Surgent Audit Flashcards

Question

What is an Auditor's Specialist?

Answer 1

When performing an audit, an auditor often encounters situations in accumulating evidence concerning account balances in which evidence is from fields beyond his expertise. An example might be evidence collected concerning the inventory valuation of fine jewelry. In such cases, the auditor may use the work of an auditor's specialist. An auditor's specialist is thus defined as a person (or firm) possessing knowledge in a particular field other than accounting or auditing. The auditor may use the findings of the auditor's specialist as part of the audit evidence provided the auditor follows the guidelines set forth in AU-C 620. If an unmodified opinion is issued, the use of a specialist should not be mentioned. In a qualified or adverse opinion, the use of a specialist should be mentioned only if it will help readers understand the reason of the qualification.

Answer 2

A material weakness is a deficiency, or a combination of deficiencies, in internal control, such that there is a reasonable possibility that a material misstatement of the entity's financial statements will not be prevented, or detected and corrected, on a timely basis. When the concept is applied to matters of internal control over compliance, a material weakness represents a deficiency, or combination of deficiencies, in internal control over compliance, such that there is a reasonable possibility that material noncompliance with a compliance requirement will not be prevented, or detected and corrected, on a timely basis. A reasonable possibility exists when the likelihood of an event occurring is either reasonably possible or probable as defined as follows: * Reasonably possible: The chance of the future event or events occurring is more than remote but less than likely. * Probable: The future event or events are likely to occur.

Answer 3

An integrated audit is an audit of internal control over financial reporting being integrated with the audit of financial statements.

Answer 4

An adverse opinion is an “overall” audit opinion which states that the financial statements do not present fairly the financial position or the results of operations or cash flows in conformity with an applicable financial reporting framework (AU-C 705.09). Auditors must have as much sufficient appropriate audit evidence to support an adverse opinion as for an unmodified opinion. An adverse opinion is warranted when the departure from an applicable financial reporting framework or the inconsistency is sufficiently material or sufficiently pervasive as to misrepresent the financial position or results of operations or cash flows or when the auditor believes the entity is not a going concern. An adverse opinion requires the disclosure of all the substantive reasons for the adverse opinion and the principal effects of the inconsistency on the financial statements, if known, or a statement in a separate emphasis-of-matter or other-matter paragraph preceding the opinion paragraph that the effects are not reasonably determinable.

Answer 5

The auditor should evaluate the severity of each identified deficiency to determine whether the deficiency, individually or in combination, is a material weakness as of the date of management's assertion. In evaluating the magnitude of the potential misstatement, the maximum amount by which an account balance or total of transactions can be overstated is generally the recorded amount, whereas understatements could be larger. If there are deficiencies that, individually or in combination, result in one or more material weaknesses as of the date specified in management's assertion, the auditor should express an adverse opinion on the entity's internal control.

Answer 6

According to the AICPA Code of Professional Conduct, independence will be impaired if, during the period of the professional engagement, a covered member had or was committed to acquire any direct or material indirect financial interest in the client. The ownership of the bonds represents a direct financial interest in the client. * Independence is not violated if a member is designated to serve as guardian of a friend's children if the need arises, and the friend's estate, which would be held in trust for the children because the member is the children's guardian, but is not a trustee of the estate held in trust for the children. * Independence is not impaired by membership in a client credit union. * According to an AICPA ethics ruling, as long as the membership in the golf club is essentially a social matter, the covered member's association with the golf club would not impair independence because the debt ownership is not considered to be a direct financial interest.

Answer 7

AU-C 402 outlines the two types of SOC (System and Organization Controls) reports. Whereas the SOC® Type 2 engagement is principally focused on whether controls achieve operational effectiveness, the SOC® Type 1 engagement addresses whether controls are suitably designed.

Answer 8

A change in accounting estimate (such as a change in the useful life of a depreciable asset) is accounted for prospectively and does not affect the comparability of financial statements between periods. Since the auditor's standard report implies that consistency exists, no modification to the report is necessary. A change in the method of accounting for inventories and a change from an accounting principle that is not generally accepted to one that is generally accepted both represent a change in accounting principle, which requires a consistency modification. If management adopts an accounting principle and has not provided reasonable justification for the change, the auditor should express a qualified opinion or an adverse opinion, depending on the materiality of the item.

Answer 9

The U.S. Supreme Court has ruled in Hochfelder that third parties must prove scienter in order to reach the CPA under Rule 10b-5 of the Securities Exchange Act of 1934. Scienter is intent to deceive, manipulate, or defraud on the CPA’s part. Simple negligence is not enough to hold the CPA responsible. Recovery under Rule 10b-5 is limited to the actual losses resulting from the fraud.

Answer 10

Management must make certain representations to the auditor regarding the financial statements; the completeness of information provided to the auditor; recognition, measurement, and disclosure; and information concerning subsequent events. The auditor would be looking for management to represent that the entity has complied with contractual agreements that may affect the financial statements.

Answer 11

Section 408 of the Sarbanes-Oxley Act (SOX) dictates that the SEC will review disclosures made by issuers. Special attention will be paid to the disclosures of issuers: * Who have issued material restatements of financial statements, * Who experienced significant volatility in their stock price, * Have the largest market capitalization, * Are emerging companies with disparities in price to earnings ratios, and * With operations that significantly affect any material sector of the economy

Answer 12

Input controls relate most appropriately to rejection, correction, and resubmission of data that was initially incorrect. There are four basic categories of input to be controlled: 1). transaction entries, 2). file maintenance transactions, 3). inquiry transaction entries, and 4). error correction transactions. Edit checks on transaction entries are a type of input control. Edit checks test transactions prior to processing and are designed to ensure that invalid inputs are rejected. A file of all rejected sales transactions is output pertaining to input controls.

Answer 13

Two types of sampling risk that affect performing tests of controls are: * The risk of assessing control risk too low * The risk of assessing control risk too high If the auditor assesses control risk too high, which would occur if there were deviations from an internal control procedure in the sample, the auditor would then lower detection risk by altering the nature, timing, and extent of substantive audit procedures, reducing the risk that the auditor would not detect a misstatement in the financial statements. Deviations from specific internal control procedures at a given rate ordinarily result in misstatements at a lower rate.

Answer 14

The primary focus of an auditor in the examination of liabilities (e.g., accounts payable) is to verify that all of the entity's liabilities have been recorded. AU-C 315.A133 notes that assertions about completeness are concerned with whether all accounts that should be presented in the financial statements are recorded. Completeness thus would be the assertion on which the auditor would concentrate in auditing the liability of accounts payable.

Answer 15

Tests of controls are designed to assess the effectiveness of the information system and user control policy or procedure in preventing or detecting material errors or control weaknesses in the information systems and operations. Substantive tests relate to: (1) analysis of information, such as tape aging analysis in computer data files and storage media, (2) computer resource usage statistics in computer operations, and (3) security violation exception reporting to detect abnormalities and major problems in access control security practice

Answer 16

If the auditee meets the criteria for a low-risk auditee, the auditor only needs to audit the major programs that, in aggregate, encompass at least 20% of total federal awards expended. Otherwise (not low-risk), the auditor must audit the major programs that, in aggregate, encompass at least 40% of total federal awards expended.

Answer 17

Internal control, even if well designed and operated, can only provide reasonable (not absolute) assurance about achieving objectives. Limitations include that human judgment can be faulty and that human errors or mistakes can cause breakdowns in internal controls. Controls can also be circumvented by management override or by collusion (two or more people working together).

Answer 18

Comparing the control amounts posted to the accounts receivable ledger with the control totals of invoices is the best procedure for preventing or detecting the generation of an invoice for shipped goods which is recorded in the sales journal but is not posted to any customer account. The control amount for the accounts receivable ledger would be less than the control total of invoices if the sale were not posted to the customer's account. This is an example of an independent check being used as a control.

Answer 19

Section 102 of the Sarbanes-Oxley Act (SOX) dictates that public accounting firms performing audits on issuers must register with the Public Company Accounting Oversight Board (PCAOB). The registration includes: * a statement of the firm's quality control policies, * a list of the names and license numbers of all accountants associated with the firm, * information regarding criminal, civil, or administrative actions or disciplinary proceedings against the firm (or any person in the firm), and * consent from the firm to cooperate and comply with any request made by the PCAOB in furtherance of its authority and responsibilities. Once registered, the firm must submit annual reports along with registration and annual fees to the PCAOB.

Answer 20

Statistical Sampling uses the laws of probability to make statements about a population. It allows the auditor to calculate the risk of reliance on the sample to assess control risk, and enables the auditor to make objective statements about the population on the basis of the sample. Because the auditor is able to measure and control the sampling risk, the auditor is able to measure the sufficiency of the audit evidence obtained.

Answer 21

The auditor's report for a performance audit of a governmental entity in accordance with Government Auditing Standards should contain: * the objectives, scope, and methodology of the audit, * the audit results, including findings, conclusions, and recommendations, as appropriate, * a reference to compliance with generally accepted government auditing standards, * the views of responsible officials, and * if applicable, the nature of any privileged and confidential information omitted. A concurrent opinion on the historical financial statements is not the objective of the performance audit and is not required.

Answer 22

The preface to the Accounting and Review Services Statements (AR) notes that the Accounting and Review Services Committee is the committee designated by the AICPA Council to promulgate standards in connection with unaudited financial statements of nonpublic entities. A nonpublic entity is any entity other than one whose securities trade on a stock exchange or over-the-counter market or that makes a filing with a regulatory agency in preparation for sale of securities (i.e., a nonpublic entity is not required to file financial statements with an agency regulating the issuance of the entity's securities).

Answer 23

The purpose of a confirmation is to help the auditor verify client financial statement assertions. Confirmation requests can be prepared in two ways. 1). With a positive confirmation, third parties are either asked to fill in amounts from their records regarding transactions with the audit client, or 2). requested to indicate whether they agree with information already stated in the confirmation. The positive type of confirmation is a very strong form of audit evidence. With a negative confirmation, the third party usually responds only when the information provided by the auditor from the client's records does not agree with the third party's records. Negative confirmations are considered to be a weak form of evidence. Therefore, if the combined assessed level of inherent risk and control risk relative to accounts receivable is low, the auditor is not relying heavily on the negative confirmation evidence due to the low levels of inherent risk and control risk already measured in the audit process.

Answer 24

The completeness assertion deals with whether or not all of the transactions and events that should have been recorded have been recorded, and all related disclosures that should have been included in the financial statements have been included. If an order was shipped, were the corresponding revenue and receivable recorded? In order to determine that the control is in place, the auditor would make sure that an invoice has been prepared for each shipping document.

Answer 25

Unusual lines of authority may be a red flag because they may indicate undue influence on an operating unit from the corporate headquarters. Some of the fraud risk factors relating to management's characteristics include the following (AU-C 240.A76): * Domination of management by a single person or small group without compensating controls * Management failure to correct known significant deficiencies or material weaknesses in internal control on a timely basis * Management's excessive interest in maintaining or increasing the entity's stock price or earnings trend * Nonfinancial management's excessive participation in the selection of accounting principles.

Answer 26

Analytical procedures used in planning the audit may be helpful in identifying the existence of unusual transactions or events, and amounts, ratios, and trends that might indicate matters that have financial statement and audit implications. These procedures are usually performed at a high level; for example, comparing current-year to prior-year sales volumes. Ratio analysis, such as comparing the current-year ratio of aggregate salaries paid to the number of employees to the prior year’s ratio, would be an example of an analytical procedure used as a substantive test (not one used during the planning phase of an audit). Analytical procedures rely on comparisons of recorded amounts, or ratios developed from recorded amounts, to expectations developed by the auditor.

Answer 27

Material misstatements due to fraudulent financial reporting often result from an overstatement of revenues (for example, through premature revenue recognition or recording fictitious revenues) or an understatement of revenues (for example, through improperly shifting revenues to a later period). Therefore, the auditor should ordinarily presume that there is a risk of material misstatement due to fraud relating to revenue recognition. The two accounts that relate to revenue recognition are cash (money received from customers for valid sales should be reflected in cash) and accounts receivable (sales made on account would be recorded in accounts receivable). The sales income account would also relate to revenue recognition.

Answer 28

Analytical procedures entail the study of relationships between financial and nonfinancial data sets. While these procedures may be applied to data contained on supporting documentation, these physical artifacts do not represent an analytical technique in and of themselves.

Answer 29

The evaluation of the operating effectiveness of an internal control is concerned with how the control was applied (whether manual or automated), the consistency with which it was applied, and by whom it was applied. Inspection of documents and reports, and observation and inquiry of client personnel would assist with evaluating operating effectiveness. Preparation of system flowcharts, however, assists the auditor with understanding the design of the internal control, not the operating effectiveness. Flowcharts would provide the least assurance about the operating effectiveness of an internal control.

Answer 30

Applying substantive tests at an interim date, rather than at the balance sheet date, increases audit risk that a misstatement may occur between the interim and year-end dates and exist at the balance sheet date. This increase in risk is the incremental audit risk. Therefore, before auditing asset accounts at an interim date, an auditor should assess the difficulty in controlling the incremental audit risk (i.e., extending the audit conclusion over the remaining period from the interim date to the balance sheet date). The risk of incorrect rejection is part of sampling risk, and it is present whether the tests of details are performed at an interim date or as of the balance sheet date. Likewise, sampling risk (the risk that the auditor's conclusion based on a sample might be different from the conclusion that would be reached by examining every item in the entire population) is not dependent upon when the tests are applied. Materiality considerations are not linked to the timing of audit procedures.

Answer 31

The risk of incorrect rejection is part of sampling risk, and it is present whether the tests of details are performed at an interim date or as of the balance sheet date. Likewise, sampling risk (the risk that the auditor's conclusion based on a sample might be different from the conclusion that would be reached by examining every item in the entire population) is not dependent upon when the tests are applied. Materiality considerations are not linked to the timing of audit procedures.

Answer 32

The direct communication with external legal counsel should obtain evidence about any litigation, claims, assessments, and unasserted claims that counsel is aware of, together with an assessment of the outcome and an estimate of the financial implications. Given that a lawyer may limit a response to matters to which the lawyer has given substantive attention and to matters which individually or collectively are material to the financial statements, the choice which requires further investigation would be the comment about the company being able to assert meritorious defenses.

Answer 33

Meritorious defense addresses the substance or essentials of a case rather than technical objections or delaying tactics. It can be a defense that is based on evidence sufficient to warrant setting aside a default judgment against the defendant in civil litigation. It can also refer to a defense that appears likely to succeed or has already succeeded. The auditor would need to determine if the outcome is probable, reasonably possible, or remote, and then determine if a loss accrual is required under the circumstances.

Answer 34

Payroll control objectives include: * proper authorization of new employees, * no fictitious employees included in the payroll, * all terminated employees removed from payroll, * employees paid authorized amounts, * all transactions recorded correctly, * detailed records maintained, and * government regulations complied with. Having salary rates and total hours to be paid approved by the payroll supervisor and having unclaimed checks forwarded to absent employee's supervisors all contribute to undermining the payroll control objectives of payment of authorized amounts and no payments to fictitious employees.

Answer 35

The written communication regarding significant deficiencies and material weaknesses identified during the audit of financial statements should: * include a statement that indicates the purpose of the auditor's consideration of internal control was to express an opinion on the financial statements, but not to express an opinion on the effectiveness of the entity's internal control over financial reporting. * include a statement that indicates the auditor is not expressing an opinion on the effectiveness of internal control. * include a statement that indicates that the auditor's consideration of internal control was not designed to identify all deficiencies in internal control that might be significant deficiencies or material weaknesses. * include the definition of the term "material weakness" and, where relevant, the definition of the term "significant deficiency." * identify the matters that are considered to be significant deficiencies and, if applicable, those that are considered to be material weaknesses. * include a statement that indicates the communication is intended solely for the information and use of management, those charged with governance, and others within the organization and is not intended to be and should not be used by anyone other than these specified parties. If an entity is required to furnish such auditor communications to a governmental authority, specific reference to such governmental authorities may be made.

Answer 36

AU-C 520.A17 identifies four(4) factors relating to the auditor's consideration of the reliability of the data for purposes of achieving audit objectives: 1. The source of the information available: Whether the sources within the entity were independent of those who are responsible for the amount being audited 2. The comparability of the information available: Whether the data is comparable to broad industry data 3. The nature and relevance of the information available: Whether budgets have been established as results to be expected rather than as goals to be achieved 4. Controls over the preparation of the information that are designed to ensure its completeness, accuracy, and validity: Whether the data was developed under a reliable system with adequate controls While processing data in an EDP system may be more reliable than manual systems, manual systems have been shown to be effective in terms of reliability of data. Thus, processing data in an EDP system or in a manual system would least influence the auditor's consideration.

Answer 37

Since both cash in bank and collateral for loans are amounts that can be verified by the entity's bank, auditors usually use one form to ask for confirmation of both of these balances.

Answer 38

Quality control (QC) standards are a CPA firm's system of specified standards that are required to be developed to assure that firm is in compliance with professional standards for the services it provides. Services included are: * Auditing, Accounting, and Review, * Consulting Practices, and * Tax Practices. Quality control standards relate to the conduct of a firm’s attestation practice as a whole, Accounting firms and individual practitioners have an obligation to establish and maintain a system of quality control to provide reasonable assurance that the firm/practitioner complies with professional standards and applicable legal and regulatory requirements. Within the context of the system of quality control, engagement teams have a responsibility to implement quality control procedures that are applicable to the attestation engagement and provide the firm with relevant information to enable the functioning of that part of the firm’s quality control relating to independence.

Answer 39

Attestation standards relate to the conduct of individual attestation engagements.

Answer 40

The GAO (U.S. Government Accountability Office) Yellow Book, containing the generally accepted government auditing standards, requires auditors to document justification of deviations from presumptively mandatory procedures.

Answer 41

The additional items and responsibilities required by Government Auditing Standards relate to the following: a. Reporting auditor compliance with GAGAS b. Reporting on internal control and compliance with provisions of laws, regulations, contracts, and grant agreements. Some governmental audit requirements specifically identify the applicable compliance requirements. c. Communicating deficiencies in internal control, fraud, noncompliance with provisions of laws, regulations, contracts, and grant agreements, and abuse. For instance, government audits require tests of the operating effectiveness of controls. d. Materiality is generally in relation to the government as a whole; however, the government audit requirement may specify a different level of materiality at one or more levels, such as by major program. e. In identifying and assessing the risks of material noncompliance, the auditor may evaluate inherent risk of noncompliance and control risk of noncompliance individually or in combination. f. Reporting views of responsible officials g. Reporting confidential or sensitive information h. The auditor’s report must include a schedule of findings and questioned costs. i. Documenting justification of deviations from presumptively mandatory procedures j. Distributing reports

Answer 42

Defining professional responsibilities: The SSARS list two(2) categories of professional requirements: 1). Unconditional requirements: indicated by the use of the word “must” 2). Presumptively mandatory requirements: indicated by the use of the word “should”

Answer 43

Based on Rule 3521 of the Public Company Accounting Oversight Board, contingent fees and commission will result in a lack of independence for the registered public accounting firm.

Answer 44

According to GAS (Government Auditing Standards) 1.14, the ethical principles that guide the work of auditors who conduct audits in accordance with generally accepted government auditing standards (GAGAS) are: 1). the public interest; 2). integrity; 3). objectivity; 4). proper use of government information, resources, and positions; and 5). professional behavior. The “public interest” is defined in the government standards as “the collective well-being of the community of people and the entities the auditors serve” (GAS 1.15). Integrity includes "auditors conducting their work with an attitude that is objective, fact-based, nonpartisan, and nonideological with regard to audited entities and users of the auditors’ reports” (GAS 1.17). Government information is “to be used for official purposes and not inappropriately for the auditor’s personal gain or in a manner contrary to law or detrimental to the legitimate interests of the audited entity or the audit organization” (GAS 1.20). Materiality in GAGAS financial audits is considered an “additional consideration” in GAGAS audits (GAS 4.46).

Answer 45

The risk of assessing control risk too high is the risk that the assessed level of control risk based on the sample is greater than the true operating effectiveness of the control. In other words, the sample tested by the auditor has a higher rate of deviation than the full population does. Based on the testing, the auditor assesses control risk higher than he or she would if the auditor had tested the whole population. The auditor is concerned with two aspects of sampling risk in performing tests of controls: 1. The risk of assessing control risk too low (also called beta risk) 2. The risk of assessing control risk too high (also called alpha risk)

Answer 46

The risk of assessing control risk too high is the risk that the assessed level of control risk based on the sample is greater than the true operating effectiveness of the control. Test of Controls Reliable Unreliable Sample: Clients Internal Control Structure is: Accept Correct decision Risk to low Reject Risk Too High Correct decision The risk of assessing control risk too low is the risk that the assessed level of control risk based on the sample is less than the true operating effectiveness of the control. The risk of assessing control risk too low is the risk that the assessed level of control risk based on the sample is less than the true operating effectiveness of the control.

Answer 47

AU-C 540.A15 states, “The preparation and fair presentation of the financial statements requires management to determine whether a transaction, an event, or a condition gives rise to the need to make an accounting estimate and that all necessary accounting estimates have been recognized, measured, and disclosed in the financial statements in accordance with the applicable financial reporting framework.” AU-C 540.A21 states: "The preparation and fair presentation of the financial statements also requires management to establish financial reporting processes for making accounting estimates, including adequate internal control. Such processes include the following: * "Selecting appropriate accounting policies and prescribing estimation processes, including appropriate estimation or valuation techniques, including, when applicable, the appropriate models * "Developing or identifying relevant data and assumptions that affect accounting estimates * "Periodically reviewing the circumstances that give rise to the accounting estimates and reestimating the accounting estimates as necessary"

Answer 48

AU-C 402.16 indicates that if a user auditor's risk assessment includes an expectation that controls at the service organization are operating effectively, the user auditor’s procedures should include one or more of the following: obtaining and reading a type 2 report, if available; performing appropriate tests of controls at the service organization; or using another auditor to perform tests of controls at the service organization on behalf of the user auditor.

Answer 49

A change to the system that enables the creation of new reports would not prevent the auditor from relying on the prior year’s assessment of the operating effectiveness of controls. Changing the system to provide new reports would not fundamentally change the risks or operation of an entity’s system. Therefore, the prior-year testing could provide the auditor with confidence surrounding the effectiveness of controls. A change to how the data is processed could impact both the accuracy and completeness of the data. Therefore, an auditor would not be able to rely on the effectiveness of controls based on prior-year testing. Changes to the accounting system programs could result in new risks due to new software. These new risks could affect the effectiveness of controls that were tested in the prior year. Changes made to the client’s control environment would also prevent the auditor from relying on prior-year testing as a change in the control environment indicates a pervasive change.

Answer 50

Advising a client regarding the selection of computer software is a consulting service engagement, which should be performed in accordance with the Statements on Standards for Consulting Services (SSCS). Advocating a client’s position before the IRS is a tax advisory service, which should be performed in accordance with the Statements on Standards for Tax Services (SSTS). Neither such engagement is performed in accordance with Statements on Standards for Accounting and Review Services (SSARS).

Answer 51

In some circumstances, management is required to report on the company's internal control over financial reporting (ICFR) but such report is not required to be audited and the auditor is not engaged to perform an audit of management's assessment of the effectiveness of ICFR. In such cases, under PCAOB AS 3105.59, the auditor is required to include explanatory language to that effect in the “Basis for Opinion” section. Alternatively, if the auditor issues separate reports on ICFR and the financial statements, under PCAOB AS 2201.88 the required paragraph referencing the separate report should appear in the “Opinion on the Financial Statements” section, immediately following the opinion paragraph. If an auditor is issuing an integrated report, then the reporting requirements of PCAOB AS 2201, An Audit of Internal Control Over Financial Reporting That Is Integrated with an Audit of Financial Statements, should be followed.

Answer 52

An emphasis-of-matter or other-matter paragraph is an additional paragraph(s) added to the standard auditor's report to fulfill the need to add explanatory language to the report. The need for an emphasis-of-matter or other-matter paragraph may or may not affect the unmodified opinion. An “emphasis of matter” paragraph is included in the auditor's report that is required by GAAS, or is included at the auditor's discretion, and refers to a matter appropriately presented or disclosed in the financial statements that, in the auditor's professional judgment, is of such importance that it is fundamental to the users' understanding of the financial statements. An “other matter” paragraph is included in the auditor's report that is required by GAAS, or is included at the auditor's discretion, and refers to a matter other than those presented or disclosed in the financial statements that, in the auditor's professional judgment, is relevant to the users' understanding of the audit, the auditor's responsibilities, or the auditor's report.

Answer 53

IT provides potential benefits in an entity’s internal control by enabling an entity to: * consistently apply predefined business rules and perform complex calculations in processing large volumes of transactions, * enhance timeliness, availability, and accuracy of information, * facilitate additional analysis of information, * enhance the ability to monitor performance of policies and procedures, * reduce the risk of controls being circumvented, and * enhance the ability to achieve effective segregation of duties. The reduction of the frequency of data entries is a benefit similar to enhancing the accuracy of information.

Answer 54

An organizational structure refers to how divisions, departments, and positions link together in authority, responsibility, and communication. “The suitability of the client's lines of reporting.” It is important that employees “understand how their activities in the financial reporting information system relate to the work of others and the means of reporting exceptions to an appropriate higher level within the entity” (AU-C 315.A100). Clear lines of authority and responsibility are also very important in an EDP (electronic data processing) environment due to the potential access of data by multiple users. The auditor is looking for information on how the entity's activities for achieving its objectives are planned, executed, controlled, and reviewed.

Answer 55

The completeness assertion involves determining whether all transactions that should be recorded are actually recorded. When examining cash sales, the auditor is concerned that all such sales are recorded and that employees are not simply pocketing the cash without recording the sale. The consistent use of cash registers and tapes discourages this type of theft.

Answer 56

There are several conditions or circumstances that would cause the auditor to consider whether material misstatements exist in an entity's financial statements (because the auditor's professional skepticism would sound a warning alarm). One of these conditions is when transactions selected for testing are not supported by proper documentation. The previously communicated material weaknesses that are not corrected may be an example of a conscious business decision made by the client—the cost to correct the condition may exceed the benefits. As long as management acknowledges the existence of the weakness and accepts the risk, the auditor need only compensate for the weakness when planning the audit.

Answer 57

The audit procedure, “Review the accounts receivable trial balance for amounts due from officers and employees,” is used to satisfy the audit objective that accounts receivable are properly described and presented in the financial statements (which supports the assertion about presentation) because it provides evidence about transactions with related parties, which must be separately disclosed.

Answer 58

Another name for the goal of the audit procedures used to obtain evidence about the dollar amounts and disclosures presented in the financial statements is the audit objective. The primary, overriding audit objective is to express an opinion on the fairness, in all material respects, with which the financial statements present the financial position, results of operations, and cash flows in conformity with an applicable financial reporting framework. Practical or specific audit objectives relate to and are developed in light of the assertions of management embodied in the financial statements. These specific objectives are to obtain and evaluate sufficient appropriate audit evidence regarding the assertions. Example: An audit objective regarding the completeness assertion for inventory would be to obtain reasonable assurance that the inventory quantities include all products, materials, and supplies on hand.

Answer 59

In the context of an audit of financial statements, reasonable assurance is a high, but not absolute, level of assurance. Because of the nature of audit evidence and the characteristics of fraud, the auditor is able to obtain reasonable, but not absolute, assurance that material misstatements are detected. In the context of an audit of financial statements, reasonable assurance is a high, but not absolute, level of assurance. Because of the nature of audit evidence and the characteristics of fraud, the auditor is able to obtain reasonable, but not absolute, assurance that material misstatements are detected. Reasonable assurance is obtained when the auditor has sufficient appropriate audit evidence to reduce audit risk to an acceptably low level; reasonable assurance is not an absolute level of assurance. The likelihood that those objectives will be achieved is affected by limitations inherent to internal control. These limitations include the following: * Human judgment in decision making can be faulty. * Breakdowns in internal control can occur because of human failures such as simple errors or mistakes. * Errors may occur in the use of information produced by IT. Individuals may not understand the purpose of automated controls or the use of information produced by IT.

Answer 60

Integrity (ET 0.300.040): “To maintain and broaden public confidence, members should perform all professional responsibilities with the highest sense of integrity.” a. Integrity is an element of character fundamental to professional recognition. It is the quality from which the public trust derives and the benchmark against which a member must ultimately test all decisions. b. Integrity requires a member to be honest and candid within the constraints of client confidentiality. Service and the public trust should not be subordinated to personal gain and advantage. Integrity can accommodate the inadvertent error and the honest difference of opinion; it cannot accommodate deceit or subordination of principle. c. Integrity is measured in terms of what is right and just. In the absence of specific rules, standards, or guidance, or in the face of conflicting opinions, a member should test decisions and deeds by asking: “Am I doing what a person of integrity would do? Have I retained my integrity?” Integrity requires a member to observe both the form and the spirit of technical and ethical standards; circumvention of those standards constitutes subordination of judgment. d. Integrity also requires a member to observe the principles of objectivity and independence and of due care.

Answer 61

To act with due care is to act with competence and diligence. It is the obligation to perform professional services with concern for the best interest of the recipient of the service and in a manner consistent with the profession's responsibility to the public. Due care is the duty to perform each audit as a professional possessing the degree of skill commonly possessed by others in the field. Due care is the subject of ET 0.300.060 and the General Standards Rule of the AICPA Code of Professional Conduct: "A member should observe the profession's technical and ethical standards, strive continually to improve competence and the quality of services, and discharge professional responsibility to the best of the member's ability." "General Standards Rule: A member shall comply with the following standards and with any interpretations thereof by bodies designated by Council: A. "Professional Competence... B. "Due Professional Care... C. "Planning and Supervision... D. "Sufficient Relevant Data..." ET 0.300.060.01 and 1.300.001.01

Answer 62

Due care means acting with competence and diligence. Competence is derived from a synthesis of education, experience and professional judgment. Diligence implies a prompt, careful, thorough rendering of service in accordance with applicable technical standards. Because the acceptance of a professional engagement implies that a CPA has the necessary level of skills to complete the professional service according to the professional standards, a CPA must undertake only those professional engagements that he or she can reasonably expect to complete with professional competence. ET 0.300.060 states that due care requires a member to plan and supervise adequately any professional activity undertaken. The exercise of due care requires critical review at every level of supervision of the work done and the judgment exercised by those assisting in the audit.

Answer 63

The auditor should determine whether the identified risks of material misstatement relate to specific relevant assertions related to classes of transactions, account balances, and disclosures, or whether they relate more pervasively to the financial statements taken as a whole and potentially affect many relevant assertions. The latter risks (risks at the financial statement level) may derive in particular from a weak control environment. Expressing the risk of material misstatement at the relevant assertion level (e.g., valuation of accounts receivable, existence of accounts payable) provides a basis for the auditor to determine the audit procedures that must be performed in order to lower audit risk.

Answer 64

An organization follows up on errors to the monthly statements to determine the accounts receivable dollar amount that the organization has the right to receive. The presentation assertion deals with whether components of the financial statements are properly listed and disclosed. The presentation would not be affected by management's following-up on errors reported by customers.

Answer 65

When an auditor tests the system of internal controls, the concern is that he or she does not over-rely on the internal controls if they do not sufficiently prevent, detect, or correct errors. The stronger he perceives the internal controls to be, the smaller the sample size that is necessary for testing the controls. The higher the likely rate of deviations, the larger the sample size. If an auditor is not concerned with assessing control risk too high, but rather too low. Assessing control risk too low means that the auditor will falsely place too much reliance on the internal controls and will not collect enough evidence.

Answer 66

The risk of assessing control risk too high is the risk that the assessed level of control risk based on the sample is greater than the true operating effectiveness of the control. The risk relates to the efficiency of the audit. If the auditor's evaluation of a sample leads him to unnecessarily assess control risk too high for an assertion, he would ordinarily increase the scope of substantive tests to compensate for the perceived ineffectiveness of the controls.

Answer 67

To determine the number of items to be selected for a particular sample for a test of controls, the auditor should consider the: a. tolerable rate of deviation from the controls being tested, b. likely rate of deviations, and c. allowable risk of assessing control risk too low. The auditor applies professional judgment to relate these factors in determining the appropriate sample size.

Answer 68

When planning a particular audit sample for a test of controls, the auditor should consider the following: a. The relationship of the sample to the objective of the test b. The maximum rate of deviations from prescribed control procedures that would support the planned reliance (the tolerable rate) c. The auditor's allowable risk of assessing control risk too low d. Characteristics of items comprising the accounting balance or class of transactions to be sampled.

Answer 69

An entity's compliance with aspects of contractual agreements or regulatory requirements related to audited financial statements is specifically listed as a special report in AU-C 800.04 and .07. If the financial statements were audited in accordance with generally accepted auditing standards and concluded that the financial statements were fairly presented on the prescribed basis, a qualified opinion, an unmodified opinion with reference to footnote disclosure, or a disclaimer of opinion would not be appropriate.

Answer 70

A special-purpose framework (commonly referred to as other comprehensive bases of accounting) is a financial reporting framework other than GAAP. Financial statements prepared in accordance with this framework may be the only financial statements an entity prepares. As a precondition for an audit under a special-purpose framework, the auditor must obtain an understanding of the purpose for which the financial statements were prepared, the intended users of the special-purpose financial statements, and the steps taken by management to determine the acceptability of the financial reporting framework. Special-purpose frameworks may include one of the following bases of accounting: a. Contractual basis: A basis of accounting that the entity uses to comply with an agreement between the entity and one or more third parties other than the auditor b. Regulatory basis: A basis of accounting that the entity uses to comply with the requirements or financial reporting provisions of a regulatory agency to whose jurisdiction the entity is subject (for example, a basis of accounting that insurance companies use pursuant to the accounting practices prescribed or permitted by a state insurance commission) c. Tax basis: A basis of accounting that the reporting entity uses or expects to use to file its income tax return for the period covered by the financial statements. A tax basis is not regulatory bases of accounting. d. Cash basis: A basis of accounting that the entity uses to record cash receipts and disbursements and modifications of the cash basis having substantial support (for example, recording depreciation on fixed assets). A cash basis is not regulatory bases of accounting. e. Other basis: Another basis of accounting that uses a definite set of logical, reasonable criteria that is applied to all material items appearing in financial statements According to the special-purpose framework in effect, the auditor’s report will be modified.

Answer 71

If the special-purpose financial statements are prepared in accordance with a regulatory basis of accounting, and the special-purpose financial statements together with the auditor's report are intended for general use, the auditor should not include the emphasis-of-matter or other-matter paragraphs (sections 3456.07 and 3456.08). a. The auditor should express an opinion about whether the special-purpose financial statements are presented fairly, in all material respects, in accordance with GAAP. b. The auditor should also, in a separate paragraph, express an opinion about whether the financial statements are prepared in accordance with the special-purpose framework. There should also be a statement that the special-purpose framework is a basis of accounting other than GAAP. The auditor must assess whether, based on available evidence, substantial doubt about the entity’s ability to continue as a going concern exists and whether disclosure is warranted.

Answer 72

The practitioner’s standard report on a compilation on a financial projection should include the following: a. An identification of the prospective financial statements presented by the responsible party b. A statement that the practitioner has compiled the prospective financial statements in accordance with standards established by the American Institute of Certified Public Accountants c. A statement that a compilation is limited in scope and does not enable the practitioner to express an opinion or any other form of assurance on the prospective financial statements or the assumptions d. A caveat that the prospective results may not be achieved e. A statement that the practitioner assumes no responsibility to update the report for events and circumstances occurring after the date of the report f. A statement describing the special purpose for which the projection was prepared g. A separate paragraph that restricts the use of the report because it is intended to be used solely by the specified parties h. The manual or printed signature of the practitioner’s firm i. The date of the compilation report j. If the projection does not contain a range, the report should also include: o. a statement that there will usually be differences between the projected and actual results, because events and circumstances frequently do not occur as expected, and those differences may be material. o a statement that the practitioner has no responsibility to update the report for events and circumstances occurring after the date of the report.

Answer 73

Prospective financial statements are either financial forecasts or financial projections, including the summaries of significant assumptions and accounting policies. Although prospective financial statements may cover a period that has partially expired, statements for periods that have completely expired are not considered to be prospective financial statements. Pro forma financial statements and partial presentations are not considered to be prospective financial statements. (AT-C 305.09)

Answer 74

Although a CPA not in public practice does not have to maintain independence, the CPA does have to maintain objectivity. Objectivity is defined in the AICPA Code of Professional Conduct as “a state of mind, a quality that lends value to a member's services. It is a distinguishing feature of the profession. The principle of objectivity imposes the obligation to be impartial, intellectually honest, and free of conflicts of interest.” (ET 0.300.050.02)

Answer 75

The auditor should prepare audit documentation that is sufficient to enable an experienced auditor, who has no previous experience with the specific audit, to understand the nature, timing, and extent of the audit procedures performed; the results of the procedures performed and evidence obtained; and significant findings or issues arising during the audit, conclusions reached, and any significant professional judgments made in reaching those conclusions.

Answer 76

Audit documentation provides evidence of the auditor’s basis for a conclusion about the achievement of the overall objectives of the audit, and evidence that the audit was planned and performed in accordance with relevant audit standards and applicable legal and regulatory requirements. The auditor should prepare audit documentation that is sufficient to enable an experienced auditor, who has no previous experience with the specific audit, to understand the nature, timing, and extent of the audit procedures performed; the results of the procedures performed and evidence obtained; and significant findings or issues arising during the audit (including any findings that could result in a modification of the auditor’s report), conclusions reached, and any significant professional judgments made in reaching those conclusions.

Answer 77

Statement on Quality Control Standards (SQCS) 8, A Firm's System of Quality Control, states that the quality control policies and procedures applicable to a firm's accounting and auditing practice (i.e., audit, attestation, compilation, and reviews) should encompass the following elements: a. Leadership responsibilities for quality within the firm b. Relevant ethical requirements c. Acceptance and continuance of client relationships and specific engagements d. Human resources e. Engagement performance f. Monitoring

Answer 78

As a condition for accepting an engagement to be performed in accordance with SSARS, the accountant should: a. determine whether preliminary knowledge of the engagement circumstances indicate that ethical requirements regarding professional competence will be satisfied. b. determine whether the financial reporting framework selected by management to be applied in the preparation of the financial statements is acceptable. c. obtain the agreement of management that it acknowledges and understands its responsibility: 1. for the selection of the financial reporting framework to be applied in the preparation of financial statements. 2. for the design, implementation, and maintenance of internal control relevant to the preparation and fair presentation of the financial statements that are free from material misstatement, whether due to fraud or error (unless the accountant decides to accept responsibility for the entity’s internal control, which would preclude the accountant from providing services requiring independence). 3. for the preparation and fair presentation of financial statements in accordance with the applicable financial reporting framework, and the inclusion of all informative disclosures that are appropriate for the applicable framework. 4. for preventing and detecting fraud. 5. for ensuring that the entity complies with laws and regulations applicable to its activities. 6. for the accuracy and completeness of the records, documents, explanations, and other information, including significant judgments provided by management for the preparation of financial statements. 7. to provide the accountant with: i. access to all information of which management is aware that is relevant to the preparation and fair presentation of the financial statements, such as records, documentation, and other matters. ii. additional information that the accountant may request from management for the purpose of the engagement. iii. unrestricted access to persons within the entity of whom the accountant determines it necessary to make inquiries. SSARS 23 revises the requirement detailed in c.(2) above so that the requirement does not apply if the accountant decides to accept responsibility for such internal control.

Answer 79

The auditor develops an audit plan to reduce audit risk to an acceptably low level. The audit plan should include a description of the nature, extent, and timing of planned risk assessment procedures sufficient to assess the risks of material misstatement, including performance materiality; the nature, extent, and timing of planned further audit procedures at the relevant assertion level for each material class of transactions, account balance, and disclosure; and all other audit procedures to be carried out for the engagement in order to comply with GAAS (generally accepted auditing standards). Procedures performed to assess independence and the ability to perform the engagement, the understanding of the terms of the engagement, and issues with management integrity that could affect the decision to continue the audit engagement are all items that should be documented, but not in the audit plan itself.

Answer 80

An audit procedure is a series of specific and specialized steps or actions auditors take to meet audit objectives. Audit procedures may vary for different audit engagements, depending on the complexity of the activity under review, the type of company, and other factors unique to the engagement. Audit procedures are to be tailored to the engagement as compared to audit standards, which do not change. Audit procedures are used for tests of controls and substantive testing. The seven basic audit procedures are: (1) inspection, (2) observation, (3) inquiry, (4) confirmation, (5) recalculation, (6) reperformance, and (7) analytical procedures. Example: Select a sample of 10 receiving reports and vouch to the related purchase order.

Answer 81

Performance materiality is defined in AU-C 320 as follows: “The amount or amounts set by the auditor at less than materiality for the financial statements as a whole to reduce to an appropriately low level the probability that the aggregate of uncorrected and undetected misstatements exceeds materiality for the financial statements as a whole. If applicable, performance materiality also refers to the amount or amounts set by the auditor at less than the materiality level or levels for particular classes of transactions, account balances, or disclosures. Performance materiality is to be distinguished from tolerable misstatement.”

Answer 82

The auditor must develop an audit plan for the audit in order to reduce audit risk to an acceptably low level. The audit plan is more detailed than the audit strategy and includes the nature, extent, and timing of audit procedures to be performed by audit team members. Procedures that an auditor may consider in planning the audit usually involve review of his or her records relating to the entity and discussion with other firm personnel and personnel of the entity: a. Reviewing correspondence files, prior year’s working papers, permanent files, financial statements, and auditor's reports b. Discussing matters that may affect the audit with firm personnel responsible for nonaudit services to the entity c. Inquiring about current business developments affecting the entity d. Reading the current year’s interim financial statements e. Discussing the type, scope, and timing of the audit with management of the entity, the board of directors, or its audit committee f. Considering the effects of applicable accounting and auditing pronouncements, particularly new ones g. Coordinating the assistance of entity personnel in data preparation h. Determining the extent of involvement, if any, of consultants, specialists, and internal auditors i. Establishing the timing of the audit work j. Establishing and coordinating staffing requirements

Answer 83

Financial records are maintained and reported according to a basis other than GAAP. A comprehensive basis of accounting other than GAAP is one of the following: * A basis of accounting that the entity used to comply with the requirements or financial reporting provisions of a governmental regulatory agency to whose jurisdiction the entity is subject (e.g., pursuant to the rules of a state insurance commission) * A basis of accounting used to file income tax returns for the period covered by the financial statements * The cash receipts and disbursements basis of accounting, and modifications of the cash basis when such modifications are substantially supported, such as recording depreciation on fixed assets or accruing income taxes * A definite set of criteria having substantial support that is applied to all items appearing in financial statements, such as the price level basis of accounting See AU-C 800, AU-C 805, and AU-C 806 for examples of the special report used in each instance.

Answer 84

Compilation is a service, the objective of which is to assist management in presenting financial information in the form of financial statements without undertaking to obtain or provide any assurance that there are no material modifications that should be made to the financial statements in order for the statements to be in conformity with the applicable financial reporting framework. Although a compilation is not an assurance engagement, it is an engagement where the accountant must determine whether he or she is independent of the entity. AR-C 80.04, .17

Answer 85

A review engagement is an attestation engagement in which the practitioner obtains limited assurance by obtaining sufficient appropriate review evidence about the measurement or evaluation of subject matter against criteria in order to express a conclusion about whether any material modification should be made to the subject matter in order for it be in accordance with (or based on) the criteria or to the assertion in order for it to be fairly stated. (AT-C 105.10)

Answer 86

A disclaimer of opinion is an expression of no opinion. (AU-C 700.03) A disclaimer of opinion is warranted when restrictions on the scope of the audit are so severe, whether client imposed or due to other reasons, that the auditors are unable to obtain sufficient appropriate audit evidence to enable them to form an opinion. Example: Instances of limitations on scope include the client's refusal to allow the confirmation of receivables or the lack of a beginning inventory physical count (i.e., when the auditor is hired after the beginning of the fiscal year). It is only when the auditors are unable to overcome these limitations by other audit procedures that a disclaimer of opinion is warranted. A disclaimer of opinion because of a scope limitation requires modification of the standard auditor's responsibility paragraph and, in all cases, the substantive reasons for the disclaimer should be explained in a separate emphasis-of-matter or other-matter paragraph.

Answer 87

Analytical procedures are a set of audit procedures that examine the relationships between financial and nonfinancial data. Analytical procedures encompass such investigation of identified fluctuations or relationships that are inconsistent with other relevant information or that differ from expected values by a significant amount. These procedures are used in the planning stage, as a substantive test about particular assertions, and as an overall review of the financial information in the final review stage of the audit. Analytical procedures include ratio analyses (comparison of ratios to prior years and to industry averages) and reasonableness tests (e.g., comparison of aggregate salaries paid with the number of employees).

Answer 88

An adverse opinion is an “overall” audit opinion which states that the financial statements do not present fairly the financial position or the results of operations or cash flows in conformity with an applicable financial reporting framework (AU-C 705.09). Auditors must have as much sufficient appropriate audit evidence to support an adverse opinion as for an unmodified opinion. An adverse opinion is warranted when the departure from an applicable financial reporting framework or the inconsistency is sufficiently material or sufficiently pervasive as to misrepresent the financial position or results of operations or cash flows or when the auditor believes the entity is not a going concern. An adverse opinion requires the disclosure of all the substantive reasons for the adverse opinion and the principal effects of the inconsistency on the financial statements, if known, or a statement in a separate emphasis-of-matter or other-matter paragraph preceding the opinion paragraph that the effects are not reasonably determinable.

Answer 89

Prospective financial statements are either financial forecasts or financial projections, including the summaries of significant assumptions and accounting policies, and are for either general use or limited use. Assumptions are used to present a condition or course of action that is not necessarily expected to occur but is consistent with the purpose of the projection. As a result of an assertion-based examination, the practitioner has a basis for reporting on whether, in his or her opinion, the prospective financial statements are presented in conformity with AICPA guidelines, and the assumptions provide a reasonable basis for the responsible party’s forecast, or whether the assumptions provide a reasonable basis for the responsible party’s projection given the hypothetical assumptions.

Answer 90

Control risk is the risk that a material misstatement that could occur in an assertion about a class of transaction, account balance, or disclosure and that could be material, either individually or when aggregated with other misstatements, will not be prevented, or detected and corrected, on a timely basis by the entity's internal control. Control risk should be assessed in terms of the financial statement assertion. Assessing control risk is the process of evaluating the effectiveness of an entity's internal control in preventing or detecting material misstatements in the financial statements. The auditor uses the knowledge provided by the understanding of internal control and the assessed level of control risk in determining the nature, extent, and timing of substantive tests for financial statement assertions.

Answer 91

Detection risk (DR) is the risk that the procedures performed by the auditor to reduce audit risk to an acceptably low level will not detect a misstatement that exists and that could be material, either individually or when aggregated with other misstatements (AU-C Glossary). Detection risk is a function of the effectiveness of an audit procedure and its application by the auditor. Detection risk consists of two component risks: 1. The risk that analytical procedures and other relevant substantive tests would fail to detect misstatements (AP) 2. The allowable risk of incorrect acceptance (TD) for the substantive test of details DR = AP × TD Detection risk can never be reduced to 0 because the auditor cannot test 100% of the account balances and transactions.

Answer 92

Substantive procedures are tests of transaction details and account balances and analytical procedures performed to detect material misstatements in the account balances, transaction class, and disclosure components of the financial statements. These tests are used to test financial statement assertions. Examples of substantive audit procedures include testing the fair presentation of an account balance or transactions by confirmation, recalculation, observation and examination (e.g., physical inventory), examination of documents, vouching and tracing, scanning, and analytical procedures. Uncertainties involved in substantive testing constitute detection risk. Detection risk (DR) is composed of two other risks—analytical procedure risk (AP) and tests-of-detail risk (TD). DR = AP × TD

Answer 93

A reissued report is issued subsequent to the date of the original report. A reissued report may need to be revised for the effects of specific events; in these circumstances, the report should be dual-dated with the original date and a separate date that applies to the effects of such events.

Answer 94

An attribute is any characteristic that is either present or absent. In tests of controls, the presence or absence of evidence of the application of a specified control is sometimes referred to as an attribute (e.g., in a credit sale, credit approval before the sale is initiated is the attribute, or control condition, of the credit sale). Absence of, or rate of occurrence of deviation from, the attribute is measured in tests of controls and used to determine whether a control is reliable.

Answer 95

Attribute Sampling is used in tests of controls, where the auditor is looking for a specific characteristic (or the absence of a specific characteristic, such as evidence of approval). The sample size for tests of controls takes into account the tolerable rate of deviation, the likely rate of deviation, and the risk of assessing control risk too low (the reliability level). The number of items in the population is not as important as the number of deviations (based on the attribute defined) expected and likely.

Answer 96

The Government Accountability Office (GAO) requires auditors who spend 20% or more of their time performing government audits to have 80 hours of CPE every two years directly related to government auditing (also called “Yellow Book” hours). Adding, on top of that requirement, state requirements for tax and ethics hours, government auditors have a heavy education requirement. A firm that performs government audits must have a system of quality control in place to assure compliance with professional standards and legal and ethical requirements. The quality control system should address, among other areas, human resources policies and procedures. An external peer review is required at least once every three years.

Answer 97

The completeness assertion for inventory states that recorded inventory quantities include all products, materials, and supplies owned by the entity (i.e., goods on hand, in transit, stored, or on consignment at some other location). The control which would most directly address this assertion would assure that all goods received are recorded. Receiving reports provide evidence that merchandise has been received and has become part of inventory. Thus, prenumbering receiving reports and periodically reconciling these reports to recorded inventory would directly address the completeness assertion for inventory. “Receiving reports are prenumbered and periodically reconciled” is the best answer.

Answer 98

Artificial intelligence (AI) is the science and engineering of simulating human intelligence processes (e.g., learning, reasoning, self-correction) by machines (i.e., making intelligent machines), especially intelligent computer programs. Therefore, the analytical procedures used in planning an audit should focus on enhancing the audit. Machine learning is one application of artificial intelligence (AI) (not vice versa), based on the idea that we should be able to give machines access to data and let them learn for themselves. Artificial intelligence is generally classified as either narrow/weak or general/strong.

Answer 99

Accounting and Review Services Committee (ARSC)'s The ARSC is the Accounting and Review Services Committee. This committee issues the Statements on Standards for Accounting and Review Services (SSARSs), which govern the performance of compilation and review engagements. In addition, AICPA members who perform compilation and review engagements are governed by the AICPA's Code of Professional Conduct and the Statements of Quality Control Standards (SQCSs), which establish standards and provide guidance on a firm's system of quality control. Therefore, the analytical procedures used in planning an audit should focus on

Answer 100

As set forth by Section 102 of the Sarbanes-Oxley Act, public accounting firms performing audits for issuers must register with the PCAOB. The registration includes: * the names of all issuers for which the firm prepared or issued audit reports during the immediately preceding calendar year, and for which the firm expects to prepare or issue audit reports during the current calendar year; * the annual fees received by the firm from each issuer for audit services, other accounting services, and nonaudit services; * other current financial information for the most recently completed fiscal year of the firm that the PCAOB may request; * statement of the firm's quality control policies for its accounting and auditing practices; * a list of the names and license numbers of all accountants associated with the firm who participate in or contribute to the preparation of audit reports; * information regarding criminal, civil, or administrative actions or disciplinary proceedings against the firm (or any person in the firm) connected with an audit report; * copies of any periodic or annual disclosure filed by an issuer with the SEC during the immediately preceding calendar year which discloses accounting disagreements between the issuer and the firm in connection with an audit report furnished or prepared by the firm for the issuer; * consents from the firm to cooperate and comply with any request made by the PCAOB in furtherance of its authority and responsibilities; and * any other information that the PCAOB requests. Once registered, the firm must submit annual reports along with registration and annual fees to the PCAOB.

Answer 101

Likely misstatements represent the auditor’s best estimate of the total misstatements in the account balances. These include management judgmental misstatements concerning accounting estimates that the auditor considers unreasonable or the selection or application of accounting policies that the auditor considers inappropriate.

Answer 102

AU-C 540.A15 states, “The preparation and fair presentation of the financial statements requires management to determine whether a transaction, an event, or a condition gives rise to the need to make an accounting estimate and that all necessary accounting estimates have been recognized, measured, and disclosed in the financial statements in accordance with the applicable financial reporting framework.” AU-C 540.A21 states: "The preparation and fair presentation of the financial statements also requires management to establish financial reporting processes for making accounting estimates, including adequate internal control. Such processes include the following: * "Selecting appropriate accounting policies and prescribing estimation processes, including appropriate estimation or valuation techniques, including, when applicable, the appropriate models * "Developing or identifying relevant data and assumptions that affect accounting estimates * "Periodically reviewing the circumstances that give rise to the accounting estimates and reestimating the accounting estimates as necessary"

Answer 103

“Financial expert” is defined in SOX Title IV as whether a person has, through education and experience as a public accountant or auditor or a principal financial officer, comptroller, or principal accounting officer of an issuer: * an understanding of GAAP and financial statements; * experience in: o the preparation or auditing of financial statements of generally comparable issuers and o the application of such principles in connection with the accounting for estimates, accruals, and reserves; * experience with internal accounting controls; and * an understanding of audit committee functions. There is no requirement that the financial expert had to obtain this experience by serving on a prior audit committee or board of directors.

Answer 104

Financial Reporting Framework (other country) If an auditor is reporting on financial statements prepared under a financial reporting framework of another country and those financial statements are only for use outside of the United States, the auditor should comply with the reporting standards of the other country only and identify the other country in the report. The auditor could use a U.S. form report, but it would not be limited to only those parties specified by the client. They need not indicate reference to the differences between the United States and the other country or obtain regulatory approval. The auditor is permitted to issue an audit report for financial statements prepared under another reporting framework.

Answer 105

The auditor should determine whether the identified risks of material misstatement relate to specific relevant assertions related to classes of transactions, account balances, and disclosures, or whether they relate more pervasively to the financial statements taken as a whole and potentially affect many relevant assertions. Expressing the risk of material misstatement at the relevant assertion level (e.g., valuation of accounts receivable, existence of accounts payable) provides a basis for the auditor to determine the audit procedures that must be performed in order to lower audit risk

Answer 106

A qualified opinion states that, except for the effects of a certain matter, the financial statements are presented fairly in all material respects, in conformity with GAAP. The qualification can result from a lack of sufficient appropriate audit evidence, a scope limitation, a material departure from GAAP (due to inadequate disclosure, inappropriate accounting principles, or unreasonable accounting estimates), or if one of the required financial statements were missing. The inability to obtain the audited financial statements of a significant subsidiary would be a matter that would cause the auditor to issue a qualified opinion. When the entity has prepared its financial statements on the income tax basis (an other comprehensive basis of accounting or special-purpose framework), the auditor must change the wording of the standard auditor's report. An unmodified opinion is still possible in this circumstance. Significant deficiencies discovered during the course of the audit will affect the auditor's risk assessment as well as the nature, timing, and extent of further audit procedures. These deficiencies would need to be reported to those charged with governance, but they would not require a qualified opinion. Analytical procedures used in the planning of an audit that highlight areas of audit concern (higher risk of material misstatement) would also affect further audit procedures. They will not, in and of themselves, cause the auditor to qualify the audit opinion.

Answer 107

For an auditor to determine whether control activities are operating as designed, the auditor would need to examine records documenting the use of those internal controls. Gross margin information and comparisons to budgets or forecasts may show the auditor the relative health of the organization or may highlight areas of concern, but they will do nothing to tell the auditor whether or not control activities are operating as designed. Confirmation of receivables verifying account balances may or may not tell an auditor whether control activities are effective. Of all the possible responses provided, only the examination of client records documenting the use of EDP programs is an example of examining records that could provide the auditor information to determine if control activities are operating as designed.

Answer 108

Pro forma financial statements show what the significant effects on historical financial information might have been had a consummated or proposed transaction (or event) occurred at an earlier date. The auditor must apply the following procedures when performing an examination of pro forma financial statements: * Obtain an understanding of the underlying transaction or event * Obtain knowledge regarding each constituent of a combined entity in a business combination * Discuss with management their assumptions regarding the transaction or event * Evaluate whether adjustments are included for all the effects of the transaction or event * Obtain sufficient evidence in support of the adjustments (such as contracts, agreements, and decisions by the board of directors) * Evaluate whether management has clearly and comprehensively presented their assumptions and if the adjustments are consistent with the data used to develop them * Determine that computations of pro forma adjustments are mathematically correct and that the adjustments have been properly applied to the historical financial statements * Obtain written representation from management The CPA is not required to reevaluate the entity's internal control over financial reporting.

Answer 109

In accordance with the “Yellow Book,” an auditor is required to report on the scope of the auditor's testing of internal controls and on the scope of the auditor's tests of compliance with laws and regulations.

Answer 110

An integrated test facility allows fictitious and real transactions to be processed together without client operating personnel being aware of the testing process. This is because an integrated test facility is built into the data processing system, only using dummy data and files to test input, processing, and output controls. Input controls (designed to ensure proper authorization, completeness, and accuracy of the data entered into the system) could be analyzed by using a matrix. Parallel simulation is a computer-assisted audit technique using generalized audit software that can be programmed to process the same data as the client's programs. The data entry monitor merely shows the data as it is input; no testing is involved.

Answer 111

The GAO has identified seven types of circumstances that could lead to threats of independence: 1. Self-interest 2. Self-review 3. Bias 4. Familiarity 5. Undue influence 6. Management participation 7. Structural threats A structural threat is the threat that an audit organization's placement within a government entity, in combination with the structure of the government entity being audited, will impact the audit organization's ability to perform work and report results objectively.

Answer 112

Some of the specific risks that IT poses to an entity’s internal control include the following: * Unauthorized access to data that may result in destruction of data or improper changes to data. * The possibility of IT personnel gaining access privileges beyond those necessary to perform their assigned duties * Unauthorized changes to data in master files * Unauthorized changes to systems or programs * Failure to make necessary changes to systems or programs * Potential loss of data or inability to access data as required Time delays in the processing of transactions is a specific risk that IT poses as noted in the potential loss of data or inability to access data as required.

Answer 113

The auditor's opinion is based on the degree of correspondence between the financial statements and GAAP. If significant accounting policies do not have authoritative guidance, the auditor would most likely inform the audit committee of these policies. The auditor may not communicate the list of negative trends that may lead to working capital deficiencies and adverse financial ratios because this information exists independent of the audit. The audit report states that management is responsible for the financial statements. While the auditor should make the audit committee aware of the representations requested from management (by providing a copy of the management letter), the auditor is not required to specifically address the level of responsibility assumed by management for the preparation of the financial statements. The auditor will most likely not inform the audit committee of the difficulties encountered in confirming accounts receivable because the auditor is responsible for developing procedures to audit the financial statements and is responsible for developing alternative procedures if the original procedures do not result in sufficient appropriate audit evidence.

Answer 114

In the review of client invoices for billing errors, the auditor is performing tests of controls over the billing process. The auditor defines the characteristic or evidence of the control (e.g., the mathematical accuracy of the invoice) and examines the sample for this characteristic or attribute. The deviation rate refers to the number of exceptions to this expected characteristic found, that is, the number of times the control failed. The evaluation of deviations from the characteristic is attribute sampling. Stratified and variable sampling are used in the substantive testing of account balances and details of transactions. Discovery sampling is a form of attribute sampling where the auditor expects the rate of occurrence of a characteristic to be zero. This type of sampling is designed to uncover at least one occurrence.

Answer 115

Internal controls consist of five interrelated components: control environment, risk assessment, information and communication, control activities, and monitoring. Information and communication systems support the identification, capture, and exchange of information and consist of the procedures and records relevant to financial reporting objectives (including the accounting system). As such, the auditor should obtain sufficient knowledge of the information system to understand the following: * Significant classes of transactions in the entity’s operations * Manual and automated procedures by which transactions are initiated, authorized, recorded, processed, and reported in the financial statements * The related accounting records supporting information, and specific accounts in the financial statements involved in initiating, authorizing, recording, processing, and reporting transactions * The financial reporting process used to prepare the entity’s financial statements, including significant accounting estimates and disclosures * Controls surrounding journal entries Assessing management’s integrity, ethical values, philosophy, and operating style are related to the control environment component.

Answer 116

Any report issued on significant deficiencies or material weaknesses should include a statement restricting the distribution of the report. For example, “The communication is intended solely for the information and use of management, those charged with governance, and others within the organization and is not intended to be and should not be used by anyone other than these specified parties.” The only other items that are required to be included in such a communication are: * a statement that the auditor's consideration of internal control was to express an opinion on the financial statements and not to provide assurance on the internal control (thus no tests would be performed to search for material weaknesses); * a statement that the auditor is not expressing an opinion on the effectiveness of internal control; * a statement that the auditor's consideration of internal control was not designed to identify all deficiencies in internal control that might be significant deficiencies or material weaknesses; * the definitions of material weakness and significant deficiency; and * the identification of matters considered to be significant deficiencies and material weaknesses.

Answer 117

A qualified opinion should be expressed when sufficient appropriate audit evidence concludes that misstatements are material but not pervasive to the financial statements, or the auditor is unable to obtain sufficient appropriate audit evidence but concludes the possible effects could be material but not pervasive; in other words, when a matter is material enough to mention but not sufficiently material to require an adverse opinion or a disclaimer of opinion. An adverse opinion is expressed when sufficient appropriate audit evidence is acquired, but misstatements are both material and pervasive to the financial statements. The factor that would most influence an auditor's decision to modify the audit opinion would be their assessment about the pervasiveness of the effect of the misstatement on the financial statements taken as a whole.

Answer 118

Greater reliance of management on information systems increases the exposure to business interruption. As management relies more on information systems for crucial functions, system failures have the potential to interrupt business. * The exposure of unauthorized third-party access to systems is increased by the absence of adequate access controls to systems * Systematic programming errors are the result of misspecification of requirements or lack of correspondence between specifications and programs, not of greater reliance of management on information systems. * Inadequate knowledge bases are a function of lack of care in building them; exposure does not result from greater reliance of management on information systems.

Answer 119

Significant deficiencies are deficiencies in the design or operation of internal control. The level of deficiency can be affected by the diversity of the entity's business and the size of the entity's operations. AU-C 265.A5 states: “The severity of a deficiency [depends on] the magnitude of the potential misstatement resulting from the deficiency or deficiencies and…whether there is a reasonable possibility that the entity's controls will fail to prevent, or detect and correct, a misstatement of an account balance or disclosure.” In other words, a deficiency that causes a high risk of material misstatement would probably be a significant deficiency. The environment of the entity, including its diversity and size, can affect the risk of material misstatement (control risk and inherent risk) and therefore the possibility that a deficiency could be a significant deficiency.

Answer 120

A CPA should take the following steps when retained to review financial statements of a nonissuer: * Establish an understanding with the entity regarding the review service (an engagement letter). * Determine if the CPA is independent. If not, do not continue. * Acquire the necessary knowledge of the client's industry accounting principles and practices. * Acquire a general understanding of the nature of the client's business, including (a) its operating characteristics and (b) the nature of its assets, liabilities, revenues, and expenses (including its products and services). * Apply appropriate inquiry and analytical procedures to obtain a basis for communicating whether the CPA is aware of any material modifications that should be made to the financial statements for them to be in conformity with generally accepted accounting principles. A review does not involve obtaining an understanding of internal control, assessing control risk (assessing the operating efficiency of the entity's internal control activities), assessing fraud risks (assessing the risk of material misstatement arising from fraudulent financial reporting and the misappropriation of assets), making preliminary judgments about risk and materiality to determine the scope and nature of the procedures to be performed, or testing accounting records to obtain corroborating evidence. These procedures are performed in an audit.

Answer 121

Type A Programs Program Audits also known as: Performance Audits Program audits are performed to determine if the projected objectives established by a legislative body for a particular program have been achieved. The audit evaluates objectives according to the following: * Attainment of desired results or benefits * Effectiveness of programs and related functions * Compliance with requirements of laws and regulations related to program

Answer 122

Tolerable Rate also known as: Tolerable Rate of Deviation Deviation Rate Maximum Tolerable Rate Deviation Rates Tolerable rate is the maximum population rate of deviations from the prescribed internal control that the auditor is willing to accept without altering the planned assessed level of control risk. It is used in tests of controls and depends on professional judgment. Perfection (i.e., no deviations) is not necessary—the auditor can accept a certain number of deviations. The question asked by the tolerable rate is, “How many deviations can I accept before additional work becomes necessary?” The tolerable rate is usually 2%–5%. * Tolerable rate = Number of acceptable deviations in the population ÷ Population size

Answer 123

The Department of Labor defines covered “members” that are required to meet independence rules as all partners, partner equivalents, or shareholder employees of the firm. It includes all professional employees participating in the employee benefit plan audit or located in an office of the firm participating in a significant portion of the audit.

Answer 124

To be independent is to be free from conflicts of interest and bias, self-governing, impartial, not subject to control by others, not requiring or relying on something else, not contingent, and acting with integrity and objectivity (i.e., with judgment that is unimpaired and without bias or prejudice). Independence Rule (ET 1.200.001): "A member in public practice shall be independent in the performance of professional services as required by standards promulgated by bodies designated by Council." (ET 1.200.001.01) Independence is the cornerstone on which the audit, or attest, function of the accounting profession is based. It is the independence of the auditor that assures the public of the fair presentation of the audited financial statements. The audit opinion is the “Independent Auditor's Report” (AU-C 600.A98 requires that the word “independent” appear in the title of the report). The auditor's independence recognizes the need for fairness—fairness to the owners and managers of the company and also to creditors and those who may rely wholly or in part on the auditor's report. Independence is the ability to act with integrity and objectivity and not to compromise one's judgment or conceal or modify an honest opinion. Auditors (both external and internal) must be capable of acting in an honest, unbiased fashion, maintaining the ability to use judgment free from influence by or subordination to the will, opinion, and judgment of others. The CPA must be independent not only in fact but also in appearance. This means both that a true conflict must not exist (the fact of independence) and that the appearance, or impression, of conflict must not exist (the appearance of independence). Hence, there must not be a compromise to the perception of the independence of the CPA in the mind of a reasonable observer, no matter how innocent the questionable circumstances may truly be. Any appearance of the lack of independence would erode the public's confidence in the profession as quickly as the fact of a lack of independence. The “reasonable person” concept is applicable, i.e., whether or not a reasonable person, having all the facts and the normal strength of character, concludes that a specific relationship is lacking in independence, represents a conflict of interest, or is a threat to a CPA's integrity or objectivity.

Answer 125

The auditor projects the sample results to the entire population. $60,000 tolerable misstatement. In this case, an overstatement of $3,700 and an understatement of $200 were found when the auditor sampled 5% of the total population. Projecting the misstatement to the entire population results in $74,000 in overstatements and $4,000 for understatements. Since the total projected misstatement is more than the tolerable misstatement, there is an unacceptably high risk that the actual misstatements in the population exceed the tolerable misstatement. * 5% of total population = 1/20 of total population * $3,700 overstatement × 20 = $74,000 * $200 understatement × 20 = $4,000 * ($74,000 overstatement - 4,000 understatement) - $60,000 = $10,000 Therefore, the projected misstatement exceeds the tolerable misstatement by $10,000. * Another way to calculate the excess overstatement over the tolerable misstatement is by netting the $3,700 overstatement and $200 understatement. * $3,700 overstatement - $200 understatement = $3,500 net overstatement in the sample * $3,500 × 20 = $70,000 projected overstatement * $70,000 - $60,000 = $10,000 excess

Answer 126

Tolerable misstatement is the maximum monetary misstatement that may exist in an account balance or class of transactions, when combined with misstatements in other accounts, without causing the financial statements to be misstated. It is the threshold of materiality and is based on professional judgment. Tolerable misstatement applies to substantive testing and is an element of total audit risk. It must be considered in both statistical and nonstatistical sampling. Tolerable misstatement varies inversely with sample size.

Answer 127

An emphasis-of-matter or other-matter paragraph is an additional paragraph(s) added to the standard auditor's report to fulfill the need to add explanatory language to the report. The need for an emphasis-of-matter or other-matter paragraph may or may not affect the unmodified opinion. * An “emphasis of matter” paragraph is included in the auditor's report that is required by GAAS, or is included at the auditor's discretion, and refers to a matter appropriately presented or disclosed in the financial statements that, in the auditor's professional judgment, is of such importance that it is fundamental to the users' understanding of the financial statements. * An “other matter” paragraph is included in the auditor's report that is required by GAAS, or is included at the auditor's discretion, and refers to a matter other than those presented or disclosed in the financial statements that, in the auditor's professional judgment, is relevant to the users' understanding of the audit, the auditor's responsibilities, or the auditor's report.

Answer 128

The auditor's standard report of a nonissuer identifies the financial statements audited in an opening (opinion) paragraph, which identifies the applicable financial reporting framework and accomplishes the following: A. Identifies the entity whose financial statements have been audited B. States that the financial statements have been audited C. Identifies the title of each statement that the financial statements comprise D. Refers to the notes E. Specifies the dates of or periods covered by each financial statement that the financial statements comprise AU-C 700.25

Answer 129

The opinion paragraph is the paragraph of the standard auditor's report in which the auditor's opinion is expressed. (AU-C 700.35) The opinion paragraph must state whether the financial statements are as follows: * They fairly present the financial position and results of operations and the cash flows of the company. * They are in conformity with the specific financial reporting framework. The opinion paragraph reads as follows: "In our opinion, the financial statements referred to above present fairly, in all material respects, the financial position of ABC Company at December 31, 20X1 (and 20X2), and the results of operations, and its cash flows for the year(s) then ended in accordance with accounting principles generally accepted in the United States of America." The opinion paragraph may be modified as follows: "In our opinion,… * "Qualified opinion —…except for… o "Scope Limitations:…the effect of such adjustments, if any, as might have been determined to be necessary had we been able to examine evidence regarding X,… o "Departure from GAAP:…(the departure from GAAP) as discussed in the preceding paragraph,… o "Inadequate disclosure:…the omission of the information discussed in the preceding paragraph,… o "Accounting changes:…the change in accounting principle discussed in the preceding paragraph,… * "Adverse opinion—…because of the effects of the matters discussed in the preceding paragraph(s),…do not present fairly…ended. (Delete the reference to conformity with GAAP.) * "Disclaimer of opinion—Since the Company does not…(scope limitation) and we were unable to apply other auditing procedures to satisfy ourselves as to…, the scope of our work was not sufficient to enable us to express, and we do not express, an opinion on these financial statements."

Answer 130

Classical variable sampling is used to determine the inventory quantities on hand. Classical variable sampling (CVS) can be used for substantive testing to look for material misstatements in an account balance or class of transactions. (Attribute sampling is generally used for test of controls.) When using CVS, each individual item in the population is treated as a sampling unit in order to evaluate the entire population based on the sample data. There are three common types of classical variables sampling estimators: mean-per-unit, ratio, and difference. Variables sampling reaches a conclusion on the monetary amounts of a population. Two basic sampling methods are classical variables sampling and dollar-unit sampling (DUS). Classical variables sampling depends on the statistical characteristics of normal distribution and requires an estimate of the standard deviation of the population, whereas DUS does not.

Answer 131

Audit sampling is the application of an audit procedure to fewer than 100% of the items within an account balance or class of transactions for the purpose of evaluating some characteristic of the balance or class. Audit sampling may be statistical or nonstatistical and requires professional judgment (AU-C Glossary). The design and size of the audit sample impacts the sufficiency and appropriateness of the audit evidence. Judgmental decisions involved in audit sampling include the following: * Population definition * Sample method * Selection technique * Error analysis * Sampling risk Aspects of sampling risk include the following: * When performing substantive tests of details: o The risk of incorrect acceptance o The risk of incorrect rejection * When performing tests of controls: o Risk of overreliance o Risk of underreliance The sample must be representative of the population (i.e., selected from the entire population in such a way that every element in the population has an equal chance of being selected).

Answer 132

The auditor should determine whether the identified risks of material misstatement relate to specific relevant assertions related to classes of transactions, account balances, and disclosures, or whether they relate more pervasively to the financial statements taken as a whole and potentially affect many relevant assertions. Expressing the risk of material misstatement at the relevant assertion level (e.g., valuation of accounts receivable, existence of accounts payable) provides a basis for the auditor to determine the audit procedures that must be performed in order to lower audit risk.

Answer 133

The practitioner should follow the standards for attestation engagements in performing and reporting on an agreed-upon procedures engagement. Statements on Standards for Attestation Engagements (SSAEs) are issued by senior technical bodies of the AICPA designated to issue pronouncements on attestation matters. The AICPA Code of Professional Conduct requires an AICPA member who performs an attest engagement to comply with such pronouncements and interpretive publications. The practitioner should have sufficient knowledge of the SSAEs to identify those that are applicable to his or her attest engagement and should be prepared to justify departures from the SSAEs. The accountant may also need to be aware of publications other than interpretive publications. These include AICPA attestation publications not defined as interpretive publications; attestation articles in the Journal of Accountancy and other professional journals; continuing professional education programs and other instructional materials, textbooks, guidebooks, attestation programs, and checklists; and other attestation publications from state CPA societies, other organizations, and individuals.

Answer 134

There are a number of qualitative considerations an auditor may consider relevant when determining whether misstatements are material. Misstatements are material when they will affect the decisions of the users of the financial statements. The risk of incorrect acceptance of a misstatement will have no effect on the decisions of financial statement users. The risk of incorrect acceptance of a misstatement is a sampling risk that affects substantive testing.

Answer 135

The auditor is most likely to use online inquiry to confirm whether operating personnel had corrected several errors in transaction files discovered during a recent audit. Online inquiry is an interactive procedure that allows an auditor or other authorized personnel to select and view individual records or transactions.

Answer 136

Mapping monitors the execution of a program. It would not be used to confirm whether operating personnel had corrected errors in transaction files discovered during a recent audit.

Answer 137

Tracing provides an audit trail of the instructions that are executed when a program is run. It would not be used to confirm whether operating personnel had corrected errors in transaction files discovered during a recent audit.

Answer 138

Auditor's Report Would Usually be Addressed to: Because the auditor's responsibility is to the client company, the address of the report should be the stockholders and/or the board of directors of the company that engaged the auditor. The audit report may be addressed to: a. the company whose financial statements are being audited, b. its board of directors, c. its stockholders, or d. a third party who engaged the auditor.

Answer 139

Tolerable misstatement is the application of performance materiality (PM). PM refers to the materiality level set for specific account balances, disclosures, and transactions. If new information is identified that would change the auditor’s level of materiality, the auditor should reassess the initial materiality calculation and revise materiality for the financial statements taken as a whole, if necessary. Failure to do so will lead to an inefficient audit (if materiality is set too low) or a potentially ineffective audit (if materiality is set too high).

Answer 140

Positive confirmations provide audit evidence only when the responses are received from the recipients. The auditor should generally follow up with a second and sometimes a third request to those parties from whom replies have not been received. Sometimes the auditor will receive a reply that is other than a written communication mailed directly to the auditor (fax, e-mail, oral, or other electronic means). The auditor should take steps to verify the validity of the response (confirmation of the source of the information).

Answer 141

Management's discussion and analysis (MD&A) is a narrative disclosure of significant aspects of financial performance and conditions required by the Securities and Exchange Commission (SEC) for publicly held corporations. Governments are also required to provide MD&A in the financial section of the annual comprehensive financial report (ACFR). The MD&A provided by governments should be an objective and readable overview of the government's financial situation as currently known. (GASB 2200.106)

Answer 142

The auditor has 60 days to assemble the nonissuer’s audit documentation in an audit file and complete the administrative process of assembling the final audit following the report release date. The requirement of 45 days is for issuers, as they are required to follow Public Company Accounting Oversight Board (PCAOB) standards.

Answer 143

If financial statements prepared in accordance with a financial reporting framework generally accepted in another country (such as a national variant of IFRS) also are intended for use in the United States, the auditor should report using the U.S. form of report. The auditor should include in the auditor's report an emphasis-of-matter paragraph that identifies the financial reporting framework used in the preparation of the financial statements, refers to the note to the financial statements that describes that framework, and indicates that such framework differs from accounting principles generally acceptable in the United States.

Answer 144

Existence is a management assertion that assets and liabilities are real and exist at a specific date (AU-C 315.A133). Examples: * An example of existence would be that all inventory reported in the balance sheet actually existed as of the balance sheet date. * An example of an audit procedure to test inventory existence would be to observe the inventory being counted on the balance sheet date.

Answer 145

Management implicitly or explicitly makes assertions regarding the presentation of information in the financial statements and related disclosures. Assertions about presentation and disclosure include the following: * Occurrence and rights and obligations—Disclosed events, transactions, and other matters have occurred and pertain to the entity. * Completeness—All disclosures that should have been included in the financial statements have been included. * Classification and understandability—Financial information is appropriately presented and described, and disclosures are clearly expressed. * Accuracy and valuation—Financial and other information are disclosed fairly and at appropriate amounts. AU-C 315.A133 Example: An example of the classification assertion for presentation is that all long-term liabilities presented in the balance sheet will not mature in the next accounting period. An audit procedure to test this assertion is to vouch all long-term liabilities in excess of $5,000 to the source document and confirm the maturity date.

Answer 146

The completeness assertion is a management assertion that all transactions and events that should be presented in the financial statements are included, and all related disclosures that should have been included in the financial statements have been included (AU-C 315.A133). Examples: An example of a completeness assertion is that all accounts payable are included in the liabilities section of the balance sheet. An example of a procedure to test this assertion would be to examine all unmatched receiving reports to determine whether or not the expense and corresponding liability have been properly recorded in the books and records.

Answer 147

The risk of incorrect acceptance and the risk of assessing control risk too low (beta risk) relate to the effectiveness of the audit in detecting existing material misstatement. The risk of incorrect rejection and the risk of assessing control risk too high (alpha risk) relate to the efficiency of the audit.

Answer 148

AU-C 315.21 and .A102–.A103 state that control activities are the policies and procedures that help ensure that management directives are carried out. They help ensure that necessary actions are taken to address risks that threaten the achievement of the entity's objectives. Control activities have various objectives and are applied at various organizational and functional levels.

Answer 149

Sampling risk arises from the possibility that when a test of controls or a substantive test is restricted to a sample of balances or transactions, the auditor's conclusions about the account balance or class of transactions may be different from the conclusions reached if the test were applied in the same way to all items in the account balance or class of transactions. The auditor is concerned with two aspects of sampling risk in performing tests of controls: the risk of assessing control risk too low (also called beta risk) and the risk of assessing control risk too high (also called alpha risk). Sampling risk varies inversely with sample size; setting a sample size too low (to improve the efficiency of the audit) results in the risk of assessing control risk too high

Answer 150

Title III, Section 303 of SOX deals with any action taken to fraudulently coerce, manipulate, or mislead the auditor. It prohibits any director or officer from acting in this manner, as well as anyone acting under their direction. Refusal to answer auditor questions honestly could be considered an attempt to mislead the auditor.

Answer 151

Unaudited financial statements (i.e., compiled or reviewed) presented comparatively with audited financial statements should be clearly marked as unaudited. The accountant is associated with the unaudited statements since they are presented in comparison to the audited statements. To clearly define the responsibility the auditor is assuming, a separate paragraph is included in the audit report, or the report on the unaudited financial statements is reissued.

Answer 152

“Association with financial statements” is when an auditor is associated with financial information when the auditor has applied procedures sufficient to permit the auditor to report in accordance with GAAS (generally accepted auditing standards). The Statements on Standards for Accounting and Review Services (SSARS) address the accountant's considerations when the accountant prepares and presents financial statements to the entity or to third parties. AU-C 200.03

Answer 153

AU-C 450.04 defines "misstatement" as “a difference between the reported amount, classification, presentation, or disclosure of a financial statement item and the amount, classification, presentation, or disclosure that is required for the item to be presented fairly in accordance with the applicable financial reporting framework.” An unrecorded liability resulting from a specific activity or invoice would be considered a (known) misstatement.

Answer 154

According to the AU-C Glossary: "Appropriateness is the measure of the quality of audit evidence, that is, its relevance and its reliability in providing support for the conclusions on which the auditor's opinion is based."

Answer 155

The evaluation of the operating effectiveness of an internal control is concerned with how the control was applied (whether manual or automated), the consistency with which it was applied, and by whom it was applied. Inspection of documents and reports, and observation and inquiry of client personnel would assist with evaluating operating effectiveness. Preparation of system flowcharts, however, assists the auditor with understanding the design of the internal control, not the operating effectiveness. Flowcharts would provide the least assurance about the operating effectiveness of an internal control.

Answer 156

The written communication regarding significant deficiencies and material weaknesses identified during the audit of financial statements should include: * the definition of the term "material weakness" and, when relevant, the definition of the term "significant deficiency." * a description of the significant deficiencies and material weaknesses and an explanation of their potential effects. * sufficient information to enable those charged with governance and management to understand the context of the communication. In particular, the auditor should include in the communication the following elements that explain that the purpose of the audit was for the auditor to express an opinion on the financial statements: * The audit included consideration of internal control over financial reporting in order to design audit procedures that are appropriate in the circumstances but not for the purpose of expressing an opinion on the effectiveness of internal control. * The auditor is not expressing an opinion on the effectiveness of internal control. * The auditor's consideration of internal control was not designed to identify all deficiencies in internal control that might be material weaknesses or significant deficiencies, and therefore, material weaknesses or significant deficiencies may exist that were not identified. A paragraph describing management's assertion concerning the effectiveness of internal control is not a required communication.

Answer 157

If control risk (or the risk of material misstatement) is assessed at the maximum level, it means that the auditor cannot rely on the controls. This assessment should be documented, as it helps the auditor to determine the nature, timing, and extent of further audit procedures (most likely performing more, rather than fewer, substantive tests of details in order to lower audit risk). The control structure should be documented thoroughly as part of obtaining the understanding of the entity and its environment, including its internal control. Documenting it more extensively will do nothing to reduce the control risk. Likewise, performing more tests of controls will not assist the auditor if he or she knows that the controls cannot be relied upon.

Answer 158

Performing a walkthrough may be the most effective way to gain a sufficient understanding of internal controls. During a walkthrough, the auditor questions the company's personnel about their understanding of what is required by the company's prescribed procedures and controls. These probing questions allow the auditor to gain a sufficient understanding of the process and to be able to identify important points at which a necessary control has been implemented, is working, is missing, or is not designed effectively. Documenting (walkthrough) that the sales order system prints a shipment-exception report listing non-invoiced shipments is an indication that the auditor has gained a sufficient understanding of the controls over the sales order process to be able to identify key control points and techniques.

Answer 159

When planning a particular audit sample for a test of controls, the auditor should consider four things: (1) the relationship of the sample to the objective of the test of controls, (2) the maximum rate of deviations from prescribed controls that would support his or her planned assessed level of control risk, (3) the auditor's allowable risk of assessing control risk too low and, (4) the characteristics of the population. Unless an entity has different controls based on the value of the check request, the auditor should not consider the dollar value of the check request in making his or her selections

Answer 160

Risk of Assessing Control Risk Too Low The risk of assessing control risk too low is an aspect of sampling risk related to tests of controls. It is the risk that the assessed level of control risk based on the sample is less than the true operating effectiveness of the control. It causes the auditor to rely on a control when the true deviation rate does not justify reliance. It relates to the effectiveness of the audit—the auditor fails to perform additional work that should be performed. Risk of assessing control risk too low is more serious than the risk of assessing control risk too high. The risk of assessing control risk too low varies inversely with the sample size (as the sample size increases, the risk of assessing control risk too low decreases). Test of Control Client's Internal Control Is: Sample Indicates: Reliable: Unreliable: Accept Correct Risk of assessing Decision control risk too low Reject Risk of assessing Correct control risk too high Decision

Answer 161

If, while performing audit procedures, the auditor discovers a situation that instills doubt about the entity's ability to continue as a going concern (such as negative trends and recurring operating losses appearing to be irreversible), the auditor should discuss these concerns with management or those charged with governance. If management or those charged with governance are not planning activity to alleviate the conditions (one plan would be to reduce or delay future expenditures), the auditor is required to include a separate section in the auditor’s report under the heading “Substantial Doubt About the Entity’s Ability to Continue as a Going Concern.” If management does not disclose this information, then the report would be misleading for users. The auditor would most likely express a qualified opinion if information about the entity's ability to continue as a going concern is not disclosed. If conditions or events, considered in the aggregate, have been identified that raise substantial doubt about the entity’s ability to continue as a going concern for a reasonable period of time but, based on the audit evidence obtained, the auditor concludes that substantial doubt has been alleviated by management’s plans and adequate disclosure has been made in the financial statements, then the auditor should consider adding an emphasis-of-matter paragraph to the audit report. The addition of the emphasis-of-matter paragraph does not result in a qualified opinion, and the explanation refers to the note disclosure for more information.

Answer 162

When an entity changes its method of accounting for income taxes, which has a material effect on comparability, the auditor should refer to the change in an emphasis-of-matter paragraph added to the auditor's report. This paragraph should describe the change and refer to the financial statement note that discusses the change in detail (i.e., provide a reference to the entity’s disclosure).

Answer 163

Contingencies are conditions that may or may not involve possible gain or loss for the entity. They are usually referred to in the context of legal claims and assessments, and they must be disclosed to the auditor by management during the course of the audit. The auditor, with client permission (the client drafts the letter in order to give the attorney permission to respond), sends a letter to the client's attorney(s) to request a direct response on the probability of an unfavorable outcome on these issues as well as an estimated range of potential loss. A management representation letter is provided to the auditors at the end of the audit regarding representations for the financial statements; the completeness of information provided to the auditors; assertions about recognition, measurement, and disclosure; and information concerning subsequent events. As this letter is addressed to the auditors, it would not make reference to information that was “furnished to our auditors.” The auditor is required to communicate with the audit committee, not the other way around. Financial statement footnote disclosures would be specific regarding contingencies and potential losses associated with them. A footnote would not state in general terms that “management has prepared and furnished to our auditors a description…of…contingencies.”

Answer 164

A footnote is an explanatory note or comment at the end of a financial statement. The following types of notes are typically included by management as support to the basic financial statements: * Summary of significant accounting policies * Additional support for summary totals found on the financial statements, usually the balance sheet * Information about items not reported on the basic statements that may be significant to users in their decision making * Supplementary information required by the FASB or the Securities and Exchange Commission (SEC) to fulfill the full-disclosure principle

Answer 165

The Securities Act of 1933 exists to provide information to investors about securities offered for sale. It requires all those firms who are not exempt to register before selling their securities, and for those associated with the registration statement to take responsibility for the accuracy of the registration. Full and fair disclosure is meant to prevent misrepresentation or fraud associated with the sale of securities.

Answer 166

The auditor has the responsibility to plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement, including misstatements resulting from noncompliance under applicable law or regulations having a direct and material effect on the financial statements. (This is the same responsibility the auditor has for errors or fraud.) Other noncompliance under applicable law or regulations may have a material indirect effect on the financial statements. While the auditor does not need to perform procedures to detect noncompliance under applicable law or regulations when conducting a financial statement audit, if evidence of possible noncompliance comes to the auditor's attention, the auditor should then apply procedures to determine if noncompliance has occurred. If the auditor determines, after inquiring of management, consulting with an attorney, and examining documentation, that noncompliance under applicable law or regulations has occurred, the auditor must then evaluate its effect on the financial statements. If the noncompliance has a material effect on the financial statements and the act has not been properly accounted for or disclosed, then the auditor should express a qualified or adverse opinion. The auditor's training, experience, and understanding of the client and its industry may provide a basis for recognition that some client acts coming to his attention may be illegal. However, the determination as to whether a particular act is illegal would generally be based on the advice of an informed expert qualified to practice law.

Answer 167

Derived demand is a term used in economic analysis that describes the demand placed on one good or service (e.g., material, labor) as a result of changes in the price for some other related end-product. The derived demand can have a significant impact on the derived good's market price. For example, the demand for steel leads to derived demand for iron ore, which is a critical production component. As the demand for steel increases, so does its price. The increase in price means manufacturers of steel can gain more in revenue if they produce more steel, thus leading to a higher demand for the resources involved in producing steel (i.e., iron ore).

Answer 168

The theory of the invisible hand is a phrase coined by Adam Smith, and describes the unobservable market force that helps the demand and supply of goods in a free market automatically reach equilibrium. It does not directly address increased demand in resources related to a product.

Answer 169

Demand elasticity is a measure of how much the quantity demanded will change if another factor changes. If the price goes up and the quantity demanded changes only a little, demand is inelastic; if the quantity demanded changes a lot, demand is elastic. Demand elasticity per se does not address the effect on resources required to manufacture a product.

Answer 170

An expanding industry is the sector of the economy experiencing a higher-than-average growth rate; industries are often associated with new or cutting-edge fields that did not exist in the past and their growth is related to consumer demand for the new products or services offered by the firms within the industry. Demand on intermediate goods or services related to the final product are not directly addressed by the concept of an expanding industry.

Answer 171

When an auditor is unable to obtain sufficient appropriate audit evidence about a significant item in the financial statements, he has a scope limitation. Scope limitations result in the issuance of a qualified opinion or a disclaimer of opinion.

Answer 172

Probability-proportional-to-size (PPS) sampling selects a sample based on dollars, not individual items. If the sampling interval for a particular asset is $12,000, every invoice that has a value of over $12,000 will be selected. Large-dollar-value items have a higher chance of being selected in the testing, and overstatements are more likely to be detected than understatements. Since PPS sampling is used in the test of details, the auditor would consider two types of risk: incorrect acceptance and incorrect rejection. The auditor controls those risks by determining the risk level for the sample.

Answer 173

A subrecipient is a nonfederal entity that receives a subaward from a pass-through entity to carry out part of a federal program; it does not include an individual that is a beneficiary of such a program. A recipient of other federal awards directly from a federal awarding agency also qualifies as a subrecipient.

Answer 174

The Single Audit Act Amendments of 1996 (Single Audit Act) require audits, referred to as “single audits,” to be conducted by an independent auditor. Single audits have a significant public interest component as they are relied on by federal agencies as part of their administrative responsibilities for determining compliance with the requirements of federal awards by nonfederal entities. a. Single audits are more extensive than GAAS or GAGAS audits. A single audit encompasses an examination of a recipient’s financial records, financial statements, federal award transactions and expenditures, the general management of its operations, internal control systems, and federal assistance it received during the audit period (the time period of recipient operations examined in the single audit, which usually covers a natural or fiscal year). b. The single audit is divided into two areas: compliance and financial. The Compliance Supplement is the document that provides guidance to auditors who are engaged to test for compliance with program requirements.

Answer 175

The Single Audit Act requires that a recipient prepare financial statements specifically for the single audit. It also requires that a financial audit be performed on the recipient, which includes the federal assistance operations as well as the nonfederal assistance operations. a. Tests of transactions and account balances are performed to ensure that the information presented in the financial statements, and notes thereof, are reasonably correct. b. The recipient must prepare a Schedule of Expenditures of Federal Awards (SEFA), which is a supplementary financial statement unique to recipients of federal assistance that details all the federal assistance expended by the recipient during the year, categorized by federal program. The auditor must then audit and report on this schedule in relation to the financial statements as a whole.

Answer 176

Rents are treated as expended funds. Under the “percentage-of-coverage rule” that is included in the Uniform Guidance rules, for entities assessed at low risk, the total major programs selected must be at least 20% of the total federal awards expended. For entities not considered low risk, the percentage coverage is increased to 40%.

Answer 177

Documentation of an engagement quality review should be included in the engagement documentation and should contain sufficient information to enable an experienced auditor, having no previous connection with the engagement, to understand the procedures performed by the engagement quality reviewer, including information that identifies the engagement quality reviewer and others who assisted the reviewer; the documents reviewed by the engagement quality reviewer and others who assisted the reviewer; and the date the engagement quality reviewer provided concurring approval of issuance or, if no concurring approval of issuance was provided, the reasons for not providing the approval. An assessment by the engagement quality reviewer of the instances of fraud identified by the audit team is not an item to be included in the documentation.

Answer 178

The auditor should report on supplementary information either in an other-matter paragraph in the auditor’s report on the financial statements or in a separate report on the supplementary information.

Answer 179

The auditor of a nonissuer should consider the tolerable rate of deviation from the controls being tested, the expected rate of deviations, and the allowable risk of assessing control risk too low when determining the sample size related to a test of controls of an assertion. * The tolerable misstatement factors into the calculation of sample size for a substantive test of details, but not for a test of controls. * The nonissuer’s assessment of risk would not play a factor in the calculation of sample size as it is the auditor’s risk assessment that needs to be considered. * Although the auditor may design a sample that will be utilized for control testing and substantive testing, assurance obtained from other substantive procedures would not generally affect the sample size.

Answer 180

In order for the auditor to feel comfortable with the actuary’s report on pension assets and liabilities, the auditor would most likely evaluate the nature and level of expertise of the actuary. If the auditor believes the actuary has sufficient and relevant knowledge, the auditor may choose to rely on the report.

Answer 181

A statement referring to standards established by the AICPA should be included in a practitioner's report on the application of agreed-upon procedures. Agreed-upon procedure reports state that the practitioner did not conduct an examination of the underlying subject matter. No opinion is rendered in an agreed-upon procedure engagement. An opinion is rendered in an assertion-based or direct examination or audit engagement. Agreed-upon procedure engagements do not provide any assurance. A separate paragraph regarding the consistency of the application of accounting principles is not required in a review report unless there is a lack of consistency. A review report is not generally restricted as to its use.

Answer 182

When an auditor uses audit sampling to perform audit procedures and test a relevant assertion for an account balance or a class of transactions, he or she should project the amount of known misstatements identified in the sample to the items in the balance or class from which the sample was selected. That projected misstatement, along with the results of other substantive procedures, represents the auditor’s best estimate and contributes to the auditor’s assessment of likely misstatement in the balance or class as well as an auditor's best estimate of misstatements in a population extrapolated from misstatements identified in an audit sample.

Answer 183

The basis is derived from risk assessment procedures performed to obtain an understanding of the entity and its environment (to address one component of the risk of material misstatement—inherent risk) and suitable tests of controls (to address the other component of the risk of material misstatement—control risk). If the auditor, based on the evaluation of the design and implementation of controls, bases a risk assessment on an expectation that controls are operating effectively to prevent or detect material misstatement, the auditor should perform tests of controls to obtain evidence about the operating effectiveness of the controls. Controls can either be directly or indirectly related to an assertion. The more indirect the relationship, the less effective that control may be in preventing or detecting and correcting misstatements in that assertion.

Answer 184

Under Section 18 of the Securities Exchange Act (SEA) of 1934, the CPA can incur liability for filing any false or misleading statement in any document required to be filed under the SEA. Section 18 applies only to documents that are required to be filed (e.g., annual 10K, proxy statements). The third party must prove scienter (intent) in order to hold the CPA liable. Negligence on the part of the CPA is not enough.

Answer 185

Materiality: * recognizes the importance of some matters for fair presentation of financial statements, * involves judgments which depend upon the surrounding circumstances, and * necessarily involves both quantitative and qualitative judgments. In addition, materiality is influenced by the auditor's perception of the needs of a reasonable person who will rely on the financial statements, by the size or nature of a misstatement, or both. Thus, for planning purposes, an auditor considers materiality in terms of the smallest aggregate level of misstatements that could be material to any one of the financial statements.

Answer 186

AT-C 315 states that a practitioner should not perform a review of an entity's compliance with requirements of specified laws, regulations, rules, contracts, or grants. The standard refers to a review, not an examination or an agreed-upon procedure. A practitioner should not accept an engagement to perform a review of an entity’s compliance with specified requirements or about the effectiveness of an entity’s internal control over compliance or an assertion thereon.

Answer 187

The auditor's overall responses to address the assessed risks of material misstatement at the financial statement level may include the following: * Emphasizing to the audit team the need to maintain professional skepticism in gathering and evaluating audit evidence * Assigning more experienced staff or those with specialized skills such as specialists * Providing more supervision * Incorporating additional elements of unpredictability in the selection of further audit procedures to be performed Substantive responses, further audit procedures, and test of controls are specific responses, not an overall response.

Answer 188

The primary responsibility for the prevention and detection of fraud is given primarily to those charged with governance and management. Management, with the oversight of those charged with governance, must place an emphasis on fraud prevention. The internal auditor's responsibility comes into play for the detection of fraud, not its prevention.

Answer 189

Obtaining an understanding of internal control involves evaluating the design of a control and determining whether it has been implemented. Implementation of a control means that the control exists and that the entity is using it

Answer 190

Payments mailed to the client but not recorded would represent an exception because these payments should have been applied to their related accounts receivable balance, lowering the balance in accounts receivable and increasing cash. Failure to record the payments represents a misstatement of cash and accounts receivable.

Answer 191

Positive confirmations for year-end accounts receivable request a reply from the debtor whether or not the debtor agrees with the balance given. Therefore, all requests should be returned. If a response cannot be obtained, alternative procedures are used to verify that balance. It is reasonable, then, to make second and third requests. Since confirmations consist of client information and the client already has an established relationship with the customer, it is appropriate for the auditor to ask the client to contact the customer if he or she does not reply to a positive request. AU-C 505.A8

Answer 192

By selecting items of equipment from the accounting records and then locating them during the plant tour, unrecorded retirements are detected. (Downstream test). An example of a “downstream” test, begins with the entity's books and agreeing them to supporting evidence. An “upstream test” (observing equipment and tracing it to the equipment subsidiary ledger) would detect unrecorded assets. Analytical procedures, such as reviewing depreciation journal entries, unusual equipment additions, and excessive debits to repairs and maintenance expense, are indirect methods that do not necessarily detect unrecorded retirements of equipment.

Answer 193

Likely misstatements represent the auditor’s best estimate of the total misstatements in the account balances. These include management judgmental misstatements concerning accounting estimates that the auditor considers unreasonable or the selection or application of accounting policies that the auditor considers inappropriate. Extrapolation of errors in a sample of inventory price testing is a likely misstatement.

Answer 194

Section 106 of the Sarbanes-Oxley Act states that any foreign public accounting firm that prepares or furnishes an audit report with respect to any issuer is subject to the Sarbanes-Oxley rules, in the same manner as that of a U.S. public accounting firm that audits an issuer. The Sarbanes-Oxley Act of 2002 (SOX), also known as the Public Company Accounting Reform and Investor Protection Act, was enacted to develop new or enhanced standards for all U.S. public company boards, management, and public accounting firms as well as foreign public accounting firms that prepare or furnish audit reports.

Answer 195

Analytical procedures used in planning the audit may be helpful in identifying the existence of unusual transactions or events, and amounts, ratios, and trends that might indicate matters that have financial statement and audit implications. These procedures are usually performed at a high level; for example, comparing current-year to prior-year sales volumes. Ratio analysis, such as comparing the current-year ratio of aggregate salaries paid to the number of employees to the prior year's ratio, would be an example of an analytical procedure used as a substantive test (not one used during the planning phase of an audit).

Answer 196

The auditor is required to state whether the financial reporting framework has been consistently applied. Inconsistency in the application of the framework is a common reason for qualified opinions by auditors. A change in accounting principle must be reasonably justified. If not, the auditor's report should state that fact. A disclaimer of opinion would not be appropriate when management does not provide reasonable justification for a change in accounting principles. This would result in a qualified opinion or, if the effect of the change is sufficiently material, an adverse opinion. Only when an auditor is not independent, the scope of an audit has been severely limited, or there is an unresolved uncertainty that is far-reaching and serious should an auditor disclaim an opinion.

Answer 197

When an auditor is asked to report on the fair presentation of financial statements prepared in conformity with a regulatory basis of accounting, he or she is required to issue a standard report modified for the departures from GAAP. An additional paragraph is added to this report which expresses the auditor's opinion on whether the financial statements are presented in conformity with the prescribed basis of accounting.

Answer 198

An integrated test facility creates a fictitious entity in an actual entity's database in order to test transactions right along with live input. The test facility is a useful tool because it uses the same programs to compare processing using independently calculated data. This testing helps an auditor compare the independently calculated data in the operating effectiveness of control policies and procedures.

Answer 199

Section 103 of the Sarbanes-Oxley Act dictates that the Public Company Accounting Oversight Board (PCAOB) has the authority to set, amend, update, and modify auditing, quality control, and ethics standards.

Answer 200

The Public Company Accounting Oversight Board (PCAOB) was established by Congress to oversee public company audits. Congress formed the group to protect the interests of investors and further the public interest in the preparation of audit reports. The PCAOB also oversees the audits of broker-dealers.

Answer 201

Documentation of an engagement quality review should be included in the engagement documentation and should contain sufficient information to enable an experienced auditor, having no previous connection with the engagement, to understand the procedures performed by the engagement quality reviewer, including information that identifies the engagement quality reviewer and others who assisted the reviewer; the documents reviewed by the engagement quality reviewer and others who assisted the reviewer; and the date the engagement quality reviewer provided concurring approval of issuance or, if no concurring approval of issuance was provided, the reasons for not providing the approval. An assessment by the engagement quality reviewer of the instances of fraud identified by the audit team is not an item to be included in the documentation.

Answer 202

PCAOB Auditing Standard 1215, paragraph 15, states that “a complete and final set of audit documentation should be assembled as of a date not more than 45 days after the report release date (documentation completion date). If a report is not issued in connection with an engagement, then the documentation completion date should not be more than 45 days from the date that fieldwork was substantially completed. If the auditor was unable to complete the engagement, then the documentation completion date should not be more than 45 days from the date the engagement ceased.”

Answer 203

In computing, documentation is the instructions for operators, descriptions of procedures, and other descriptive material about a program or a system. These instructions can be classified as administrative, systems, or operating. In systems analysis, documentation is the preparation and production of documents for system analysis, programming, and system operation. Good documentation is essential to system maintenance and modification. In auditing, documentation is the use of documentary evidence to support or substantiate a claim or opinion. Documentary evidence (in an accounting sense) includes checks, invoices, contracts, and minutes of meetings. Documentary evidence may also include third-party documents such as bank statements or escrow account balances held by banks.

Answer 204

The Statements on Auditing Standards (SAS) presumptively mandatory requirements are indicated by the word “should.” Unconditional requirements are indicated by the word “must.” Defining professional responsibilities: The SSARS list two categories of professional requirements: Unconditional requirements: indicated by the use of the word “must” Presumptively mandatory requirements: indicated by the use of the word “should”

Answer 205

The assessment of the risk of material misstatement can be expressed in quantitative terms, such as percentages, or qualitative terms, such as high, medium, or low. This assessment is important because it affects the amount of detection risk that the auditor can accept. Detection Risk: The higher the risk of material misstatement, the lower the risk of not detecting (high risk of missing) an error or misstatement must be, and the more substantive procedures the auditor must perform in order to lower the overall audit risk.

Answer 206

Detection risk (DR) is the risk that the procedures performed by the auditor to reduce audit risk to an acceptably low level will not detect a misstatement that exists and that could be material, either individually or when aggregated with other misstatements (AU-C Glossary). Detection risk is a function of the effectiveness of an audit procedure and its application by the auditor. Detection risk consists of two component risks: 1. The risk that analytical procedures and other relevant substantive tests would fail to detect misstatements (AP) 2. The allowable risk of incorrect acceptance (TD) for the substantive test of details DR = AP × TD Detection risk can never be reduced to 0 because the auditor cannot test 100% of the account balances and transactions.

Answer 207

Risk assessment is a systematic process of evaluating the potential risks that are involved in an audit or attestation engagement. If control risk is high there will be less sampling taking place as the auditor is relying on the controls. Risk assessment is one of the five components of internal control and the second level of the COSO pyramid depicting the structure of internal control. It is the identification and analysis of the risks that an entity faces in achieving its objectives and the determination of how those risks will be managed. All entities face risks from both internal and external sources. To be able to perform a risk assessment, the entity must have established its objectives. Risk assessment procedures refer to the audit procedures performed to obtain an understanding of the entity and its environment, including the entity's internal control, to identify and assess the risks of material misstatement, whether due to fraud or error, at the financial statement and relevant assertion levels. Note: COSO is the Committee of Sponsoring Organizations of the Treadway Commission, the National Commission on Fraudulent Financial Reporting.

Answer 208

Sampling risk arises from the possibility that when a test of controls or a substantive test is restricted to a sample of balances or transactions, the auditor's conclusions about the account balance or class of transactions may be different from the conclusions reached if the test were applied in the same way to all items in the account balance or class of transactions. The auditor is concerned with two aspects of sampling risk in performing tests of controls: the risk of assessing control risk too low (also called beta risk) and the risk of assessing control risk too high (also called alpha risk). Sampling risk varies inversely with sample size; setting a sample size too low (to improve the efficiency of the audit) results in the risk of assessing control risk too high.

Answer 209

The risk of assessing control risk too low (also called beta risk)

Answer 210

The risk of assessing control risk too high (also called alpha risk).

Answer 211

The auditor uses the assessed level of audit risk to determine which audit confirmation procedure should be used. Since negative confirmations which are not returned provide no explicit evidence (the confirmation may not have been received), this form of confirmation is used only under specific conditions, such as when the combined assessed level of inherent and control risk relative to accounts receivable is low. Negative confirmations are also used when there are a large number of small balances involved and the auditor expects a small number of errors. Negative confirmations are not a substitute for positive confirmations.

Answer 212

The use of decision models to organize data is a central element of big data. * The management of data in an organized database is a central element of big data. * Users of big data do not have to be computer experts to realize benefits. * The big data concept is not based on computers, and consists of an organized federation of subsystems rather than a single, highly integrated system. Big data describes the large volume of data available to business on a day-to-day basis which is analyzed for insights that lead to better decisions and strategic business moves. Big data is often defined by the three "V's": 1). volume, 2). velocity, and 3). variety.

Answer 213

A fourth, less-common audit data analytic (ADA) technique is diagnostic analytics. Diagnostic analytics drill down into data to understand the cause of a specific outcome. They go beyond descriptive analytics (“what happened?”) to answer the question of "why did it happen?" It is particularly useful in identifying patterns and relationships, investigating anomalies, and understanding trends.

Answer 214

Written representations are required from management for all financial statements and periods covered by the accountant’s review report. Written representations are not required for a compilation or preparation of financial statements engagement but may be requested at the discretion of the accountant.

Answer 215

Confirmation is a specific type of inquiry (an audit procedure for obtaining audit evidence). It is the process of obtaining a representation of information or of an existing condition directly from a third party. Confirmations can also be used to obtain audit evidence about the absence of certain conditions. "Information is furnished as a matter of courtesy without a duty to do so and without responsibility, liability, or warranty, expressed or implied" and does not claim that the information provided in the confirmation reply might not be accurate or complete. Confirmations provide evidence regarding existence, rights and obligations, and cutoff.

Answer 216

Probability-proportional-to-size (PPS) sampling selects a sample based on dollars, not individual items. If the sampling interval for a particular asset is $12,000, every invoice that has a value of over $12,000 will be selected. Large-dollar-value items have a higher chance of being selected in the testing, and overstatements are more likely to be detected than understatements. Since PPS sampling is used in the test of details, the auditor would consider two types of risk: 1). incorrect acceptance and 2).incorrect rejection. The auditor controls those risks by determining the risk level for the sample.

Answer 217

The purpose of a registrar is to keep records of outstanding stock certificates for an issuer. Therefore, the primary purpose of a bank acting as a registrar would be to verify that outstanding stock certificates are issued with the authorization of the board of directors and the articles of incorporation. The registrar (physical custody) would have no decision in the declaration of dividends (authorization); would not have access to accounting records, such as a subsidiary ledger (information processing); and would not be involved in management decisions concerning mergers, acquisitions, and the sale of stock (authorization).

Answer 218

All inventory owned by the client does not have to be on hand at the time of the count, inventories could be held on consignment or in public warehouses, where confirmation procedures might be more appropriate. The auditor is required to design and perform substantive procedures for all relevant assertions related to each material class of transactions, account balance, and disclosure. The five assertions consist of existence/occurrence, completeness, rights/obligations, valuation/allocation, and presentation/disclosure.

Answer 219

In evaluating whether the financial statements are presented fairly in conformity with an applicable financial reporting framework, the auditor must consider the effects, both individually and in the aggregate, of misstatements (known and likely) that are not corrected by the entity, other than those that are clearly trivial. Before considering the aggregate effect of identified uncorrected misstatements, the auditor should consider each misstatement separately to evaluate its effect in relation to the relevant individual classes of transactions, account balances, presentations, or disclosures, including whether materiality levels for particular items of lesser amounts than the materiality level for the financial statements taken as a whole have been exceeded; whether, in considering the effect of the individual misstatement on the financial statements taken as a whole, it is appropriate to offset misstatements; and the effect of misstatements related to prior periods. The cost of correcting the misstatements is not a consideration.

Answer 220

In statistical audit sampling, the precision is the allowance for sampling risk or sampling error, that is, the risk that when testing is restricted to a sample, the conclusion derived from the sample differs from the conclusion that would have been reached if the entire population had been tested. It is a measure of the difference between a sample estimate and the corresponding population characteristic at a specified sampling risk. The precision is usually measured using a table or software and is based on sample size and sample results at the auditor's specified risk of assessing control risks too low. (Precision cannot be measured in nonstatistical sampling.)

Answer 221

An organization follows up on errors to the monthly statements to determine the accounts receivable dollar amount that the organization has the right to receive. The presentation assertion deals with whether components of the financial statements are properly listed and disclosed. The presentation would not be affected by management's following-up on errors reported by customers.

Answer 222

When an auditor performs substantive procedures at an interim date, the risk increases that misstatements may exist at the period end that may not be detected by the auditor. When deciding whether or not to perform interim testing, the auditor would consider such factors as: * the control environment and other relevant controls, * the availability of information at a later date that is necessary for the auditor's procedures, * the purpose of the substantive procedure, * the assessed risk of material misstatement, * the nature of the class of transactions or account balance and relevant assertions, and * the ability of the auditor to perform appropriate substantive procedures or substantive procedures combined with tests of controls to cover the remaining period in order to reduce the risk that misstatements that may exist at the period-end will not be detected.

Answer 223

Recalculation, comparison, confirmation, and verification are all substantive tests or tests of details of transactions. Reperformance and observation are both techniques to test whether the controls are functioning effectively and as prescribed by management. Tests of controls allow the auditor to conclude on the assessed level of control risk.

Answer 224

A factual misstatement would include the misstatements the auditor is able to identify within an audit. Inaccuracy in processing data and a misapplication of accounting principles would be considered factual misstatements. An opinion is not a factual idea or process, while a fact or number is known or factual.

Answer 225

The risk with repairs and maintenance is that transactions should have been capitalized. The completeness assertion answers the question, “Are there any transactions posted to the repairs and maintenance account that should have been posted to a fixed asset account?”

Answer 226

The existence assertion for an asset such as property, plant, and equipment involves determining whether the asset actually exists on a given date. By personally inspecting additions to property, plant, and equipment, the auditor satisfies the existence assertion. The “presentation and disclosure” assertion involves judging whether an asset is properly classified in the financial statements. Visually inspecting an asset does not sufficiently determine whether the financial statements are properly prepared.

Answer 227

The snapshot audit technique may help auditors answer questions as to why computer application systems produce questionable results. Mapping is a technique used to assess the extent of system testing and to identify specific program logic that has not been tested. An integrated test facility (ITF) is a way to review application program logic and function.

Answer 228

Relationships involving income statement accounts tend to be more predictable than relationships involving only balance sheet accounts, as income statement accounts represent transactions over a period of time, whereas balance sheet accounts represent amounts as of a point in time. Only using long-term investments to ascertain the reasonableness of investment income relates to an income statement account.

Answer 229

Applying substantive tests at an interim date, rather than at the balance sheet date, increases audit risk that a misstatement may occur between the interim and year-end dates and exist at the balance sheet date. This increase in risk is the incremental audit risk. Therefore, before auditing asset accounts at an interim date, an auditor should assess the difficulty in controlling the incremental audit risk (i.e., extending the audit conclusion over the remaining period from the interim date to the balance sheet date). The risk of incorrect rejection is part of sampling risk, and it is present whether the tests of details are performed at an interim date or as of the balance sheet date. Likewise, sampling risk (the risk that the auditor's conclusion based on a sample might be different from the conclusion that would be reached by examining every item in the entire population) is not dependent upon when the tests are applied.

Answer 230

Comparing data on separate files. Comparing data on separate files is one of the features of a generalized audit software package. Storage of audit workpapers and assessing the risk of auditable areas are done with other specialized audit software: a generalized audit software package is not designed to accomplish those objectives.

Answer 231

The risk of incorrect rejection is the chance that the statistical evidence might fail to support fair statement of a correct book value. This type of error generally results in addition testing of sample items. When the cost and effort of selecting additional sample items is low, the auditor would increase the risk of incorrect rejection. That way, if the sample results failed to support the fair statements of a book value, it would not be costly or time prohibitive to select additional sample items.

Answer 232

Payments mailed to the client but not recorded would represent an exception because these payments should have been applied to their related accounts receivable balance, lowering the balance in accounts receivable and increasing cash. Failure to record the payments represents a misstatement of cash and accounts receivable.

Answer 233

When control risk is assessed as low, it means the accounting controls have been evaluated as satisfactory and operating as described.

Answer 234

The amortization of a bond discount is the difference between cash interest and interest expense. Cash paid for interest is reported in operating activities. Amortization of a discount on bonds payable results in interest expense greater than cash interest. Because more expense has been deducted in computing income than the amount of cash paid for interest, the difference (captured in the change in the bond discount account) must be added to income to reconcile to the cash provided or used for operating activities.

Answer 235

The City and State where located

Answer 236

Preparation and Fair Presentation of Financial Statements in accordance with the Applicable Financial Reporting Framework

Answer 237

(DIM) Internal Control Design, Implementation, Maintenance

Answer 238

(TIM-AA) Title; Introduction; Management Responsibility; Auditor Responsibility; Audit Opinion

Answer 239

(TIMA-BA) Title; Introduction; Management Responsibility; Auditor Responsibility; Basis for (Modified) Opinion; Audit Opinion

Answer 240

(TIM-AA EMO) Title; Introduction; Management Responsibility; Auditor Responsibility; Audit Opinion; Emphasis-of-Matter; Other-Matter

Answer 241

Component Financial Statements MUST be prepared using same Financial Reporting Framework as the Group Financial Statements; Component Auditor MUST have performed the audit in accordance with GAAS or PCAOB Standards.

Answer 242

Perform additional audit procedures; (a) Be involved in Component Auditors work; (b) Perform Risk Assessment procedures; (c) Assess Risk of Material Misstatement

Answer 243

Compilations are governed by SSARS (Statements on Standards for Accounting and Review Services)

Answer 244

Non-SEC (non-public) registrants only.

Answer 245

In a Compilation the accountant puts together financial statements with information PROVIDED BY MANAGEMENT. No opinion is expressed and no assurances are given. Independence is not required.

Answer 246

Disclosures not necessary; must state that they are not included

Answer 247

SSARS (Statements on Standards for Accounting and Review Services)

Answer 248

Reviews give limited assurance.

Answer 249

Analytical procedures are required for reviews. Compare results to documented predictions.

Answer 250

Financial statements are presented with no opinion expressed- and limited assurances are given. Independence is required for a review engagement.

Answer 251

A prospective financial statement that uses normal circumstances. General and limited use allowed.

Answer 252

A prospective financial statement using hypothetical situations. Only limited use by the client is allowed.

Answer 253

Independence is required; Only limited use by the client is allowed.

Answer 254

No disclosure required.

Answer 255

Accrue for it, if estimable. Emphasis-of-Matter paragraph if not estimable.

Answer 256

Auditor assesses need for Emphasis-of-Matter paragraph based on loss likelihood.

Answer 257

Gain contingencies are not reported.

Answer 258

It doesn't. Opinion is Unmodified.

Answer 259

Modified-Adverse Opinion is issued. Emphasis-of-Matter paragraph is added after Opinion paragraph.

Answer 260

GAS is more strict than GAAS.

Answer 261

An audit performed under governmental auditing standards (GAS). A report on internal control is REQUIRED. GAAS don't require the I/C report.

Answer 262

In a preparation engagement, the CPA is NOT required to determine if they are independent of the client. Part of this reasoning is because a preparation engagement is NOT an attest engagement. In this regard, a preparation engagement is different than a compilation engagement, where independence MUST be assessed.

Answer 263

Building access security is not a part of IT general controls. Security of access to the computers or the network would pertain to IT. General controls are policies and procedures that relate to many applications and support the effective functioning of application controls by helping to ensure the continued proper operation of information systems. These controls often include controls over: * data center and network operations, * system software acquisition, change, and maintenance, * access security, and * application system acquisition, development, and maintenance.

Answer 264

Public accounting firms performing audits on issuers MUST register with the PCAOB. Each registered public accounting firm MUST SUBMIT an ANNUAL report to the PCAOB. The firms MUST also PAY registration fees and annual fees.

Answer 265

Is the selected item, which should be recorded, actually recorded? Should this selected item, which is not recorded, actually be recorded? Concerns the completeness assertion, which states that all amounts are included and NONE is omitted. Which population will indicate where all accounts payable are recorded? Does the auditee owe some amount to anyone else? The auditor MUST select from a population containing items that are not included but which possibly should be. For accounts payable, confirmation with vendors with whom the entity has previously done business, but to whom no recorded payable balance is due, is the appropriate population (“If the auditee asks this vendor if any amount is owed, will the answer be zero?”) Responses from a vendor to whom the client does owe a payable would reveal an unrecorded (i.e., incomplete) liability. This is appropriate for confirmation for completeness. The Confirmation of a recorded amount is unlikely to provide any additional evidence about completeness.

Answer 266

Section 404 of Title IV of the Sarbanes-Oxley Act (SOX) dictates that each annual report filed with the SEC contain an internal control report. This report states the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting. It also includes an assessment of the effectiveness of the internal control structure and procedures.

Answer 267

Section 402 of Title IV of the Sarbanes-Oxley Act (SOX) dictates that it is unlawful for any issuer to extend or maintain credit in the form of a personal loan to or for any director or executive officer of that issuer.

Answer 268

Section 403 requires disclosures from a person who is directly or indirectly a beneficial owner of more than 10% of any class of any security registered pursuant to Section 12 of the Securities Exchange Act of 1934.

Answer 269

Section 406 requires disclosure of whether or not the issuer had adopted a code of ethics for senior financial officers (and if not, why not). Any change in or waiver of this code requires disclosure as well.

Answer 270

Title II of the Sarbanes-Oxley Act of 2002 specifically prohibits bookkeeping, financial information systems design and implementation, appraisal or valuation services, actuarial services, internal audit outsourcing, management functions, broker or dealer services, and legal services. Tax services are permissible, but must be preapproved by the audit committee.

Answer 271

An other-matter paragraph is utilized in an audit report when the auditor presents information to the financial statement users that is not presented or disclosed in the financial statements or in other sections of the audit report. The information that the auditor is reporting on an entity’s financial statements prepared under U.S. GAAP and under IFRS (International Financial Reporting Standards). This information could be relevant to users of the financial statements and therefore would be appropriately placed in an other-matter paragraph.

Answer 272

The ARSC is the Accounting and Review Services Committee. This committee issues the Statements on Standards for Accounting and Review Services (SSARSs), which govern the performance of compilation and review engagements. In addition, AICPA members who perform compilation and review engagements are governed by the AICPA's Code of Professional Conduct and the Statements of Quality Control Standards (SQCSs), which establish standards and provide guidance on a firm's system of quality control.

Answer 273

The Statements on Quality Control Standards (SQCS) establish standards and provide guidance on a firm’s system of quality control. A firm should establish quality control policies and procedures to provide reasonable assurance that personnel comply with professional standards when performing any attest engagement for nonissuers.

Answer 274

Indicators of Material Weakness The following are indicators of material weaknesses in internal controls: * Fraud by senior management, even if immaterial * Restatement of previously issued financial statements to reflect the correction of a mate- rial misstatement because of error or fraud * Identification of a material misstatement that would not have been detected and corrected by the entity’s internal controls * Ineffective oversight of financial reporting and internal controls (AU-C 265.A12)

Answer 275

In some circumstances, management is required to report on the company's internal control over financial reporting (ICFR) but such report is not required to be audited and the auditor is not engaged to perform an audit of management's assessment of the effectiveness of ICFR. In such cases, under PCAOB AS 3105.59, the auditor is required to include explanatory language to that effect in the “Basis for Opinion” section. Alternatively, if the auditor issues separate reports on ICFR and the financial statements, under PCAOB AS 2201.88 the required paragraph referencing the separate report should appear in the “Opinion on the Financial Statements” section, immediately following the opinion paragraph. If an auditor is issuing an integrated report, then the reporting requirements of PCAOB AS 2201, An Audit of Internal Control Over Financial Reporting That Is Integrated with an Audit of Financial Statements, should be followed.

Answer 276

The Sarbanes-Oxley Act (SOX) of 2002 created a new agency, the Public Company Accounting Oversight Board (PCAOB), which is in charge of overseeing, regulating, inspecting, and disciplining accounting firms in their roles as auditors of public companies. The financial statements are required to be audited by an independent CPA firm that is certified by the PCAOB. The independent auditor is hired by and interacts directly with the board of directors’ audit committee. Each member of the audit committee must be a member of the board of directors, and must otherwise be independent. The audit committee should be chaired by someone with significant financial reporting qualifications and experience. Audit committee members may not accept any consulting, advisory, or other compensation from the issuer or be an affiliated person of the issuer.

Answer 277

The auditor IS required to assess fraud risk in all audit engagements because the auditor provides assurance in the unmodified audit report that the financial statements are free from material misstatement due to either error or fraud.

Answer 278

The auditor may determine that certain risks are significant because they indicate a risk of fraud. The auditor responds to risks of material misstatement due to fraud in the following three ways: 1. A response that has an overall effect on how the audit is conducted, including (1) assignment of personnel and supervision, (2) management’s selection of accounting principles, and (3) using audit procedures that include an element of unpredictability. 2. A response to identified risks involving the nature, extent, and timing of the auditing procedures to be performed. The auditor should consider changing the nature, extent, and timing of audit procedures to address specifically identified risks. 3. A response involving the performance of certain procedures to further address the risk of material misstatement due to fraud involving management override of controls. Because management override of controls can occur in unpredictable ways, the auditor must be inventive in developing audit procedures.

Answer 279

The Government Accountability Office (GAO) establishes standards for performing audits in conformance with generally accepted government auditing standards, which is distinct from the Single Audit Act. error_outline

Answer 280

The Office of Management and Budget (OMB) has the authority to develop government-wide guidelines and policy on performing audits to comply with the Single Audit Act.

Answer 281

Classical variable sampling is used to determine the inventory quantities on hand. Classical variable sampling (CVS) can be used for substantive testing to look for material misstatements in an account balance or class of transactions. (Attribute sampling is generally used for test of controls.) When using CVS, auditors treat each individual item in the population as a sampling unit in order to evaluate the entire population based on the sample data. There are three common types of classical variables sampling estimators: mean-per-unit, ratio, and difference. Variables sampling is a classical statistical sampling method that reaches a conclusion on the monetary amounts of a population. Classical variables sampling depends on the statistical characteristics of normal distribution and requires an estimate of the standard deviation of the population.

Answer 282

When controls are likely to be relevant to user entities’ internal control over financial reporting. Auditing and examination standards require the accountant to obtain an understanding of each of the five components of an entity’s internal control sufficient to plan the engagement. This understanding may encompass controls placed in operation by the entity and by service organizations whose services are part of the entity’s information system. i.e., The service organization’s system calculates accounts receivable balances.

Answer 283

Applying substantive tests at an interim date, rather than at the balance sheet date, increases audit risk that a misstatement may occur between the interim and year-end dates and exist at the balance sheet date. This increase in risk is the incremental audit risk

Answer 284

a). Known (factual) misstatements are specific misstatements arising from the incorrect selection of misapplication of accounting principles or misstatement of facts identified during the audit, including, for example, those arising from mistakes in gathering or processing data and the overlooking of misinterpretations of facts. b). Likely (judgmental and projected) misstatements are misstatements that: 1. Arise from differences between management’s and the auditor’s judgements concerning accounting estimates (for example, because an estimate included in the financial statements by management is outside of the reasonable range of outcomes the auditor has determined) 2. The auditor considers likely to exist based on an extrapolation from audit evidence obtained (for example, the amount obtained by projection known misstatements identified in an audit sample to the entire population from which the sample was drawn)

Answer 285

Assertions about account balances at the period-end. Those assertions consist of the following: * Existence: Assets, liabilities, and equity interests exist. * Rights and obligations: The entity holds or controls the rights to assets, and liabilities are the obligations of the entity. * Completeness: All assets, liabilities, and equity interests that should have been recorded have been recorded, and all related disclosures that should have been included in the financial statements have been included. * Valuation and allocation: Assets, liabilities, and equity interests have been included in the financial statements at appropriate amounts, any resulting valuation or allocation adjustments have been appropriately recorded, and related disclosures have been appropriately measured and described. By tracing test counts to the client’s inventory listing, you are asserting that all inventory items have been recorded in the inventory listing (completeness assertion).

Answer 286

AR turnover = Net credit sales ÷ Avg. AR

Answer 287

Days in year ÷ Accounts receivable turnover

Answer 288

If management refuses to furnish a written representation as part of an audit or attestation engagement, the auditor may either withdraw from the engagement or disclaim an opinion.

Answer 289

Two types of misstatements are relevant to the auditor's consideration of fraud-misstatements arising from fraudulent financial reporting and misstatements arising from misappropriation of assets. AU-C 240.03

Answer 290

Probability-proportional-to-size (PPS) sampling selects a sample based on dollars, not individual items. The primary objective of probability proportional to sample size is to identify overstatement errors.

Answer 291

In addition to the evaluation of the frequency and amounts of monetary misstatements, consideration should be given to the qualitative aspects of errors. These include the nature and cause of misstatements, such as whether there are differences in principles or in application, whether there are errors or fraud, or whether the misstatements are due to misunderstanding of instructions or to carelessness. A deviation initially concealed by a forged document would cause the most alarm with an auditor and, consequently, would broaden the consideration given to the implications of such a deviation.

Answer 292

In evaluating whether management has identified all accounting estimates that could be material to the financial statements, the auditor considers the circumstances of the industry or industries in which the entity operates, its methods of conducting business, new accounting pronouncements, and other external factors. The auditor should consider performing the following procedures: 1. Consider assertions embodied in the financial statements to determine the need for estimates. 2. Evaluate information obtained in performing other procedures, such as the following: a. Information about changes made or planned in the entity's business, including changes in operating strategy, and the industry in which the entity operates that may indicate the need to make an accounting estimate b. Changes in the methods of accumulating information c. Information concerning identified litigation, claims, and assessments, and other contingencies d. Information from reading available minutes of meetings of stockholders, directors, and appropriate committees e. Information contained in regulatory or examination reports, supervisory correspondence, and similar materials from applicable regulatory agencies 3. Inquire of management about the existence of circumstances that may indicate the need to make an accounting estimate.

Answer 293

The test data (deck) method verifies the computer processing accuracy of application programs by executing these programs using manually prepared sets of test cases, test data, and expected results of processing. Actual processing results are compared with the expected results. If the two results are identical, then the auditor may infer that the program logic is consistent with the documentation.

Answer 294

Desk checking is usually used by programmers to verify programs. Completing outstanding jobs is meaningless in the context of the question. Parallel simulation is incorrect because parallel simulation involves simulating programs, not transactions.

Answer 295

In order to determine sample size, the auditor must define: * the reliability level (confidence level), * the maximum tolerable rate of deviation (the rate of deviations detected that would cause the auditor to place less than full reliance on the control being evaluated), and * the expected population deviation rate.

Answer 296

The following are true regarding testing of controls with statistical sampling: * As the likely rate of deviation increases, the auditor should increase the planned sample size. * The allowable risk of assessing control risk too low has an effect on the planned sample size. The risk of assessing control risk too high has no effect on the planned sample size. This risk affects auditor efficiency. * Of all the factors to be considered, the tolerable rate of deviation (or maximum tolerable rate) has the greatest effect on the sample size. * The auditor should be concerned about the characteristics of the population (the items comprising the account balance or class of transactions of interest).

Answer 297

Analytical procedures have the highest level of evidence when they use direct predictable relationships within financial statements. The amount of interest expense is directly related to balances and rates of interest bearing accounts and notes payable. Many factors affect the balances of accounts receivable, accounts payable, and travel and entertainment expense, which cannot be predicted with complete accuracy.

Answer 298

Stratified sampling is used when a population has a large standard deviation across observations. It would be useful if the auditor planned to give greater representation in the sample to larger amounts by stratifying the population based on dollar values. When a population is highly variable (large standard deviation), unstratified sampling may produce excessively large variable sample sizes. Stratification increases efficiency because each stratum has a relatively small standard deviation, and the weighted sum of standard deviations is less than the standard deviation for the whole population.

Answer 299

Attribute sampling is typically associated with tests of controls and is unrelated to the stratified sampling of dollar values. The sample size for tests of controls takes into account the tolerable rate of deviation, the likely rate of deviation, and the risk of assessing control risk too low (the reliability level). The number of items in the population is not as important as the number of deviations (based on the attribute defined) expected and likely.

Answer 300

The auditor should document the levels of materiality and tolerable misstatement, including any changes thereto, used in the audit and the basis on which those levels were determined; a summary of uncorrected misstatements, other than those that are trivial, related to known and likely misstatements; the auditor’s conclusion as to whether uncorrected misstatements, individually or in the aggregate, do or do not cause the financial statements to be materially misstated, and the basis for that conclusion; and all known and likely misstatements identified by the auditor during the audit, other than those that are trivial, that have been corrected by management.

Answer 301

In auditing, documentation is the use of documentary evidence to support or substantiate a claim or opinion. Documentary evidence (in an accounting sense) includes checks, invoices, contracts, and minutes of meetings. Documentary evidence may also include third-party documents such as bank statements or escrow account balances held by banks.

Answer 302

Tolerable misstatement is the maximum monetary misstatement that may exist in an account balance or class of transactions, when combined with misstatements in other accounts, without causing the financial statements to be misstated. It is the threshold of materiality and is based on professional judgment. Tolerable misstatement applies to substantive testing and is an element of total audit risk. It must be considered in both statistical and nonstatistical sampling. Tolerable misstatement varies inversely with sample size.

Surgent Audit Flashcards

Audit Exam (333 cards)