Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
23 Cards in this Set
- Front
- Back
|
Management has the responsibility to be sure that the internal control system can...(3 things) |
-Ensure that assets and records are safeguarded -Create an environment in which efficiency and effectiveness are encouraged and monitored. -Generate reliable info for decision making |
|
|
The auditor uses risk assessment procedures to...(4 things) |
-Obtain an understanding of the environment's internal control -identify the types of potential misstatements -ascertain factors that affect the risk of material misstatement -design tests of controls and substantive procedures |
|
|
The auditor has a responsibility to...(2 things) |
1. Understand an entity's internal control 2. Assess control risk |
|
|
The auditor gains an understanding of the entity's internal controls in order to... (3 things) |
1. Identify the type of potential misstatements 2. Pinpoint factors that affect the risk of material misstatements 3. Design tests of controls and substantive procedures |
|
|
Four components of internal control under COSO framework.... |
1. Risk assessment 2. Control activities 3. Communication 4. Monitoring |
|
|
The control environment is influenced by... |
Commitment to competence, commitment to ethical values, management's philosophy and operating style, HR policies and practices, organizational structure, participation of those charged with governance, etc |
|
|
Risk assessment process should consider |
External and internal factors that that may arise and adversely affect the entity's ability to initiate, record, and process financial data consistent with the assertion's of management. |
|
|
Control activities include (4 things) |
1. Performance reviews 2. Information processing 3. Physical controls 4. Segregation of duties |
|
|
Monitoring of controls include...(3 things) |
1. Establishing a foundation for control effectiveness 2. Designing and executing monitoring procedures based on business risks 3. Assessing and reporting results |
|
|
Planning an audit strategy... |
Look at chart.... |
|
|
In a substantive strategy, set control risk at... |
max. Controls were determined to be ineffective. |
|
|
In a reliance strategy, set control risk at... |
less than max. |
|
|
Limitations to good controls...(3 things) |
1. Management override of controls 2. Human errors or mistakes 3. Collusion |
|
|
Steps to assessing control risk...(3) |
1. Identify the specific controls to be relied upon 2. Perform tests of those controls -Inquiry, inspection of documents, obersvation, reporformance 3. Conclude of the achieved level of control risk |
|
|
Perform interim testing of controls if.... |
1. Assertion being tested is not significant 2. Controls have been effective in previous audits 3. Efficient use of staff time 4. Performed before year-end |
|
|
Perform interim substantive procedures if... |
1. Assertion probably has low control risk 2. May increase the risk of material misstatement 3. Still requires some year end testing |
|
|
Perform year-end test of controls... |
at a limited amount...really just to bring things up to date. |
|
|
Performing substantive tests at year-end.... |
should be more significant than at interim. |
|
|
Third party reports -- type 1 report |
describes the controls, cannot be relied upon |
|
|
Third part reports -- type 2 report |
includes tests of controls, auditor may reduce control risk below maximum |
|
|
Material weakness |
A deficiency or combination of deficiencies in internal control so that there is a reasonable possibility that a material misstatement could occur. |
|
|
Significant deficiency |
Less severe than a material weakness, still merits attention. |
|
|
Auditors are most likely to gather audit evidence solely using substantive procedures when the transaction is... |
nonrecurring and unusual. |
