetrated by management.
D) The benefits expected to be derived from an effective accounting system usually do not exceed the costs of such control.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
17
Internal controls can never be regarded as completely effective. Even if systems personnel could design an ideal system, its effectiveness depends on the

A) adequacy of the computer system.
B) proper implementation by management.
C) ability of the internal audit staff to maintain it.
D) competency and dependability of the people using it.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
18
The control environment consists of actions, policies, and procedures that

A) reflect the overall attitudes of top management, the directors, and the owners of an entity about control and its importance.
B) govern access to particular applications, such as how employees use passwords to change master file payroll rates.
C) are recorded on the web site (for example, access policies to data).
D) help implement the ethical attitudes at the organization, such as a computer usage policy.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
19
The methods that management uses to supervise the entity's activities are called

A) personnel practices.
B) management control methods.
C) methods of assigning authority and responsibility.
D) management's operating style.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
20
An act of two or more employees to work together to misstate records is called

A) malfeasance.
B) collusion.
C) defalcation.
D) felony.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
21
An example of general computer control systems that provide reasonable assurance of authorization of application systems is

A) operations and information systems support.
B) systems, acquisition, development, and maintenance controls.
C) organization and management controls.
D) application system control procedures.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
22
HomeTown Tanning Company is the largest leather tanning operation in Canada. Hides from various animals are stretched and treated, then cut into shapes for shipment to wholesalers.
Computer-assisted operations are important in maintaining temperature, humidity, and proper mix proportions in chemical solutions used for the tanning process. Computer assistance has helped improve the quality of the tanning process, as well as provide a safer environment for employees. Computer operations and backup are supported by the warehouse manager, Joe.
Individual hides are tagged with a bar code and tracked for quality control purposes. The HomeTown Tanning Company uses a centralized microcomputer-based system for its manufacturing and accounting operations. The two owners of the company are active in the business and approve all new hardware and software acquisitions.
The controller is responsible for network upgrades as well as for maintaining passwords and user identification codes on the network. Accounting transactions are entered by accounting staff, although the controller has the ability to review and correct transactions.
Required:
List the six categories of functions that need to be separated from each other. Does HomeTown Tanning have these functions separated? For any functions that are not separated, indicate the potential impact upon controls and upon the audit.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
23
A) List the four types of general computer control systems.
B) Adequate segregation of duties is an important control procedure. Describe the specific functions that should be separated for segregation of duties to prevent both intentional and unintentional misstatements that are of significance to auditors.
C) Adequate documents and records are important for effective internal control. Five principles dictate the proper design and use of documents and records. One principle is that documents and records should be prenumbered consecutively to facilitate control over missing documents and to aid in locating documents when they are needed at a later date. Discuss each of the other four principles of adequate documents and records.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
24
After considering a client's internal controls, an auditor has concluded that it is well designed and is functioning as intended. Under these circumstances, the auditor would most likely

A) perform tests of controls to the extent outlined in the audit program.
B) determine the control procedures that should prevent or detect errors and irregularities.
C) use a combined audit approach that includes tests of controls and substantive tests.
D) determine whether transactions are recorded to permit preparation of financial statements in accordance with generally accepted accounting principles.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
25
Dimple Leather is a chain of retail stores that sells leather clothing and accessories across Canada. Each store has point-of-sale equipment that is linked to a local server. At night, local accounting information is transmitted to the head office computer and any updates to prices or other adjustments are transferred to the local office.
Required:
Define the control environment. List the components of the control environment. For each component, provide an example of a control that might exist at Dimple Leather.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
26
Why is it important to separate systems development (or acquisition) and program maintenance activities from accounting?

A) Accounting personnel have the expertise to evaluate program changes that have been implemented.
B) Custody of media is important to help ensure ongoing operations.
C) This allows accounting to reconcile transaction totals to transaction details.
D) Lack of separation could result in unauthorized changes to programs and systems.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
27
FiddleWare Limited uses a purchased software package to handle the processing of its transactions. An important control that management should implement with respect to information systems is the

A) use of a formal systems development methodology.
B) evaluation of potential new systems against organizational objectives.
C) use of appropriate checkpoints and milestones during development.
D) tracking of routine program maintenance changes.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
28
Which of the following controls would be of concern to management but not to the auditor?

A) controls over the collection of accounts receivable amounts
B) controls over the entry of payroll wage rates into the computer systems
C) controls over the distribution of promotional information to potential clients
D) controls over the cost of inventory items as recorded in the perpetual inventory system
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
29
An essential characteristic of the persons performing internal check procedures is

A) independence from the original data preparer.
B) a thorough knowledge of accounting.
C) an analytical and inquisitive mind.
D) competence in data entry skills.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
30
Narratives, flowcharts, and internal control questionnaires are three commonly used methods of

A) documenting the auditor's understanding of internal controls.
B) testing internal controls.
C) designing the audit manual and procedures.
D) documenting the auditor's understanding of client's organizational structure.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
31
Management assesses risks as a part of designing and operating internal controls to minimize fraud and errors. Auditors assess risks to

A) decide the evidence needed in the audit.
B) fully implement the audit risk model.
C) enable them to assess the completeness of internal controls.
D) make sure that the company will continue to operate over the next year.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
32
Bravo Design had IMB consulting design a custom software system to record the job costs and sales in progress. What acquisition process did Bravo design follow?

A) in-house development
B) systems acquisition
C) turnkey software development
D) outsourcing
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
33
A) The COSO internal control framework consists of five components. Describe each of these components.
B) Custody of assets and reconciliation should be separated to contribute to strong internal control. List the general categories of activities that should be separated.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
34
An important type of protective measure for safeguarding assets and records is

A) adequate segregation of duties among personnel.
B) proper authorization of transactions.
C) the use of physical precautions.
D) adequate documentation.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
35
The operational responsibility and the recording of transactions are normally kept separate

A) to centralize activities in order to be more cost efficient.
B) to ensure unbiased information is recorded.
C) because operational personnel rarely have the necessary accounting skills to record transactions.
D) to avoid confusion of responsibilities and duplication of efforts.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
36
The chart of accounts is an important control because it provides the framework for determining the information presented to management and other financial statement users. What type of error is the chart of accounts helpful in preventing?

A) errors of occurrence
B) errors of completeness
C) errors of accuracy
D) errors of classification
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
37
Paul is in the process of performing procedures to obtain the necessary understanding of the client's internal controls. As part of this process, Paul received from the client completed narratives, flowcharts, and internal control questionnaires. Paul can use this information from the client

A) if the entity-level controls and tone at the top were found to be effective.
B) if there has not been any significant change in the internal controls since the prior year.
C) as long as any subsequent reliance on controls is adequately substantiated with testing.
D) since it was prepared by management, which is unbiased.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
38
A) Discuss what is meant by the term "control environment" and identify four control environment subcomponents that the auditor should consider.
B) List the steps that management follows in assessing risks relevant to the preparation of financial statements in conformity with an applicable financial reporting framework.
C) How does the auditor obtain knowledge about management's risk assessment process?
D) Explain how management's risk assessment process differs from the auditor's risk assessment process.
E) What is the relationship between management's risk assessment process and audit evidence?
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
39
External auditor Mary Smith may not rely on the work of internal auditor Ray Jones unless

A) Jones is certified (CA, CGA, or CMA).
B) Jones is independent of the client.
C) Jones is supervised by Smith.
D) Smith obtains evidence that supports the competence, integrity, and objectivity of Jones.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
40
The first step for management in the risk assessment process is to identify factors that may increase risk, for example failure to meet prior objectives. Then, management will

A) assess the likelihood of the risk occurring.
B) make sure that procedures are developed to eliminate the risk.
C) estimate the significance of that risk.
D) develop specific actions to reduce the risk to an acceptable level.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
41
Jenny is the information technology support manager at CMH. Jenny is considered to be a super-user at CMH since she can circumvent normal controls. In order to address the risk of super-users, management should

A) remove the super-user.
B) establish effective compensating controls.
C) update the background check on the super-user on a yearly basis.
D) ensure that the super-user is familiar with the code of conduct of the company.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
42
A procedure that would most likely be used by an auditor in performing tests of control procedures that involve segregation of functions and that leave no transaction trail is

A) inspection.
B) observation.
C) reperformance.
D) reconciliation.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
43
When a compensating control exists, a weakness in the system

A) is no longer a concern because the potential for misstatement has been sufficiently reduced.
B) is reduced but not removed; therefore, it is still of concern to the auditor.
C) could cause a material loss, so it must be tested using substantive procedures.
D) is magnified and must be removed from the sampling process and examined in its entirety.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
44
The auditor may identify some risks that cannot be effectively tested by substantive tests alone. For example, when there are paperless transactions (perhaps using EDI - electronic data interchange). To address these risks, the auditor is required to

A) assess the design effectiveness of relevant controls and test them.
B) obtain an understanding of the controls and test them if reliance is intended.
C) obtain an understanding of the controls and assess their design effectiveness.
D) test the controls that address the paperless aspects of the transactions.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
45
You have just finished documenting your understanding of cycle controls at an audit engagement.
Required:

A) Explain how you will identify the controls that will be tested.
B) What process will you follow for weakness in internal controls?
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
46
A) The first step in the auditor's study and evaluation of internal control is obtain understanding of internal control for audit planning purposes. List the remaining steps.
B) Once the auditor has an understanding of internal control, what two assessments must be made prior to testing controls?
C) Describe five common procedures an auditor can use to obtain an understanding of internal control design.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
47
A secondary objective of the auditor's study and evaluation of internal control is that the study and evaluation provide

A) a basis for constructive suggestions concerning improvements in internal control.
B) a basis for reliance on the accounting system.
C) an assurance that the records and documents have been maintained in accordance with existing company policies and procedures.
D) an indication that management and employees are trustworthy.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
48
Each key control that the auditor intends to rely on must be supported by sufficient

A) tests of details of balances.
B) tests of controls.
C) analytical review procedures.
D) reperformance procedures.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
49
Ideally, tests of controls should be applied to controls

A) at the balance sheet date.
B) at each quarterly interim period.
C) for the entire period under audit.
D) at the beginning of the fiscal period.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
50
Effective internal control in a small company that has an insufficient number of employees to permit proper division of responsibilities can best be enhanced by

A) employment of temporary personnel to aid in the segregation of duties.
B) direct participation by the owner of the business in the record-keeping activities of the business.
C) engaging a public accountant to perform monthly "write-up" work.
D) delegation of full, clear-cut responsibility to each employee for the functions assigned to each.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
51
When the auditor attempts to determine the operation of the accounting system by tracing one or a few transactions through the accounting system, this is referred to as

A) tracing.
B) vouching.
C) tests of controls.
D) a walk-through.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
52
If an external auditor's client has used a service organization during the year for some of its payroll processing and accounting, which of the following steps should the external auditor take if he or she decides to use the service organization auditor's report as audit evidence that the entity's controls are operating effectively for certain assertions?

A) Consider the sufficiency and appropriateness of the evidence provided by the service organization auditor's report about the effectiveness of controls intended to prevent or detect material misstatements in the particular assertions.
B) Double-date the audit report to show the date of the service organization's audit and the date of the client's audit.
C) The auditor should make reference to the report of the service auditor as a basis, in part, for his or her own opinion on the entity's financial statements.
D) Re-perform each of the audit tests used by the service organization auditor.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
53
When the auditor identifies opportunities for the client to make operational improvements in the internal control system, it will be communicated to the client's audit committee in the

A) management letter.
B) reportable conditions letter.
C) engagement letter.
D) audit report.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
54
Control risk is a measure of the auditor's expectation that internal controls will

A) prevent material misstatements from occurring.
B) detect and correct material misstatements.
C) either prevent material misstatements or detect and correct them.
D) neither prevent material misstatements nor detect and correct them.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
55
The procedures to test effectiveness of control policies and procedures in support of a reduced assessed control risk are called

A) tests of details of balances.
B) tests of controls.
C) analytical procedures.
D) a walk-through.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
56
Which one of the following is an example of a specific authorization?

A) The computer systems automatically reorder inventory when quantities fall below the economic order quantity.
B) The highest credit limit allowed for accounts receivable customers is $100 000.
C) Each sales transaction that exceeds the credit limit of a customer must be approved by the controller.
D) Grocery sales clerks may approve returns of goods less than ten dollars in value.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
57
Once an understanding of internal controls is obtained that is sufficient for audit planning, then the auditor must first assess

A) whether a lower level of control risk could be supported.
B) whether the financial statements are auditable.
C) the level of control risk supported by the understanding obtained.
D) the level of control risk to use.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
58
Which of the following duties would indicate a weakness in internal controls?

A) The accounting function is under the controller.
B) The custodianship of cash is the responsibility of the treasurer's function.
C) The internal auditor reports to the board of directors.
D) The custodianship of buildings and equipment is the responsibility of the controller's function.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
59
A major control available in a small company, which might not be feasible in a large company, is

A) a wider segregation of duties.
B) use of sequentially numbered documents.
C) fewer transactions to process.
D) the owner-manager's personal interest in and close relationship with personnel.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
60
When planning the audit, the auditor's decision on the appropriate assessed level of control risk to use is

A) an economic issue, trading off the costs of testing controls against the cost of testing balances.
B) calculated by using the audit risk model.
C) calculated by using a standard formula.
D) determined by using actuarial tables.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
61
The Sarbanes Oxley Act has had consequences for many areas of corporate activities, including the following impact on the work of the auditor:

A) The auditor is now required to report all fraudulent activities he/she uncovers directly to the Securities and Exchange Commission.
B) The auditor must prepare a report verifying the information in the financial statements.
C) The auditor must monitor how well management is carrying out its financial reporting responsibilities.
D) The auditor is specifically required to evaluate the internal controls used by management to prepare financial information.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
QuizPlus
surly
Quizplus
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App
surly
English
English
العربية
Scan to downloadDownload the App
qr-code

English
English
العربية
Copyright © 2025 Quizplus LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree