one Flashcards

Question

Documentation requirements

Answer 1

Under PCAOB rules, firms must keep audit documentation for issuer clients for a minimum of seven years.he Statements of Standards for Accounting and Review Services (SSARS) do not specifically give a time period for retention of records. Therefore, the firm must establish policies and procedures to retain the engagement records for a period sufficient to meet the needs of the firm, standards, and regulations.

Answer 2

In discussion of a compilation agreement on engagement terms, AR-C 90.10 makes no mention of the accountant obtaining an understanding of internal control for neither a review nor a compilation. Independence is required “when providing auditing or other attestation services” and when performing a review. Although the accountant expresses no opinion or assurance in a compilation, he does express limited assurance in a review report. The accountant is required to obtain a written management representation letter for a review engagement (since the report will provide limited assurance)

Answer 3

Statements on Standards for Accounting and Review Services (SSARS) provide standards with respect to compilations and reviews of financial statements. SSARS do not apply to the processing financial data for clients of other CPA firms or to consulting on accounting matters since neither of these would be considered a compilation or a review.

Answer 4

If the accountant concludes, based upon his or her professional judgment, that there is reasonable justification to change the engagement and if he or she complies with the standards applicable to a review engagement, the accountant should issue an appropriate review report. The report should not include reference to the original engagement, any audit procedures that may have been performed, or scope limitations that resulted in the changed engagement.

Answer 5

Members of the Public Company Accounting Oversight Board must be of high integrity and be committed to the interests of investors and the public. Additionally, these members should have an understanding of the financial reporting process along with the responsibilities of accountants regarding the preparation and issuance of audit reports.

Answer 6

itle II of the Sarbanes-Oxley Act (SOX) states that the lead audit partner must rotate out at least every five years for the accounting firm to continue to provide audit service to the client. This rotation is intended to promote independence of the audit firm.

Answer 7

n the preface to the AT section for the Statements on Standards for Attestation Engagements is a notation that indicates, “These statements are issued by the Auditing Standards Board, the Accounting and Review Services Committee, and the Management Consulting Services Executive Committee.” These are units of the American Institute of CPAs.

Answer 8

The FASB and GASB are independent authoritative bodies designated to promulgate financial accounting and reporting standards for business (for-profit) and governmental (and not-for-profit) entities. The Government Accountability Office (GAO) is the accounting, auditing, and investigating agency of the U.S. Congress.

Answer 9

The GAO has identified seven types of circumstances that could lead to threats of independence: ``` Self-interest Self-review Bias Familiarity Undue influence Management participation Structural threats ```

Answer 10

A contingent fee would be permitted when representing a client in an examination by a revenue agent of the client’s federal or state income tax return.

Answer 11

The auditor's engagement letter specifies what services the auditor will perform and will state any assistance or restrictions on the audit. The engagement letter also informs the client that the auditor cannot guarantee that all acts of fraud will be discovered and management (not the board of directors) is responsible for maintaining effective internal control.

Answer 12

An accountant does not perform substantive tests in a review, so the accountant would not include documentation relating to the internal auditor's inspection reports of the level of oil reserves, or the response of the client's legal counsel to pending worker's compensation claims. An accountant does not assess control risk or perform tests of controls in a review and would therefore not include an evaluation of the refinery's controls over oil pressure levels.

Answer 13

Section 103 of the Sarbanes-Oxley Act dictates that the Public Company Accounting Oversight Board (PCAOB) has the authority to set, amend, update, and modify auditing, quality control, and ethics standards.

Answer 14

A member may provide extensive consulting services to an audit client without losing independence as long as the member does not make management decisions and the member’s role is advisory in nature.

Answer 15

A member is allowed to review a client-prepared business plan, and can assist the client with obtaining financing, so long as the member is not considered to be making management decisions. Once a member is considered to be making decisions on behalf of a client, then independence has become impaired. It is important for a member in public practice to provide services in a strictly advisory role when independence is required.

Answer 16

Section 406 of Title IV of the Sarbanes-Oxley Act (SOX) dictates that each issuer disclose whether or not they have adopted a code of ethics for senior financial officers. Any change in or waiver of the code of ethics for senior financial officers requires immediate disclosure.

Answer 17

Section 408 of the Sarbanes-Oxley Act (SOX) dictates that the SEC will review disclosures made by issuers.

Answer 18

Regardless of service or capacity, members should protect the integrity of their work, maintain objectivity, and avoid any subordination of their judgment. Members employed by others to prepare financial statements or to perform auditing, tax, or consulting services are charged with the same responsibility for objectivity as members in public practice.

Answer 19

AU-C 230.17 states that the retention period “should not be shorter than five years from the report release date.”

Answer 20

Government Auditing Standards, which would be followed for audits of recipients of federal financial assistance, require that the auditor report on compliance and internal control over financial reporting, which would include documenting the understanding of internal control established to ensure compliance with the applicable laws and regulations. GAO audits (“Yellow Book” audits) do not require disclosure of all possibly fraudulent and abusive acts and noncompliance with laws and regulations to the federal inspector general, nor do they require that the accounts be 100% verified by substantive tests. The auditor is permitted to determine materiality levels for these audits, also.

Answer 21

In addition to adopting some rules from the AICPA and Auditing Standards Board (ASB), the Public Company Accounting Oversight Board has adopted its own rules regarding auditing standards, ethics, and independence.

Answer 22

If an attest client offers a covered member employment, and the covered member is on that client’s attest engagement team or can otherwise influence the engagement, the individual should promptly report such consideration or offer to an appropriate person in the firm, must immediately cease participation in the engagement, and cannot provide any services to the attest client until the employment offer is rejected or employment is no longer sought. If a covered member becomes aware that an individual is considering employment or association with an attest client, the covered member should also notify an appropriate person in the firm.

Answer 23

An act that is discreditable to the profession, according to the Acts Discreditable Rule of the AICPA Code of Professional Conduct (ET 1.400.001). Although the rule is not specific, violations include a CPA committing a felony, failure to return client’s records, signing of a false return, and issuing a misleading audit opinion.

Answer 24

An act that is discreditable to the profession, according to the Acts Discreditable Rule of the AICPA Code of Professional Conduct (ET 1.400.001). Although the rule is not specific, violations include a CPA committing a felony, failure to return client’s records, signing of a false return, and issuing a misleading audit opinion.

Answer 25

AU-C 230.08 states: "The auditor should prepare audit documentation that is sufficient to enable an experienced auditor, having no previous connection with the audit, to understand: "the nature, timing and extent of the audit procedures performed to comply with GAAS and applicable legal and regulatory requirements; "the results of the audit procedures performed, and the audit evidence obtained; and "significant findings or issues arising during the audit, the conclusions reached thereon, and significant professional judgments made in reaching those conclusions."

Answer 26

Attestation standards apply to three levels of service—examination, review, and agreed-upon procedures; applicability of the specific AT-C section(s) depends on both the level of service provided and the subject matter. The purpose of the attestation engagement is to provide users of information, generally third parties, with an opinion, conclusion, or findings regarding the reliability of subject matter or an assertion about the subject matter, as measured against suitable and available criteria.

Answer 27

A quality control requirement under Government Auditing Standards requires a CPA seeking to enter into an audit contract to provide the CPA's most recent external quality control review report to the party contracting for the audit.

Answer 28

The ethical standards clearly state that the client records should be returned to the client upon request from the client. The only reason a client record may be withheld is if the engagement has not been completed. While AICPA rules allow holding records when an audit or other service has not been paid up by the client, some state laws prohibit this practice.

Answer 29

AU-C 510.A5 states that the predecessor auditor should permit the successor auditor to review workpaper analysis of any matters of continuing accounting significance. These specifically include workpapers related to balance sheet accounts, both current and noncurrent, and contingencies.

Answer 30

do not require the auditor to include copies of client invoices.

Answer 31

A successor accountant is not required to communicate with a predecessor accountant in connection with acceptance of a compilation or review engagement, but he or she may believe it is beneficial to obtain information that will assist in determining whether to accept the engagement.

Answer 32

While the auditor may communicate there were no material weaknesses identified during the audit, AU-C 265.16 precludes “a written communication stating that no significant deficiencies were identified during the audit.”

Answer 33

he Government Accountability Office (GAO) requires auditors who spend 20% or more of their time performing government audits to have 80 hours of CPE every two years directly related to government auditing (also called “Yellow Book” hours). Adding, on top of that requirement, state requirements for tax and ethics hours, government auditors have a heavy education requirement. A firm that performs government audits must have a system of quality control in place to assure compliance with professional standards and legal and ethical requirements. The quality control system should address, among other areas, human resources policies and procedures. An external peer review is required at least once every three years.

Answer 34

The phrase “substantially less in scope than an audit” is found in a review report.

Answer 35

review engagement is both an assurance and an attest engagement. A compilation is an attest engagement only, not an assurance engagement.

Answer 36

Before accepting an engagement, a successor auditor is required, with client permission, to make inquiries of the predecessor auditor. The auditor may make a proposal before contacting the predecessor auditor. Performance of audit procedures (testing controls or testing beginning balances for the current year) occurs after accepting the engagement.

Answer 37

Section 404 of Title IV of the Sarbanes-Oxley Act (SOX) dictates that each annual report filed with the SEC contain an internal control report. This report states the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting. It also includes an assessment of the effectiveness of the internal control structure and procedures.

Answer 38

nce an engagement has been accepted, the successor auditor may make specific inquiries of the predecessor auditor as to matters that affect the conduct of the audit, and review the predecessor's workpapers, including documentation of planning, internal control, audit results, and other matters of continuing accounting and auditing significance (such as the working paper analysis of balance sheet accounts, and those relating to contingencies).

Answer 39

he AICPA Code of Professional Conduct clearly states, “For a member in public practice, the maintenance of objectivity and independence requires a continuing assessment of client relationships and public responsibility” (ET 0.300.050.04). The independence is required in both auditing and other attestation services.

Answer 40

A member is not prohibited from having any financial interest with a client, so long as it does not impair or appear to impair their independence from the client. An example would be a checking or savings account that is insured by the FDIC. These types of accounts are permitted; so long as the checking or savings account is not material to the member's net worth, then it is not considered to impair the member's independence.

Answer 41

Thus, having an appropriate system of quality control provides reasonable assurance

Answer 42

Statements on Standards for Consulting Services (SSCS), issued by the AICPA, supersede the Statements on Standards for Management Advisory Services (SSMAS). They provide standards of practice for practitioners performing consulting services (defined broadly as consultation, advisory, implementation, transaction, support, and product services).

Answer 43

Reasonable assurance includes the understanding that there is a remote likelihood that material misstatements will not be prevented or detected on a timely basis (i.e., reasonable assurance provides a high level, but it is not possible to obtain absolute assurance due to the nature of audit evidence and the risk of fraud).

Answer 44

CPAs are independent contractors, not employees; as a result, they have legal title to their workpapers. The CPA's ownership of the workpapers is custodial and cannot be transferred without the client's permission. Exceptions include subpoena by a federal court or agency, or inspection by an AICPA or state society quality review team. A seller of an accounting practice MUST obtain permission of the client before transfer to a buyer of the practice.

Answer 45

Section 402 of Title IV of the Sarbanes-Oxley Act (SOX) dictates that it is unlawful for any issuer to extend or maintain credit in the form of a personal loan to or for any director or executive officer of that issuer. Section 403 requires disclosures from a person who is directly or indirectly a beneficial owner of more than 10% of any class of any security registered pursuant to Section 12 of the Securities Exchange Act of 1934. Section 404 requires that an internal control report be filed with each annual report. Management must acknowledge responsibility for establishing and maintaining adequate internal control. Section 406 requires disclosure of whether or not the issuer had adopted a code of ethics for senior financial officers (and if not, why not). Any change in or waiver of this code requires disclosure as well.

Answer 46

registered public accounting firm is not independent of its audit client, or any affiliate of the firm, if during the audit and professional engagement period, the firm provides any nonaudit services to the audit client. Only the answer choice "reviewing a proposed transaction and informing the client of the tax consequences" is allowed during the engagement period; otherwise, the registered public accounting firm would not be considered independent.

Answer 47

Fees charged by a CPA may be contingent if a specified finding or result is attained. These fees are not considered contingent if they are fixed by courts, by other public authorities, or in tax matters if based on the results of judicial proceedings.

Answer 48

dvisory services, implementation services, and product services all fall within the broad category of “consulting services.

Answer 49

A significant deficiency is less severe than a material weakness. Determining if a significant deficiency is also a material weakness requires professional judgment.

Answer 50

Normally, the only time a CPA can disclose confidential information is with the client's consent. The exceptions to client's consent are: a peer review by a state CPA society or state board of accountancy. a subpoena or court summons to release confidential information. an inquiry that is made by a recognized investigatory body.

Answer 51

Based on the Internet (online) version of Government Auditing Standards, the auditor organization and individuals should be independent in both mind and appearance.

Answer 52

f the CPA has any direct or material indirect financial interest in the client, independence is impaired.

Answer 53

Because it would cause damage to the reputation of a company, any disclosure of a client company name by a CPA specializing in bankruptcy procedures is a violation of client confidentiality under the AICPA Code of Professional Conduct (ET 1.700).

Answer 54

“Integrity requires a member to be, among other things, honest and candid within the constraints of client confidentiality.” Integrity helps a client have more confidence in the person with integrity and the company they represent. (The reference for this question is section 3121 in the Auditing & Attestation Reference

Answer 55

“Due care requires a member to discharge professional responsibilities with competence and diligence.” The member should always endeavor to improve their expertise and show professional responsibility to the best of their ability. (The reference for this question is section 3121 in the Auditing & Attestation Reference Volume.)

Answer 56

The principle of objectivity imposes the obligation to be impartial, intellectually honest, and free of conflicts of interest. Independence precludes relationships that may appear to impair a member’s objectivity in rendering attestation services.” A member contributing to their professional responsibilities should maintain impartiality and have no conflicts of interest. (The reference for this question is section 3121 in the Auditing & Attestation Reference Volume.)

Answer 57

The public interest aspect of members’ services requires that such services be consistent with acceptable professional behavior for members.” A member will be able to identify the scope and nature of the services if they follow the principles of integrity, objectivity and independence, and due care. (The reference for this question is section 3121 in the Auditing & Attestation Reference Volume.)

Answer 58

Members should accept the obligation to act in a way that will serve the public interest, honor the public trust, and demonstrate a commitment to professionalism.” In other words, a member should treat others the way they want to be treated.

Answer 59

In carrying out their responsibilities as professionals, members should exercise sensitive professional and moral judgments in all their activities.” The member should tell the truth, but be sensitive about it, and use the judgment that best explains the appropriate behavior.

Answer 60

The term “those charged with governance” usually refers to the person(s) with responsibility for overseeing the strategic direction of the entity, the obligations related to the accountability of the entity, and the financial reporting process. The auditor is required to communicate certain information to those charged with governance, including the planned scope and timing of the audit, without compromising the effectiveness of the audit by revealing the nature and timing of detailed audit procedures and thereby making them predictable.

Answer 61

An integrated test facility allows fictitious and real transactions to be processed together without client operating personnel being aware of the testing process. This is because an integrated test facility is built into the data processing system, only using dummy data and files to test input, processing, and output controls. Input controls (designed to ensure proper authorization, completeness, and accuracy of the data entered into the system) could be analyzed by using a matrix. Parallel simulation is a computer-assisted audit technique using generalized audit software that can be programmed to process the same data as the client's programs. The data entry monitor merely shows the data as it is input; no testing is involved.

Answer 62

"Performance materiality. The amount or amounts set by the auditor at less than materiality for the financial statements as a whole to reduce to an appropriately low level the probability that the aggregate of uncorrected and undetected misstatements exceeds materiality for the financial statements as a whole. If applicable, performance materiality also refers to the amount or amounts set by the auditor at less than the materiality level or levels for particular classes of transactions, account balances, or disclosures."

Answer 63

Performance materiality is often used in analytical procedures to investigate significant differences in current-year and prior-year comparison information. Tolerable misstatement is the application of performance materiality to a particular sampling procedure (AU-C 320.A2).

Answer 64

The test data approach (sometimes called the test deck approach) is a way to audit “through the computer.” Test data is introduced into the client's computer system using the same program to operate the application being tested. The output is compared to the auditor's predetermined results. The test data approach does not involve a separate program. An integrated test facility introduces a fictitious entity (such as a dummy subsidiary) with real entries in the master files of the client's computer system. The auditor then compares the processing of data through the fictitious entity with what should be there in order to test that the data processing is reliable. Like the test data (or test deck) approach, an integrated test facility uses the client's system

Answer 65

Ineffective general controls by themselves do not cause misstatements; however, they can permit application controls to operate improperly and allow misstatements to occur.

Answer 66

The auditor is most likely to use online inquiry to confirm whether operating personnel had corrected several errors in transaction files discovered during a recent audit.

Answer 67

Parallel simulation processes real data through audit programs so simulated output and regular output can be compared. Mapping monitors the execution of a program. It would not be used to confirm whether operating personnel had corrected errors in transaction files discovered during a recent audit. Tracing provides an audit trail of the instructions that are executed when a program is run. It would not be used to confirm whether operating personnel had corrected errors in transaction files discovered during a recent audit.

Answer 68

nput controls, processing controls, and output controls are all examples of application controls. Examples of general controls are program change controls, controls that restrict access to programs or data, controls over the implementation of new releases of packaged software applications, and controls over system software that restrict access to or monitor the use of system utilities that could change financial data or records without leaving an audit trail.

Answer 69

In making risk assessments, the auditor should identify and document the controls that are likely to prevent or detect and correct material misstatements in specific relevant assertions. Controls can either be directly or indirectly related to an assertion. The more indirect the relationship, the less effective that control may be in preventing or detecting and correcting misstatements in that assertion.

Answer 70

An examination engagement is an attestation engagement in which the practitioner obtains reasonable assurance by obtaining sufficient appropriate evidence about the measurement or evaluation of subject matter against criteria in order to be able to draw reasonable conclusions on which to base the practitioner's opinion about whether the subject matter is in accordance with (or based on) the criteria or the assertion is fairly stated, in all material respects. (AT-C 105.10)

Answer 71

By definition, the test data approach is the use of simulated transactions to test the processing and controls of the client's computer programs while the client's computerized accounting system is under the auditor's control. Control of the program by the auditor is necessary because the client could possibly substitute another program or make changes in the existing program which would produce output different from the program being tested. The program being tested is the same program used throughout the year by the client. Only a limited number of simulated transactions, some containing errors (but not all possible valid and invalid conditions) need to be tested.

Answer 72

The auditor has the responsibility to plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement, including misstatements resulting from noncompliance under applicable law or regulations having a direct and material effect on the financial statements. (This is the same responsibility the auditor has for errors or fraud.)

Answer 73

The ultimate purpose of assessing control risk is to contribute to the auditor's evaluation of the risk that material misstatements may exist in the financial statements. The assessed levels of control risk and inherent risk are used to determine how much detection risk the auditor can accept in designing substantive tests to detect material misstatements that may exist in financial statement assertions. The assessed levels of control risk and inherent risk are inversely related to detection risk.

one Flashcards

(97 cards)