Seatwork #3
Segregation of incompatible functions is necessary
1. In general, a material weakness in internal
control may be defined as a condition in which
material errors or irregularities may occur and
not be detected within a timely period by
a. An independent auditor during tests of controls.
b. Employees in the normal course of performing their
assigned functions.
c. Management when reviewing interim financial
statements and reconciling account balances.
d. Outside consultants who issue a special-purpose
report on internal control structure.
2. Internal control procedures are not designed
to provide reasonable assurance that
a. Transactions are executed in accordance with
management's authorization.
b. Irregularities will be eliminated.
c. Access to assets is permitted only in accordance
with management's authorization.
d. The recorded accountability for assets is compared
with the existing assets at reasonable intervals.
3. Which of the following is the correct order for
performing the auditing procedures A through C
below?
A = Tests of controls
B = Preparation of a flowchart depicting the
client's internal control structure
C = Substantive tests
a. ABC.
b. ACB.
c. BAC.
d. BCA.
4. A secondary purpose of the auditor's
consideration of internal control is to provide
a. A basis for constructive suggestions about
improvements in internal control structure.
b. A basis for assessing control risk.
c. An assurance that the records and documents have
been maintained in accordance with existing
company policies and procedures.
d. A basis for the determination of the resultant extent
of the tests to which auditing procedures are to be
restricted.
5. When considering internal control, an auditor
must be aware of the concept of reasonable
assurance, which recognizes that
a. Employment of competent personnel provides
assurance that the objectives of internal control will
be achieved.
b. Establishment and maintenance of internal control is
an important responsibility of the management and
not of the auditor.
c. Cost of internal control procedures should not
exceed the benefits expected to be derived from the
control.
d.
to ascertain that the control procedures are effective.
6. After considering a client's internal control, an
auditor has concluded that the system is well
designed and is functioning as anticipated.
Under these circumstances, the auditor would
most likely
a. Cease to perform further substantive tests.
b. Not increase the extent of planned substantive tests.
c. Increase the extent of anticipated analytical
procedures.
d. Perform all tests of controls to the extent outlined in
the preplanned audit program.
7. The primary purpose of the auditor's
consideration of internal control is to provide a
basis for
a. Determining whether procedures and records that
are concerned with the safeguarding of assets are
reliable.
b. Constructive suggestions to clients concerning
deficiencies in internal control.
c. Determining the nature, timing, and extent of audit
tests to be applied.
d. The expression of an opinion.
8. The purpose of tests of controls is to provide
reasonable assurance that the
a. Accounting treatment of transactions and balances is
valid and proper.
b. Control procedures are functioning as intended.
c. Entity has complied with disclosure requirements of
GAAP.
d. Entity has complied with requirements of quality
control.
9. The auditor's review of the client's internal
control is documented in order to substantiate
a. Conformity of the accounting records with GAAP.
b. Compliance with generally accepted auditing
standards.
c. Adherence to requirements of management.
d. The fairness of the financial statement presentation.
10. After consideration of a client's internal
control, an auditor might decide to
a. Increase the extent of substantive testing in areas
where the control structure is strong.
b. Reduce the extent of tests of controls in areas where
the controls are strong.
c. Reduce the extent of both substantive tests and
tests of controls in areas where the controls are
strong.
d. Increase the extent of substantive testing in areas
where the controls are weak.
11. After documenting internal control in an audit
engagement, the auditor may perform tests on
a. Those controls that the auditor plans to rely on.
b. Those controls in which deficiencies were identified.
c. Those controls that have a material effect on the 18. The accountant's report expressing an
financial statement balances. opinion on an entity's internal controls should
d. A random sample of the controls that were reviewed. state that the
a. Establishment and maintenance of internal control is
12. The auditor is examining copies of sales the responsibility of management.
invoices only for the initials of the person b. Objectives of the client's internal controls are being
responsible for checking the extensions. This is met.
an example of a c. Consideration of the internal controls was conducted
a. Test of controls. in accordance with generally accepted auditing
b. Substantive test. standards.
c. Dual-purpose test. d. Inherent limitations of the client's internal controls
d. Test of balances. were examined.

13. In an auditor's consideration of internal 19. The accountant's report expressing an

control, the completion of a questionnaire is opinion on an entity's internal controls would not
most closely associated with which of the include a
following? a. Description of the scope of the engagement.
a. Separation of duties. b. Specific date that the report covers rather than a
b. Understanding the system. period of time.
c. Flowchart accuracy. c. Brief explanation of the broad objectives and
d. Tests of controls. inherent limitations of internal control.
d. Statement that the entity's internal controls are
consistent with that of the prior year after giving
14. The reliance placed on substantive tests in
effect to subsequent changes.
relation to control risk varies in a relationship
that is ordinarily
20. A CPA's consideration of internal control in
a. Parallel.
an audit
b. Inverse.
a. Is generally more limited than that made in
c. Direct. connection with an engagement to express an
d. Equal. opinion on internal control.
b. Is generally more extensive than that made in
15. The auditor observes client employees in order connection with an engagement to express an
to opinion on internal control.
a. Prepare a flowchart. c. Will generally be identical to that made in connection
b. Update information contained in the organization and with an engagement to express an opinion on
procedure manuals. internal control.
c. Corroborate the information obtained during the d. Will generally result in the CPA expressing an
initial review of the system. opinion on the internal control.
d. Determine the extent of compliance with quality
control standards. 21. The auditor who becomes aware of
reportable conditions is required to
16. A consideration of internal control made communicate this to the
during an audit is usually not sufficient to a. Audit committee and client's legal counsel.
express an opinion on an entity's controls b. Board of directors and internal auditors.
because c. Senior management and board of directors.
a. Weaknesses in the system may go unnoticed during d. Internal auditors and senior management.
the audit engagement.
b. A consideration of internal control is not necessarily 22. Which of the following is not a purpose of an
made during an audit engagement. auditor's attempt to understand internal control
c. Only those controls on which an auditor intends to when a client processes accounting information
rely are reviewed, tested, and evaluated. by computer?
d. Controls can change each year. a. Determine the extent to which the computer is used
17. An auditor's report on internal control of a in significant accounting applications.
publicly held company would ordinarily be of b. Understand the flow of transactions in the system.
least use to c. Comprehend the basic structure of accounting
a. Shareholders. control.
b. Officers. d. Identify the controls that can be relied on when
c. Directors. designing substantive tests of details.
d. Regulatory agencies.
23. Which of the following is likely to be of least
importance to an auditor when assessing control
 risk in a company that processes data by b. Validity of the output.
computer? c. Procedures contained within the program.
a. The segregation of duties within the computer d. Normalcy of distribution of test data.
department. 29. Which of the following is true of generalized
b. The control over source documents. audit software?
c. The documentation maintained for accounting a. They can be used only in auditing on-line computer
applications. systems.
d. The cost-benefit ratio of data processing operations. b. They can be used on any computer without
modification.
24. In considering a client's internal control c. They each have their own characteristics, which the
structure in a computer environment, the auditor auditor must carefully consider before using in a
will encounter general controls and application given audit situation.
controls. Which of the following is an
application control? 28. The test–data method is used by auditors to
a. Organization charts. test the
b. Hash total. a. Accuracy of input data.
c. Systems flowcharts. b. Validity of the output.
d. Control over program changes. c. Procedures contained within the program.
d. Normalcy of distribution of test data.
25. Auditing by testing the input and output of a
computer system--i.e., auditing "around" the 29. Which of the following is true of generalized
computer--instead of the computer software audit software?
itself will
a. They can be used only in auditing on-line computer
a. Not detect program errors that do not appear in the
systems.
output sampled.
b. They can be used on any computer without
b. Detect all program errors, regardless of the nature of
modification.
the output.
c. They each have their own characteristics, which the
c. Provide the auditor with the same type of evidence.
auditor must carefully consider before using in a given
d. Not provide the auditor with confidence in the results
audit situation.
of the auditing procedures.
d. They enable the auditor to perform all manual
compliance test procedures less expensively.
26. Smith Corporation has numerous customers.
A customer file is kept on disk. Each customer
file contains the name, address, credit limit, and 30. Assume that an auditor estimated that 10,000
account balance. The auditor wishes to test this checks were issued during the accounting
file to determine whether credit limits are being period. If an application control that performs a
exceeded. The best procedure for the auditor to limit check for each check request is to be
follow would be to subjected to the auditor's test–data approach,
the sample should include:
a. Develop test data that would cause some account
balances to exceed the credit limit and determine if a. Approximately 1,000 test items.
the system properly detects such situations. b. A number of test items determined by the auditor to
b. Develop a program to compare credit limits with be sufficient under the circumstances.
account balances and print out the details of any c. A number of test items determined by the auditor's
account with a balance exceeding its credit limit. reference to the appropriate sampling tables.
c. Request a printout of all account balances so they d. One transaction.
can be manually checked against the credit limits.
d. Request a printout of a sample of account balances 31. PC DOS, MS DOS, and AppleDOS are
examples of
so they can be individually checked against the
credit limits. a. Application software.
b. Generalized audit software.
27. Which of the following methods of testing c. Database management systems.
application controls utilizes software prepared d. Operating software.
by the auditors and applied to the client's data?
a. Parallel simulation. 32. Which of the following is not an
b. Integrated test facility. example of a computer-assisted audit
c. Test data. technique?
d. Exception report tests. a. Integrated test data.
b. Audit modules.
28. The test–data method is used by auditors to c. Disk operating systems.
test the
d. Audit hooks.
a. Accuracy of input data.
 33. Which of the following statements most
likely represents a disadvantage for an entity
that maintains computer data files rather than
manual files?
a. It's usually more difficult to detect transposition
errors.
b. Transactions are usually authorized before they are
executed and recorded.
c. It's usually easier for unauthorized persons to
access and alter the files.
d. Random error is more common when similar
transactions are processed in different ways.
34. Transaction authorization within an
organization may be either specific or general.
An example of specific transaction authorization
is the
a. Setting of automatic reorder points.
b. Approval of a construction budget for a new
warehouse.
c. Establishment of a customer's credit limits.
d. Establishment of sales prices.
35. Proper segregation of functional
responsibilities calls for separation of the
functions of
a. Authorization, execution, and recording.
b. Authorization, execution, and payment.
c. Custody, execution, and reporting.
d. Authorization, payment, and recording.
36. An auditor should consider the competence
of a client's employees because their
competence bears directly and importantly on
the
a. Cost-benefit relationship of internal control.
b. Achievement of the objectives of internal control.
c. Comparison of recorded accountability with assets
on hand.
d. Timing of the tests to be performed.
37. Which of the following elements
is not a part of an entity's internal
controls? a. Control risk.
b. Control activities.
c. The accounting system.
d. The control environment.
38. Which of the following statements about
internal control is correct?
a. Properly maintained internal controls reasonably
assure that collusion among employees cannot
occur.
b. Establishing and maintaining internal control is the
internal auditor's responsibility.
c. Exceptionally strong control allows the auditor to
eliminate substantive tests of details.
d. The cost-benefit relationship should be considered in
designing internal controls.
39. Which of the following is not done by an
auditor when obtaining an understanding of an
entity's internal controls?
a. Identify the types of potential misstatements that can
occur.
b. Consider the operating effectiveness of the internal
controls.
c. Design substantive tests.
d. Consider factors that affect the risk of material
misstatements.
40. Which of the following audit tests would be
a test of controls?
a. Tests of the specific items making up the balance in
a financial statement account.
b. Comparing inventory prices to vendors' invoices.
c. Comparing signatures on canceled checks to board
of directors' authorizations.
d. Tests of the additions to property, plant, and
equipment by physical inspections.
41. The sequence of steps in gathering evidence
as the basis of the auditor's opinion is:
a. Substantive tests, documentation of control
structure, and tests of controls.
b. Documentation of control structure, substantive
tests, and tests of controls.
c. Documentation of control structure, tests of controls,
and substantive tests.
d. Tests of controls, documentation of control structure,
and substantive tests.
42. Which of the following procedures is
essential to determining whether necessary
control activities were prescribed and are being
followed?
a. Developing questionnaires and checklists.
b. Evaluating the entity's procedures for risk
assessment.
c. Documenting and testing controls.
d. Observing employees and making inquiries.
43. Evidence about segregation of duties is best
obtained by
a. Inspecting documents that contain the initials of who
performed control activities.
b. Direct personal observation of employees who
perform control activities.
c. Preparing a flowchart of who performs the duties.
d. Making inquiries of coworkers about the employee
who performs the duties.
44. An auditor's flowchart of a client's internal
controls is a diagram depicting the auditor's
a. Understanding of the internal controls.
b. Program for tests of controls.
c. Documentation of having considered the internal
controls.
d. Understanding of the types of irregularities that are
probable. 50. When software or files can be accessed from
on-line servers, users should be required to
45. An auditor is required to communicate enter
significant deficiencies in internal control to a. A parity check.
a. Audit committee of the board of directors. b. A personal identification code.
b. Creditors and board of directors. c. A self-diagnosis test.
d. An echo check.
c. Board of directors and internal auditors.
d. Internal auditors and senior management. 51. An auditor's consideration of a company's
computer control activities has disclosed the
46. An auditor has concluded that a client's following four circumstances. Indicate which
internal controls are well designed and circumstance constitutes a significant deficiency
functioning as expected. Under these in internal control.
circumstances the auditor would most likely a. Computer operators do not have access to the
a. Cease to perform further substantive tests. complete software support documentation.
b. Not increase the extent of planned substantive tests. b. Computer operators are closely supervised by
c. Increase the extent of planned analytical programmers.
procedures. c. Programmers are not authorized to operate
d. Perform all tests of controls to the extent outlined in computers.
the audit program. d. Only one generation of backup files is stored in an
off-premises location.
47. Reportable conditions are matters that come
to an auditor's attention and that should be 52. A control feature requires the computer to
communicated to an entity's audit committee send signals to the printer to activate the print
because they represent mechanism for each character. The print
a. Material irregularities or illegal acts perpetrated by mechanism, just prior to printing, sends a signal
management. back to the computer verifying that the proper
b. Significant deficiencies in the design or operation of print position has been activated.
internal control. This type of hardware control is referred to as a/an
c. Flagrant violations of the entity's documented a. Echo check.
conflict-of-interest policies. b. Validity check.
d. Intentional attempts by client personnel to limit the c. Signal check.
scope of the auditor's work. d. Check digit.
48. Which of the following statements best
describes a weakness often associated with 53. In a computer system, hardware controls
computers? are designed to
a. Computer equipment is more subject to systems a. Arrange data in a logical sequence for processing.
error than manual processing is subject to human b. Correct errors in software.
error. c. Monitor and detect errors in source documents.
b. Computer equipment processes and records similar d. Detect and control errors arising from use of
transactions in a similar manner. equipment.
c. Control activities for detecting invalid and unusual
transactions are less effective than manual control 54. The primary objective of procedures
activities. performed to obtain an understanding of internal
d. Functions that would normally be separated in a control is to provide an auditor with
manual system are combined in a computer system. a. Evidential matter to use in reducing detection risk.
b. Knowledge necessary to plan the audit.
49. Accounting functions that are normally c. A basis from which to modify tests of controls.
considered incompatible in a manual system are
d. Information necessary to prepare flowcharts.
often combined by computer software. This
necessitates an application control that prevents
unapproved
a. Access to the computer library.
b. Revisions to existing software.
c. Usage of software.
d. Testing of modified software.