AT Quizzer 7 Internal Control FEU Mkti
AT Quizzer 7 Internal Control FEU Mkti
AT Quizzer 7 Internal Control FEU Mkti
2. An auditor uses the knowledge provided by the understanding of internal control and the assessed
level of control risk primarily to
a. Determine whether procedures and records concerning the safeguarding of assets are reliable
b. Ascertain whether the opportunities to allow any person to both perpetrate and conceal fraud are
minimized
c. Modify the initial assessments of inherent risk and preliminary judgments about materiality levels
d. Determine the nature, timing and extent of substantive tests for financial statement assertions
4. An auditor would most likely be concerned with controls that provide reasonable assurance about the
a. Efficiency of management’s decision-making process
b. Appropriate prices the entity should charge for its products
c. Decision to make expenditures for certain advertising activities
d. Entity’s ability to initiate, record, process and report financial data
5. PSA 315 (Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity
and its Environment) requires the auditor to perform risk assessment procedures at
a. The financial statement level only
b. The assertion level only
c. The financial statement level and the assertion level for classes of transactions, account balances
and disclosures
d. Either the financial statement or assertion level
6. The auditor’s risk assessment procedures should always include the following, except
a. Inquiries of management and of others within the entity
b. Analytical procedures
c. Observation and inspection
d. Substantive test procedures and tests of controls
8. The auditor should obtain an understanding of the entity’s objectives and strategies, and those business
risks that may result in risks of material misstatement. Which of the following statements concerning the
entity’s business risk is incorrect?
a. Business risk is broader than the risk of material misstatement of the financial statements, though it
includes the latter
b. An understanding of the business risks facing the entity increases the likelihood of identifying risks of
material misstatement
c. The auditor has a responsibility to identify or assess all business risks
d. Business risk may arise from the development of new products or services that may fail
AT Quizzer 7 “Internal Control” Page 2
9. When obtaining an understanding of controls that are relevant to the audit, the auditor is required to
a. Evaluate the design of those controls
b. Determine whether those controls have been implemented
c. Evaluate the design of those controls and determine whether they have been implemented
d. Evaluate the design of those controls and determine whether they have been implemented by
performing tests of controls
10. This internal control component is the foundation for all other components. It sets the tone of the
organization, provides discipline and structure, and influences the control consciousness of employees
a. Control activities
b. Monitoring of controls
c. Control environment
d. The entity’s risk assessment process
13. Which of the following is a management control method that most likely could improve management’s
ability to supervise company’s activities effectively?
a. Monitoring compliance with internal control requirements imposed by regulatory bodies
b. Limiting direct access to assets by physical segregation and protective devices
c. Establishing budgets and forecasts to identify variances from expectations
d. Supporting employees with the resources necessary to discharge their responsibilities
16. Which of the following factors are included in an entity’s control environment?
Audit Committee Participation Integrity and ethical values Organizational Structure
a. Yes Yes No
b. Yes No Yes
c. No Yes Yes
d. Yes Yes Yes
17. Which of the following components of internal control includes development and use of training policies
that communicate prospective roles and responsibilities to employees?
a. Monitoring
b. Control environment
c. Risk assessment
d. Control activities
18. Proper segregation of duties reduces the opportunities to allow persons to be in positions both to
AT Quizzer 7 “Internal Control” Page 3
a. Journalize entries and prepare financial statements
b. Record cash receipts and cash disbursements
c. Establish internal control and authorize transactions
d. Perpetrate and conceal errors and fraudulent acts
19. Proper segregation of functional responsibilities to achieve effective internal control calls for separation
of the functions of
a. Authorization, execution and payment
b. Authorization, recording and custody
c. Custody, execution and reporting
d. Authorization, payment and recording
20. Internal control can provide only reasonable assurance of achieving an entity’s control objectives. The
likelihood of achieving those objectives is affected by which limitation inherent to internal control?
a. The auditor’s primary responsibility is the detection of fraud
b. The board of directors is active and independent
c. The cost of internal control should not exceed its benefits
d. Management monitors internal control
21. Which of the following most likely would not be considered an inherent limitation of the potential
effectiveness of an entity’s internal control?
a. Incompatible duties
b. Management override
c. Faulty judgment
d. Collusion among employees
22. An independent auditor is concerned with controls designed to safeguard assets that are relevant to
the reliability of financial reporting. Adequate safeguards over access to and use of assets means
protecting from
a. Any management decision that would unprofitably use company resources
b. Only those losses arising from fraud
c. Losses such as those arising from setting a product price too low and subsequently realizing
operating losses from the product’s sale
d. Losses arising from access by unauthorized persons
23. An entity has many employees that access a database. The database contains sensitive information
concerning the customers of the entity and has numerous access points. Access controls prevent
employees from entry to those areas of the database for which they have no authorization. All
salespersons have certain access permission to customer information. Which of the following is a true
statement regarding the nature of the controls and risks?
a. Because there is no segregation of duties among the salespersons, risk of collusion is increased
b. Only one salesperson should be allowed access permission
c. Sales department personnel should not have access to any part of the database
d. A salesperson’s access to customer information should extend only to what is necessary to
perform his/her duties
24. In obtaining an understanding of controls that are relevant to audit planning, an auditor is required to
obtain knowledge about the
a. Design of the controls included in the internal control components
b. Effectiveness of the controls that have been placed in operation
c. Consistency with which the controls are currently being applied
d. Controls related to each principal transaction class and account balance
25. In obtaining an understanding of internal control in a financial statement audit, an auditor is not
obligated to
a. Determine whether the controls have been placed in operation
b. Perform procedures to understand the design of internal control
c. Document the understanding of the entity’s internal control components
d. Search for significant deficiencies in the operation of internal control
27. In planning an audit of certain accounts, an auditor may conclude that specific procedures used to
obtain an understanding of an entity’s internal control need not be included because of the auditor’s
judgments about materiality and assessments of
AT Quizzer 7 “Internal Control” Page 4
a. Control risk
b. Detection risk
c. Sampling risk
d. Inherent risk
28. When obtaining an understanding of an entity’s internal controls, an auditor should concentrate on their
substance rather than their form because
a. The controls may be operating effectively but may not be documented
b. Management may establish appropriate controls but not enforce compliance with them
c. The controls may be so inappropriate that the auditor assesses control risk at the maximum
d. Management may implement controls whose costs exceed their benefits
30. An auditor should obtain sufficient knowledge of an entity’s information system relevant to financial
reporting to understand the
a. Safeguards used to limit access to computer facilities
b. Process used to prepare significant accounting estimates
c. Procedures used to assure proper authorization of transactions
d. Policies used to detect the concealment of fraud
32. An auditor’s flowchart of a client’s accounting system is a diagrammatic representation that depicts the
auditor’s
a. Assessment of control risk
b. Identification of weaknesses in the system
c. Assessment of the control environment’s effectiveness
d. Understanding of the system
33. An advantage of using systems flowcharts to document information about internal control instead of
using internal control questionnaires is that systems flowcharts
a. Identify internal control weaknesses more prominently
b. Provide a visual depiction of clients’ activities
c. Indicate whether controls are operating effectively
d. Reduce the need to observe clients’ employees performing routine tasks
34. The ultimate purpose of assessing control risk is to contribute to the auditor’s evaluation of the risk
that
a. Tests of controls may fail to identify procedures relevant to assertions
b. Material misstatements may exist in the financial statements
c. Specified controls requiring segregation of duties may be circumvented by collusion
d. Entity policies may be inappropriately overridden by senior management
36. After assessing control risk below the maximum level, an auditor desires to further reduce the
assessed level of control risk. At this time, the auditor considers whether
a. It would be efficient to obtain an understanding of the entity’s accounting system
b. The entity’s internal controls have been placed in operation
c. The entity’s internal controls pertain to any financial statement assertions
d. Additional evidential matter sufficient to support a further reduction is likely to be available
37. An auditor may decide to assess control risk at the maximum level for certain assertions because the
auditor believes
a. Controls are unlikely to pertain to the assertions
AT Quizzer 7 “Internal Control” Page 5
b. The entity’s control components are interrelated
c. Sufficient evidential matter to support the assertions is likely to be available
d. More emphasis on tests of controls than substantive tests is warranted
38. Which of the following is a step in an auditor’s decision to assess control risk below the maximum?
a. Apply analytical procedures to both financial data and nonfinancial information to detect conditions
that may indicate weak controls
b. Perform tests of details of transactions and account balances to identify potential errors and fraud
c. Identify the controls that are likely to detect or prevent material misstatements
d. Document that the additional audit effort to perform tests of controls exceeds the potential
reduction in substantive testing
39. Which of the following is not a step in an auditor’s decision to assess control risk below the maximum?
a. Evaluate the effectiveness of the control activity with tests of controls
b. Obtain an understanding of the entity’s control environment
c. Perform tests of details of transactions to detect material misstatements in the financial statements
d. Consider whether controls can have a pervasive effect on financial statement assertions
40. Samples to test controls are intended to provide a basis for an auditor to conclude whether
a. The controls are operating effectively
b. The financial statements are materially misstated
c. The risk of incorrect acceptance is too high
d. Materiality for planning purposes is at a sufficiently low level
41. Which of the following tests of controls most likely will help assure an auditor that goods shipped are
properly billed?
a. Scan the sales journal for sequential and unusual entries
b. Examine shipping documents for matching sales invoices
c. Compare the accounts receivables ledger to daily sales summaries
d. Inspect unused sales invoices for consecutive prenumbering
43. After obtaining an understanding of a client’s internal control, an auditor may decide not to test the
effectiveness of the computer control procedures. Which of the following is not a valid reason for
choosing to omit tests of controls?
a. The controls duplicate operative controls existing elsewhere in the system
b. There appear to be major weaknesses that would preclude assessing control risk below the
maximum level
c. The time and dollar costs of testing exceed the time and dollar savings in substantive testing if the
tests of controls show the controls to be operative
d. The operating effectiveness of controls appears to support a reduced assessment of control risk
44. When assessing control risk below the maximum level, an auditor is required to document the auditor’s
Understanding of the Entity’s Basis for Concluding That
Control Environment Control Risk is Below the Maximum Level
a. Yes No
b. No Yes
c. Yes Yes
d. No No
45. When control risk is assessed at the maximum level for all financial statement assertions, an auditor
should document the auditor’s
Understanding of the Conclusion that Basis for Concluding
Entity’s Internal Control Risk is at the that Control Risk is at the
Control Components Maximum Level Maximum Level
a. Yes No No
b. Yes Yes No
c. No Yes Yes
d. Yes Yes Yes
46. Which of the following procedures is an auditor most likely to include in the planning phase of a
financial statement audit?
a. Obtain an understanding of the entity’s risk assessment process
b. Identify specific controls designed to prevent fraud
AT Quizzer 7 “Internal Control” Page 6
c. Evaluate the reasonableness of the entity’s accounting estimates
d. Perform cutoff tests of the entity’s sales and purchases
47. After obtaining an understanding of an entity’s internal control and assessing control risk, an auditor
may next
a. Perform tests of controls to verify management’s assertions that are embodied in the financial
statements
b. Consider whether evidential matter is available to support a further reduction in the assessed level
of control risk
c. Apply analytical procedures as substantive tests to validate the assessed level of control risk
d. Evaluate whether the internal controls detected material misstatements in the financial statements
48. Which of the following procedures most likely will provide an auditor with evidence about whether an
entity’s controls are suitably designed to prevent or detect material misstatements?
a. Reperforming the controls for a sample of transactions
b. Performing analytical procedures using data aggregated at a high level
c. Vouching a sample of transactions directly related to the controls
d. Observing the entity’s personnel applying the controls
49. In assessing control risk, an auditor ordinarily selects from a variety of techniques, including
a. Inquiry and analytical procedures
b. Reperformance and observation
c. Comparison and confirmation
d. Inspection and verification
51. Which of the following procedures concerning accounts receivable is an auditor most likely to perform
to obtain evidential matter in support of an assessed level of control risk below the maximum level?
a. Observing an entity’s employee prepare the schedule of past due accounts receivable
b. Sending confirmation requests to an entity’s principal customers to verify the existence of accounts
receivable
c. Inspecting an entity’s analysis of accounts receivable for unusual balances
d. Comparing an entity’s uncollectible accounts expense with actual uncollectible accounts receivable
53. On the basis of audit evidence gathered and evaluated, an auditor decides to increase the assessed
level of control risk from that originally planned. To achieve an overall audit risk level that is
substantially the same as the planned audit risk level, the auditor would
a. Increase inherent risk c. Decrease inherent risk
b. Decrease detection risk d. Increase materiality levels
54. An auditor uses the knowledge provided by the understanding of internal control and the final assessed
level of control risk primarily to determine the nature, timing and extent of the
a. Attribute tests
b. Compliance tests
c. Tests of controls
d. Substantive tests
57. When numerous property and equipment transactions occur during the year, an auditor who plans to
assess control risk at a low level usually performs
a. Tests of controls and extensive tests of property and equipment balances at the end of the year
b. Analytical procedures for current year property and equipment transactions
c. Tests of controls and limited tests of current-year property and equipment
d. Analytical procedures for property and equipment balances at the end of the year
58. A client maintains perpetual inventory records in both quantities and pesos. If the assessed level of
control risk is too high, an auditor will probably
a. Apply gross profit tests to ascertain the reasonableness of the physical counts
b. Increase the extent of tests of controls relevant to the inventory cycle
c. Request the client to schedule the physical inventory count at the end of the year
d. Insist that the client perform physical counts of inventory items several times during the year
59. An auditor may compensate for a high assessed level of control risk by increasing the
a. Level of detection risk
b. Extent of tests of controls
c. Preliminary judgment about audit risk
d. Extent of analytical procedures
60. Regardless of the assessed level of control risk, an auditor should perform some
a. Tests of controls to determine the effectiveness of controls
b. Analytical procedures to verify the design of controls
c. Substantive tests to restrict detection risk for significant transaction classes
d. Dual-purpose tests to evaluate both the risk of monetary misstatement and preliminary control risk
********************************