Busy. Please wait.
or

show password
Forgot Password?

Don't have an account?  Sign up 
or

Username is available taken
show password

why


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account.
We do not share your email address with others. It is only used to allow you to reset your password. For details read our Privacy Policy and Terms of Service.


Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.
Don't know
Know
remaining cards
Save
0:01
To flip the current card, click it or press the Spacebar key.  To move the current card to one of the three colored boxes, click on the box.  You may also press the UP ARROW key to move the card to the "Know" box, the DOWN ARROW key to move the card to the "Don't know" box, or the RIGHT ARROW key to move the card to the Remaining box.  You may also click on the card displayed in any of the three boxes to bring that card back to the center.

Pass complete!

"Know" box contains:
Time elapsed:
Retries:
restart all cards
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

Auditing Test 2

QuestionAnswer
The successor auditor must contact the predecessor auditor before entering into contract. What are the 4 questions you must ask them? 1. What is your opinion of mgmt's integrity? 2. Were there any disagreements with clients about GAAP or GAAS? 3. If the prev auditor had any reqd communications with the audit committee. Were there any illegal acts? 4. Why are you no longer the auditor
Does the predecessor auditor need to answer your questions? The predecessor is req'd to answer promptly and honestly.
The engagement letter Does not have to be in writing but it is strongly recommended that it be in writing.
What type of knowledge should the auditor obtain about the client and it's industry? Organizational structure, locations, products and services, any difficult acct areas, management's philosophy, payroll structure (how upper mgmt is compensated), large turnover rate in the acct dept, the acct info sys used, I/C the client has in place.
Perform analytical procedures. Ratio analysis and trend analysis. This is to identify areas with possible problems to be looked at further.
What are the auditor's responsibilities when obtaining a new client? 1. Client acceptance/continuance 2. Obtain knowledge about client and it's industry. 3. Perform analytical procedures 4. Identify client assertions 5. Establish prelim materiality. 6. Assess components of A/R 7. Assess fraud risk. 8. Write audit pr
What does the audit program do? Gives experienced auditor guideline and can be used as a checklist. It allows to figure out composition of audit team.
What is audit risk? The risk that we give the wrong opinion.
How can you determine audit risk? Inherent Risk x Control Risk x Tolerable level of detection risk.
Control risk and tolerable level of detection risk are inverse. Control Risk- Low Tolerable level of detection risk- High and vice versa.
What is inherent risk? The risk there are material misstatements, assuming there are no internal controls in place. Some industries have more IR than others.
What is control risk? The risk the I/C will not catch material misstatements. There will always be some risk present.
What is detection risk? The risk the I/C will not catch material misstatements.
What are internal controls? Policies and procedures that: 1. safeguard assets (from theft and damage) 2. improve the accuracy of accounting records. 3. Ensure compliance with laws and regulations. 4. Improve the efficiency and effectiveness of operations.
What does SOX think about I/C? They must have a recognizable and acceptable framework.
COSO Develop an acceptable system for internal controls.
CRIME c- Control activities r- Risk assessment i- information systems m- monitoring e- environment
Control activities Policies and procedures that are in place
Risk assessment the company assesses their own risk
Information Systems Accounting information system, communication system
Monitoring management monitoring compliance
Environment (Control Environment) Overall value management places on Internal Controls.
What is management responsible for? Having an effective system of internal controls, constantly be assessing risk and internal controls, must think about how much they are willing to spend on I/Cs.
What is the auditor responsible for? Obtaining an understanding of internal controls and document understanding. (Flow chart, questionaire, must be in writing, narrative).
Assess Control Risk Maximum- Few tests of controls. Extensive substantive controls. Less than maximum- More tests of controls, fewer substantive tests
Opinion of Internal Controls Unqualified or adverse
Reportable Condition Significant deficiency or material weakness in client's I/Cs. As soon as they are found management must be notified immediately.
What is fraud? theft of manipulating numbers on the F/S.
What is professional skepticism? We can not assume that management is completely dishonest.
Fraud standard requires brainstorming How could fraud occur for this client?
Fraud standard requires utilizing the fraud triangle The fraud triangle includes incentives or pressures, opportunities, and attitude/rationalization.
How do opportunities occur? From poor or nonexistent internal controls.
How do you utilize the fraud triangle? If any 2 of 3 points on fraud triangle are present, you must increase fraud risk.
What does the fraud standard require from management and the board of directors? Ask management and the board of directors if they know about or suspect fraud and how they look for fraud and if there is code of conduct.
What if no code of conduct is in place? We have found a direct effect illegal act.
The fraud standard requires analytical procedures
The fraud standard requires that you assess fraud risk - revenue recognition - if we observe mgmt overriding internal controls. Anytime management doesn't pay attention to internal controls.
The fraud standard requires must always look at: - unusual transactions - accounting estimates - adjusting entries
The fraud standard requires that you build unpredictability into the audit.
What if we found fraud? Talk to BOD and mgmt one level above whoever is involved in the fraud and we tell them about the situation and that they must fix it. If they do we can give an unqualified opinion. If they didn't we will give qualified or adverse opinion.
What are the physical controls? Physically keeping the computers safe. -locks, temperature, fire control, camera, guards, gps
What are access controls? passwords, firewalls, sign in sheet, encryption
What are input controls? drop down menus, validation tests (record count, hash total), immediate notification if the wrong info is input, limit controls (ex. limit in cash drawer)
What are processing/storage? -back-up (maybe third party) -disaster recovery plan (worst case scenario) must test this plan -Error report - Reconciliation
What are output controls? - Screen protector - position of monitor - edit report - access report
What if a client is sophisticated in IT? The more sophisticated a client is in IT, the more expertise is needed.
Different IT environments -stand alone computers -network (LAN and WAN) -SAP (database management system) -E-commerce -Outsourced IT
Approaches - Audit around the computer - Audit through the computer (test data approach, parallel simulation, embedded audit module approach)
Must you mention a specialist in the audit report? If you change your opinion based on what specialist said, must mention them in audit report.
Created by: olinchristy