Term
| Describe the Principal-Agent Relationship Leading to the Demand for Auditing |
|
Definition
- Principal is the absentee owner - hires the agent
- Agent is the manager - hires the auditor
- Auditor is independent - adds credibility to financials
- Information asymmetry and conflicts of interest lead to information risk for the principal
|
|
|
Term
| Desirable Characteristics of Auditors (5) |
|
Definition
- Competent
- Objective
- Honest
- Skeptical
- Responsible and/or liable
|
|
|
Term
| Desirable Characteristics of an Auditor Service (6) |
|
Definition
- Timely
- Reasonably priced
- Complete
- Effective
- Systematic and reliable
- Informative
|
|
|
Term
| Describe Auditing, Attest, and Assurance Services |
|
Definition
- Auditing - systematic process of obtaining and evaluating evidence regarding assertions
- Attest - Services occur when a person needs to issue a report on subject matter that is the responsibility of another party
- Assurance - Independent services that improve the quality of information
|
|
|
Term
| overview of the Financial Statement Audit Procedure |
|
Definition
- Management and Auditor discuss the terms of engagement
- Management implements internal controls, conducts transactions, and accumulates them into account balances for which the auditor obtains evidence
- Management prepares financial statements (makes assertions) and the Auditor tests management assertions against criteria (GAAP)
- The auditor determines the overall fairness of the financial statements
- The auditor issues an audit report to accompany the financial statements (communication) and Management issues the financial statements to users
|
|
|
Term
| List the major phases of an Audit (7) |
|
Definition
- Client acceptance / continuance and establishing an understanding with the client
- Preliminary engagement activities
- Plan the audit
- Consider and audit internal controls
- Audit business processes and related accounts
- Complete the audit
- Evaluate results and issue audit report
|
|
|
Term
| (Preliminary Engagement Activities) - What the auditor should understand of the entity |
|
Definition
- Industry, regulatory, and other external factors
- Nature of the entity
- Objectives, strategies and related business risks
- Measurement and review of the entity's financial performance
- Internal control
|
|
|
Term
| 8 Parts of a standard unqualified report |
|
Definition
- Title
- Addressee
- Introductory paragraph
- Scope paragraph
- Opinion paragraph
- Explanatory paragraph referring to the audit of internal control
- Name of auditor
- Date of report
|
|
|
Term
|
Definition
| Independent professional services that improve the quality of information, or its context, for decision maker. Encompasses attest services and financial statement audits |
|
|
Term
|
Definition
| A service when a practitioner is engaged to issue or does issue a report on subject matter, or an assertion about subject matter, that is the responsibility of another party. Encompasses financial statement audits |
|
|
Term
|
Definition
| All the information used by the auditor in arriving at the conclusions on which the audit opinion is based; includes the information contained in the accounting records underlying the financial statements and other information |
|
|
Term
|
Definition
| The risk that the auditor may unknowingly fail to appropriately modify his or her opinion on financial statements that are materially misstated |
|
|
Term
|
Definition
| a systematic process of (1) objectively obtaining and evaluating evidence regarding assertions about economic actions and events to ascertain the degree of correspondence between those assertions and established criteria and (2) communicating the results to interested users |
|
|
Term
| financial statement assertions |
|
Definition
| expressed or implied representations by management that are reflected in the financial statement components |
|
|
Term
|
Definition
| the concept that the manager generally has more information about the true financial position and results of operations of the entity than the absentee owner does |
|
|
Term
|
Definition
| the magnitude of an omission or misstatement of accounting information that, in light of surrounding circumstances, makes it probable that the judgment of a reasonable person relying on the information would have been changed or influenced |
|
|
Term
|
Definition
| an instance where a financial statement assertion is not in accordance with the criteria against which it is audited (e.g., GAAP). Misstatements may be classified as fraud (intentional), other illegal acts such as non-compliance with laws and regulations (intentional or unintentional), and errors (unintentional) |
|
|
Term
|
Definition
| the concept that an audit done in accordance with auditing standards may fail to detect a material misstatement in a client's financial statements. In an auditing context this term has been defined to mean a high but not absolute level of assurance |
|
|
Term
|
Definition
| the end product of the auditor's work, indicating the auditing standards followed, and expressing an opinion as to whether an entity's financial statements are fairly presented in accordance with agreed-upon criteria (e.g., GAAP) |
|
|
Term
| risk of material misstatement |
|
Definition
| the risk that the entity's financial statements will contain a material misstatement whether caused by error or fraud |
|
|
Term
|
Definition
| a "clean" audit report, indicating the auditor's opinion that a client's financial statements are fairly presented in accordance with agree-upon criteria (e.g. GAAP) |
|
|
Term
| Five components of business processes |
|
Definition
- Financing
- Purchasing
- Human resource management
- Inventory management
- Revenue
|
|
|
Term
| 3 Management Assertion Categories |
|
Definition
- Classes of transactions and events for the period under audit
- Account balances at the period end
- Presentation and disclosure
|
|
|
Term
| Assertions about classes of transactions (6) |
|
Definition
- Occurrence
- Completeness
- Authorization
- Accuracy
- Cutoff
- Classification
|
|
|
Term
| Assertions about account balances (4) |
|
Definition
- Existence
- Rights and obligations
- Completeness
- Valuation and allocation
|
|
|
Term
| Assertions about presentation and disclosure (4) |
|
Definition
- Occurrence and rights and obligations
- Completeness
- Classification and understandability
- Accuracy and valuation
|
|
|
Term
| Three Categories of Generally Accepted Auditing Standards (GAAS) |
|
Definition
- General Standards
- Standards of Field Work
- Standards of Reporting
|
|
|
Term
| (GAAS) Three General Standards |
|
Definition
- Adequate technical training and proficiency
- Maintain independence in mental attitude
- Exercise due professional care
|
|
|
Term
| (GAAS) Standards of field work |
|
Definition
- Adequately plan the work and must properly supervise any assistants
- Obtain a sufficient understanding of the entity and its environment, including its internal control, to assess the risk of material misstatement of the financial statements
- Obtain sufficient appropriate audit evidence
|
|
|
Term
| (GAAS) Standards of reporting |
|
Definition
- State whether the financials are presented in accordance with GAAP
- Identify in the auditor's report those circumstances in which such principles have not been consistently observed in the current period in relation to the preceding period
- State if the informative disclosures are not reasonably adequate
- Must express an opinion or state that an opinion cannot be expressed
|
|
|
Term
10 GAAS Standards
GoFoR
TIP PIE ACDO |
|
Definition
GENERAL
- Training
- Independence
- Professional Care
FIELD WORK
- Plan the work
- Internal Control & Environment
- Evidence
REPORTING
- Accordance with GAAP
- Circumstances not consistently observed currently
- Disclosures reasonably adequate?
- Opinion expressed or not expressible
|
|
|
Term
| 3 Steps in applying materiality on an audit |
|
Definition
- Determine a materiality level for the overall financial statements (planning materiality)
- Determine tolerable misstatement
- Evaluate audit findings
|
|
|
Term
| Qualitative factors affecting the establishment of materiality (Step 1) |
|
Definition
- Prior misstatements
- Potential for fraud or illegal acts
- Small amounts may violate covenants in a loan agreement
- Small amounts may affect the trend in earnings
- Small amounts may cause entity to miss forecasted revenue or earnings
|
|
|
Term
| Qualitative factors that may affect evaluating materiality (step 3) |
|
Definition
Whether the misstatement . . .
- Masks a change in earnings or trends
- Hides a failure to meet analysts' expectations
- Changes a loss into income or vice versa
- Concerns a significant segment of the business
- affects compliance with regulatory requirements
- Affects compliance with loan covenants
- increases management's compensation
- involves the concealment of an unlawful transaction
- may result in a significant positive or negative market reaction
- Intentional misstatements part of earnings management?
|
|
|
Term
| Benchmarks to consider when applying overall materiality |
|
Definition
- Profit-oriented entity: 3% - 5% of profit before tax from continuing operations, or 0.5% of total revenues
- Not-for-profit entity: 0.5% of total expenses or total revenues
- Mutual fund industry: 0.5% of net asset value
|
|
|
Term
| 5 Reasons why allocating combined tolerable misstatement greater than materiality makes sense |
|
Definition
- Not all accounts will be misstated by the full amount of their tolerable misstatement allocation
- Audits of the individual accounts are conducted simultaneously
- Materiality as a percentage of large accounts is often a very small fraction of the account and significant misstatements would be identified
- When errors are identified, the auditors typically perform additional procedures in that, and related accounts
- Overall financial statement materiality serves as a "safety net."
|
|
|
Term
| 3 Types and Purposes of analytical procedures |
|
Definition
- Preliminary: to better understand the business and to plan the nature, timing, and extent of audit procedures
- Substantive: to obtain evidential matter about particular assertions related to account balances or classes of transactions
- Final: an overall review of the financial information in the final review stage of the audit
|
|
|
Term
| 3 Types of analytical procedures used |
|
Definition
- Trend analysis: examination of changes in an account over time
- Ratio analysis: comparison across time of relationships between financial statement accounts or between an account and nonfinancial data
- Reasonableness analysis: development of a model to form an expectation using financial data, nonfinancial data, or both, to test account balances or changes in account balances between accounting periods
|
|
|
Term
|
Definition
| Current Assets / Current liabilities |
|
|
Term
| Short-Term Liquidity Ratios (3) |
|
Definition
- Current Ratio
- Quick Ratio
- Operating Cash Flow Ratio
|
|
|
Term
|
Definition
| Liquid assets / Current liabilities |
|
|
Term
| Operating cash flow ratio |
|
Definition
| Cash flow from operations / Current liabilities |
|
|
Term
|
Definition
- Receivables turnover
- Days outstanding in accounts receivable
- Inventory Turnover
- Days of inventory on hand
|
|
|
Term
|
Definition
| Credit sales / receivables |
|
|
Term
| Days outstanding in accounts receivable |
|
Definition
| 365 days / Receivables turnover |
|
|
Term
|
Definition
| cost of goods sold / inventory |
|
|
Term
| Days of inventory on hand |
|
Definition
| 365 days / inventory turnover |
|
|
Term
|
Definition
- Gross profit percentage
- profit margin
- return on assets
- return on equity
|
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
| net income / total assets |
|
|
Term
|
Definition
| net income / stockholders' equity |
|
|
Term
|
Definition
- Debt to equity
- Times interest earned
|
|
|
Term
|
Definition
| (short-term debt + long-term debt) / stockholders' equity |
|
|
Term
|
Definition
| (net income + interest expense) / interest expense |
|
|
Term
| The Audit Risk Model Equation |
|
Definition
AR = RMM X DR
(Expanded): AR = (IR X CR) X DR
Solve for appropriate level of detection risk:
DR = AR / RMM |
|
|
Term
|
Definition
The susceptibility of an assertion to material misstatement, assuming no related controls.
|
|
|
Term
| Risk Factors in Engagement Risk (And Acceptable Audit Risk) |
|
Definition
- Level of reliance by external users
- Probability of financial failure
- Character or integrity of key personnel
|
|
|
Term
|
Definition
The risk that material misstatements that could occur will not be prevented, or detected and corrected, by internal controls.
|
|
|
Term
|
Definition
The risk that the auditor will not detect a material misstatement that exists in the financial statements.
|
|
|
Term
RISK OF MATERIAL MISSTATEMENT
|
|
Definition
The auditor’s combined assessment of inherent risk and control risk.
|
|
|
Term
|
Definition
The risk that the auditor is exposed to financial loss or damage to his or her professional reputation from litigation, adverse publicity, or other events arising in connection with financial statements audited and reported on.
|
|
|
Term
|
Definition
| The uncertainty associated with sampling |
|
|
Term
|
Definition
| The risk that the auditor might select an inappropriate audit procedure, misapply the appropriate audit procedure, or misinterpret the audit results |
|
|
Term
|
Definition
| Determined by the level of engagement risk (inverse relationship) |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
Risks resulting from significant conditions, events, circumstances, and actions or inactions that could adversely affect management’s ability to execute its strategies and to achieve its objectives, or through the setting of inappropriate objectives or strategies.
|
|
|
Term
|
Definition
|
|
Term
| Risk Factors of Assessing Control Risk |
|
Definition
- Effectiveness of internal controls
- Planned reliance on internal controls
|
|
|
Term
| Risk Factors in Assessing Inherent Risk |
|
Definition
- Nature of industry/business
- Character or integrity of key personnel
- Results of prior audits
- Amount and types of related party relationships and transactions
- Client motivation and incentives
- Complexity and routineness of transactions
- Level of subjective judgment required by account standards
- Degree to which assets are susceptible to theft
|
|
|
Term
| Name the relationship (Direct/Inverse) between Acceptable Audit Risk and Planned Detection Risk |
|
Definition
|
|
Term
Name the relationship (Direct/Inverse) between Acceptable Audit Risk and Planned Audit Evidence
|
|
Definition
|
|
Term
Name the relationship (Direct/Inverse) between Reassessed Inherent Risk and Achieved Audit Risk
|
|
Definition
|
|
Term
Name the relationship (Direct/Inverse) between Assessed Inherent Risk and Planned Audit Evidence
|
|
Definition
|
|
Term
Name the relationship (Direct/Inverse) between Assessed Inherent Risk and Planned Detection Risk
|
|
Definition
|
|
Term
Name the relationship (Direct/Inverse) between Planned Detection Risk and Planned Audit Evidence
|
|
Definition
|
|
Term
Name the relationship (Direct/Inverse) between Actual Audit Evidence and Achieved Detection Risk
|
|
Definition
|
|
Term
Name the relationship (Direct/Inverse) between Achieved Detection Risk and Achieved Audit Risk
|
|
Definition
|
|
Term
Name the relationship (Direct/Inverse) between Reassessed Control Risk and Achieved Audit Risk
|
|
Definition
|
|
Term
Name the relationship (Direct/Inverse) between Assessed Control Risk and Planned Detection Risk
|
|
Definition
|
|
Term
Name the relationship (Direct/Inverse) between Assessed Control Risk and Planned Audit evidence
|
|
Definition
|
|
Term
| How to tell whether the audit was effective or efficient |
|
Definition
| Compare acceptable audit risk to achieved audit risk |
|
|
Term
| Name the 9 Audit Procedures for Obtaining Audit Evidence (MIRADCOPS) |
|
Definition
- Mathematical Recalculation
- Inquiry
- Reperformance
- Analytical Procedures
- Documents - Inspection of
- Confirmation
- Observation
- Physical Assets - Inspection of
- Scanning
|
|
|
Term
| Describe the Direction of Testing for Validity and Completeness |
|
Definition
- Tracing Checks for completeness by going bottom to top (Source document to Journal)
- Vouching Checks for occurrence by going top to bottom (Journal to source document)
|
|
|
Term
| Two evaluations of internal controls that must be done (no matter what type of company and no matter which audit strategy) |
|
Definition
- Evaluate the design of controls
- Determine if the controls have been implemented
|
|
|
Term
| Describe the consequences of the answer to the following question: Does the auditor intend to rely on controls? |
|
Definition
- NO: (Substantive strategy) Set control risk at the maximum, rely on substantive procedures
- YES: (Reliance strategy) Perform tests of controls, perform substantive procedures based on level of assessed control risk
|
|
|
Term
|
Definition
- Risk assessment procedures
- Tests of controls
- Substantive procedures
|
|
|
Term
| Examples of tests of controls |
|
Definition
- Inquiries of appropriate management
- Inspection of documents
- Observation of the application of specific controls
- Walkthroughs
- Reperformance of the application of the control by the auditor
|
|
|
Term
| Types of substantive procedures |
|
Definition
- Tests of details of classes of transactions, account balances, and disclosures
- Substantive analytical procedures
|
|
|
Term
| General guidelines for the reliability of evidence (Low - high) |
|
Definition
- (Low) Observation, Inquiry
- (Medium) Documents, confirmation, analytical procedures, scanning
- (High) Physical assets, reperformance, mathematical recalculation
|
|
|
Term
| Factors influencing degree of reliance on controls |
|
Definition
|
|
Term
| Name the 5 COSO Internal Control Components |
|
Definition
- Control environment
- Entity's risk assessment process
- Control Activities
- Information and communications
- Monitoring of controls
|
|
|
Term
| (COSO) 7 Factors affecting the control environment |
|
Definition
- Communication and enforcement of integrity and ethical values
- A commitment to competence
- Participation of those charged with governance
- Management's philosophy and operating style
- Organizational structure
- Assignment of authority and responsibility
- Human resource policies and practices
|
|
|
Term
| (COSO) 9 Factors affecting an entity's risk assessment process |
|
Definition
- Changes in the operating environment
- New personnel
- New or revamped information systems
- Rapid growth
- New technology
- New business models, products, or activities
- Corporate restructurings
- Expanded international operations
- New accounting pronouncements
|
|
|
Term
| (COSO) 5 Information system and communication factors |
|
Definition
- Identify and record all valid transactions
- Describe on a timely basis the transactions in sufficient detail to permit proper classification of transactions for financial reporting
- Measure the value of transactions properly
- Determine the time period in which transactions occurred (proper accounting period)
- Properly present the transactions and related disclosures in the financial statements
|
|
|
Term
| (COSO) 4 types of control activities |
|
Definition
- Performance reviews
- Information processing controls
- Physical controls
- Segregation of duties
|
|
|
Term
| (COSO) Components of effective monitoring (3) |
|
Definition
- Establish a baseline for control effectiveness
- Design and execute monitoring procedures that are based on the significance of business risks relative to the entity's objectives
- Assessing and reporting results, including follow-up on corrective actions
|
|
|
Term
| 4 Steps in substantive analytical procedures |
|
Definition
- Develop an expectation
- Define a tolerable difference
- Compare the expectation to the recorded amount
- Investigate differences greater than the tolerable difference
|
|
|
Term
| Who sets standards for audits of public companies and who for nonpublic companies |
|
Definition
- PCAOB (Public Company Accounting Oversight Board) for public companies
- ASB (Auditing Standards Board) for nonpublic companies
|
|
|
Term
| Business Risks that the auditor considers when developing an understanding of the entity's objectives and strategies |
|
Definition
- Industry developments
- New products and services
- Expansion of the business
- New accounting requirements
- Regulatory requirements
- Current and prospective financing requirements
- Use of IT
- Effects of implementing a strategy, particularly any effects that will lead to new accounting requirements
|
|
|
Term
|
Definition
- Known - No uncertainty
- Likely - Differences between management's and the auditor's judgments OR likely to exist based on an extrapolation from audit evidence
|
|
|
Term
| 3 Conditions generally present when fraud exists |
|
Definition
- Pressure / Incentive
- Opportunity
- Rationalization / Attitude
|
|
|
Term
|
Definition
- misappropriation of assets
- Fraudulent financial reporting
|
|
|
Term
| Which kind of evidence does the auditor typically rely on, persuasive or convincing? and Why? |
|
Definition
Persuasive. Why?
- Because audit must be completed in a reasonable amount of time and at a reasonable cost
- due to the nature of the evidence, it is not perfectly reliable
|
|
|
Term
| Describe the sufficiency and appropriateness of evidence |
|
Definition
|
|
Term
| What goes in the permanent file? |
|
Definition
- Copies of the corporate charter
- chart of accounts
- organizational chart
- accounting manual
- copies of important contracts
- documentation of internal control (flowcharts)
- Terms of stock and bond issues
- Prior years' analytical procedure results
|
|
|
Term
| What goes in the current file? |
|
Definition
- Copy of financial statements and auditor's report
- Audit plan and audit programs
- Copies of minutes of important committee meetings
- Working trial balance
- Adjusting and reclassification journal entries
- Working papers supporting financial statement accounts
|
|
|
Term
| Difference between a working trial balance and a lead schedule |
|
Definition
- Trial balance would contain only one line for "cash and cash equivalents" and the
- "C Lead" schedule would list all general ledger cash accounts
|
|
|
Term
|
Definition
| During substantive analytical procedures, auditors may find that differences between the expectation and the recorded amount exist. When greater than the tolerable difference, the auditor should quantify the portion of the difference that can be explained |
|
|
Term
|
Definition
| During substantive analytical procedures, auditors must corroborate explanations for unexpected differences (between expectation and recorded amount) by obtaining sufficient appropriate audit evidence linking the explanation to the difference and substantiating that the information supporting the explanation is reliable |
|
|
Term
| What is the purpose of final analytical procedures? |
|
Definition
(1) to judge the adequacy of the evidence gathered to support any unusual or unexpected balances investigated during the audit
(2) determine if any other unusual balances or relationships have not been investigated |
|
|
Term
| Describe the "Assurance bucket" |
|
Definition
The size of the assurance bucket depends on how much assurance is desired for an assertion. The bucket is filled with evidence that is drawn from the following tests (in order):
- Risk assessment procedures
- Tests of controls
- Substantive analytical procedures
- Remaining assurance needed from tests of details
|
|
|
Term
| Potential benefits of an entity's internal control from IT |
|
Definition
- Consistent application of predefined business rules
- Performance of complex calculations in processing large volumes of transactions or data
- Enhancement of the timeliness, availability, and accuracy of information
- Facilitation of additional analysis of information
- Reduction in the risk that controls will be circumvented
- Enhancement of the ability to achieve effective segregation of duties
|
|
|
Term
| Potential Risks of an entity's internal control from IT |
|
Definition
- Reliance on systems or programs that inaccurately process data, process inaccurate data, or both
- Unauthorized access to data that may result in destruction of data or improper changes to data
- Unauthorized changes to data in master files
- Unauthorized changes to systems or programs
- Failure to make necessary changes to systems or programs
- Inappropriate manual intervention
- Potential loss of data
|
|
|
Term
| Control activities related to occurrence (3) |
|
Definition
- Segregation of duties
- Prenumbered documents that are accounted for
- Daily or monthly reconciliation of subsidiary records with independent review
|
|
|
Term
| Control procedures related to completeness (3) |
|
Definition
- Prenumbered documents that are accounted for
- Segregation of duties
- daily or monthly reconciliation of subsidiary records with independent review
|
|
|
Term
| Control procedures related to accuracy (2) |
|
Definition
- Internal verification of amounts and calculations
- Monthly reconciliation of subsidiary records by an independent person
|
|
|
Term
| Control procedures related to authorization (1) |
|
Definition
- General and specific authorization of transactions at important control points
|
|
|
Term
| Control procedures related to cutoff (2) |
|
Definition
- Procedures for prompt recording of transactions
- Internal review and verification
|
|
|
Term
| Control procedures related to classification (2) |
|
Definition
- Chart of accounts
- Internal review and verification
|
|
|
Term
| 3 Limitations of an entity's internal control |
|
Definition
- Management override
- Human errors or mistakes
- Collusion
|
|
|
Term
| To set control risk below the maximum, the auditor must: |
|
Definition
- Identify specific controls that will be relied upon
- Perform tests of controls
- Conclude on the achieved level of control risk
|
|
|
Term
|
Definition
| exists in internal controls when the design or operation of a control does not allow management or employees, in the normal course of performing their assigned functions, to prevent, or detect and correct, misstatements on a timely basis |
|
|
Term
|
Definition
| a deficiency, or combination of deficiencies, in internal control, such that there is a reasonable possibility that a material misstatement of the entity's financial statements will not be prevented, or detected and corrected, on a timely basis |
|
|
Term
|
Definition
| a deficiency, or a combination of deficiencies, in internal control that is less severe than a material weakness, yet important enough to merit attention by those charged with governance |
|
|
Term
| 4 types of general controls |
|
Definition
- Data center and network operations
- System software acquisition, change, and maintenance
- Access security
- Application system acquisition, development, and maintenance
|
|
|
Term
| 2 broad categories of information systems control activities |
|
Definition
- General controls
- Application controls
|
|
|
Term
|
Definition
| relate to the overall information processing environment and have a pervasive effect on the entity's computer operations |
|
|
Term
|
Definition
| apply to the processing of specific computer applications and are part of the computer programs used in the accounting system |
|
|
Term
| 5 categories of application controls |
|
Definition
- Data capture controls
- data validation controls
- processing controls
- output controls
- error controls
|
|
|
Term
| 7 Common data validation controls |
|
Definition
- Limit test
- Range test
- Sequence check
- Existence test
- Field Test
- Sign test
- Check-digit verification
|
|
|
