Chapter 7 Audit Planning: Assessment of Control Risk 96

Audit Planning:

Assessment of Control Risk

MULTIPLE CHOICE:
1.

Which of the following is ordinarily considered a test of
internal control procedures?
a.
Send confirmation letters to banks.
b.
Count and list cash on hand.
c.
Examine signatures on checks.
d.
Obtain or prepare reconciliations of bank accounts as
of the balance sheet date.
ANSWER:

2.

When obtaining an understanding of an entity's control
environment, an auditor should concentrate on the substance
of management's policies and procedures rather than their
form because
a.
The auditor may believe that the policies and
procedures are inappropriate for that particular

entity.
b.
The board of directors may not be aware of
management's attitude toward the control environment.
c.
Management may establish appropriate policies and
procedures but not act on them.
d.
The policies and procedures may be so weak that no
reliance is contemplated by the auditor.
ANSWER:

3.

C

C

After the study and evaluation of a client's internal
control policies and procedures has been completed, an
auditor might decide to
a.
Increase the extent of substantive testing in areas
where the internal control policies and procedures are
strong.
b.
Reduce the extent of control testing in areas where the
internal control policies and procedures are strong.
c.
Reduce the extent of both substantive and control

testing in areas where the internal control policies
and procedures are strong.
d.
Increase the extent of substantive testing in areas
where the internal controls are weak.
ANSWER:

D


97

4.

Chapter 7 Audit Planning: Assessment of Control Risk
A conceptually logical approach to the auditor's evaluation
of internal accounting control consists of the following
four steps:
I.
Determine whether the necessary procedures are
prescribed and are being followed satisfactorily.
II. Consider the types of errors and fraud that could
occur.
III. Determine the internal control policies and procedures
that should prevent or detect errors and fraud.
IV. Evaluate any weakness to determine its effect on the
nature, timing, or extent of auditing procedures to be
applied and suggestions to be made to the client.
What should be the order in which these four steps are
performed?

a.
III, IV, I, II
b.
III, I, II, IV
c.
II, III, I, IV
d.
II, I, III, IV
ANSWER:

5.

An auditor evaluates the existing internal control
in order to
a.
Determine the extent of substantive tests which must be
performed.
b.
Determine the extent of control tests which must be
performed.
c.
Ascertain whether irregularities are probable.
d.
Ascertain whether any employees have incompatible
functions.
ANSWER:

6.

C


A

The auditor is studying internal control policies and
procedures within the sales, shipping, and billing subset of
the revenue cycle. Which of the following conditions
suggests a need for additional testing of controls?
a.
Internal control is found to be weak with regard to
shipping and billing.
b.
Internal control over sales, billing, and shipping
appears strong, but 80% of sales revenue is
attributable to three major customers.
c.
Internal control over billing and shipping is thought
to be strong and the auditor considers additional
testing of selected controls will result in a major
reduction in substantive testing.


Chapter 7 Audit Planning: Assessment of Control Risk
d.

Internal control over the recording of sales is found
to be weak and the sales are evenly divided among a
large number of customers.

ANSWER:
7.


A

In studying the design and implementation of a client's
internal controls, the auditor needs to identify necessary
control points. Controls existing at these points may be
classified as "accuracy" controls and "safeguard" controls.
Which of the following controls may be regarded as a
safeguard control?
a.
b.
c.
d.

In processing sales orders, the computer is programmed
to compare the customer's credit limit minus the prior
balance with the current sales order amount.
Sales prices are stored in computer memory and are
automatically applied as stock numbers are entered from
customer orders.
Although the payroll is prepared manually, a second
employee recalculates gross pay, withholdings, and net
pay.
Negotiable securities are kept in a locked vault and
are accessible only by the treasurer accompanied by one
of her assistants.

ANSWER:
9.


C

A secondary objective of the auditor's study and evaluation
of internal control is that the study and evaluation provide
a.
A basis for constructive suggestions concerning
improvements in internal control.
b.
A basis for reducing the auditor's assessed level of
control risk below the maximum level.
c.
An assurance that the records and documents have been
maintained in accordance with existing company policies
and procedures.
d.
A basis for determination of the resultant extent of
the tests to which auditing procedures are to be
restricted.
ANSWER:

8.

98

D

The auditor's review of the client's internal control is
documented in order to substantiate
a.
Conformity of the accounting records with generally

accepted accounting principles.


99

Chapter 7 Audit Planning: Assessment of Control Risk
b.
c.
d.

Representation as to adherence to requirements of
management.
Representation as to compliance with generally accepted
auditing standards.
The fairness of the financial statement presentation.

ANSWER:
10.

An internal control questionnaire indicates that an approved
receiving report is required to accompany every check
request for payment of merchandise. Which of the following
procedures provides the greatest assurance that this control
is operating effectively?
a.
Select and examine canceled checks and ascertain that
the related receiving reports are dated no earlier than
the checks.
b.
Select and examine canceled checks and ascertain that

the related receiving reports are dated no later than
the checks.
c.
Select and examine receiving reports and ascertain that
the related canceled checks are dated no earlier than
the receiving reports.
d.
Select and examine receiving reports and ascertain that
the related canceled checks are dated no later than the
receiving reports.
ANSWER:

11.

B

When considering internal control, an auditor must be aware
of the concept of reasonable assurance which recognizes that
a.
The employment of competent personnel provides
assurance that the objectives of internal control will
be achieved.
b.
The establishment and maintenance of a system of
internal control is an important responsibility of the
management and not of the auditor.
c.
The cost of internal control should not exceed the
benefits expected to be derived from internal control.
d.

The segregation of incompatible functions is necessary
to obtain assurance that the internal control is
effective.
ANSWER:

12.

C

C

Statement on Auditing Standards No. 60 requires the auditor
to communicate "reportable conditions" to the audit
committee of the board of directors or, in the absence of an


Chapter 7 Audit Planning: Assessment of Control Risk

100

audit committee, to a body having similar oversight
authority. Of the following, which does not represent a
reportable condition?
a.
Bank accounts have not been reconciled in the last nine
months, including the last month of the fiscal year.
b.
The corporate controller, unknown to the board of
directors, has submitted her resignation effective two
months from now.

c.
Perpetual inventory records contain numerous errors and
can no longer be relied upon to reflect proper
inventory levels.
d.
Although documents are prenumbered, they are not
safeguarded and are not being used in numerical
sequence.
ANSWER:
13.

In connection with the examination of financial statements
by an independent auditor, the client suggests that members
of the internal audit staff be utilized to minimize audit
costs. Which of the following tasks could most
appropriately be delegated to the internal audit staff?
a.
Selection of accounts receivable for confirmation,
based upon the internal auditor's judgment as to how
many accounts and which accounts will provide
sufficient coverage.
b.
Preparation of schedules for negative accounts
receivable responses.
c.
Evaluation of the internal control for accounts
receivable and sales.
d.
Determination of the adequacy of the allowance for
doubtful accounts.

ANSWER:

14.

B

B

An auditor uses the knowledge provided by the understanding
of internal control and the final assessed level of control
risk primarily to determine the nature, timing, and extent
of the
a. Attribute tests.
b. Compliance tests.
c. Tests of controls.
d. Substantive tests.
ANSWER:

D


101

15.

Chapter 7 Audit Planning: Assessment of Control Risk
Flowcharting as a means of internal control evaluation
provides the following advantage over the use of
questionnaires and descriptive narratives:
a.

Ease of preparation.
b.
Comprehensive coverage of controls.
c.
Simplicity.
d.
Ease in following information flow.
ANSWER:

16.

Which of the following factors most likely affects the
auditor's judgment about the quantity, type, and content of
working papers?
a.
The effectiveness of the existing internal control.
b.
The content of the client's representation letter.
c.
The timing of substantive tests completed prior to the
balance sheet date.
d.
The usefulness of the working papers as a reference
source for the client.
ANSWER:

17.

A


If the independent auditors decide that the work performed
by the internal auditor may have a bearing on their own
procedures, they should consider the internal auditor's
a.
Competence and objectivity.
b.
Efficiency and experience.
c.
Independence and review skills.
d.
Training and supervisory skills.
ANSWER:

18.

D

A

An auditor's purpose for further testing of internal control
procedures is to
a.
Provide a basis for reducing the assessed level of
control risk below that which resulted from the
auditor's initial understanding of internal control.
b.
Reduce the risk that errors or fraud which are not
prevented or detected by internal control are not
detected by the independent audit.
c.

Provide assurance that transactions are executed in
accordance with management's authorization and accessed
to assets is limited by a segregation of functions.
d.
Provide assurance that transactions are recorded as
necessary to permit the preparation of the financial
statements in conformity with GAAP.


Chapter 7 Audit Planning: Assessment of Control Risk
ANSWER:
19.

C

In the assessment of control risk, the auditor is basically
concerned that the client's internal control provides
reasonable assurance that
a.
b.
c.
d.

Management cannot override the system.
Operational efficiency has been achieved in accordance
with management plans.
Errors and fraud have been prevented or detected.
Controls have not been circumvented by collusion.

ANSWER:

22.

A

The independent auditor should acquire an understanding of
the internal audit function as it relates to the independent
auditor's study and evaluation of internal control because
a.
The audit programs, working papers, and reports of
internal auditors can often be used as a substitute for
the work of the independent auditor's staff.
b.
The procedures performed by the internal audit staff
may eliminate the independent auditor's need for an
extensive study and evaluation of internal control.
c.
The work performed by internal auditors may be a factor
in determining the nature, timing, and extent of the
independent auditor's procedures.
d.
The understanding of the internal audit function is an
important substantive test to be performed by the
independent auditor.
ANSWER:

21.

A

Control testing is performed in order to determine whether

or not
a.
The assessed level of control risk can be reduced.
b.
Necessary controls are absent.
c.
Incompatible functions exist.
d.
Material dollar errors exist.
ANSWER:

20.

102

C

Which of the following may be considered an appropriate
means for further testing controls over vendor payments?
a.
Confirm year-end balances with vendors.
b.
Search for unrecorded invoices at year-end.
c.
Develop a set of hypothetical transactions designed to
test existing controls over vendor payments (e.g.,


103


Chapter 7 Audit Planning: Assessment of Control Risk

d.

introduce into the system, a voucher containing an
invoice for raw materials but lacking a purchase order
and/or receiving report.)
Construct an internal control flowchart covering the
payment processing function.

ANSWER:
23.

Which of the following statements concerning the independent
auditor's required communication of material weaknesses in
internal control is correct?
a.
Weaknesses reported at interim dates must be repeated
in the final communication.
b.
If the auditor does not become aware of any material
weaknesses during the examination, that fact must be
communicated.
c.
Weaknesses that had been reported in prior years'
communications and have not been corrected need not be
repeated in the current year's communication.
d.
Although written communication is preferable, the
auditor may communicate the findings orally.

ANSWER:

24.

D

Which of the following would be the best procedure to
determine whether purchases were properly authorized?
a.
Discuss authorization procedures with personnel in the
controller's and purchasing functions.
b.
Review and evaluate a flowchart of purchasing
procedures.
c.
Determine whether a sample of entries in the purchase
journal is supported by properly executed purchase
orders.
d.
Vouch payments for selected purchases to supporting
receiving reports.
ANSWER:

25.

C

C

After studying and evaluating a client's existing internal

control, an auditor has concluded that the policies and
procedures are well designed and functioning as intended.
Under these circumstances, the auditor would most likely
a.
Perform further control tests to the extent outlined in
the audit program.
b.
Determine the control policies and procedures that
should prevent or detect errors and fraud.


Chapter 7 Audit Planning: Assessment of Control Risk
c.
d.

Set detection risk at a higher level than would be set
under conditions of weak internal control.
Set detection risk at a lower level than would be set
under conditions of weak internal control.

ANSWER:
26.

B

To determine whether the client's system of internal control
operated effectively to minimize errors of failure to
invoice a shipment, the auditor would select a sample of
transactions from the population represented by the
a.

Customer order file.
b.
Bill of lading file.
c.
Open invoice file.
d.
Sales invoice file.
ANSWER:

29.

D

The auditor's understanding of the client's internal control
is documented in order to substantiate
a.
Conformity of the accounting records with generally
accepted accounting principles.
b.
Compliance with generally accepted auditing standards.
c.
Adherence to requirements of management.
d.
The fairness of the financial statement presentation.
ANSWER:

28.

C


An auditor is required to obtain a basic understanding of
the client's internal control to plan the audit. The
auditor may then decide to perform tests of controls on all
internal control procedures
a.
That would aid in preventing fraud.
b.
Documented in the flowchart.
c.
Considered to be weaknesses that might allow errors to
enter the accounting system.
d.
Considered to be strengths for which the auditor
desires further reduction in the assessed level of
control risk.
ANSWER:

27.

104

B

When evaluating a client's system of internal control to
determine whether the necessary procedures are prescribed
and have been implemented satisfactorily, an auditor must
a.
Develop questionnaires and checklists.
b.
Obtain an understanding of internal control.



105

Chapter 7 Audit Planning: Assessment of Control Risk
c.
d.

Perform tests of internal control procedures.
Evaluate administrative policies.

ANSWER:
30.

Of the following internal control policies or procedures,
which would most likely allow for a reduction in the scope
of the auditor's tests of depreciation expense?
a.
Review and approval of the periodic equipment
depreciation entry by a supervisor who does not
actively participate in its preparation.
b.
Comparison of equipment account balances for the
current year with the current-year budget and prioryear actual balances.
c.
Review of the miscellaneous income account for salvage
credits and scrap sales of partially depreciated
equipment.
d.
Authorization of payment of vendors' invoices by a

designated employee who is independent of the equipment
receiving function.
ANSWER:

31.

B

A

Tracing copies of sales invoices to shipping documents will
provide evidence that all
a.
Shipments to customers were recorded as receivables.
b.
Billed sales were shipped.
c.
Debits to the subsidiary accounts receivable ledger are
for sales shipped.
d.
Shipments to customers were billed.
ANSWER:

B

32. In assessing control risk, the auditor must, as a minimum
a.
Perform tests of all significant controls.
b.
Obtain an understanding of the design and

implementation of the client's internal control.
c.
Obtain an understanding of the design of the client's
internal control.
d.
Obtain an understanding of the design, implementation,
and operating effectiveness of the client's internal
control.
ANSWER:
33.

B

An independent auditor has concluded that the client's
records, procedures and representations can be relied upon


Chapter 7 Audit Planning: Assessment of Control Risk

106

based on tests made during the year when internal control
was found to be effective. The auditor should test the
records, procedures, and representations again at year-end
if
a.
Inquiries and observations lead the auditor to believe
that conditions have changed significantly.
b.
Comparisons of year-end balances with like balances at

prior dates revealed significant fluctuations.
c.
Unusual transactions occurred subsequent to the
completion of the interim audit work.
d.
Client records are in a condition that facilitate
effective and efficient testing.
ANSWER:
34.

An auditor is least likely to further test control
procedures by examining documents with respect to controls
relating to
a.
Segregation of the functions of recording disbursements
and reconciling the bank account.
b.
Comparison of receiving reports and vendors' invoices
with purchase orders.
c.
Approval of the purchase and sale of marketable
securities.
d.
Classification of revenue and expense transactions by
product line.
ANSWER:

35.

A


An auditor usually examines receiving reports to support
entries in the
a.
Voucher register and sales returns journal.
b.
Sales journal and sales returns journal.
c.
Voucher register and sales journal.
d.
Check register and sales journal.
ANSWER:

36.

A

A

Regardless of whether the auditor decides to test controls
for operating effectiveness, he/she must fully document his
or her understanding of the internal control policies and
procedures obtained through whatever means. Which of the
following does not describe an appropriate means for
documenting such understanding?
a.
Internal control flowchart.
b.
Internal control implementation.
c.

Internal control memorandum.


107

Chapter 7 Audit Planning: Assessment of Control Risk
d.

Internal control questionnaire.

ANSWER:
37.

Which of the following best describes the primary reason for
the auditor's use of flowcharts during an audit engagement?
a.
To comply with the requirements of generally accepted
auditing standards.
b.
To classify the client's documents and transactions by
major operating functions, e.g., cash receipts, cash
disbursements, etc.
c.
To record the auditor's understanding of the client's
internal control policies and procedures.
d.
To interpret the operational effectiveness of the
client's existing organizational structure.
ANSWER:


38.

D

Which of the following is not an auditing procedure that is
commonly used in performing control tests?
a.
Inquiring.
b.
Observing.
c.
Confirming.
d.
Inspecting.
ANSWER:

40.

C

An auditor generally tests physical security controls over
inventory by
a.
Test counts and cutoff procedures.
b.
Examination and reconciliation.
c.
Inspection and recomputation.
d.
Inquiry and observation.

ANSWER:

39.

B

C

If the independent auditor decides that the work performed
by internal auditors may have a bearing on the independent
auditor's own procedures, the independent auditor should
consider the objectivity of the internal auditors. One
method of judging objectivity is to
a.
Review the recommendations made in the reports of the
internal auditor.
b.
Examine, on a test basis, documentary evidence of the
work performed by internal auditors.
c.
Inquire of management about the qualifications of the
internal audit staff.


Chapter 7 Audit Planning: Assessment of Control Risk
d.

Consider the client's practices for hiring, training,
and supervising the internal audit staff.


ANSWER:
41.

B

Which of the following statements with respect to the
independent auditor's evaluation of internal control is
correct?
a.
The auditor should decrease control testing when
weaknesses in cash receipts are mitigated by strong
controls in cash disbursement procedures.
b.
The auditor should increase control testing when
weaknesses in billing procedures are mitigated by
strong controls in collection procedures.
c.
The auditor generally should not evaluate the overall
effectiveness of internal control, but should
separately evaluate each of the transaction cycles.
d.
The auditor should evaluate all internal control
weaknesses before determining the control procedures
that should prevent or detect errors or irregularities.
ANSWER:

44.

C


The development of constructive suggestions to clients for
improvements in internal accounting control is
a.
A requirement of the auditor's study and evaluation of
internal accounting control.
b.
A desirable byproduct of an audit engagement.
c.
Addressed by the auditor only during a special
engagement.
d.
As important as establishing a basis for reliance upon
the internal accounting control system.
ANSWER:

43.

A

Tracing bills of lading to sales invoices will provide
evidence that
a.
Recorded sales were shipped.
b.
Invoiced sales were shipped.
c.
Shipments to customers were invoiced.
d.
Shipments to customers were recorded as sales.
ANSWER:


42.

108

C

Which of the following statements best describes the
auditor's responsibility regarding the detection of material
fraud?


109

Chapter 7 Audit Planning: Assessment of Control Risk
a.
b.

c.

d.

Because of the inherent limitations of an audit, the
auditor is not responsible for the failure to detect
material fraud.
The auditor is responsible for the failure to detect
material fraud when such failure results from
nonperformance of audit procedures specifically
described in the engagement letter.
The auditor should design audit programs that will

provide reasonable assurance that material errors and
fraud will be detected in the ordinary course of the
examination.
The auditor is responsible for the failure to detect
material fraud when the auditor's evaluation of
internal control procedures indicates that they are
ineffective.

ANSWER:
45.

Which of the following procedures most likely would be
included as part of an auditor's tests of control
procedures?
a.
Inspection.
b.
Reconciliation.
c.
Confirmation.
d.
Analytical procedures.
ANSWER:

46.

A

If, after obtaining an initial understanding of a client's
internal control, the auditor wishes to further reduce the

assessed level of control risk relating to plant asset
transactions, the auditor should next
a.
Make extensive substantive tests of plant asset
balances.
b.
Establish the physical existence of current year
additions.
c.
Complete the plant asset section of the internal
accounting control questionnaire.
d.
Further test those internal control procedures relating
to processing and recording plant asset transactions.
ANSWER:

47.

C

D

The auditor is most likely to presume that a high risk of
defalcation exists if
a.
The client is a multinational company that does
business in numerous foreign countries.


Chapter 7 Audit Planning: Assessment of Control Risk

b.
c.
d.

The client does business with several related parties.
Inadequate segregation of duties places an employee in
a position to perpetrate and conceal thefts.
Inadequate employee training results in lengthy CBIS
exception reports each month.

ANSWER:
48.

C

Which of the following is the correct order of performing
the auditing procedures A through C below?
A = Tests of internal control procedures.
B = Preparation of a flowchart depicting the client's
internal control system.
C = Substantive tests.
a.
b.
c.
d.

ABC.
ACB.
BAC.
BCA.


ANSWER:
50.

C

After obtaining an understanding of the client’s internal
control, the auditor should consider whether
a.
The projected degree of effectiveness of internal
control is justified.
b.
The evidential matter obtained from the study of the
internal control system can provide a reasonable basis
for an opinion.
c.
Further testing of internal control procedures is
likely to permit further reduction of assessed control
risk.
d.
Sufficient knowledge has been obtained about the
entity's entire system of internal control.
ANSWER:

49.

110

C


Auditors frequently use flowcharts in connection with which
of the following
a.
Preparation of generalized computer audit programs.
b.
Review of the client's internal control procedures.
c.
Use of statistical sampling in performing an audit.
d.
Performance of analytical review procedures of account
balances.
ANSWER:

B


111

51.

Chapter 7 Audit Planning: Assessment of Control Risk
Which of the following conditions suggest a lowering of the
aggregate materiality threshold?
a.
b.
c.
d.

Internal controls in the area of payroll processing are
found to be much stronger than the auditor's initial

assessment.
The application of analytical procedures reveals a
favorable sales budget variance that is material and
that remains unexplained.
Study of the business and industry reveals a material
decline in both industry and client revenue during the
current year.
Tests of internal controls in nearly all transaction
cycle subsets have produced numerous and widespread
errors.

ANSWER:
52.

If, during the course of an annual audit of a publicly held
manufacturing company, an independent auditor becomes aware
of a material weakness in the company's internal control,
the auditor is required to communicate the weakness to
a.
The audit committee of the board of directors, or to a
similar body having financial oversight responsibility.
b.
The senior management of the company.
c.
The board of directors of the company.
d.
The treasurer and controller of the client entity.
ANSWER:

53.


D

A

Under which of the following conditions would you consider
lowering individual item materiality thresholds.
a.
Study of the business and industry, together with the
application of analytical procedures, reveals that the
client has enjoyed a surge in sales and gross profit
during an industry downturn.
b.
Application of analytical procedures shows that the
client's gross profit rate is significantly below last
year and also is materially lower than the industry
average.
c.
Study of internal controls within the revenue cycle
reveal material weaknesses.
d.
Study of internal controls within the payroll cycle
confirm the auditor's belief that few errors have
occurred.
ANSWER:

A


Chapter 7 Audit Planning: Assessment of Control Risk


54.

Which of the following is not a medium that can normally be
used by an auditor to record information concerning a
client's internal control policies and procedures?
a.
Narrative memorandum.
b.
Procedures manual.
c.
Flowchart.
d.
Questionnaire.
ANSWER:

55.

C

An auditor's flowchart of a client's accounting system is a
diagrammatic representation that depicts the auditor's
a.
Program for tests of controls.
b.
Understanding of the system.
c.
Understanding of the types of fraud that are probable,
given the present system.
d.

Documentation of the study and evaluation of the
system.
ANSWER:

58.

B

The auditor observes client employees during the review of
the client's system of internal control in order to
a.
Prepare a flowchart.
b.
Update information contained in the organization and
procedure manuals.
c.
Assist in obtaining an understanding of the client's
internal control policies and procedures.
d.
Determine the extent of compliance with quality control
standards.
ANSWER:

57.

B

With respect to the client's system of internal control, the
auditor is concerned that the existing policies and
procedures provide reasonable assurance that

a.
Operational efficiency has been achieved in accordance
with management plans.
b.
Errors and fraud have been prevented or detected.
c.
Controls have not been circumvented by collusion.
d.
Management cannot override the internal controls.
ANSWER:

56.

112

B

An independent auditor might consider the procedures
performed by the internal auditors because


113

Chapter 7 Audit Planning: Assessment of Control Risk
a.
b.
c.
d.

They are employees whose work must be reviewed during

substantive testing.
They are employees whose work might be relied upon.
Their work impacts upon the cost/benefit tradeoff in
evaluating inherent limitations.
Their degree of independence may be inferred by the
nature of their work.

ANSWER:
59.

A procedure that would most likely be used by an auditor in
performing tests of control procedures that involve
segregation of functions and that leave no transaction trail
is
a.
Inspection.
b.
Observation.
c.
Reprocessing.
d.
Reconciliation.
ANSWER:

60.

B

It is important for the CPA to consider the competence of
the audit client's employees because their competence bears

directly and importantly upon the
a.
Cost/benefit relationship of the internal control
system.
b.
Achievement of the objectives of the internal control
system.
c.
Comparison of recorded accountability with assets.
d.
Timing of the tests to be performed.
ANSWER:

61.

B

B

In studying internal control and assessing control risk, the
auditor applies the following steps:
a.
Determine the internal control policies and procedures
necessary to prevent or detect errors or fraud that
could occur in the absence of controls.
b.
Identify control weaknesses.
c.
Determine whether the necessary policies and procedures
have been designed and whether they have been placed in

operation.
d.
Design substantive audit programs.
e.
Consider the types of errors or fraud that could occur
in the absence of necessary controls.
The proper sequence in applying these steps is:


Chapter 7 Audit Planning: Assessment of Control Risk
a.
b.
c.
d.

CDEAB
CBAED
EACBD
AECBD

ANSWER:
62.

A

To determine whether refunds granted to customers were
properly approved, the auditor should trace accounts
receivable entries to:
a.
Sales invoices.

b.
Remittance advices.
c.
Shipping documents.
d.
Credit memos.
ANSWER:

64.

C

The primary purpose of performing further control tests is
to provide
a.
A basis for reducing the assessed level of control risk
below the maximum level.
b.
A basis for understanding the flow of transactions
through the accounting system.
c.
Assurance that transactions are properly recorded.
d.
All accounting control procedures leave visible
evidence.
ANSWER:

63.

114


D

A well-prepared flowchart should make it easier for the
auditor to
a.
Prepare audit procedure manuals.
b.
Prepare detailed job descriptions.
c.
Trace the origin and disposition of documents.
d.
Assess the degree of accuracy of financial data.
ANSWER:

C

COMPLETION:
65.

After assessing inherent risk, the auditor needs to assess
control risk in order to complete the
phase of
the audit.


115

Chapter 7 Audit Planning: Assessment of Control Risk
ANSWER:


66.

Based on the initial understanding of internal control, the
auditor may decide to assess control risk at the maximum
level for some assertions and below maximum for others. To
justify reducing the assessed level of control risk below
maximum, the auditor must obtain an understanding of the
of the controls relating to those
assertions.
ANSWER:

67.

PLANNING

OPERATING EFFECTIVENESS

As an internal control documentation device, the internal
control
, by presenting a pictorial overview of
the processing steps, has the advantage of providing a clear
and easy review of existing internal control policies and
procedures.
ANSWER: FLOWCHART

68.

is an effective
means for further testing of selected internal control

policies and procedures where an audit trail in the form of
documentation exists.
ANSWER:

69.

Whenever control risk is assessed below maximum, the auditor
must document the
for such reduction.
ANSWER:

70.

BASIS

If, based on the study of the business and application of
analytical procedures, the auditor suspects earnings
inflation, individual item materiality thresholds should be
.
ANSWER:

71.

DOCUMENT EXAMINATION AND TESTING

LOWERED (DECREASED, REDUCED)

For transaction cycle subsets where internal control is weak
and numerous errors are expected, aggregate materiality
thresholds should be set

____ relative to those
applicable to strong internal control subsets.
ANSWER:

LOW


Chapter 7 Audit Planning: Assessment of Control Risk
72.

116

The nature and timing of substantive audit procedures
requires a
approach to designing audit
programs, whereas determining the extent of testing suggests
a
approach.
ANSWER:

QUALITATIVE, QUANTITATIVE

MATCHING:
73. Indicate by letter how each of the listed controls can be
most effectively tested.
a.
b.
c.

Observation

Reprocessing
Document examination and testing

____1.

Computer controls applicable to payroll processing

____2.

Correctness of account distribution appearing on vendor
invoices

____3.

Whether invoices exist for shipments to customers

____4.

Evidence, appearing on the face of receiving reports,
that the goods were transferred from receiving to
stores

____5.

Whether computer errors are reprocessed by the “control
group rather than the computer operator

____6.

All documents must be attached in order to vouchers to

be approved for payment

SOLUTION:
1.
2.
3.
4.
5.
6.

b
c
c
c
a
c

74. Each of the listed scenarios represents conditions
discovered by the auditor after analyzing inherent risk and
completing tests of financial reporting controls. Indicate by
letter the impact on materiality thresholds set previously by the


117

Chapter 7 Audit Planning: Assessment of Control Risk

auditor during the preliminary planning stages of the audit.
More than one answer may apply to a given scenario.
a.

b.
c.
d.
e.

Increase the dollar amount of the individual item
threshold
Lower the dollar amount of the individual item
threshold
Increase aggregate threshold as a percent of the
individual item threshold
Lower aggregate threshold as a percent of the
individual item threshold
No need to change initial thresholds

____1.

Although controls over sales processing appear to be
effective, analytical procedures indicate possible
management override of the controls in the form of
premature revenue recognition

____2.

Originally considered weak, payroll controls now appear
to be effective, based on auditor testing of selected
controls

____3.


Although controls over
were effective in past
unchanged for the year
revealed a significant

____4.

Testing of sales processing controls caused the auditor
to increase the assessed level of control risk for the
revenue cycle; and the application of analytical
procedures indicates that sales revenue may be materially
overstated and that discounts and returns may have been
understated

____5.

After testing controls related to payroll processing,
the auditor was able to reduce the assessed level of
control risk; but application of analytical procedures
suggests that salaries and wages expense may be
materially overstated

the processing of vendor invoices
years and were thought to be
under audit, tests of controls
deterioration

____6.

The auditor decided not to test controls in the

expenditure cycle because they were considered
ineffective in past years and, in the auditor’s
opinion,
have not improved
____7.

In past audits, Sara Lindquest, CPA, lowered the


Chapter 7 Audit Planning: Assessment of Control Risk

118

individual item threshold given the use of “liberal”
accounting practices by Lopez Industries, an audit
client (Proposed audit adjustments typically reduced
unaudited net income by 15% to 20%.) Application of
analytical procedures to the current year’s unaudited
income, however, indicates the use of more
conservative
accounting practices
SOLUTION:
1.
2.
3.
4.
5.
6.
7.


b
c
d
b,d
a,c
e
e

PROBLEM/ESSAY:
75.

In studying her client’s existing internal control over cash
receipts, the auditor determined the following:
1.
All sales are made on credit.
2.
Customer checks are prelisted and restrictively
endorsed upon receipt.
3.
The endorsed checks are then forwarded to data
processing where they are entered into the
computer
system.
4.
The checks are transferred to the cashier who prepares
the daily deposit and delivers it to the bank.
Required:
a.

Identify specific errors or fraud that might occur

given the above system for processing cash

receipts.
b.
prevent
existing

The above description of cash receipts processing is
unclear as to whether certain controls that may
or detect errors and fraud are present in the
system.
1.
2.

in

Identify the controls that are clearly missing;
Identify other controls that may or may not be
present, but that are necessary to prevent or
detect the errors and fraud that you listed
part (a).


119

Chapter 7 Audit Planning: Assessment of Control Risk

c.

For the controls that are clearly missing, identify

possible compensating controls?

d.

Assuming the auditor determines that the controls
which you listed in (b)(2) are present, how might she
test them? Be specific.

SOLUTION:
a.
1. Checks may be misappropriated by one or more persons
in data processing;
2. Recording errors might occur in processing the
checks
a.
Wrong customer credited;
b.
Wrong amount entered;
c.
Improper discount taken.
3. Checks may be misappropriated by cashier
b.

being
the

1. The checks should not be forwarded to data
processing. Rather, the checks should be
transferred directly to the cashier after
endorsed for deposit only; and a copy of

prelisting, together with any accompanying
remittance advices, should be sent to data
processing for recording.
2. Controls that should be present:
a.

prelisting of
deposit
also with
computer
b.
of
c.
of
correctness
computer.

Someone not having access to the checks
should compare the total of the
cash receipts with the receipted
ticket obtained from the bank, and
the debit to cash produced by
processing of the receipts;
Computer editing controls should check for
proper customer number and correctness
cash discounts taken
A control total for cash receipts should be
compared by the computer with the total
cash receipts processed to verify
of cash receipts entered into the



Chapter 7 Audit Planning: Assessment of Control Risk

d.

120

Monthly statements should be mailed to
customers and all exceptions cleared by
persons not having access to

remittances.
c.
Comparing the prelisting of cash receipts with the
deposit ticket and clearing exceptions to monthly
statements should detect any missing checks.

d.
1.

Select a sample of daily cash prelistings and
compare with general ledger debit to cash and
to
receipted deposit ticket.
2. Select a sample of customer statement copies and
check customer correspondence files for
exceptions
and how the exceptions were resolved.
3. Either reprocess or observe reprocessing of

customer remittances to determine
effectiveness of
computer editing controls (be
particularly alert
to errors in entering customer
account numbers and
improper discounts)
76.

a.

What is the auditor’s documentation responsibility with
regard to the client’s system of internal control?

b.

Under what conditions might the auditor elect not to
test controls for operating effectiveness?

SOLUTION:
a.
1. Auditors must document their understanding of
clients’ internal control;
2. If control risk is assessed below maximum, the
auditor must document the basis for such
reduction.
b.
1. The auditor considers the controls to be
ineffective;
2. The cost of testing the controls exceeds the cost

savings associated with reduced substantive
testing.