Professional Documents
Culture Documents
Multiple-Choice Questions
1. Which of the following is responsible for establishing a private companys internal control?
easy a. Management.
a b. Auditors.
c. Management and auditors.
d. Committee of Sponsoring Organizations.
2. Which of the following is not one of the three primary objectives of effective internal control?
easy a. Reliability of financial reporting
d b. Efficiency and effectiveness of operations
c. Compliance with laws and regulations
d. Assurance of elimination of business risk.
3. (Public) The Public Company Accounting Oversight Board states that reasonable assurance allows a:
easy a. small likelihood of ineffective internal controls.
b b. remote likelihood that material misstatements will not be prevented or detected by
internal control.
c. likelihood that material misstatements will not be prevented or detected by internal
control.
d. high likelihood that material misstatements will not be prevented or detected by
internal control.
4. Two key concepts that underlie managements design and implementation of internal control are:
easy
c a. costs and materiality.
b. absolute assurance and costs.
c. inherent limitations and reasonable assurance.
d. collusion and materiality.
6. A major control available in a small company, which might not be feasible in a big company, is:
easy a. a wider segregation of duties.
d b. a voucher system.
c. fewer transactions to process.
d. the owner-managers personal interest and close relationship with personnel.
7. (Public) Which of the following is responsible for establishing internal controls for a public company?
easy a. Management.
a b. The PCAOB.
c. Management and auditors.
d. Committee of Sponsoring Organizations.
9. An act of two or more employees to steal assets or misstate records is frequently referred to as:
easy a. collusion.
a b. a material weakness.
c. a control deficiency.
d. a significant deficiency.
10. When the auditor attempts to understand the operation of the accounting system by tracing a few
easy transactions through the accounting system, the auditor is said to be:
c a. tracing.
b. vouching.
c. performing a walk-through.
d. testing controls.
11. (SOX) Which section of the Sarbanes-Oxley Act requires management to issue an internal control report?
easy
c a. 202
b. 203
c. 404
d. 408
12. (SOX) Sarbanes-Oxley requires management to issue an internal control report that includes two specific
easy items. Which of the following is one of these two requirements?
a a. A statement that management is responsible for establishing and maintaining an adequate
internal control structure and procedures for financial reporting.
b. A statement that management and the board of directors are jointly responsible for
establishing and maintaining an adequate internal control structure and procedures for
financial reporting.
c. A statement that management, the board of directors, and the external auditors are jointly
responsible for establishing and maintaining an adequate internal control structure and
procedures for financial reporting.
d. A statement that the external auditors are solely responsible.
13. (SOX) When management is evaluating the design of internal control, management evaluates whether
easy the control can do which of the following?
c
Detect material misstatements Correct material misstatements
a. Yes Yes
b. No No
c. Yes No
d. No Yes
14. (SOX) Internal control reports issued by public companies must identify the framework used to evaluate
easy the effectiveness of internal control. Which of the following is the most common framework in
b the U.S.?
a. Effective Internal Control Framework - AICPA
b. Internal Control - Integrated Framework - COSO
c. Enterprise Internal Control - COSO
d. Enterprise Internal Control - AICPA
15. (Public) When one material weakness is present at the end of the year, management of a public company
easy must conclude that internal control over financial reporting is:
c a. insufficient.
b. inadequate.
c. ineffective.
d. inefficient.
16. (Public) The auditors tests to understand the clients internal controls might include which of the following
easy types of procedures?
a
Observation of employees Inquiries of personnel
a. Yes Yes
b. No No
c. Yes No
d. No Yes
17. Which of managements concerns with respect to implementing internal controls is the auditor
easy primarily concerned?
b a. Efficiency of operations.
b. Reliability of financial reporting.
c. Effectiveness of operations.
d. Compliance with applicable laws and regulations.
18. Which of the following activities would be least likely to strengthen a companys internal control?
easy
b a. Separating accounting from other financial operations.
b. Maintaining insurance for fire and theft.
c. Fixing responsibility for the performance of employee duties.
d. Carefully selecting and training employees.
20. When auditing a private company, the auditor should obtain an understanding of internal control
easy sufficient to:
b a. provide reasonable protection against client fraud and defalcations by client employees.
b. assess control risk.
c. provide a basis for suggestions to the client for improving the accounting system.
d. provide a method for safeguarding assets, checking the accuracy and reliability of
accounting data, promoting operational efficiency, and encouraging adherence to
prescribed managerial policies.
Chapter 11
Multiple-Choice Questions
1. Which of the following best defines fraud in a financial statement auditing context?
easy a. Fraud is an unintentional misstatement of the financial statements.
b b. Fraud is an intentional misstatement of the financial statements.
c. Fraud is either an intentional or unintentional misstatement of the financial statements,
depending on materiality.
d. Fraud is either an intentional or unintentional misstatement of the financial statements,
depending on consistency.
2. One of the earliest frauds occurred at McKesson-Robbins. This company committed fraud by
easy doing which of the following?
b a. Reporting fictitious contributed capital.
b. Reporting fictitious sales and nonexistent inventory.
c. Reporting fictitious fixed assets and underreporting expenses.
d. Reporting expenses as capitalized items.
7. ________ is a form of earnings management in which revenues and expenses are shifted between
easy periods to reduce fluctuations in earnings.
c a. Fraudulent financial reporting
b. Expense smoothing
c. Income smoothing
d. Each of the above is correct
8. Which of the following is one of the conditions for fraud described in SAS No. 99?
easy
a Attitudes/rationalization Risk Factors Opportunities
a. Yes No Yes
b. No Yes Yes
c. Yes No No
d. No Yes No
1. IT has several significant effects on an organization. Which of the following would not be
easy important from an auditing perspective?
d a. Organizational changes.
b. The visibility of information.
c. The potential for material misstatement.
d. None of the above; i.e., they are all important.
2. The audit procedure which is least useful in gathering evidence on significant computer processes
easy is:
b a. documentation.
b. observation.
c. test decks.
d. generalized audit software.
4. One significant risk related to an automated environment is that auditors may ____ information
easy provided by an information system.
b a. not place enough reliance on
b. place too much reliance on
c. reveal
d. not understand
6. Which of the following is not an enhancement to internal control that will occur as a consequence
easy of increased reliance on IT?
d a. Computer controls replace manual controls.
b. Higher quality information is available.
c. Computer-based controls provide opportunities to enhance separation of duties.
d. Manual controls replace automated controls.
9. Old and new systems operating simultaneously in all locations is a test approach known as:
easy a. pilot testing.
d b. horizontal testing.
c. integrative testing.
d. parallel testing.
10. When the client uses a computer but the auditor chooses to use only the non-IT segment of internal
easy control to assess control risk, it is referred to as auditing around the computer. Which one of the
a following conditions need not be present to audit around the computer?
a. Computer programs must be available in English.
b. The source documents must be available in a non-machine language.
c. The documents must be filed in a manner that makes it possible to locate them.
d. The output must be listed in sufficient detail to enable the auditor to trace individual
transactions.
14. Predesigned formats, such as those used for audit documentation, can be created and saved using
easy electronic spreadsheets and word processors. These are called:
b a. desktop publishing.
b. templates.
c. macros.
d. work files.
15. ______ involves implementing a new system in one part of the organization, while other locations
easy continue to use the current system.
c a. Parallel testing
b. Online testing
c. Pilot testing
d. Control testing
16. To determine that user ID and password controls are functioning, an auditor would most likely:
easy a. attempt to sign on to the system using invalid user identifications and passwords.
a b. write a computer program that simulates the logic of the clients access control software.
c. extract a random sample of processed transactions and ensure that the transactions were
appropriately authorized.
d. examine statements signed by employees stating that they have not divulged their user
identifications and passwords to any other person.
17. When IT programs or files can be accessed from terminals, users should be required to enter a(n):
easy
d a. echo check.
b. parity check.
c. self-diagnosis test.
d. authorized password.
18. An auditors flowchart of a clients system is a graphical representation that depicts the auditors:
easy a. program for tests of controls.
b b. understanding of the system.
c. understanding of the types of errors that are probable given the present system.
d. documentation of the study and evaluation of the system.
Chapter 13
Multiple-Choice Questions
1. A listing of all the things which the auditor will do to gather sufficient, competent evidence is the:
easy
b a. audit strategy.
b. audit program.
c. audit procedure.
d. audit risk model.
2. Shown below (1 through 5) are the five types of tests which auditors use to determine whether
easy financial statements are fairly stated. Which three are substantive tests?
b 1. procedures to obtain an understanding of internal control
2. tests of controls
3. tests of transactions
4. analytical procedures
5. tests of details of balances
a. 1, 2, and 3.
b. 3, 4, and 5.
c. 2, 3, and 5.
d. 2, 3, and 4.
3. Collectively, procedures performed to obtain an understanding of the entity and its environment,
easy including internal controls, represent the auditors:
c a. audit strategy.
b. tests of controls.
c. risk assessment procedures.
d. tests of transactions.
4. For efficiency, tests of controls are frequently done at the same time as:
easy a. analytical procedures.
c b. compliance tests.
c. tests of transactions.
d. tests of details of balances.
5. Which of the following procedures are frequently performed in response to the auditors
easy assessment of the risk of material misstatement?
c a. Ratio analysis
b. Tests of controls
c. Tests of details of balances
d. Risk assessment procedures
9. In the context of an audit of financial statements, substantive tests are audit procedures that:
easy a. may be eliminated under certain conditions.
c b. are designed to discover significant subsequent events.
c. may be either tests of transactions, tests of balances, or analytical tests.
d. will increase proportionately with the auditors reliance on internal control.