Chapter 6 Internal Control Evaluation
(I)Multiple Choice Questions
1.Which of the following is not an element of control environment:
A.Communication and enforcement of integrity and ethical values.
B.Participation of those charged with governance.
C.Management’s philosophy and operating cycle.
D.Data processing.
2.An auditor’s primary consideration regarding an entity’s internal control system is whether the system and its policies and procedures
A.Have cost and benefit relationship within the control system.
B.Have assurance of management’s ability to detect fraud.
C.Reflect management’s philosophy and operating cycle.
D.Have effect on the financial statement assertions.
3.The primary purpose for ascertaining and obtaining an understanding of a client’s internal control system is to:
A.Determine the nature, timing and extent of tests to be performed.
B.Decide to obtain external evidence instead of internal evidence.
C.Provide information for discussing with and reporting to client’s management.
D.Obtain sufficient evidence to form the basis of audit opinion.
4.After the auditor has prepared a flowchart of the internal controls surrounding a particular business cycle and evaluated the design of the system, the auditor would perform tests of controls on all control procedures
A.that has been documented in the flowchart and narrative notes.
B.that will assist in preventing irregularities and errors.
C.that the auditor plans to rely on when carrying out the audit procedures.
D.that can identify the types of potential misstatements that can occur.
5.A deviation of the internal control procedures caused by an employee performing a control procedure that the employee is not authorized to perform is regarded as:
A.a deficiency in operation.
B.a material weakness in the design of internal control system.
C.a significant deficiency in the authorization process.
D.a deficiency in design of the system.
6.Which of the following types of controls would most likely be reviewed and tested during an interim period?
A.The controls over the year-end financial reporting process.
B.The controls that relating to those transactions that requires subjective judgement.
C.Those controls that operate on a continuous basis.
D.The controls relating to those non-routine transactions.
7.A material weaknesses in internal control is described as a condition under which material misstatements would go undetected on a timely basis by
A.the internal auditors during the process of evaluating the effectiveness of internal control system.
B.the finance manager when reconciling control accounts in the general ledger with the subsidiary ledger.
C.the external auditors during the normal course of evaluating the client’s internal control system.
D.an employee in the normal course of performing their assigned functions.
8.The tone of internal control typically originates internally with:
A.auditors
B.employees
C.management
D.shareholders
9.The major components of an organization’s internal control structure consist of all of the following except:
A.control risk.
B.the control environment.
C.risk assessment.
D.control activities.
10.The control environment includes all of the following except:
A.management philosophy and operating cycle.
B.methods of assigning authority and responsibility.
C.personnel policies and practices.
D.control activities.
11.All of the following are pervasive accounting controls except:
A.adequate segregation of duties.
B.physical controls to safeguard the assets.
C.authorization procedures.
D.understanding documented internal procedures.
12.Which of the following is an example of a type of control that may be tested?
A.Interest accrued on notes payable.
B.Cash surrender value of life insurance classified as long-term asset.
C.A spreadsheet used to create a pivot table for the summarization of accounts receivable.
D.Reconciliations performed monthly on accounts.
13.A graphic representation of an accounting application that normally identifies key controls that are effective in achieving specific control policies and procedures is
A.an internal control questionnaire.
B.a flowchart.
C.an internal control narrative.
D.a walk-through
14.Which of the following best represents a walk-through?
A.The controller reviews the bank reconciliation prepared by the accountant and its resulting journal entries.
B.The auditor walks the production line to find inefficiencies in the inventory process and reports them to management.
C.The controller takes a sample of write-offs to ensure they have been adequately documented and recorded.
D.The auditor traces three purchasing transactions from the purchase order to the financial statement for observation and understanding.
15.Physical controls to safeguard assets would include:
A.hiring only trustworthy cashiers.
B.separation of duties.
C.locks on the warehouse doors.
D.safety audits on the production-line.
16.Which one of the following is not a control activity implemented in most accounting systems?
A.segregation of duties
B.competent, trustworthy employees
C.authorization procedures
D.all of these activities are normally implemented.
17.An auditor obtains evidence of the internal control over the accounting system by all of the following except
A.performing walk-throughs of the accounting system.
B.making inquiries of banks and attorneys.
C.reviewing system flowcharts.
D.taking plant and operational tours.
18.Which of the following will an auditor use to document an understanding of internal control?
A.Checklists, disclosures and procedures.
B.The audit report, internal control opinions and confirmations.
C.Workpapers, engagement letters and management representation letters.
D.Questionnaires, narratives and flowcharts.
19.Which is clearly a test of control?
A.Walk-through of the expense cycle from performance of the service to the reporting in the balance sheet.
B.Examination of a sample of purchase order records for electronic, authenticated, authorization.
C.Observing the controller's use of company owned equipment.
D.Sending a letter to the client's attorney to determine litigation that is pending between plaintiff and the defendant.
20.When control risk is assessed as high the auditor needs to
A.perform more tests of controls.
B.perform more direct testing of account balances.
C.perform significantly fewer tests of controls.
D.perform significantly less testing of account balances.
21.A verbal description of an organization’s processes and internal controls is
A.an internal control questionnaire.
B.a flowchart.
C.an internal control narrative.
D.a walk-through.
22.In examining controls for transactions and events, which of the following assertions would not be included.
AOccurrence
BCompleteness
CCutoff
DAll are included
23.Which of the following is not correct about the performance of tests of controls?
Atests of controls must be performed for every account.
Bsome tests of controls must be performed to rely upon controls to reduce substantive testing.
Cthe work of the internal auditor can be used to reduce substantive testing.
Dall of the above are correct.
24.Which of the following statements about internal control is not correct?
AThe costs of control should not exceed the benefits.
BThe auditor’s assessment of detection risk is inversely related to the assessment of control risk.
CStronger internal controls are directly related to the number of required substantive audit procedures.
DManagement is responsible for the maintenance of internal control.
25.Which of the following is an inherent limitation of internal controls?
ADoes not assure the discovery of all fraud.
BSegregation of duties may be overcome with collusion.
CCosts should not exceed benefits.
DAll are limitations of internal controls.
26.Segregation of duties deals with the segregation of which functions?
ARecording and physical custody of assets.
BAuthorizing and recording assets.
CAuthorizing, recording, and physical custody of assets.
DAuthorizing, recording, physical custody, and access to assets.
27.With regard to which of the following financial statement assertions may an auditor encounter particular difficulties in obtaining sufficient evidence where internal controls are weak?
AOwnership
BExistence
CValuation
DCompleteness
28.Which of the following questions would you expect to find on an Internal Control Questionnaire (ICQ)for the payroll system of a limited liability company?
(1)Can the payroll supervisor authorise the payment of wages?
(2)Can employees be paid for work not done?
(3)Can bonuses be wrongly paid?
(4)Can statutory deductions be incorrectly recorded?
A1, 2 and 3
B1, 2 and 4
C1, 3 and 4
D2, 3 and 4
(II)Examination Style Questions
Question 1
Rosy Ltd has a factory in Guangzhou and employs more than 500 workers. You have recently been appointed as the auditor of Rosy Ltd and are ascertaining and evaluating the internal control systems with an internal control questionnaire (ICQ). Payroll cheques are issued to workers monthly and are based on the number of hours worked.
Required:
(a)What are the features of an ICQ?(4 marks)
(b)State TWO advantages and TWO limitations of an ICQ.(4 marks)
(c)Based on the payroll ICQ above, identify areas of weaknesses and potential misstatements. Design detail audit tests to detect material misstatements.
(12 marks)
(Total 20 marks)
(HKIAAT Paper 8 Auditing December 2004 B4)
Question 2
Although certain internal controls may appear to be operating effectively, the auditor may not rely on them to prevent material misstatement from occurring in the financial statements until their effectiveness and reliability have been tested. If the compliance procedures confirm that internal controls are operating effectively, this will result in reduced substantive testing.
Required:
(a)Describe the nature and purposes of:
(i)tests of control; and
(ii)substantive tests.(8 marks)
(b)Distinguish which of the following audit procedures are tests of control and which are substantive tests. If the audit procedure is a substantive test, state its audit objective(s).
(12 marks)
(Total 20 marks)
(HKIAAT Paper 8 Auditing June 2005 B1)
Question 3
Auditors should use their professional judgement to assess audit risk and to design audit procedures to ensure the risk is reduced to an acceptably low level. Audit risk is the risk that the auditors give an inappropriate audit opinion when the financial statements are materially misstated.
Auditors should obtain an understanding of the accounting and internal control systems sufficient to plan the audit and develop an effective audit approach. Three commonly used methods of documenting the understanding of a client’s accounting system and related controls are narrative notes, flowcharts, and internal control questionnaires.
Once an understanding of internal control sufficient for audit planning is obtained, auditors make an initial assessment of control risk. Auditors can evaluate the design of internal controls by performing risk assessment procedures. In addition, auditors may obtain audit evidence on the operating effectiveness of controls through tests of controls. The extent to which tests of controls are applied depends on the desired assessed control risk. If the auditors want to use a low control risk, a larger sample size for documentation, observation and reperformance procedures should be applied.
In determining the sample size, auditors should consider whether sampling risk is reduced to an acceptably low level.
Required:
(a)State any TWO of the three components of audit risk.(2 marks)
(b)Give THREE advantages of using flowcharts to document a client’s accounting system and related controls as compared with narrative notes. (3 marks)
(c)Give THREE disadvantages of using flowcharts to document a client’s accounting system and related controls. (3 marks)
(d)How does sampling risk arise? State TWO methods of controlling sampling risk. (4 marks)
(e)What will the possible effects of a wrong conclusion being drawn from the samples selected in a test of controls be? (Hint: Your answers should consider the types of wrong conclusion, the audit effectiveness and the audit efficiency.)
(4 marks)
(f)Briefly explain what is meant by non-sampling risk. Give TWO major causes of non-sampling risk. (4 marks)
(Total 20 marks)
(HKIAAT Paper 8 Auditing June 2006 B2)
Question 4
Metercape Limited, is a listed company, and has been in business for 30 years. Its external auditors performed a detailed review of the company’s internal controls of the computerized accounting system in 1997.
Over the past 10 years, the cost cutting exercise led to early retirement of many experienced employees within the accounting department. Currently the longest year of service of employees in Metercape Limited’s accounting department is only 2 years and the average working experience of the team has been reduced from 15 years to 4 years. The vacancies of the retired employees have not been filled and the size of the accounting department has decreased from 20 employees to 10 employees. Eventually most employees in the accounting department have worked for almost 72 hours each week for the past three years.
Last year the board of the directors set up a stock option scheme for the middle management which links to the sales of the company. Thereafter, the middle management often agrees to deliver goods to customers before having completed the laid down internal control procedures of checking the inventory level and reviewing the credit worthiness of the customers. As a result, there are dramatic increases in the number of manual adjustments and bad debt entries.
Required:
(a)State FIVE characteristics of a good system of internal control and briefly elaborate each of such characteristics. (Examples may be used to illustrate the elaboration.) (10 marks)
(b)Based on the circumstances in Metercape Limited, identify FOUR examples of inherent limitations of internal control system and elaborate how each of these limitations may affect the effectiveness of the internal control system of Metercape Limited. (8 marks)
(c)Advise what procedures Metercape Limited’s auditors should follow so as to reduce the audit risk. (2 marks)
(Total 20 marks)
(HKIAAT Paper 8 Auditing June 2007 B2)
Q6-1