Study sets, textbooks, questions
Upgrade to remove ads
Becker Audit 3
Terms in this set (60)
Before the successor auditor accepts the engagement, what communication between predecessor and successor auditor should be made?
*Obtain client's permission to make inquiries of the predecessor auditor
*Specific inquiries include:
-Info that might bear on management integrity
-Disagreements with mgmt over acct principles, auditing procedures, or other similarly significant matters
-The predecessor's understanding as to the reasons for the change of auditors; and
-Communication to audit committees/those charged with governance regarding fraud, illegal acts by clients, and matters relating to internal control
After accepting the engagement, what communication between predecessor and successor auditor can be made?
The successor auditor may:
-Make specific inquiries regarding matters that may affect the conduct of the audit (e.g. audit problems).
-Review the predecessor's audit docs related to matters of continuing accounting and auditing significance.
Note that the successor should not make reference to the work of the predecessor as the basis for the opinion.
What should the auditor assess when considering the firm's client acceptance and continuance policies?
The auditor should assess:
-The firm's ability to meet reporting deadlines.
-The firm's abilility to staff the engagement.
-Integrity of client management.
What factors affect the "auditability" of a client?
-The availability and adequacy of accounting records.
-Management's attitude toward the internal control environment.
What topics should be included in an understanding between the auditor and the client? What is the purpose of establishing such an understanding?
An understanding should include:
-Limitations of the engagement
-Other matters, such as timing, client assistance, fees and billing, etc.
The purpose of establishing an understanding is to reduce the risk of misunderstanding. Note that an engagement letter documenting the understandability is a presumptively mandatory requirement under GAAS.
What are presented by management in financial statements about which the auditor gathers evidence?
The financial statements are not statements of fact. They present management's assertions or claim, made implicitly or explicitly, about the recognition, measurement, presentation, and disclosure of information in the financial statements.
Name the six main financial statement assertions for nonissuer and issuers.
COVERU and CVERD
Completeness; Cut-Off; Valuation, allocation, and accuracy; Existence and occurence; Rights and obligations; Understandability and classification (COVERU)
Completeness; Valuation or allocation; Existence and occurrence; Rights and obligations; and presentation and Disclosure (CVRD)
Name the relevant assertions for "transactions and events."
-(Proper period) Cut-off
Name the relevant assertions for "account balances."
-Allocation and Valuation
-Rights and Obligations
Name the relevant assertions for "presentation and disclosure"
-Understandability and Classification
-Rights and Obligations, and Occurrence
-Valuation and Accuracy
What is the audit strategy?
The audit strategy outlines the scope of the audit engagement, the reporting objectives, timing of the audit, and required communications, and the factors that determine the focus of the audit. The audit strategy also includes a preliminary assessment of materiality and tolerable misstatement.
What does materiality and tolerable misstatement mean with respect to the independent audit?
Materiality is the amount of error or omission that would affect the judgment of a reasonable person. Materiality is reflected in the auditor's report by the phrase "present fairly in all material respects." The auditor uses judgment to set an initial level of materiality, and to revise it appropriately throughout the audit.
Tolerable misstatement is the maximum error in a population that the auditor is willing to accept.
What is an audit plan?
A written audit plan (required) is a listing of audit procedures that the auditor believes are necessary to accomplish the objectives of the audit.
What should be included in each step of the audit plan?
(We cast our NET over the audit!)
Each step of the audit plan should set out the procedures in detail, specifying the nature, extent, and timing of the work to be performed and including a reference to the assertion under consideration.
Nature, Extent, Timing
List the three types of audit procedures and tell why each is used.
Risk assessment procedures-to obtain an understanding of the entity and its environment, including its internal control.
Test of controls-to evaluate the operating effectiveness of internal control in preventing or detecting material misstatement.
Substantive procedures-to detect material misstatements in the financial statements.
What are the responsibilities of assistants when there are disagreements?
Assistants have a responsibility to exercise due professional care and to observe the standards of fieldwork. They should bring any disagreements with the conduct of the audit to the attention of the auditor-in-charge.
The assistant also has the right to document the disagreement and to be disassociated from the opinion.
What factors determine the amount of reliance an independent auditor may place on the work of internal auditors?
The following factors affect the amount of reliance:
-The objectivity of internal auditors (level of reporting within the organizational structure)
-The competence of internal auditors
-An evaluation of the work performed by the internal auditors
Note that the external auditor remains solely responsible for the audit report, and may not share judgment responsibility with the internal auditor.
Should an auditor refer to the work of a specialist in the auditor's report?
Generally, in the case of a standard, unqualified opinion, no reference is made to the work of a specialist. If, however, the auditor chooses to add an explanatory paragraph or must depart from an unqualified opinion due to the work of the specialist, reference to the specialist may be made.
Under the ISAs, the auditor should obtain permission from the specialist before making reference to the specialist in the report.
Under PCAOB standards, what factors affect the nature and extent of necessary planning activities?
-The size and complexity of the company
-The auditor's previous experience with the company
-Changes in circumstances that occur during the audit
According to PCAOB standards, what factors indicate less complex operations?
-Fewer business lines
-Less complex business processes and financial reporting systems
-More centralized accounting functions
-Extensive involvement of senior management in day to day operations
-Fewer levels of management
According the PCAOB standards, the engagement partner is responsible for:
-Planning the audit
-Supervising the work of engagement team members
-Complying with PCAOB standards
Under PCAOB standards, what factors should be taken into account when determining the extent of supervision?
-The nature of the company
-The nature of the work assigned to each engagement team member
-The risk of material misstatement
-The knowledge, skill, and ability of each engagement team member
Distinguish between known and likely misstatements.
Known misstatements are specific misstatements identified during the audit.
Likely misstatements are misstatements that the auditor considers likely to exist, even though a specific misstatement has not been identified.
What is audit risk? List and define the two elements of audit risk.
Audit risk is the risk that the auditor may unknowingly fail to modify appropriately the opinion on financial statements that are materially misstated. It is comprised of:
-Risk of material misstatement: The risk that the financial statements are materially misstated.
-Detection risk: The risk that the auditor will not detect a material misstatement that exists in a relevant assertion.
State the audit risk model including the relationship of detection risk to substantive tests.
AR = RMM x DR
RMM=Risk of material misstatement
Note that as the acceptable level of detection risk increases, the assurance required from substantive tests decreases. As the acceptable level of detection risk decreases, the assurance required from substantive testing must increase.
What are the two components of the risk of material misstatement?
Inherent risk-The susceptibility of a relevant assertion to a material misstatement assuming there are no related controls.
Control risk-The risk that a material misstatement that could occur in a relevant assertion will not be prevented or detected in a timely basis by the entity's internal control.
What is the difference between error and fraud?
State the auditor's responsibility to detect errors and fraud.
An error is an unintentional misstatement or omission of amounts or disclosures in the financial statements.
Fraud is an intentional action that results in misstatements or omissions of financial information with the intent to deceive financial statement users.
The auditor must plan and perform the audit to provide reasonable assurance about whether the financial statements are free of material misstatement, whether due to fraud or error.
Name the two types of fraud.
1. Fraudulent financial reporting
2. Misappropriation of assets, or defalcation
What fraud risk factors are generally present when fraud occurs?
The three conditions that generally are present when fraud occurs are: incentives/pressures, opportunity, and rationalization/attitude. The auditor identifies and evaluates these fraud risk factors as part of assessing the risk of material misstatement due to fraud.
Define illegal acts.
Violations of laws or governmental regulations committed by the entity or by company personnel acting on behalf of the entity.
State the auditor's response to detect illegal acts.
-Consider the effects of the illegal act on the financial statements;
-Evaluate the materiality of the illegal act, considering quantitative and qualitative factors;
-Evaluate the disclosures of loss contingencies, including possible fines, penalties, and damages;
-Consider the implications for other areas of the audit; and
-Communicate the illegal act to those charged with governance.
Why is the auditor required to obtain an understanding of the entity and its environment?
To assess the risk of material misstatement and to make informed judgments about other audit matters such as:
-Materiality and tolerable misstatement
-The entity's selection and application of accounting procedures
-Areas that require special audit consideration
-Design and performance of further audit procedures
What steps should the auditor perform in assessing and responding to risk?
1. Obtain an understanding of the entity and its environment, including its internal control.
2. Assess the risk of material misstatement.
3. Respond to the assessed level of risk by designing further audit procedures based on this assessment.
4. Test internal controls to evaluate their operating effectiveness.
5. Perform substantive tests.
6. Evaluate the sufficiency and appropriateness of audit evidence obtained.
What risk assessment procedures should the auditor use to obtain an understanding of the entity and its environment?
Risk assessment procedures include:
-Observation and inspection
-Risk assessment discussion
What factors should be examined when obtaining an understanding of the entity and environment?
When obtaining an understanding of the entity and environment the auditor should understand:
-Industry, regulatory, and other external factors
-The nature of the entity
-Objectives, strategies, and business risks
-The entity's financial performance
-The company's selection and application of accounting principles (issuer audits-PCAOB standards)
What are analytical procedures?
Evaluations of financial information made by a study of plausible relationships among both financial and non-financial data (e.g., ration analysis).
Note: Analytical procedures are required in the planning and final review stages of an audit. They may be used (but are not required) in substantive testing.
For what purposes are analytical procedures used in the audit planning phase?
Analytical procedures are used in planning the audit to understand the client's business and to identify unusual transactions and events, amounts, ratios, or trends that mights represent specific risks relevant to the audit.
What are the objectives of internal control?
-To promote efficiency and effectiveness of operations
-To ensure reliable financial reporting
-To encourage compliance with applicable laws and regulations
What are some inherent limitations of internal control?
Errors may be made in the performance of control procedures.
Collusion provides a way to bypass controls related to segregation of duties.
Top management can override internal controls.
Segregation of duties may be difficult to achieve in a smaller entity.
What are the components of internal control?
Information and communication systems
Existing control activities
Why is the control environment particularly important to internal control?
The control environment sets the tone of an organization, influencing the control consciousness of its people, and providing the foundation for the other components of internal control.
What factors are included in the control environment?
-Communication and enforcement of integrity and ethical values
-Management's commitment to competence
-Participation of those charged with governance
-Management's philosophy and operating style
-Assignment of authority, responsibility, and accountability
-Human resources policies and procedures
Describe the "risk assessment" component of internal control.
Risk assessment is an entity's identification and analysis of risks to achievement of its objectives with respect to financial reporting. Risk assessment involves identification, analysis and management of risks relevant to the preparation of financial statements.
What functions are served by an entity's information system with respect to financial reporting?
-Identify and record all valid transactions.
-Describe transactions in a timely manner and in sufficient detail to allow proper classification.
-Measure and record the proper monetary value of transactions.
-Determine and ensure proper recording of transactions and events in the appropriate time period.
-Present transactions and related disclosures properly in the financial statements.
What functions should and auditor understand about an entity's communication system with respect to financial reporting?
-The methods used to communicate roles, responsibilities, and significant matters related to financial reporting.
-Communication between management and those charged with governance, and between management and external parties.
What activities may be considered part of the monitoring component of internal control?
The monitoring process may include:
-Management and supervisory activities
-Separate internal control evaluations
-The internal audit function
-Evaluation of communications from external parties
Name some control activities that are relevant to an audit.
Prenumbering of documents
Authorization of transactions
Independent checks to maintain asset accountability
Timely and appropriate performance reviews
Information processing general and application controls
Physical controls for safeguarding assets
Segregation of duties
What functions should be segregated?
Segregation of duties is your ARC to protect against a flood of troubles.
Maintaining Custody of the related assets
Why does an auditor obtain an understanding of the client's internal control?
An auditor obtains an understanding of internal control to evaluate the design of controls and determine whether they have been implemented, to assess the risk of material misstatement, and to design the nature, extent, and timing of further audit procedures.
When are a service organization's services considered to be part of an entity's information system?
A service organization's services are considered to be part of an entity's information system when those services affect the initiation, execution, processing, or reporting of the user company's transactions.
What two types of reports may a service auditor provide, and what is the difference in how the user auditor may use them?
The service auditor may provide a "Report on Management's Description of the Service Organization's System and the Suitability of the Design and Operating Effectiveness of Controls (Type 2 Report)" or simply a "Report on Management's of the Service Organization's System and the Suitability of the Design of Controls (Type 1 Report)." The former may support a reduction in the assessed level of control risk where the latter does not.
What steps should the auditor take in designing the nature, extent, and timing of further audit procedures?
The auditor uses his/her understanding of the entity and environment, including internal control to:
-Identify types of potential material misstatements.
-Consider the factors that affect the risk of material misstatement.
-Design test of controls, when applicable.
-Design substantive procedures.
What are the two ways in which an auditor should respond to assessed risk?
1. An overall response, to address risk at the FS level.
2. A response at the relevant assertion level.
What is a significant risk?
A significant risk is one that requires special audit consideration. The following factors may be indicative of a significant risk:
-Nonroutine, unusual, or complex transactions.
-Business risks that may result in material misstatement.
-Significant related party transactions.
-Accounting estimates or other subjective measurements of financial information.
-Accounting principles that are subject to different interpretations.
What are the documentation requirements surrounding the auditor's assessment of risk?
The auditor should document the:
-Discussion among the audit team.
-Understanding of the entity and its environment, including its internal control.
-Assessment of the risks of material misstatement.
-Basis for the risk assessment.
-Identified risks and related controls evaluated.
What are the two approaches an auditor may use to respond to identified risks at the relevant assertion level?
Substantive approach--only substantive tests are used, either because there are no effective controls, or because it would not be efficient to test the operating effectiveness of controls.
Combined approach--tests of the operating effectiveness of control and tests of substantive procedures are both used.
When are tests of controls applied?
When the auditor's risk assessment is based on the assumption that controls are operating effectively,
When substantive procedures alone are insufficient, such as when there is a significant amount of electronic processing.
How does the auditor's assessment of the risk of material misstatement affect the substantive procedures?
-The auditor's determination that the risk of material misstatement is high necessitates a greater level of assurance from substantive procedures, which may be obtained by varying the nature, extent, or timing of such procedures.
-The auditor's determination that the risk of material misstatement is low allows a reductions in the assurance required from substantive procedures. This too may be accomplished by varying the nature, extent, or timing of such procedures.
What are the documentation requirements surrounding the auditor's response to assessed risk?
The auditor should document the:
-Overall response addressing assessed risk at the FS level.
-Nature, extent, and timing of further audit procedures.
-Linkage of further audit procedures with assessed risk at the relevant assertion level.
-Results of audit procedures.
-Conclusions reached regarding the use of prior period evidence.
Under PCAOB standards, what factors are relevant to the conclusion that sufficient appropriate evidence has been obtained?
-The significance of uncorrected misstatements ad the likelihood of their having a material effect on the financial statements
-The results of audit procedures performed
-The auditor's risk assessment
-The appropriateness of the evidence obtained
88) Brand imagery is a consumer's emotional response and reaction with respect to the brand.
83) Choosing and implementing an emerging information system is not sufficient to gain or sustain competitive advantage.
The first-line management of a firm includes managers who supervise lower-level managers and report to a higher-level manager.
52. Which type of operation is used to produce many different products with varying process requirements in lower volumes?
Sets found in the same folder
Becker Audit 4
Becker Audit 6
Becker Audit 2
Becker Audit 5
Sets with similar terms
Becker Audit 3
Other sets by this creator
Becker Auditing 1 - Audit Reports
Becker Auditing 1 - Audit Reports
Business Structure Notes RR2
Final BEC Review