Advertisement Upgrade to remove ads

Quiz

The requirements of Section 404 of the Sarbanes-Oxley Act of 2002 apply to
A) All companies that are subject to an independent audit.
B) Most publicly-held companies.
C) All privately-held companies.
D) All companies with sales in excess of $500 million.

The requirements of Section 404 of the Sarbanes-Oxley Act of 2002 apply to:
B) Most publicly-held companies.

The role of the registered independent auditing firm relative to its clients' internal controls under the Sarbanes-Oxley Act of 2002 is to:
A) Express an opinion on whether the client is subject to all provisions of the Securities Exchange Act of 1934.
B) Express an opinion on the effectiveness of the entity's internal control.
C) Report to both the PCAOB and SEC those clients with unsatisfactory internal controls.
D) Provide report feedback but disclaim an opinion on management's assessment.

The role of the registered independent auditing firm relative to its clients' internal controls under the Sarbanes-Oxley Act of 2002 is to:
B) Express an opinion on the effectiveness of the entity's internal control.

Which of the following statements concerning control deficiencies is true?
A) Auditors are required to report all control deficiencies to the audit committee.
B) A control deficiency is a type of significant deficiency.
C) Significant deficiencies are a subset of material weaknesses that must be reported to the public.
D) The two dimensions of control deficiencies are likelihood of occurrence and magnitude.

D) The two dimensions of control deficiencies are likelihood of occurrence and magnitude.

Which of the following steps or procedures is least likely to be performed as part of management's assessment of the effectiveness of internal controls?
A) Engaging the external auditors to conduct cutoff tests.
B) Determining the locations or business units to be evaluated.
C) Evaluating the design effectiveness and operating effectiveness of selected controls.
D) Communication of its findings to the external auditors.

A) Engaging the external auditors to conduct cutoff tests
is least likely to be performed as part of management's assessment of the effectiveness of internal controls

Which of the following statements is false concerning the audit requirements of the Sarbanes-Oxley Act of 2002 and AS5 related to internal controls?
A) Management's report should state its responsibility for establishing and maintaining effective internal control.
B) Management should identify material weaknesses in its report.
C) The auditor should evaluate whether the internal controls are effective in accurately and fairly reflecting the client's transactions.
D) The auditor should provide recommendations to the audit committee for improving internal control as part of the auditor's assessment.

D) The auditor should provide recommendations to the audit committee for improving internal control as part of the auditor's assessment.

Which of the following types of audit reports would not be appropriate for an auditor to issue on the effectiveness of a client's internal controls?
A) Unqualified [no material weaknesses identified].
B) Adverse [a material weakness exists].
C) Qualified [a significant deficiency exists].
D) Disclaimer [unable to perform key audit procedures].

C) Qualified [a significant deficiency exists]
would not be appropriate for an auditor to issue on the effectiveness of a client's internal controls

Which of the following statements best describes how the requirements under Sarbanes-Oxley changed the auditor's responsibility for issuing an opinion in connection with the audits of most public companies?
A) CPA firms are now required to add a second opinion related to the timeliness of the financial information provided to the public in addition to an opinion on the overall fairness of the financial statements.
B) CPA firms are required to rely less on their own direct evidence to support their opinion regarding the effectiveness of controls.
C) CPA firms are now required to issue a second opinion related to their evaluation of the effectiveness of internal controls in addition to an opinion on the overall fairness of the financial statements.
D) While the CPA firm is required to issue an additional opinion, that opinion is for client use only and does not need to be made available in the company annual report.

C) CPA firms are now required to issue a second opinion related to their evaluation of the effectiveness of internal controls in addition to an opinion on the overall fairness of the financial statements.

With regard to clients that have locations or business units that are judged to have financial reporting risks, the auditor
A) Need not perform any audit procedures.
B) Must first determine whether those risks are adequately addressed by entity-level controls.
C) Must first determine whether the internal audit staff has performed testing at such locations.
D) Must first evaluate the risk of financial reporting fraud.

With regard to clients that have locations or business units that are judged to have financial reporting risks, the auditor
B) Must first determine whether those risks are adequately addressed by entity-level controls.

Generalized audit software (GAS) would likely be used in the audit of accounts receivable for all of the following except:
A) Selection and printing of sample accounts to be confirmed.
B) Identifying weaknesses in the documentation of client controls.
C) Performing analytical procedures using client's trial balance data.
D) Recomputing an estimate of the allowance for doubtful accounts based on an accounts receivable aging analysis.

Generalized audit software (GAS) would likely be used in the audit of accounts receivable for all of the following except:
B) Identifying weaknesses in the documentation of client controls.

Which of the following statements is false regarding the use of the test data approach in the evaluation of an accounting system?
A) The test data should consist of only valid conditions.
B) Only one transaction generally needs to be tested.
C) The test data should consist of only those valid and invalid conditions of interest to the auditor.
D) The test data should be processed on the client's operating system under the auditor's control.

A) The test data should consist of only valid conditions
is false regarding the use of the test data approach in the evaluation of an accounting system

All of the following factors should be considered by the auditor when deciding on the extent of controls testing except:
A) The nature of the control to be tested.
B) The time the auditor has to test controls before a report must be issued.
C) The frequency with which the control is applied.
D) The importance of the control.

B) The time the auditor has to test controls before a report must be issued.

Place the following steps in the top-down, risk-based approach to the audit of ICFR in their proper order:
1. Identify significant accounts and disclosures and their relevant assertions.
2. Select controls to test
3. Understand likely sources of misstatement.
4. Identify entity level controls
A) 1, 2, 3, 4
B) 4, 1, 3, 2
C) 4, 2, 1, 3
D) 3, 4, 1, 2

4. Identify entity level controls
1. Identify significant accounts and disclosures and their relevant assertions.
3. Understand likely sources of misstatement.
2. Select controls to test

All of the following controls may address the risk of fraud and management override except:
A) Controls over related-party transactions.
B) Controls over period-end adjusting entries.
C) Controls related to significant management estimates.
D) Controls related to executive compensation.

D) Controls related to executive compensation.

Which of the following is not a requirement for management under Section 404 of the Sarbanes-Oxley Act of 2002?
A) Guarantee effectiveness of the entity's ICFR.
B) Accept responsibility for the effectiveness of the entity's ICFR.
C) Support the evaluation of the entity's ICFR with sufficient evidence, including documentation.
D) Present a written assessment regarding the effectiveness of the entity's ICFR as of the end of the most recent fiscal year.

A) Guarantee effectiveness of the entity's ICFR.
is not a requirement for management under Section 404 of the Sarbanes-Oxley Act of 2002

"Remediation" refers to
A) Management's required annual communication to the Audit Committee regarding changes in the ICFR.
B) The auditor's required annual communication to the Audit Committee regarding weaknesses found in the ICFR.
C) Management's testing of a new control designed to eliminate a previous material weakness.
D) Corrective actions taken by management to eliminate a material weakness.

"Remediation" refers to
D) Corrective actions taken by management to eliminate a material weakness.

Please allow access to your computer’s microphone to use Voice Recording.

Having trouble? Click here for help.

We can’t access your microphone!

Click the icon above to update your browser permissions above and try again

Example:

Reload the page to try again!

Reload

Press Cmd-0 to reset your zoom

Press Ctrl-0 to reset your zoom

It looks like your browser might be zoomed in or out. Your browser needs to be zoomed to a normal size to record audio.

Please upgrade Flash or install Chrome
to use Voice Recording.

For more help, see our troubleshooting page.

Your microphone is muted

For help fixing this issue, see this FAQ.

Star this term

You can study starred terms together

NEW! Voice Recording

Create Set