Assignment Problems
Rename your file with your first name, last name, and "HW7." Reminder - I do not allow direct quotes in student's work in this class. You need to paraphrase and cite your outside sources. "Outside sources" do not include the text and so you don't need to cite it. Type your answers into this document, rename it, and upload it to the Homework assignment for Week7.
1. Briefly describe how each of the following factors might affect the strength of an auditee's control environment. Your descriptions should be clear on how each factor reduces the risk of material misstatement in a set of financial statements.
Hint: The main thing is to answer the question and be clear on how each factor improves the control environment and not just state that it does. Some of the ways these factors improve the control environment may seem obvious, but I want you to state the reasons anyway. Also, since auditors focus in the accuracy of financial statements more than operational efficiencies, I want you to focus on threats to financial statement accuracy and completeness in your answers.
a) Perceived value of controls by management
b) Clearly defined lines of authority
c) Formal policies and procedures
d) Adequate personnel with proper incentives
e) Documentation
f) Adequacy of control procedures and control monitoring
1. Read the following mini-case; and identify a control weakness; and recommend control procedure change or addition that should be made to the client's control system to mitigate the weakness. Make sure your description of the weakness is clear about why it is a weakness by addressing how it increases the risk of material misstatement in the financial statements.
One day before Thanksgiving, Jane was giving Mike a tour of her firm's data processing facilities. The facility was located on the top floor of the firm's headquarters in an interior room that did not have any windows. Jane was a systems analyst for the firm and had been in the data processing room on several occasions with others, but had not been given the access code needed to enter the room. As they approach the door, Jane quickly entered the correct access code and the two entered the room. Mike asked Jane how she knew the code and she replied that the code was the owner's birth date and hadn't been changed in years.
As they entered the room, they saw a group of people hectically working at a terminal. Mike wanted to know what was so urgent, and so Jane asked the people involved, who she knew very well. The group consisted of a programmer, another systems analyst, and one of the computer operators. They were working to complete corrections to the firm's payroll system, which had failed the day before. They wanted to complete the corrections that day so that they could take Thanksgiving off to be with their families. The operator, however, was scheduled to work Thanksgiving day anyway since the firm always had one operator on duty to maintain systems that needed to run 24/7.
Jane showed Mike around the facility and just before they left, they heard a loud "hurrah" from the group working on the payroll system. Jane asked them what had happened and they excitedly told her that they had fixed the payroll program. However, since it was getting late, they were going to implement the changes after only testing them with a limited set of test data. They felt that since the operator would be working Thanksgiving and the day after, when the weekly payroll was run, he could fix any bugs they had not detected with their test data. To make sure the operator could do so, they were going to leave the source code (hard copy and uncompiled version of the software) with the operator so he could make any needed changes. Also, since backup copies of the data and software were kept in the facility, the operator should have all the resources he needed to run the new program and fix any problems without the programmer or analyst having to come in over the holiday. Both the programmer and analyst, however, agreed to be "on call" if the operator ran into any problems he couldn't handle.
Hint: The text describes a variety of recommended control procedures for an IT environment. Apply that material to this case by looking for activities that don't fit the text's recommendations and then recommend corrections. Make sure your answer is specific to this case and your description is clear about how the weakness will increase the risk of material misstatement in the financial statements.
1. The following are several multiple choice questions adapted from the CPA or each question, selected the best answer and then explain why it is better than all the alternatives. Your explanations should address all the possible alternatives presented in the question.
a. The auditor looks for an indication on duplicate sales invoices to see whether the accuracy of invoices has been verified. This is an example of
i. a test of details of balances.
ii. a test of control.
iii. a substantive test of transactions
iv. both a test of control and a substantive test of transactions
Hint: You need to be careful to precisely apply the definitions here and stick to the specifics of the procedure. Tests of controls test processes and procedures that affect the likelihood of errors while tests of transactions test for errors directly. Tests of balances test balances directly by looking at the items that make up the balances.
1.
a. A conceptually logical approach to the auditor's evaluation of internal controls consists of the following four steps:
I. Determining the internal controls that should prevent or detect errors or fraud
II. Identifying control deficiencies to determine their effect on the nature, timing, or extent of auditing procedures to be applied and suggestions to be made to the client.
III. Determining whether the necessary internal control procedures and are prescribed and being followed satisfactorily.
IV. Considering the types of errors and fraud that can occur.
What should be the order in which these four steps are performed?
i. I, II, III, IV
ii. I, III, IV, II
iii. III, IV, I, II
iv. IV, I, III, II
Hint: This is a fairly straight-forward question that can be answered based on the text's description of the order in which these steps are taken. However, you will also need to review the logic behind the ordering to provide a sufficient explanation.
a. A material weakness in internal control represents a control deficiency that:
i. more than remotely adversely affects a company's ability to initiate, authorize, record, process, or report external financial statements reliably.
ii. Results in a reasonable possibility that internal controls will not prevent or detect material financial statement misstatements.
iii. exists because a necessary control is missing or not properly designed.
iv. reduces the efficiency and effectiveness of the entity's operations.
Hint: As with most CPA exam questions, you need to be very precise in using the terms and concepts. Find the answer that most closely matchings the formal definition of a material weakness from the text. Then use differences between that formal definition and the alternatives to rule select one and rule the others out. When ruling out alternatives, be clear on how the alternative differs from the formal definition.
a. As the design of general IT controls weaken, the auditor is most likely to:
i. reduce testing of automated application controls done by the computer.
ii. increase testing of general IT controls to conclude whether they are operating effectively.
iii. expand testing of automated application controls used to reduce control risk rto cover greater portions of the fiscal year under audit.
iv. ignore obtaining knowledge about the design of general IT controls and whether they have been implemented.
Hint: This question focuses on the evaluation of the design of controls versus their application and the effect of a weak design on testing their application. It is placed in an IT environment, but the general principles apply to manual controls as well.
a. The auditor faces a risk that the audit will not detect material misstatements that occur in the accounting process. To minimize this risk, the auditor relies primarily on:
i. substantive tests
ii. tests of controls
iii. internal control
iv. statistical analysis
Hint: The question focuses on what the audit will detect or not and thus you need to focus on procedures that related to components of the audit risk model that auditors can control.