Auditing Chapter 6 & 7 Review Questions & Answers 100% Accurate!

What are management's incentives for establishing and maintaining strong internal control? What are the auditor's main concerns with internal control? - ANSWER-Management to issue a report that accepts responsibility for establishing and maintaining adequate ICFR AND assert whether it is effective as of the end of the fiscal year - Auditor objective in an ICFR audit is to express an opinion on the effectiveness of the company's internal control over financial reporting - Auditor objective in a financial statement audit is to express an opinion on whether the financial statements are fairly stated in accordance with GAAP. What are the potential benefits and risks to an entity's internal control from information technology? - ANSWER-Benefits: -Consistent application of predefined business rules and performance of complex calculations in processing large volumes of transactions or data. -Greater timelines, availability, and accuracy of information -Facilitation of data analytics for enhanced internal decisions making -Greater ability to monitor the entity's activities, policies, and procedures on a timely basis. -Enhanced segregation of duties through security controls in applications, databases, and operating systems Risks: - Reliance on systems or programs that, unknown to management, inaccurately process data, process inaccurate date, or both. - Unauthorized access to data that may result in destruction of data or improper changes to data, including the recording of unauthorized or nonexistent transactions or inaccurate recording of transactions. - Unauthorized changes to data in master files - Unauthorized changes to systems or programs - Failure to make necessary changes to systems or programs -Inappropriate manual intervention - Potential loss of data Describe the five components of internal control. - ANSWER-Control Environment: The control environment is the set of standards, processes, and structures that provide the basis for carrying out internal control across the organization. The board of directors and senior management establish the tone at the top regarding the importance of internal control and expected standards of conduct. The Entity's Risk Assessment Process: Risk assessment involves a dynamic and iterative process for identifying and analyzing risks to achieving the entity's objectives, thereby forming a basis for determining how risks should be managed. Management considers possible changes in the external environment and within its own business model that may impede its ability to achieve its objectives. Control Activities: Control activities are the actions established by policies and procedures to help ensure that management directives to mitigate risks to the achievement of objectives are carried out. Control activities are performed at all levels of the entity and at various stages within business processes, and over the technology environment.