Professional Documents
Culture Documents
Practice 1
Practice 1
A. Review questions
Q-5: What is the difference between internal assurance services and internal
consulting services?
Primary purpose of internal assurance services is to assess evidence relevant to
subject matter of interest to someone and provide conclusions regarding the subject
matter. The internal audit function determines the nature and scope of assurance
engagements, which generally involve three parties: the auditee directly involved
with the subject matter of interest, the internal auditor making the assessment and
providing the conclusion, and the user relying on the internal auditor's assessment
of evidence and conclusion.
Primary purpose of internal consulting services is to provide advice and other
assistance, generally at the specific request of engagement customers. The customer
and the internal audit function mutually agree on the nature and scope of consulting
engagements, which generally involve only two parties: the customer seeking and
receiving the advice, and the internal auditor offering and providing the advice.
Q-6: What is the difference between independence and objectivity as they pertain to
internal auditors?
Independence refers to the organizational status of the internal audit function while
objectivity refers to the mental attitude of the individual internal auditors.
Q-11: What types of procedures might an internal auditor use to test the design
adequacy and operating effectiveness of governance, risk management, and control
processes?
Q-21: What are the three common ways individuals enter the internal audit
profession?
Many individuals enter the internal audit profession directly out of school.
Others switch to internal auditing after beginning their careers in another area of the
organization or public accounting.
Some organizations require prospective managers to spend time working in internal
auditing as part of their management trainee program.
B. Discuss questions
D-4: Prim Rose owns five flower shops in the suburbs of a large Midwestern city. Each
shop is managed by a different person. One of the tests Prim performs to monitor the
performance of his shops is a simple trend analysis of month-to-month sales for each
shop. Assume that Prim’s analysis of the reported sales performance for his flower
shop on Iris Street shows that monthly sales remained relatively consistent from
January through June. Should Prim be pleased or concerned about the sales
performance report for the shop on Iris Street over this six-month period? Explain.
I believed that Prism Should be Concerned about the sales pesfermance of his shap.
Because it isn't growing. Although it is an consistent, in comparison to other stomes it may
be performing below the standard that they are achieving.
However if it is doing well or above the margin that they other stoses are acheiving
then it is important to analyse what that store is doing well. This can be beneficial because
those method can be applied to other store and grow the business overall. Assuming that
the store has regulars that consistently arrive that the store too, it would be importunt to
find out their opinion of the service so that they can find ways to improve the business.
CHAPTER 12
A. Review questions
Q-2: What are the three phases of the assurance engagement process?
Planning
Performing
Communication
Q-3: What steps are included in the planning phase of an assurance engagement?
Determine engagement objectives and scope
Understand the audit, including audit objectives and assertions
Identify and assess risks
Idientify key controls
Evaluate adequacy of control design
Create a test plan
Develope a work program
Allocate resources to the engagement
Q-4: What is the relationship between business objectives and business assertions?
While business objectives indicate what the auditee is striving to achieve, assertions
are after-the-fact statements of what is achieved.
Q-15: What is the difference between “negative assurance” and “positive assurance?”
Negative assurance (also referred to as limited assurance). Internal auditors express
negative assurance when they conclude that nothing has come to their attention that
indicates that the auditee's controls are designed inadequately or operating ineffectively.
Positive assurance (also referred to as reasonable assurance). Internal auditors
express positive assurance when they con- clude that, in their opinion, the auditee's controls
are designed adequately and operating effectively.
B. Discuss questions
D-2: One definition of risk is that it is the possibility that an event will occur and
adversely affect the achievement of an objective. An illustrative objective and event
are presented below:
Objective Event
To safeguard the city’s citizens and resources An accident at a four-way intersection
b. Identify three inherent risk factors that make the event more or less probable.
Factors arising from drivers are improper or erratic lane changing, sudden speed
changes, not obeying traffic control devices or signs, making improper turns,
driving too fast, prohibited and dangerous passing or merging and carelessness,
fatigue, alcohol or sleep.
Risk factors due to defects in vehicles are failure of brakes, lighting system, tire
burst and steering system.
c. The city’s management must decide how to respond to this risk. Two of its
choices are to 1) avoid the risk or 2) reduce the risk to an acceptable level.
1. Explain how the city can avoid the risk.
The city can avoid road accidents by encouraging drivers to have the right attitude
about driving and practice as much as possible. Besides, they must be well trained for poor
conditions, strict legal actions need to be taken for traffic rule violators, cell phone use
must be prohibited and encouraging the drivers to drive a safe vehicle.
The first statement is true. Determining that controls are designed adequately is
necessary, but not sufficient, for reaching a conclusion regarding their effectiveness.
To reach a conclusion regarding their effectiveness, adequately designed controls
must be tested to determine whether they are operating as intended.
The second statement is generally true. It typically does not make sense to determine
whether a poorly designed control is operating as designed. There are
circumstances, however, in which internal auditors gather and document errors that
have occurred as a result of control deficiencies to support their conclusions that
controls are ineffective. Additionally, there may be instances when internal auditors
want to measure the impact of a control deficiency.
CHAPTER 2
A. Review questions
Q-2: What are the six components of the IPPF? Which components constitute
mandatory guidance? Which components constitute recommended guidance?
Mandatory
- Core Principles
- Definition
- Standards
- Code of Ethics
Recommended
- Supplemental
- Implementation
Q-5: Identify the four principles of the Code of Ethics. Why should internal auditors
strive to comply with these principles?
Integrity: Establishes trust and provides the basis for reliance on internal auditors'
judgment.
Objectivity: Internal auditors are not unduly influenced by their own interests or by
others in forming judgments.
Confidentiality: Internal auditors do not disclose information they receive without
proper authority unless there is a legal or professional obligation to do so.
Competency: Internal auditors apply the knowledge, skills, and experience needed
in the performance of internal audit services.
Internal audit services can be performed by people who have integrity, are objective,
and maintain confidentiality, but those services are of little value if such persons do not
have the necessary knowledge and skills to perform the work and reach valid conclusions.
That is why there are specific standards requiring internal auditors to be competent and
continuously strive for improvement.
Q-6: What is the purpose of The IIA’s Standards? Explain the difference between
Attribute and Performance Standards.
Purpose of The IIA’s Standards:
- Guide adherence with the mandatory elements of the IPPF
- Provide a framework for performing and promoting a broad range of value-
added internal auditing
- Establish the basis for the evaluation of internal audit performance
- Foster improved Organizational processes and operations
The difference between Attribute and Performance Standards:
- Attribute Standards: Address the attributes of organizations and individuals
performing internal auditing
- Performance Standards: Describe the nature of IA and provide quality criteria
against which the performance of these services can be measured
B. Discuss questions
D-1: Why is it important for a profession, such as internal auditing, to promulgate
standards?
The Standards, promulgated by The IIA, are the primary mechanism for ensuring
an organization's internal auditors consistently and accurately provide essential services in
a timely, cost-effective manner. The Standards also: Provide a framework for performing a
broad range of value-added internal auditing.
D-5: The CAE for Sargon Products reports administratively to the CFO and
functionally to the audit committee. The scope of the internal audit function assurance
services includes financial, operational, and compliance engagements. Is the internal
auditors’ objectivity regarding accounting-related matters impaired in each of the
situations described below? Briefly explain your answer.
a. The internal auditors are frequently asked to make accounting entries for
complex transactions that the company’s accountants do not have the expertise
to handle.
In this scenario, the internal auditor’s objectivity regarding accounting related
matters is impaired since it is not within the purview of internal auditor’s role to make
accounting entries. Internal auditors are to only review and audit the entries and give
opinions on them. If they start making the entries, it is highly likely that any errors or lapses
will not be found in internal audit process since the entries were made the internal auditor
in the first place and hence, he/she would most probably find all the entries to be alright.