The auditor assesses control risk in order to determine whether substantive tests can be reduced based on the reliability of the entity's internal controls. Tests of controls are performed to evaluate the effectiveness of key controls and obtain reasonable assurance that controls are operating as intended. The management letter is used to document recommendations to the client based on observations made during the audit regarding internal controls and processes.
The auditor assesses control risk in order to determine whether substantive tests can be reduced based on the reliability of the entity's internal controls. Tests of controls are performed to evaluate the effectiveness of key controls and obtain reasonable assurance that controls are operating as intended. The management letter is used to document recommendations to the client based on observations made during the audit regarding internal controls and processes.
The auditor assesses control risk in order to determine whether substantive tests can be reduced based on the reliability of the entity's internal controls. Tests of controls are performed to evaluate the effectiveness of key controls and obtain reasonable assurance that controls are operating as intended. The management letter is used to document recommendations to the client based on observations made during the audit regarding internal controls and processes.
Internal controls are not designed to provide reasonable
assurance that All frauds will be detected. Transactions are executed in accordance with management’s authorization. Access to assets is permitted only in accordance with management’s authorization. Company personnel comply with applicable rules and regulations. 33.Which of the following statements is correct with respect to separation of duties? Employees should not have temporary and permanent custody of assets. It is desirable to prevent employees who authorize transactions from having custody of related assets. It is permissible to allow an employee to open cash receipts and record those receipts. None of the above is correct. 34.Which of the following would contribute most to the safeguarding of assets? Access to computer facilities and records is limited to authorized personnel. Training programs are conducted to develop competence of newly hired personnel. Control and subsidiary accounts are reconciled on a regularly scheduled basis. Blank stock of all purchase orders and sales invoices are prenumbered. 35.The single most effective procedures established to avoid allowing any person to be in a position to perpetrate and then conceal errors or fraud is Establish an internal audit department. Require each employee to take a vacation each year. The separation of the functional responsibilities, custodianship, record keeping, operations and authorization. Require the bonding of personnel in positions that necessitate handling of cash and other universally desirable valuables. 36.Which of the following deal with ongoing or periodic assessment of the quality of internal control by management? Quality control activities Monitoring activities Oversight activities Management activities 37.Which of the following activities would be least likely to strengthen a company’s internal control? Separating accounting from other financial operations. Maintaining insurance for fire and theft. Fixing responsibility for the performance of employee duties. Carefully selecting and training employees. 38.An auditor assess control risk because it Is relevant to the auditor’s understanding of the control environment. Provides assurance that the auditor’s materiality levels are appropriate. Indicates to the auditor where inherent risk may be the greatest. Affects the level of detection risk that the auditor may accept. 39.The auditor most likely assess control risk at a high level when It would be efficient to perform test of control. The entity’s accounting and internal control systems are not reliable. The auditor wishes to rely on the entity’s accounting and internal control systems. The auditor wants to restrict substantive tests. 40.Control testing is performed in order to determine whether or not The assessed level of control risk can be reduced Necessary controls are absent. Incompatible functions exist. Material peso errors exist. 41.Tests of controls are directed toward the control’s Efficiency Effectiveness Efficiency and effectiveness. Cost benefit ratio. 42.Which of the following audit tests would be regarded as a test of controls? Comparison of the inventory pricing to vendor’s invoices. Tests of the signatures on canceled checks to board of director’s authorization. Tests of the additions to property, plant and equipment by physical inspection. Review of the specific items making up the balance in a given general ledger account. 43.Before assessing control risk at a level lower than the maximum, the auditor obtains reasonable assurance that controls are use and operating effectively. This assurance is most likely obtained in part by Preparing flowcharts. Performing substantive tests. Inspection of documents. Analyzing tests of threads and ratios. 44.During the consideration of internal control in a financial statement audit, an auditor is not obliged to Search for a significant deficiencies in the operation of the internal control. Understand the internal control and the information system. Determine whether the control activities relevant to the audit planning have been implemented. Perform procedures to understand the design of internal control. 45.The management letter is used To allow management to corroborate oral representations to the auditor. To confirm the terms of the audit engagement. To document the auditor’s consideration of internal controls. To make recommendations to the client based on observations made during the audit
Guide: SOC 2 Reporting on an Examination of Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy