NEU CPA REVIEW- RESA- REVIEW SCHOOL OF ACCOUNTANCY -AUDITING THEORY SY 2022-2023

AT-08: UNDERSTANDING OF THE ENTITY’S INTERNAL CONTROL

REQUIRED READINGS
• Chapter 8, Audit Planning, Auditing and Assurance Principles, 2018 Edition
• PSA 315 (Redrafted): Identifying and Assessing The Risks of Material Misstatement Through Understanding The
Entity and Its Environment
• PSA Glossary of Terms

1. Which of the following is not a correct statement in relation to internal controls?

A. Internal controls are process designed, implemented and maintained by those charged
with governance, management, and other personnel
B. Internal controls have inherent limitations.
C. Internal controls provide obsolete assurance about the achievement of the entity’s
objectives on financial reporting, operations, and compliance.
D. Internal controls can be implemented using information technology.
2. Which of the following statements is/are correct?
I. There is a direct relationship between an entity’s objectives and the controls it implements
to provide reasonable assurance about their achievement.
II. Effective controls can reduce the cost of external audit.
A. I only B. II only C. Both I and II D. Neither I nor II
3. Internal controls may be classified as?
A. Manual, automated or IT-dependent manual controls.
B. Preventive, detective or corrective controls.
C. Both A and B
D. Neither A nor B
4. Internal control can only provide reasonable, not absolute, assurance of achieving entity
control objectives. Which of the following is least likely a limiting factor of achieving those
objectives?
A. In the performance of most control procedures, there are possibilities of errors arising
from mistakes in judgment.
B. The board of directors is active and independent.
C. The cost of internal control should not exceed its benefits.
D. Collusion may occur even if incompatible functions or duties have been segregated.
5. Which of the following conditions supports strong internal control?
A. Strict monitoring by the Bureau of Internal Revenue.
B. The existence of related parties and related party transactions.
C. Pressure by the financial community to improve earnings performance.
D. An economic downturn.
6. The following are components of internal control:
A. Organizational structure, management philosophy, and planning.
B. Legal environment of the firm, management philosophy, and organizational structure.
C. Risk assessment process, backup facilities, responsibility accounting and natural laws.
D. Control environment, risk assessment process, control activities, information system
and communication, and monitoring of controls.
7. Which of the following statements best describes “control environment”?
A. The entity’s process for identifying business risks relevant to financial reporting
objectives and deciding about actions to address those risks, and the results thereof.
B. The system for transferring information from transaction processing systems to the
general ledger or the financial reporting system.
C. Policies and procedures that help ensure that management directives are carried out.
D. This includes the governance and management functions and the attitudes, awareness,
and actions of those charged with governance and management concerning the entity’s
internal control and its importance to the entity.
8. Which of the is not an element of “control environment”?
A. Commitment to competence
B. Communication and enforcement of integrity and ethical values
C. Assignment of authority and responsibility
D. Leadership responsibilities for quality within the firm
9. Management’s attitude towards aggressive financial reporting and its emphasis on meeting
projected profit goals most likely would significantly influence an entity’s control environment
when:
A. Management is dominated by one individual who is also a shareholder.

ReSA – The ReviewSchool of Accountancy Page 1 of 4

 ReSA: The Review School of Accountancy
Auditing Theory: Understanding of the Entity’s Internal Control AT-08
B. External policies established by parties outside the entity affect its accounting
practices.
C. The audit committee is active in overseeing the entity’s financial reporting policies.
D. Internal auditors have direct access to the board of directors and entity management.
10. An entity’s risk assessment process includes how management:
A. Identifies business risks relevant to financial reporting objectives
B. Estimates the significance of the risks
C. Assesses the likelihood of the occurrence of risks
D. Decides on actions to address the risks.
E. All of the choices.
11. Risks can arise or change due to circumstances such as the following, except:
A. There is a change in the regulatory or operating environment.
B. No new employees have been hired by the company.
C. The company switched from manual information systems to a computerized system.
D. The accounting and financial reporting framework has experienced significant
revisions.
12. The information system consists of the following:
A. Infrastructure (physical and hardware components) and software
B. People
C. Procedures and data
D. All of these.
13. The objective of the recording function of transactions (in the context of internal accounting
control) is to
A. Limit access to assets and to permit preparation of financial statements in accordance
with GAAP.
B. Assure compliance with the rules of all regulatory bodies having jurisdiction over the
reporting entity.
C. Permit preparation of financial statements in accordance with GAAP and to maintain
accountability of assets.
D. Encourage operational efficiency and adherence to prescribed managerial policies.
14. Which of the following statements describe the processing function of an accounting system?
A. Identifying and capturing the relevant information for transactions or events.
B. Editing and validation, calculating, measuring, valuing, summarizing, and reconciling
functions.
C. The preparation of financial reports as well as other information, in electronic or printed
format, that the entity uses in measuring and reviewing the entity’s financial
performance.
D. All of these statements describe the recording function.
15. Which of the following descriptions pertain to performance reviews?
A. Control activities that include reviews and analyses of actual performance versus
budgets, forecasts, and prior period performance.
B. Controls performed to check accuracy, completeness, and authorization of
transactions.
C. Physical security of assets, including adequate safeguards such as secured facilities
over access to assets and records.
D. The assignment of incompatible functions to different people.
E. Control activities involving the specific or general authorization of a transaction.
16. Which of the following is not a detective control?
A. The use of batch totals.
B. Reconciling the accounts receivable subsidiary file with the control account.
C. Requirement that two persons open mail.
D. Preparation of bank reconciliation.
17. An example of specific transaction authorization is the:
A. Setting of automatic reorder points.
B. Establishment of sales prices.
C. Establishment of a customer’s credit limits.
D. Approval of a construction budget for a new warehouse.

Page 2 of 4
 ReSA: The Review School of Accountancy
Auditing Theory: Understanding of the Entity’s Internal Control AT-08
18. A proper segregation of duties requires:
A. That an individual authorizing a transaction should record it also.
B. That an individual authorizing a transaction maintain custody of the asset that resulted
from the transaction.
C. That an individual maintaining custody of an asset be entitled to access the accounting
records for the asset.
D. That different individuals should handle custody, authorization and record-keeping.
19. A process implemented by management to assess the effectiveness of internal control
performance over time.
A. Monitoring of controls C. Tests of controls
B. Quality control system D. Risk assessment procedures
20. An entity’s ongoing monitoring activities often include:
A. Periodic audits by the audit committee.
B. Reviewing the purchasing function.
C. The audit of the annual financial statements.
D. Control risk assessment in conjunction with quarterly reviews.
21. Which of the following pertains to the control environment?
A. Management has created and maintained a culture of honesty and ethical behavior
B. The process in which operating activities are assigned
C. Both a and b
D. Neither a nor b
22. Which of the following pertains to risk assessment?
A. An audit client’s process for identifying business risks relevant to the financial
reporting objective
B. Business procedures, within both IT and manual systems, by which those
transactions are initiated, recorded, processed, corrected, transferred to the general
ledger and reported in the financial statements
C. Client policies on limiting physical access to assets and records
D. All of the above
23. Which of the following pertains to information systems?
A. An audit client’s process for identifying business risks relevant to the financial
reporting objective
B. Business procedures, within both IT and manual systems, by which those
transactions are initiated, recorded, processed, corrected, transferred to the general
ledger and reported in the financial statements
C. Client policies on limiting physical access to assets and records
D. All of the above
24. According to PSA 315, the auditor uses the understanding of internal control to:
A. Identify types of potential misstatements
B. Consider factors that affect the risk of material misstatements
C. Design the nature, timing and extent of further audit procedures (i.e., tests of
controls and substantive tests)
D. All of these.
25. In an audit of financial statements, an auditor’s primary consideration regarding a control is
whether it:
A. Enhances management’s decision-making processes.
B. Reflects management’s philosophy and operating style.
C. Affects management’s financial statement assertions.
D. Provides adequate safeguards over access to assets.
26. An auditor would most likely be concerned with internal control policies and procedures that
provide reasonable assurance about:
A. The efficiency of management’s decision-making process.
B. Appropriate prices the entity should charge for its products.
C. Methods of assigning production tasks to employees.
D. The entity’s ability to process and summarize financial data.
27. These controls may also be relevant to the audit if the external auditor intends to make use
of company-produced information in designing and performing further audit procedures (tests
of controls and substantive tests):
A. Controls over completeness and consistency.
B. Controls over existence and occurrence.
C. Controls over completeness and accuracy.
D. Controls over presentation and disclosure
Page 3 of 4
 ReSA: The Review School of Accountancy
Auditing Theory: Understanding of the Entity’s Internal Control AT-08
28. Which of the following is (are) a correct statement(s) for internal control systems of small
companies?
A. Elements of internal control for small entities may not be available in documentary
form
B. Segregation of incompatible duties are often inadequate due to staff limitations
C. The involvement of the owner-manager may be a compensatory control for the
inadequate segregation of incompatible duties
D. All of the above
-end of AT-08-

Page 4 of 4