Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
66 Cards in this Set
- Front
- Back
section 302 Sarbox |
- signing officers responsible for internal controls - Management quarterly certifications |
|
Section 404a sarbox |
Management assessment report - management accept responsibility and establishes ICFR. Internal control over financial reporting - accept and evaluate ICFR |
|
Section 404b sarbox |
external audit of ICFR. - audit managements assertions - auditor must express an opinion |
|
Control Deficiency |
-when the design of a control does not allow management to prevent or detect misstatements. report to management |
|
Significant deficiency |
- a control deficiency that less sever than a material weakness but merits attention. report to audit committee and management |
|
Material weakness |
deficiencies in ICFR that leads to a reasonable possibility that a misstatement will not be prevented. Report via opinion |
|
Management Assessment process: top down approach steps |
1. Identify financial reporting risks 2. consider locations 3. Evaluate evidence about operating effectiveness of ICFR |
|
Steps of Audit ICFR |
1. Plan the audit 2. Identify controls to test 3. Test design and effectiveness of controls 4. Evaluate control deficiencies 5. Form an opionion |
|
2. Top down risk based approach to ICFR audit: controls to test |
1. Identify controls 2. Identify significant accounts 3. Understand likely sources of misstatement 4. select controls to test |
|
3. Test design and operating effectiveness of controls |
Inquiry, observations, walkthroughs, inspection, subjective evaluations |
|
4. Evaluate identified control deficiencies |
analyze them |
|
Remediation of Material Weakness |
Correcting material weakness. If it is corrected before "as of" then management and auditor need time to test the effectiveness of the control, otherwise an adverse opinion is given |
|
Auditor documentation requirements |
1. auditor understand and evaluate the ICFR 2. The process to determine where misstatements occur 3. What work was done by others 4.evaluation of any deficiencies discovered |
|
Audit sampling |
selection of less than 100 percent of items. shows a good representation of population |
|
Type 1 alpha risk |
incorrect rejection, risk that you say its not operating correctly when it actually is |
|
Type 2 beta risk |
Risk you think its working when it actually is not working. |
|
3 factors for sampling risk |
1. confidence level 2. tolerable error or defect rate 3. expected error or historical defect rate |
|
2 types of audit sampling |
1. Nonstatistical- no stat techniques used to determine sample size or selection 2. Statistical- sample size, probability etc. |
|
Attribute sampling |
used to estimate the proportion of population that possesses a certain characteristic. statistical sampling example. |
|
Sampling application steps |
1. plan 2. perform 3. evaluate 4. document |
|
Planning phase steps for sampling |
- determine objectives - define population characterictics - determine the size of the sample |
|
performance phase steps for sampling |
Select Sample items perform procedures calculate the sample deviation and upper rates draw conclusions |
|
Monetary unit sampling |
attribute sampling example that expresses a conclusion in dollar amounts |
|
Advantages of Monetary unit sampling |
- when you expect little mistatement, MUS usually results in smaller sample size - MUS doesn't require you to make assumptions about the distribution of mistatements |
|
What are the planning steps for MUS |
- determine test objectives - define population |
|
what are the steps for determining sample size for MUS |
confidence level, tolerable mistatement, expected mistatement, population size. refer to slides to show the effects of these. do the same for other confidence level tests |
|
Classical Variable Sampling |
uses normal distribution to evaluate characteristics of a population based on sample data. used to estimate size of misstatement |
|
Variable sample size formula |
(Pop size x CC x SD)/(tol mistate-estimate mis)^2 CC= confidence coefficient SD= standard deviation |
|
Because of the residual nature of cash, what 2 substantive tests do auditors use |
1. comparison with prior balances 2. comparison with budgeted amounts |
|
What 3 items do you obtain to audit cash |
1. bank reconciliation 2. standard bank confirmation 3. cutoff bank statement |
|
what is a cutoff bank statement |
covers 7-10 day period after date which bank account is reconciled. |
|
tests for bank reconciliation |
1.Verifythe mathematical accuracy and agree the balance per the books to the generalledger. 2.Agreethe bank balance on the reconciliation with the balance shown on the standardbank confirmation. 3.Tracethe deposits in transit on the bank reconciliation to the cutoff bankstatement.4.Comparethe outstanding checks on the bank reconciliation with the canceled checkscontained in the cutoff bank statement for proper payee, amount, andendorsement.5.Agreeany charges included on the bank statement to the bank reconciliation. 6.Agreethe adjusted book balance to the cash account lead schedule. |
|
Kiting |
covering cash shortage in one account by transferring money from one bank account to another and recording improperly |
|
revenue recognition criteria |
- arrangement exists - delivery or services have been rendered - fixed price - collectibility assured |
|
Fraud risks for revenue recognition |
- side agreements - channel stuffing - related party transactions - bill and hold sales |
|
4 inherent risk factors that affect revenue process |
1. industry related 2. complexity of revenue recognition 3. difficulty of auditing transactions 4. misstatements in prior audits |
|
2 major types of misstatements for revenue |
1. sales to fictitious customers 2. recording revenue when goods or services haven't been performed |
|
6 assertions for revenue recognition |
occurrence- the events have been recorded completeness- all recorded authorization- accuracy- right numbers cutoff- right time period classification- right account |
|
Functions of purchasing process: Requisitioning |
Initiation and approval of requests for goods and services |
|
functions of purchasing process: Purchasing |
Approval of purchase orders and proper execution |
|
functions of purchasing process: Receiving |
Receipt of properly authorized goods and services |
|
functions of purchasing process: Invoice processing |
Processing of vendor invoices for good and services. |
|
Functions of purchasing process: Disbursements |
Processing of payments to vendors |
|
Functions of purchasing process: Accounts Payable |
recording vendor invoices and disbursements |
|
Functions of purchasing process: General Ledger |
proper accumulation, classification and summarization of purchases |
|
Segregation of duties for purchasing. There are 4 |
- Purchasing should be separate from requisitioning and receiving. - INvoice process should be separate from AP - Disbursement should be separate from AP - AP should be separate from general ledger |
|
Steps for setting control risk for Purchasing process |
1. understand and document the purchasing process 2. plan and perform tests of controls on purchase transactions 3. set and document the control risk for the purchasing process |
|
Occurrence assertion for disbursement |
auditor is concerned that a payment is recorded when no payment was made |
|
Completeness of cash disbursement assertion |
concern is that the payment is made but not recorded |
|
Authorization of cash disbursement assertion |
the person who approves the purchase should not have direct access to the cash disbursement |
|
Accuracy of cash disbursement assertion |
record the right amount |
|
Cutoff of cash disbursement assertion |
proper period recording |
|
Classification of cash disbursement assertion |
recorded in the right account |
|
Procedures for identifying contingent liabilities |
1. inquire and discuss with management about policies 2. Examine documents 3. Obtain a legal letter that describes and evaluates any claims. 4. Obtain written representation from management about any litigation |
|
Type 1 event for audit subsequent events |
conditions existed before balance sheet date and effect estimates. Requires adjustment |
|
Type 2 event for audit subsequent events |
Conditions did not exist at the balance sheet date and do not affect the accuracy. Disclose and put in pro forma |
|
Dual Dating |
When a subsequent event is recorded or disclosed after audit evidence has been obtained but before the issuance of the financial statements. you can either dual date the report which is the original date and subsequent event date. or you can change the date to the subsequent date |
|
Final evidential evaluation processes |
- performance of analytical procedures - obtain rep letter - review working papers - final eval of audit results - eval of financial statemetnn presentation - independent review of engagement - evaluation of going concern |
|
3 categories of GAAS |
General- auditor qualifications Fieldwork- relates to the conduct of the audit Reporting- what they must consider |
|
10 Standards within the 3 GAAS categories |
Training Independence Professional care Planning Internal controls Evidence Accordance with GAAP Consistency of financial statements Disclosures are reasonably adequate Opinion |
|
services an auditor cant do 9 |
bookkeeping financial information design appraisal or valuation actuarial internal audit outsourcing HR Broker or dealer legal expert |
|
Inherent risk |
risk of something going wrong without controls |
|
control risk |
risk that controls wont catch mistatement |
|
detection risk |
risk audit procedures will not detect misstatement. High detection risk means less work and it covaries with RMM(IR*CR) |
|
Fraud triangle |
Rationalization Opportunity Pressure |
|
Coso framework. 5 parts |
Control activities Risk assessment Information and communication Monitoring activities Environment |