AT - CONSIDERATION OF INTERNAL CONTROL

Question 1

What is assessment of control risk?

Answer 1

It is the process of evaluating the design and operating effectiveness of an entity’s internal control as to how it prevents or detects material misstatements in the financial statements. The conclusion reached as a result of the assessment is the ASSESSED LEVEL OF CONTROL RISK.

Question 2

What is internal control according to PSA 315?

Answer 2

Internal control is the process designed and effected by TCWG, management, and other personnel to provide reasonable assurance about the achievement of the entity’s objectives, with regard to reliability of financial reporting effectiveness of efficiency of operations and compliance with applicable laws and regulations.

Question 3

What part of the internal and accounting systems is the auditor only concerned with?

Answer 3

The auditor is only concerned with those policies and procedures within the accounting and internal control systems that are RELEVANT TO THE FS ASSERTIONS.

Question 4

What are the interrelated components of internal control?

Answer 4

1. Control environment
2. Risk assessment
3. Information and communication systems
4. Control activities
5. Monitoring

Question 5

What is control environment?

Answer 5

Control environment includes the ATTITUDES,AWARENESS, AND ACTIONS OF MANAGEMENT AND TCWG concerning the entity’s internal control. It is the FOUNDATION FOR EFFECTIVE INTERNAL CONTROL, PROVIDING DISCIPLINE AND STRUCTURE. Factors include:

a. Integrity and ethical values
b. Management philosophy and operating style
c. Active participation of TCWG
d. Commitment to competence
e. Personnel policies and procedures
f. Assignment of responsibility and authorized organizational structure

Question 6

What is risk assessment?

Answer 6

It is the assessment of business risk, which is the RISK THAT THE ENTITY’S BUSINESS OBJECTIVES WILL NOT BE ATTAINED as a result of internal and external factors such as:

a. technological developments
b. changes in demand
c. other economic changes

Question 7

What is Information and Communication Systems?

Answer 7

It consists of procedures and records established to initiate,record, process, and report entity transactions and to maintain accountability. It encompasses methods and records that IDENTIFY,DESCRIBE,MEASURE,DETERMINE, AND PRESENT PROPERLY TRANSACTIONS.

Question 8

What are control activities?

Answer 8

Control activities are the policies and procedures that help ensure that management directives are carried out which could include:

a. Performance reviews
b. Information processing
c. Physical controls
d. Segregation of duties
e. Authorization - PRTC HANDOUTS

Question 9

What is monitoring?

Answer 9

Monitoring is a process of assessing the quality of internal control performance over time and taking necessary corrective actions to ensure that controls continue to operate effectively. It has two forms:

Ongoing monitoring - routine monitoring
Separate evaluations - non routine monitoring

Question 10

What are the steps taken by the auditor in the consideration of the internal control?

Answer 10

1. Obtain an understanding of internal control - how it is designed and whether it is being implemented
2. Document the understanding of accounting and internal control systems
3. Assess the level of control risk
4. Perform tests of controls
5. Document the assessed level of control risks

Question 11

What is a walk-through test?

Answer 11

It involves tracing transactions through the entire accounting system from the initial recording at source to the final destination as a component of an account balance in the FS.

Question 12

When obtaining an understanding of the entity’s internal control, is the auditor required to obtain knowledge about the operating effectiveness of the internal control?

Answer 12

No, at that phase of the audit, the auditor is only concerned about the design of relevant control policies and procedures and whether it is actually being applied.

Question 13

What kind of form is required when documenting the understanding of internal control?

Answer 13

The documentation need not be in any particular form. Common forms include:

1. narrative description
2. flowcharts
3. internal control questionnaire

Question 14

Explain the assessment of control risk. When does the auditor perform ToC?

Answer 14

The auditor should make a preliminary assessment of control risk at the assertion level for each material account balance or class transaction.

If the internal control is assessed as not effective, the auditor may simply assess control risk at a high level, and no ToC need to be performed and auditor will rely primarily on substantive tests.

If the internal control is assessed as effective and the auditor deems it to be more efficient by reducing substantive testing and relying on the internal control, the auditor performs test of controls.

Tests of controls support any assessment of control risk at less than high level. THE GREATER RELIANCE AUDITOR PLANS TO PLACE ON THE INTERNAL CONTROL, THE MORE EXTENSIVE THE TEST OF CONTROLS THAT NEED TO BE PERFORMED.

Question 15

What are the evidence gathering techniques used in ToC?

Answer 15

1. Inquiry
2. Observation
3. Inspection
4. Reperformance

Question 16

What is the use of the assessed level of control risk?

Answer 16

It allows the auditor to plan the nature, timing and extent of substantive tests to be performed.

Question 17

Can the auditor assess control risk at less than high level without performing ToC?

Answer 17

No, ToC is his basis for assessing control risk at less than high.

Question 18

When the auditor becomes aware of WEAKNESS IN INTERNAL CONTROL SYSTEMS or SIGNIFICANT DEFICIENCY, OR MATERIAL WEAKNESS, to whom does he report it?

Answer 18

The auditor is REQUIRED to report KNOWN MATERIAL WEAKNESSES, SIGNIFICANT DEFICIENCIES AND WEAKNESS IN INTERNAL CONTROL SYSTEMS to the APPROPRIATE LEVEL OF MANAGEMENT.

Question 19

Are auditors required to search for internal control weaknesses?

Answer 19

No.

Question 20

Where are known internal control weaknesses together with other matters of concern documented?

Answer 20

In a formal management letter.

Question 21

Which objective of internal control is most relevant to the audit?

Answer 21

Financial reporting objective.

Question 22

What is a checklist?

Answer 22

It consists of a SERIES OF PROCEDURES to be performed.

Question 23

What is a decision table?

Answer 23

It consists of LOGIC DIAGRAMS presented in matrix form.

Question 24

What is a narrative?

Answer 24

It consists of written description of the process and flow of documents and of the control points.

Question 25

What is a flowchart?

Answer 25

It consists of diagrams of the client’s system that track the flow of documents and processing.

Question 26

What is a walkthrough?

Answer 26

It is a procedure that involves tracing a transaction from its origination through the company’s information systems until it is reflected in the company’s FS.

Question 27

In considering internal control, what is the purpose of a walkthrough?

Answer 27

It is used to confirm the auditor’s understanding of the internal control structure.

Question 28

T or F

The auditor’s consideration of a client’s internal control is required by PSA

Answer 28

True.

Question 29

T or F
The auditor should consider the design and implementation of internal controls when obtaining an understanding of the client’s internal controls

Answer 29

True.

Question 30

The primary emphasis by auditors is on controls over

a. classes of transactions
b. account balances
c. A and B because they are equally important
d. A and B because they vary per client

Answer 30

a. classes of transactions

Question 31

When obtaining audit evidence about the effective operation of internal controls, the auditor considers all of the following except:
a How they were applied
b. The consistency of application
c. By whom they were applied
d. Why they were applied

Answer 31

d. Why they were applied

Question 32

T or F

Test of controls is always necessary in an audit.

Answer 32

False, especially when control risk is assessed at high

Question 33

PSA 330 requires the auditor to test operating effectiveness of controls that appear to function as they have in the past years every

a. monthly
b. each audit
c. at least every 2nd audit
d. at least every 3rd audit

Answer 33

d. at least every 3rd audit

Question 34

Material weakness in internal control of a public company must be reported in writing to

a. SEC
b. members of management responsible for related area of the company
c. audit committee of the BoD
d. PICPA

Answer 34

c. audit committee of the BoD