8" Floor MF FIBukding 813Cor R Papa and S Loyola Sts ‘Sampatoc. Mania (98735-9807 | 734-3989 / (0910) 439-1320 St resaremew@hotmed com AUDITING THEORY JMI+ FDY + MBN + FCT AT-10: RISK ASSESSMENT AND RESPONSE TO ASSESSED RISKS REQUIRED READINGS ‘Chapter 9, Study and Evaluation of Intemal Control, Auditing and Assurance Prinoples, 2017 Edition PSA 315 (Redrafted): I and EAs identifying and Assessing The Risks of Material Mistatement Through Understanding The Entty PSA 330 (Redrafted): The Auditors Responses to Assessed Risks PSA Glossary of Terms 1. Set the following steps in proper order: 1. Determine the nature, extent and timing of substantive tests I. Make a preliminary control risk assessment III. Obtain understanding of the entity and its environment IV. Determine the appropriate response to assessed risks V. Re-assess control risk A. TIL, I, WV, Vv, 1 8. ML, I, Vv, IV, 1 c. 1, 1, M1, IV, Vv D~ III, M1, V, 1, IV 2. During consideration of the internal control structure in a financial statement audit, an auditor is not obligated to? A. Understand the internal control environment and the accounting system 8B. Search for significant deficiencies in the operation of the internal control structure C. Determine whether the control procedures relevant to audit planning have been placed in operation D. Perform procedures to understand the design of the internal control structure policies. 3. Which of the following statements best describes the phrase, “evaluating the design of a control"? ‘A. Considering whether the control, individually or in combination with other controls, is capable of effectively preventing, or detecting and correcting, material misstatements. B. Determining whether the control exists and that the entity is using it. C. Expressing an opinion as to the effectiveness of a control. D. Observing the application of specific controls 4, When obtaining an understanding of an entity's internal control, an auditor should concentrate on the substance of controls rather than their form because: ‘A. Management may establish appropriate controls but not act on them. B. The controls may be operating effectively but may not be documented. C. The controls may be so inappropriate that no reliance is contemplated by the auditor. 1D. Management may implement controls with costs in excess of benefits. 5. S1As part of obtaining an understanding of internal controls, an auditor is required to obtain knowledge about the operating effectiveness of internal control. ‘$2 The auditor obtains an understanding of internal controls to identify the types of potential misstatements that may occur. A. True, true B. False, false C. True, false D. False, true 6. Narratives, flowcharts, and internal control questionnaires are three commonly used methods of ‘A. Designing the audit manual and procedures. B. Testing the internal control structure. C. Documenting the study of internal controls. D. Documenting the auditor's understanding of client's organizational structure. 7. Which of the following statements regarding auditor documentation of the client's internal contro} structure is correct? ‘A. Documentation must include flowcharts. B. Documentation must include procedural write-ups. C. No documentation is necessary although it is desirable. D. No one particular form of documentation is necessary, and the extent of documentation ‘may vary. 8. When obtaining an understanding of the accounting and internal control system the auditor may trace a few transactions through the accounting system. This technique is: ‘A. Reperformance C. Control test B. Walk-through D. Validity test RaBA - The ReviewSchool of Accountancy Page 1 of 4ReSA: The ReviewScheoo of Account Aung Theory: Rik Assessment and Response to ASS SIS AT-10 9. An auditor with the CPA firm of Advanced and Mag-isip ts working to understand a client's inventory procurement system. In hopes of assessing the control risk present in this system, the auditor is reviewing a flowchart created by company employees. One symbol has a rectangle shape. What does that symbol represent? ‘A. Adocument within the system 8. A decision made within the system C. A process carried out within the system D. The input of information within the system 10. After obtaining a sufficient understanding of internal control, the auditor: ‘A. Assesses the need to apply GAAS 8. Determines the preliminary assessment of control risk. C. Assesses detection risk to determine the acceptable level of inherent risk D. Determines the assessed levels of detection risk and inherent risk. 11. What are the different levels of risk assessment? A. “High” and “Low”. B. “High” and “Less than High”. €. “Maximum” and “Minimum”. D. “Higher” and "Lower". 12.An auditor's preliminary control risk assessinent is at a HIGH level. Which of the following are possible reasons for this preliminary assessment? I. The entity’s internal contro! system is not effective Il. Evaluating the effectiveness of the entity's internal control system would not be efficient. A. Lonly B. only C. Both I and It D. Neither I and It 13. When control risk is assessed at Jess than high for all financial statements assertions, an auditor should document the auditor's A B c oD Understanding of the entity's internal control structure Yes Yes. «NoYes. * Conclusion that control risk is tess than high No Yes Yes Yes + Basis for the conclusion that control risk is less than Yes Yes No No high 14. Overall responses to address the risks of material misstatement at the financial statement level include: ‘A. Emphasizing to the audit team the need to maintain professional skepticism in gathering and evaluating audit evidence. B. Assigning more experienced staff or those with special skills or using experts C. Incorporating additional elements of unpredictability in the selection of further audit procedures. D. Allof the answers. 15. Tests of controls are used to test whether controls are: ‘A. Operating effectively. B. Placed in operation or implemented. C._ Properly incorporated in the financiai statements. D. Properly documented by the client. 16.$1 Tests of controls are necessary if the auditor plans to use the primarily substantive approach. ‘$2 Tests of controls are necessary if the auditor plans to esses the level of control risk at a highlevel. A. True, true B. False, false . True, false D. False, true 17. If the auditor anticipates reliance on the client’s internal controls, the auditor would: ‘A. Test controls and use the results of testing as a basis for determining the nature, extent and timing of substantive tests. B. No longer perform tests of controls and proceed immediately to substantive tests CC. Perform tests of controls and increase the amount of substantive tests. D. Eliminate the need for performance of substantive tests 18. After documenting internal control in an audit engagement, the auditor may perform tests ‘on: ‘A. Those controls in which deficiencies or weaknesses were identified. B. Those controls that have a material effect on the balances in the financial statements. C. Those controls that were reviewed (selected on a random basis). ©. Those controls that the auditor plans to rely on. RaGAM 735-9007 | 734-3989 / (0910) 439-1320 >: mon Page 2 of 4ReSA. The ReviewSchoo! of Accountancy Auxifing Theory: Risk Assessment and Response to Assessed Risks AT-10 19. Tests of controls may include the following, except A. Reperformance of internal control procedures. 8. Inquiries about, and observation of, internal controls which leave no audit trail. C. Analytical procedures involving comparison of operating expenses with budgeted amount ©. Inspection of documentary support for transactions evidencing authorization. 20. After considering a client’s internal control structure, an auditor has concluded that it is well designe and 's functioning as intended. Under these circumstances the auditor would most el A. Perform tests of control to the extent outlined in the audit program. B. Determine the control procedures that should prevent or detect errors and irregularities. C. Not increase the extent of predetermined substantive tests. D. Determine whether transactions are recorded to permit preparation of financial statements in conformity with generally accepted accounting principles. 21. Which of the following is a correct response of the auditor when he allows a lower acceptable level of detection risk? Nature of substantive tests Timing of substantive tests Extent of substantive tests A. More extensive Year-end More effective 8B. Less effective Interim Less extensive c More effective Year-end More extensive D. More extensive Interim Less effective 22. If the auditor wants to perform more effective substantive tests, the auditor will perform: ‘A. More test of details (transactions and balances) and less analytical procedures B. More analytical procedures and less test of details (transactions and balances) C. Test of details and analytical procedures in equal proportion D. Neither test of details nor analytical procedures The audit risk model is used primarily: ‘A. For planning purposes in determining how much evidence to accumulate. B. While doing tests of controls. C. To determine the type of opinion to express. D. To evaluate the evidence which has been gathered. 24. Which of the following equations best describes the audit risk model? +L+C C.AR = (IR x DR)/CR IR x CR)/DR D. AR =IRxCRXxDR 25. Inherent risk and control risk differ from detection risk in that inherent risk and control risk are ‘A. Elements of audit risk while detection risk is not. B. Changed at the auditor's discretion while detection risk is not. C. Considered at the individual account-balance level while detection risk is not. D. Functions of the client and its environment while detection risk is not. 26. Which of the following is not a consideration when the auditor is attempting to assess the inherent risk? ‘A. Nature of the client's business. B. Existence of related parties. C. Frequency and intensity of top management review. D. Susceptibility to defatcation. 27. Inherent risk is reduced when the likelihood of defalcations is low. This would be true for an account such as: ‘A. Property, plant and equipment. C. Cash. B. Held for trading securities. . Accounts receivable. 28.When the auditor assesses inherent risk, he considers among others the following factors, except: ‘A. Integrity of management. C. Unusual pressures on management. 8. Nature of the entity's business. D. Results of interim tests. ReSAI 735-9007 / 734-3989 / (0910) 439-1320 ~resarenewia hotma 0" Page 3 of 4ReSA: The ReviewSchoo! of Accountancy Audting Theory: Risk Assessment and Response to Accessed REKS AT-10 29. Which of the following is an incorrect statement? ‘A. Detection risk is a function of effectiveness of an auditing procedure and its application. B. Detection risk arises partly from uncertainties that exist when the auditor does not examine 100 percent of the population. C. Detection risk arises partly because of other uncertainties that exist even if the auditor were to examine 100 percent of the population. D. Detection risk exists independently of the audit of the financial statements. 30. The acceptable level of detection risk (ADR) and tne combined level of inherent risk (IR) and control risk (CR) are related. A. directly B. inversely C. proportionately D. not 31. The audit risk model consists of:AR = IR x CP. x DR. The detection risk is the dependent variable. What is the acceptable level of detection risk if the assessed level of inherent risk is HIGH and the control risk is MEDIUM? A. Lowest B. Lower c. Medium D. Higher 32. Which of the following pertains to detection risk? ‘A. An entity's asset custodian and record-keeping function for cash are handled by one process owner. B. An entity operates in a highly complex business environment. C. An auditor uses substantive anaiytical procedures instead of test of balances. D. None of the above. end of AT-10- RABAM73S-9607 / 734-3989 / (0910) 439-1320 , Page 4 of 4