Auditing & Assurance Services –
Professional Review Guide 2025/2026
Part 1: The Auditing Profession & Regulatory Environment
1. What is the primary objective of a financial statement audit?
A) To detect all instances of fraud.
B) To provide an opinion on whether the financial statements are free from all misstatements.
C) To provide an opinion on whether the financial statements are presented fairly, in all material
respects, in accordance with the applicable financial reporting framework. ✓
D) To guarantee the future viability of the entity.
2. Which organization is primarily responsible for setting auditing standards for public
companies in the United States?
A) The Public Company Accounting Oversight Board (PCAOB). ✓
B) The American Institute of Certified Public Accountants (AICPA).
C) The International Auditing and Assurance Standards Board (IAASB).
D) The Securities and Exchange Commission (SEC).
3. The AICPA's Auditing Standards Board (ASB) issues standards that are applicable to:
A) All public company audits.
B) Audits of public companies and nonpublic entities.
C) Audits of nonpublic entities. ✓
D) Reviews and compilations only.
4. What is the role of the Securities and Exchange Commission (SEC) concerning auditors?
A) To set auditing standards.
B) To regulate the issuance of accounting standards.
C) To oversee the PCAOB and enforce securities laws. ✓
D) To license individual CPAs.
5. "Independence in appearance" refers to:
A) The auditor's state of mind that permits an objective and impartial audit.
B) The fact that the auditor owns no stock in the client.
C) The perception of a reasonable third party with knowledge of all relevant information. ✓
D) The auditor's ability to resist client pressure.
,6. Which of the following is a "covered member" for independence purposes?
A) A partner in the office of the partner in charge of the attest engagement.
B) The firm's front desk receptionist.
C) A partner in an office located in a different city with no involvement in the engagement.
D) Both A and C. ✓
7. The Sarbanes-Oxley Act of 2002 prohibits a registered public accounting firm from
providing which of the following services to an audit client?
A) Bookkeeping services. ✓
B) Tax compliance services.
C) Internal audit outsourcing services. ✓
D) Both A and C. ✓
8. The concept of "reasonable assurance" in an audit indicates that:
A) An audit is a guarantee that the financial statements are accurate.
B) An audit is not a guarantee, and there is a risk that material misstatements may not be
detected. ✓
C) The auditor is only responsible for ensuring transactions are legal.
D) The audit opinion is based on the auditor's absolute certainty.
9. What is the primary purpose of an integrated audit for a public company?
A) To audit only the financial statements.
B) To audit the financial statements and the effectiveness of internal control over financial
reporting. ✓
C) To combine the audit of a parent company and its subsidiaries.
D) To integrate the audit with the company's tax return.
10. Professional skepticism involves:
A) Assuming management is dishonest.
B) A questioning mind and critical assessment of audit evidence. ✓
C) A complete disregard of client representations.
D) Only trusting evidence obtained from third parties.
Part 2: Audit Planning, Risk Assessment, and Materiality
11. The overall audit strategy does not typically include:
A) Determining the nature, timing, and extent of resources to perform the audit.
B) Identifying significant audit risks.
,C) Developing detailed audit procedures for specific accounts. ✓
D) Considering the scope of the audit engagement.
12. Inherent risk is:
A) The risk that a material misstatement will not be prevented or detected by internal controls.
B) The susceptibility of an assertion to a misstatement that could be material, before
considering internal controls. ✓
C) The risk that the auditor will give an inappropriate opinion.
D) The risk associated with the client's industry.
13. Control risk is:
A) The risk that a material misstatement will not be prevented or detected by internal controls.
✓
B) The risk that the auditor's procedures will fail to detect a material misstatement.
C) The risk that a misstatement could occur in the first place.
D) The risk of auditor error.
14. Detection risk is:
A) The risk that the client's controls will fail.
B) The risk that the auditor will issue an unqualified opinion on materially misstated statements.
C) The risk that the auditor's substantive procedures will fail to detect a material misstatement.
✓
D) The same as audit risk.
15. The audit risk model is:
A) Audit Risk = Inherent Risk x Control Risk
B) Audit Risk = Inherent Risk x Control Risk x Detection Risk ✓
C) Audit Risk = Control Risk + Detection Risk
D) Audit Risk = Inherent Risk + Detection Risk
16. Materiality is primarily a concept of:
A) Size or magnitude.
B) Quality or nature.
C) Both size and nature. ✓
D) Strict quantitative thresholds.
17. Performance materiality is:
A) The same as overall materiality.
B) An amount set below overall materiality to reduce the likelihood that uncorrected
misstatements exceed overall materiality. ✓
, C) The materiality level for the statement of cash flows.
D) Materiality applied to qualitative factors only.
18. A significant risk is an identified risk of material misstatement that:
A) Is always related to fraud.
B) Requires special audit consideration. ✓
C) Is always a routine transaction.
D) Is immaterial by nature.
19. The auditor's understanding of the entity and its environment includes:
A) Industry, regulatory, and other external factors.
B) The entity's internal control.
C) The entity's objectives, strategies, and related business risks.
D) All of the above. ✓
20. An auditor's preliminary analytical procedures performed during planning are primarily
used to:
A) Serve as substantive evidence.
B) Identify unusual transactions and events that may indicate increased risk. ✓
C) Test the operating effectiveness of controls.
D) Replace tests of details.
Part 3: Internal Control
21. The five components of internal control per COSO are:
A) Integrity, Ethical Values, Competence, Authority, Responsibility.
B) Control Environment, Risk Assessment, Control Activities, Information & Communication,
Monitoring Activities. ✓
C) Prevention, Detection, Correction, Monitoring, Reporting.
D) Planning, Executing, Controlling, Closing, Reporting.
22. The control environment:
A) Is the same as control activities.
B) Is the foundation for all other components of internal control. ✓
C) Primarily involves transaction-level controls.
D) Is not considered by the auditor if control risk is assessed at maximum.
23. Which of the following is an example of a control activity?
A) Management's philosophy and operating style.
Professional Review Guide 2025/2026
Part 1: The Auditing Profession & Regulatory Environment
1. What is the primary objective of a financial statement audit?
A) To detect all instances of fraud.
B) To provide an opinion on whether the financial statements are free from all misstatements.
C) To provide an opinion on whether the financial statements are presented fairly, in all material
respects, in accordance with the applicable financial reporting framework. ✓
D) To guarantee the future viability of the entity.
2. Which organization is primarily responsible for setting auditing standards for public
companies in the United States?
A) The Public Company Accounting Oversight Board (PCAOB). ✓
B) The American Institute of Certified Public Accountants (AICPA).
C) The International Auditing and Assurance Standards Board (IAASB).
D) The Securities and Exchange Commission (SEC).
3. The AICPA's Auditing Standards Board (ASB) issues standards that are applicable to:
A) All public company audits.
B) Audits of public companies and nonpublic entities.
C) Audits of nonpublic entities. ✓
D) Reviews and compilations only.
4. What is the role of the Securities and Exchange Commission (SEC) concerning auditors?
A) To set auditing standards.
B) To regulate the issuance of accounting standards.
C) To oversee the PCAOB and enforce securities laws. ✓
D) To license individual CPAs.
5. "Independence in appearance" refers to:
A) The auditor's state of mind that permits an objective and impartial audit.
B) The fact that the auditor owns no stock in the client.
C) The perception of a reasonable third party with knowledge of all relevant information. ✓
D) The auditor's ability to resist client pressure.
,6. Which of the following is a "covered member" for independence purposes?
A) A partner in the office of the partner in charge of the attest engagement.
B) The firm's front desk receptionist.
C) A partner in an office located in a different city with no involvement in the engagement.
D) Both A and C. ✓
7. The Sarbanes-Oxley Act of 2002 prohibits a registered public accounting firm from
providing which of the following services to an audit client?
A) Bookkeeping services. ✓
B) Tax compliance services.
C) Internal audit outsourcing services. ✓
D) Both A and C. ✓
8. The concept of "reasonable assurance" in an audit indicates that:
A) An audit is a guarantee that the financial statements are accurate.
B) An audit is not a guarantee, and there is a risk that material misstatements may not be
detected. ✓
C) The auditor is only responsible for ensuring transactions are legal.
D) The audit opinion is based on the auditor's absolute certainty.
9. What is the primary purpose of an integrated audit for a public company?
A) To audit only the financial statements.
B) To audit the financial statements and the effectiveness of internal control over financial
reporting. ✓
C) To combine the audit of a parent company and its subsidiaries.
D) To integrate the audit with the company's tax return.
10. Professional skepticism involves:
A) Assuming management is dishonest.
B) A questioning mind and critical assessment of audit evidence. ✓
C) A complete disregard of client representations.
D) Only trusting evidence obtained from third parties.
Part 2: Audit Planning, Risk Assessment, and Materiality
11. The overall audit strategy does not typically include:
A) Determining the nature, timing, and extent of resources to perform the audit.
B) Identifying significant audit risks.
,C) Developing detailed audit procedures for specific accounts. ✓
D) Considering the scope of the audit engagement.
12. Inherent risk is:
A) The risk that a material misstatement will not be prevented or detected by internal controls.
B) The susceptibility of an assertion to a misstatement that could be material, before
considering internal controls. ✓
C) The risk that the auditor will give an inappropriate opinion.
D) The risk associated with the client's industry.
13. Control risk is:
A) The risk that a material misstatement will not be prevented or detected by internal controls.
✓
B) The risk that the auditor's procedures will fail to detect a material misstatement.
C) The risk that a misstatement could occur in the first place.
D) The risk of auditor error.
14. Detection risk is:
A) The risk that the client's controls will fail.
B) The risk that the auditor will issue an unqualified opinion on materially misstated statements.
C) The risk that the auditor's substantive procedures will fail to detect a material misstatement.
✓
D) The same as audit risk.
15. The audit risk model is:
A) Audit Risk = Inherent Risk x Control Risk
B) Audit Risk = Inherent Risk x Control Risk x Detection Risk ✓
C) Audit Risk = Control Risk + Detection Risk
D) Audit Risk = Inherent Risk + Detection Risk
16. Materiality is primarily a concept of:
A) Size or magnitude.
B) Quality or nature.
C) Both size and nature. ✓
D) Strict quantitative thresholds.
17. Performance materiality is:
A) The same as overall materiality.
B) An amount set below overall materiality to reduce the likelihood that uncorrected
misstatements exceed overall materiality. ✓
, C) The materiality level for the statement of cash flows.
D) Materiality applied to qualitative factors only.
18. A significant risk is an identified risk of material misstatement that:
A) Is always related to fraud.
B) Requires special audit consideration. ✓
C) Is always a routine transaction.
D) Is immaterial by nature.
19. The auditor's understanding of the entity and its environment includes:
A) Industry, regulatory, and other external factors.
B) The entity's internal control.
C) The entity's objectives, strategies, and related business risks.
D) All of the above. ✓
20. An auditor's preliminary analytical procedures performed during planning are primarily
used to:
A) Serve as substantive evidence.
B) Identify unusual transactions and events that may indicate increased risk. ✓
C) Test the operating effectiveness of controls.
D) Replace tests of details.
Part 3: Internal Control
21. The five components of internal control per COSO are:
A) Integrity, Ethical Values, Competence, Authority, Responsibility.
B) Control Environment, Risk Assessment, Control Activities, Information & Communication,
Monitoring Activities. ✓
C) Prevention, Detection, Correction, Monitoring, Reporting.
D) Planning, Executing, Controlling, Closing, Reporting.
22. The control environment:
A) Is the same as control activities.
B) Is the foundation for all other components of internal control. ✓
C) Primarily involves transaction-level controls.
D) Is not considered by the auditor if control risk is assessed at maximum.
23. Which of the following is an example of a control activity?
A) Management's philosophy and operating style.
