Chapter 5: Internal Control over Financial Reporting
1. Internal control is a process designed to guarantee the achievement of the objectives of reliable financial reporting, compliance with laws and regulations and ineffective and inefficient operations.
FALSE
2. Auditing standards require that the auditor exercise professional judgment and maintain professional skepticism throughout the planning and performance of the audit.
TRUE
3. If internal controls are not enforced they are useless and can lead to waste and fraud.
TRUE
4. If an organization is too lenient in its treatment of employees who committed fraud, the control environment will be seen as stronger than if the treatment were harsher.
FALSE
5. Weakness
…show more content…
FALSE 29. When control risk is assessed at a minimum level, the auditor assumes that the internal controls are reliable in preventing or detecting material misstatements.
TRUE
30. Performing a walk-through provides an auditor an understanding of the nature of processing in important accounting applications.
TRUE
31. The payroll department should be responsible for signing payroll checks.
FALSE
32. A strong control environment can reduce all the financial reporting risks to zero.
FALSE
33. The auditor 's preliminary assessment of control risk is based on an understanding of the control system as it has operated in the past and is designed to operate.
TRUE
34. When control risk is assessed at less than maximum, the auditor must gain assurance that the control procedures are effective.
TRUE
35. The auditor is obligated to report significant deficiencies in the control structure discovered during an audit to the audit committee or its equivalent.
TRUE
36. One of the advantages of a computerized accounting system is that the computerized system eliminates the need for internal controls.
FALSE
37. Transaction-oriented controls should be tested using the guidelines developed for attribute testing utilizing statistical sampling techniques.
TRUE
38. Control risk can be evaluated on a scale from high to low.
TRUE
39. Testing internal control for effectiveness is done in every audit.
FALSE
40.
Control risk associated with the audit also appears to be moderate based on the findings from interim audit procedures conducted in July and August 2007. The controls in place were found to be effective.
Stage 2: Test of internal controls - By testing the effectiveness of the internal controls the auditor can determine the control risk that lies within the company. The audit team can perform tests of controls by making inquiries of appropriate client personnel, examining documents, records, and reports maintained by Smackey, observing control-related activities such as the one done for the inventory procedures for returned Best Boy Gourmet dog food, and re-perform the client procedures.
The chances of failures can be decreased by executing the checks on the systems. These keep an eye on the systems preventing risks from occurring, and these checks are avoided as the interior controls. The motivation behind the inner controls is to keep the organization safe from risks associated with the modernized accounting-system risks. Organizations change their manual accounting systems to computerized accounting systems for different reasons, this incorporates the points of interest, and the explanation behind utilizing electronic accounting information is instinct. The organizations embrace the policies of their
With every internal control weakness a company needs to identify either a control policy or control procedure that will help prevent error or fraud from occuring in the future. Based on my suggestions as to what weaknesses existed at Goodner Brothers, Inc. I have suggested the policies or procedures that could be implemented to help prevent future issues. The internal control I would implement to hinder employee access to the accounting system would be to secure all computer programs with individual usernames and passwords to prevent access from others. The bookkeeper should be the only employee with access to the accounting system and to test this procedure the company would need to try and access the software without a username and password. To monitor the storage warehouse situation, the company should install computer scanning systems and video cameras at each location to supervize whether tires are being scanned in and out upon delivery and pick-up and to determine who and when these transactions are taking place. Semi-annual reviews should be conducted by sales managers to evaluate their sales representative. In addition, strengthening the tone at the top mentality should lie in the hands of each owner by personally reviewing all sales managers to create a top down effect.
To conduct the audit, the firm must acquire sufficient understanding of the internal control processes to help determine the nature and timing of the audit. However, the audit is not designed to identify deficiencies in internal control or provide assurance. The firm will make the audit committee aware of any significant deficiencies that come to Anderson, Olds, and Watershed’s attention during the audit.
Auditors have the responsibilities as well as management to report internal controls. The auditors must examine closely management’s claim of effectiveness and also physically test the controls. After the examination, the auditors should express their opinion and any recommendations to fix any internal control weaknesses.
Due to the fact that auditors perform the interim procedures over the operating effectiveness testing in all of the three risks, auditors are required by PCAOB to perform the roll-forward of controls. Depending on some factors, auditors should consider the nature, length and extent of the roll-forward procedures. A specific
Potential for misstatement & fraud: Compliance with the established procedures and controls were found to be ineffective. The fraud reporting process, technically put in place does not serve its intended purpose. The ineffective control environment has created an attitude and tone across the company where errors and inappropriate behavior may be seen as acceptable, thus creating opportunity for concealing fraud and potential misstatements.
B) I think the auditors should have equal responsibility for detecting material misstatements due to error and fraud. It’s their job to make sure the financial statements are as accurate as possible. Although it may be hard to check all the information from a company it’s the responsibility of the auditor to sign off that everything is in check.
When testing of internal controls indicates that there may be significant deficiencies, then the auditor
Internal controls prevent errors and irregularities from happening. If errors or irregularities do happen to occur internal controls will help ensure that they are detected in a timely manner. Internal controls also encourage adherence to prescribe policies and procedures. Internal control are also put into place in order to protect employees by outlining tasks and responsibilities, providing checks and balances, and also from being accused of misappropriations, errors and irregularities.
The auditor must obtain an understanding of the entity and its environment, including internal controls, so that they can identify and assess the risks of material misstatement on financial statements due to fraud or error and design and perform further audit procedures.
Field Work Standard #2 : The auditor must obtain a sufficient understanding of the entity and its environment, including its internal control, to assess the risk of material misstatement of the financial statements whether due to error or fraud, and to design the nature, timing, and extent of further audit procedures (AICPA). Enron had no procedure for internal controls. Therefore, Anderson could not have sufficient understanding of the internal controls.
Auditors having the appropriate competence and capabilities to perform the audit, and follow ethical requirements, and maintain professional skepticism throughout the audit.
Section 404 requires public companies to establish internal controls and report annually on their effectiveness over financial reporting. The CFO and CEO are held personally responsible for the internal controls via the requirement to sign a statement certifying the adequacy of the internal control system (Moffett and Grant, 2011, p. 3). Additionally, the company’s independent auditor must issue an attestation regarding management’s assessment of the internal structure as part of the company’s annual report (Bloch, 2003, p. 68).