Internal Control Quiz

Questions and Answers

Which of the following is a major audit planning activity?

Performing Preliminary Analytical Procedures

Obtaining an understanding of the client and its environment

Assessing the possibility of non-compliance

Developing the overall audit strategy (correct)

What does RAP stand for in the context of audit procedures?

Risk Assessment Procedures (correct)

Regulatory Analysis Process

Rapid Audit Program

Related Audit Planning

Which of the following is NOT a component of obtaining an understanding of the client and its environment?

The entity's accounting policies

The entity's financial performance

Industry, regulatory and other external factors

Measurement and review of the entity's financial performance (correct)

What does 'non-compliance' refer to in the context of auditing?

Acts of omission or commission by the client being audited

Which of the following is NOT a category of RAP procedures?

Materiality assessment

What is the purpose of developing an overall audit strategy?

To reduce audit risk to an acceptably low level

What is the purpose of preparing a Preliminary Audit Program?

To outline the planned audit procedures

Which of the following is NOT a reason why controls don't work?

Placement of controls

What is the first step in the study and evaluation of internal controls?

Obtain and document understanding of the control structure

What does PSA 315 require auditors to do?

Obtain an understanding of the client's internal control system

When should the auditor perform tests of controls?

When the assessed control risk is high

What is the nature of tests of control?

Inquiry of client personnel

When should control risk be assessed as high?

All of the above

What should the auditor do to address risks?

All of the above

How should the auditor communicate weaknesses in the internal control system?

Through a management letter

What is the expected learning outcome after studying this module?

All of the above

Which one of these is NOT a category of objectives that internal control is designed to achieve?

Protection against fraud

What does an internal control system consist of?

All of the above

Which one of these is NOT an element of the control environment?

Monitoring of controls

What does commitment to competence refer to?

The knowledge and skills needed to accomplish tasks

What is risk assessment?

The identification and analysis of relevant risks to achievement of objectives

Which one of these is NOT a component of information and communication control?

Communication of control responsibilities

What do policies as means of control refer to?

Clearly stated policies in writing, systematically organized and communicated

Which one of the following statements about materiality is true?

Materiality is a measure of the extent to which financial statements are free from error.

Which of the following is true about the relationship between tolerable misstatement and audit procedures?

The lower the tolerable misstatement, the more extensive the required audit procedures.

What is the purpose of performing analytical procedures during the planning stage of an audit?

To enhance the auditor's understanding of the client's business and industry.

When determining the need to use the work of an auditor's expert, what factors should the auditor consider?

The engagement team's knowledge and previous experience, the risk of material misstatement, and the quantity and quality of other audit evidence.

What factors are considered when establishing the overall audit strategy?

The scope, timing, and focus of the engagement.

What does the scope of an audit engagement include?

The financial reporting framework, industry-specific reporting requirements, and expected audit coverage.

What does the focus of an audit engagement include?

Audit areas where there is a higher risk of material misstatement, selection of the engagement team, and engagement budgeting.

Which of the following is NOT a major audit planning activity?

Identifying related parties

What is the purpose of risk assessment procedures (RAP)?

To obtain an understanding of the entity and its environment

What does 'non-compliance' refer to in the context of auditing?

Acts of omission or commission by the entity being audited that are contrary to prevailing laws or regulations

What does an internal control system consist of?

Nature of the entity and its operations

What is the purpose of performing preliminary analytical procedures during the planning stage of an audit?

To understand the client and its environment

Which of the following is NOT a category of risk assessment procedures (RAP)?

Sampling procedures

What does the overall audit strategy involve?

Developing the detailed audit plan

Which one of the following is NOT a component of internal control?

Information System and Related Business Processes

Which one of the following is NOT an element of the control environment?

Performance Review

Which one of the following is NOT a condition that may increase risk?

Improved Internal Controls

Which one of the following is NOT a component of information and communication control?

Physical Controls

Which one of the following is NOT a component of control activities?

Risk Assessment

Which one of the following is NOT a limitation of internal control?

Internal control is not necessary for small businesses

Which one of the following is NOT a component of policies as means of control?

Effectively communicated to the staff

Which of the following statements about materiality is true?

Materiality is a concept that recognizes that auditors work within constraints of time and cost.

What is the purpose of performing analytical procedures during the planning stage of an audit?

To enhance the auditor's understanding of the client, its business, and the industry in which the client operates.

When determining the need to use the work of an auditor's expert, what factors should the auditor consider?

The risk of material misstatement based on the nature, complexity, and materiality of the matter being considered.

What factors are considered when establishing the overall audit strategy?

All of the above.

What is the purpose of preparing a Preliminary Audit Program?

To list the procedures used to gather sufficient appropriate audit evidence.

What does the scope of an audit engagement include?

All of the above.

What does the focus of an audit engagement include?

All of the above.

Which one of these is NOT a step in the study and evaluation of internal controls?

Determine the nature, timing, and extent of substantive tests

Which one of these is NOT a nature of tests of control?

Inspection

Which one of these is NOT a substantive test procedure?

Inquiry of client personnel

Which one of these is NOT a reason why control risk should be assessed as high?

Internal control elements are not present

Which one of these is NOT an overall response to address risks?

Reduce the level of audit evidence required

Which one of these is NOT a component of communication of weaknesses in the internal control system?

Communicating weaknesses verbally to management

Which one of these is NOT a learning outcome after studying this module?

Defining internal controls

Which one of these is NOT a component of the control environment?

Risk assessment

Which one of these is NOT a reason why controls don't work?

Lack of complexity

True or false: The lower the tolerable misstatement, the less extensive the required audit procedures.

False

True or false: Analytical procedures are only required to be performed in the planning stage of the audit.

False

True or false: The primary objective of performing analytical procedures in the planning stage of the audit is to identify areas of potential risk of material misstatements.

True

True or false: When determining the need to use the work of an auditor's expert, the auditor should evaluate the professional competence of the expert.

True

True or false: The establishment of the overall audit strategy involves determining the reporting objectives of the engagement.

True

True or false: The scope of an audit engagement includes the availability of the work of internal auditors.

True

True or false: An audit program is a list of procedures used to gather sufficient appropriate audit evidence.

True

True or false: Planning an audit involves establishing the overall audit strategy for the engagement and developing a detailed audit plan, in order to reduce audit risk to an acceptably low level.

True

True or false: Risk Assessment Procedures (RAP) are designed to obtain an understanding of the entity and its environment, including the client's internal control.

True

True or false: Assessing the possibility of non-compliance refers to acts of omission or commission by the entity being audited, either intentional or unintentional, which are contrary to the prevailing laws or regulations.

True

True or false: RAP procedures include inquiries, observation and inspection, and analytical procedures.

True

True or false: Obtaining an understanding of the client and its environment requires an understanding of the industry, regulatory and other external factors, as well as the entity's accounting policies and objectives.

True

True or false: Materiality is established during the planning stage of an audit to determine the level of misstatement that could influence the economic decisions of users.

True

True or false: The overall audit strategy involves developing a detailed audit plan and preparing a preliminary audit program.

False

True or false: Internal control is a process designed to provide reasonable assurance regarding the achievement of objectives in the categories of effectiveness and efficiency of operations, reliability of financial reporting, and compliance with applicable laws and regulations.

True

True or false: An internal control system consists of all the policies and procedures adopted by the management of an entity to assist in achieving management’s objective of ensuring the orderly and efficient conduct of its business.

True

True or false: The control environment is the foundation for all other components of internal control, providing discipline and structure.

True

True or false: Commitment to competence reflects the knowledge and skills needed to accomplish tasks that define the individual’s job.

True

True or false: Risk assessment is the identification and analysis of relevant risks to achievement of the company’s objectives.

True

True or false: Policies should be clearly stated in writing, systematically organized into handbooks, manuals, or other publications, and properly approved.

True

True or false: Internal control can ensure that all frauds will be detected.

False

True or false: The potential for human error is one of the reasons why controls may not work effectively.

True

True or false: Controls should be positioned before an expensive part of the project.

True

True or false: The auditor is required to obtain an understanding of the client's internal control system.

True

True or false: The auditor should make a preliminary assessment of control risk at the assertion level.

True

True or false: Tests of controls are performed when the auditor expects controls to be operating effectively.

True

True or false: Substantive procedures are performed for each material class of transactions, account balances, and disclosures.

True

True or false: Control risk should be assessed as high if policies and procedures are not pertaining to an assertion.

True

True or false: The auditor should communicate material weaknesses in the design or operation of the internal control system.

True

True or false: The students are expected to discuss the systematic approach in the study and evaluation of client's internal control system.

True

Study Notes

Audit Planning Activities

• Determining the overall audit strategy involves establishing the reporting objectives of the engagement and developing a detailed audit plan to reduce audit risk to an acceptably low level.
• Preparing a Preliminary Audit Program (PAP) involves listing procedures to gather sufficient appropriate audit evidence.
• Developing an overall audit strategy involves understanding the entity and its environment, including the client's internal control.

Understanding the Client and Its Environment

• Obtaining an understanding of the client and its environment requires an understanding of the industry, regulatory and other external factors, as well as the entity's accounting policies and objectives.
• Non-compliance refers to acts of omission or commission by the entity being audited, either intentional or unintentional, which are contrary to the prevailing laws or regulations.

Internal Control

• An internal control system consists of all the policies and procedures adopted by the management of an entity to assist in achieving management's objective of ensuring the orderly and efficient conduct of its business.
• The control environment is the foundation for all other components of internal control, providing discipline and structure.
• Commitment to competence reflects the knowledge and skills needed to accomplish tasks that define the individual's job.
• Internal control is a process designed to provide reasonable assurance regarding the achievement of objectives in the categories of effectiveness and efficiency of operations, reliability of financial reporting, and compliance with applicable laws and regulations.

Risk Assessment

• Risk assessment is the identification and analysis of relevant risks to achievement of the company's objectives.
• Risk Assessment Procedures (RAP) are designed to obtain an understanding of the entity and its environment, including the client's internal control.
• RAP procedures include inquiries, observation and inspection, and analytical procedures.
• When determining the need to use the work of an auditor's expert, the auditor should evaluate the professional competence of the expert.

Control Activities

• Policies as means of control refer to clearly stated written policies, systematically organized into handbooks, manuals, or other publications, and properly approved.
• The control environment, risk assessment, control activities, information and communication, and monitoring are the components of internal control.
• Controls may not work effectively due to human error or other reasons.

Tests of Controls

• Tests of controls are performed when the auditor expects controls to be operating effectively.
• The nature of tests of control is to evaluate the operating effectiveness of controls.
• Control risk should be assessed as high if policies and procedures are not pertaining to an assertion.

Substantive Procedures

• Substantive procedures are performed for each material class of transactions, account balances, and disclosures.
• Analytical procedures are performed during the planning stage of an audit to identify areas of potential risk of material misstatements.

Communication of Weaknesses

• The auditor should communicate material weaknesses in the design or operation of the internal control system.
• The auditor should address risks by designing and performing audit procedures to respond to the assessed risks.

Materiality

• Materiality is established during the planning stage of an audit to determine the level of misstatement that could influence the economic decisions of users.
• The lower the tolerable misstatement, the less extensive the required audit procedures.

Description

Test your knowledge on internal control with this quiz! Learn about the key objectives and components of internal control, and assess your understanding of its role in ensuring operational effectiveness, reliable financial reporting, and compliance.