Scribd
Upload
121 views3 pages

Internal Control and Sarbanes-Oxley Overview

- Corporate management must certify their organization's internal controls over financial reporting monthly and annually using the COSO framework. A strong internal control system will reduce the amount of substantive testing auditors must perform. - The Sarbanes-Oxley Act requires the audit committee to oversee external auditors and management to assess and report on the effectiveness of their internal controls. Advisory services for internal controls is an emerging field beyond traditional attestation functions. - Tests of controls determine if the database reflects transactions accurately. External auditing provides an independent examination and evaluation of an organization's activities as a service to that organization.

Uploaded by

CHRISTINE GALANG
Copyright
© All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
121 views3 pages

Internal Control and Sarbanes-Oxley Overview

- Corporate management must certify their organization's internal controls over financial reporting monthly and annually using the COSO framework. A strong internal control system will reduce the amount of substantive testing auditors must perform. - The Sarbanes-Oxley Act requires the audit committee to oversee external auditors and management to assess and report on the effectiveness of their internal controls. Advisory services for internal controls is an emerging field beyond traditional attestation functions. - Tests of controls determine if the database reflects transactions accurately. External auditing provides an independent examination and evaluation of an organization's activities as a service to that organization.

Uploaded by

CHRISTINE GALANG
Copyright
© All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
  • Auditing and Internal Control

Chapter 1—Auditing and Internal Control

 Corporate management (including the CEO) must certify monthly and annually their
organization’s internal controls over financial reporting. F
 Both the SEC and the PCAOB require management to use the COSO framework for assessing
internal control adequacy. F
 The same internal control objectives apply to manual and computer-based information systems.
T
 Segregation of duties is an example of an internal control procedure. T
 A key modifying assumption in internal control is that the internal control system is the
responsibility of management. T
 The Sarbanes-Oxley Act requires the audit committee to hire and oversee the external auditors.
T
 Section 302 requires the management of public companies to assess and formally report
on the effectiveness of their organization’s internal controls. F
 Advisory services is an emerging field that goes beyond the auditor’s traditional attestation
function. T
 External auditing is an independent appraisal function established within an organization to
examine and evaluate its activities as a service to the organization. F
 Tests of controls determine whether the database contents fairly reflect the organization's
transactions. F
 A strong internal control system will reduce the amount of substantive testing that must be
performed. T

1. The concept of reasonable assurance suggests that


a. the cost of an internal control should be less than the benefit it provides
b. a well-designed system of internal controls will detect all fraudulent activity
c. the objectives achieved by an internal control system vary depending on
the data processing method
d. the effectiveness of internal controls is a function of the industry environment

2. The most cost-effective type of internal control is


a. preventive control
b. accounting control
c. detective control
d. corrective control

3. A well-designed purchase order is an example of a


a. preventive control
b. detective control
c. corrective control
d. none of the above

4. The bank reconciliation uncovered a transposition error in the books. This is an example of a
a. preventive control
b. detective control
c. corrective control
d. none of the above

5. Which of the following suggests a weakness in the internal control environment?


a. the firm has an up-to-date organizational chart
b. monthly reports comparing actual performance to budget are distributed to managers
c. performance evaluations are prepared every three years
d. the audit committee meets quarterly with the external auditors

6. According to COSO, an effective accounting system performs all of the following except
a. identifies and records all valid financial transactions
b. records financial transactions in the appropriate accounting period
c. separates the duties of data entry and report generation
d. records all financial transactions promptly
7. Which of the following is not an internal control procedure?
a. authorization
b. management’s operating style
c. independent verification
d. accounting records

8. When duties cannot be segregated, the most important internal control procedure is
a. supervision
b. independent verification
c. access controls
d. accounting records

9. The importance to the accounting profession of the Sarbanes-Oxely Act is that


a. bribery will be eliminated
b. management will not override the company’s internal controls
c. management are required to certify their internal control system
d. firms will not be exposed to lawsuits

10. The office manager forgot to record in the accounting records the daily bank deposit.
Which control procedure would most likely prevent or detect this error?
a. segregation of duties
b. independent verification
c. accounting records
d. supervision

11. Internal control system have limitations. These include all of the following except
a. possibility of honest error
b. circumvention
c. management override
d. stability of systems

12. Which of the following situations is not a segregation of duties violation?


a. The treasurer has the authority to sign checks but gives the signature block to
the assistant treasurer to run the check-signing machine.
b. The warehouse clerk, who has the custodial responsibility over inventory
in the warehouse, selects the vendor and authorizes purchases when
inventories are low.
c. The sales manager has the responsibility to approve credit and the authority to
write off accounts.
d. The department time clerk is given the undistributed payroll checks to mail
to absent employees.
e. The accounting clerk who shares the record keeping responsibility for the
accounts receivable subsidiary ledger performs the monthly reconciliation of the
subsidiary ledger and the control account.

13. Which statement is not true?


a. Auditors must maintain independence.
b. IT auditors attest to the integrity of the computer system.
c. IT auditing is independent of the general financial audit.
d. IT auditing can be performed by both external and internal auditors.

14. The fundamental difference between internal and external auditing is that
a. internal auditors represent the interests of the organization and external auditors represent
outsiders
b. internal auditors perform IT audits and external auditors perform financial statement audits
c. internal auditors focus on financial statement audits and external auditors focus on
operational audits and financial statement audits
d. external auditors assist internal auditors but internal auditors cannot assist external auditors

15. Which statement is not correct?


a. Auditors gather evidence using tests of controls and substantive tests.
b. The most important element in determining the level of materiality is the mathematical
formula.
c. Auditors express an opinion in their audit report.
d. Auditors compare evidence to established criteria.
16. When planning the audit, information is gathered by all of the following methods except
a. completing questionnaires
b. interviewing management
c. observing activities
d. confirming accounts receivable

17. Tests of controls include


a. confirming accounts receivable
b. counting inventory
c. completing questionnaires
d. counting cash

18. Control risk is


a. the probability that the auditor will render an unqualified opinion on financial
statements that are materially misstated
b. associated with the unique characteristics of the business or industry of the client
c. the likelihood that the control structure is flawed because controls are either
absent or inadequate to prevent or detect errors in the accounts
d. the risk that auditors are willing to take that errors not detected or prevented by the control
structure will also not be detected by the auditor.

19. Inherent risk


a. exists because all control structures are flawed in some ways.
b. is the likelihood that material misstatements exist in the financial statements of
the firm.
[Link] associated with the unique characteristics of the business or industry of the
client.
d. is the likelihood that the auditor will not find material misstatements.

Common questions

Powered by AI

Materiality influences auditors' evaluation processes by serving as a threshold for determining the significance of financial statement misstatements. It helps auditors prioritize efforts on areas that have a substantial impact on the user's decision-making process, thereby focusing on issues that could affect the accuracy or completeness of financial reporting .

Reasonable assurance in internal control systems implies that the costs of implementing internal controls should not exceed their benefits. This principle affects cost-benefit analysis by encouraging organizations to weigh the expense of control measures against the potential reduction in risk and loss, ensuring that resources are used efficiently without expecting absolute prevention of fraud or errors .

The Sarbanes-Oxley Act requires the audit committee to hire and oversee the external auditors, emphasizing the committee's critical role in maintaining an independent and objective audit of the company's financial statements. This responsibility is fundamental to corporate governance as it ensures that the external audits are impartial and sufficiently rigorous to verify the integrity of financial reporting .

The limitations of internal control systems, such as the possibility of honest errors, circumvention, and management override, can affect organizational risk management strategies by introducing vulnerabilities that might not be addressed through standard procedures. Recognizing these limitations, organizations must strengthen oversight and create contingency plans to manage and mitigate associated risks effectively .

The Sarbanes-Oxley Act reinforces management's accountability by requiring them to certify the effectiveness of their internal control system under Section 302. This certification enhances the reliability of financial reporting by holding management directly responsible for establishing and maintaining an adequate internal control framework, ensuring that stakeholders can trust the accuracy of financial disclosures .

Internal auditing is distinct from external auditing primarily in that internal auditors represent the interests of the organization by examining and evaluating its activities to provide insights for improvement. In contrast, external auditors primarily represent the interests of external stakeholders by providing an independent opinion on the financial statements, ensuring that they give a true and fair view of the organization's financial position .

Supervision becomes the most essential internal control procedure when segregation of duties is not feasible, such as in small organizations with limited staff. In such scenarios, supervision provides oversight that can detect mistakes or manipulations, providing a compensating control to mitigate risks associated with combining duties .

Independent verification is vital in maintaining robust accounting records as it involves checking the accuracy and completeness of transactions recorded by others. It supports the overall internal control environment by uncovering errors or irregularities, thus reinforcing confidence in the reliability of the accounting records and ensuring adherence to policies and procedures .

Segregation of duties is significant in internal control systems because it prevents any single individual from having control over all phases of a transaction, thereby reducing the risk of fraud. By dividing responsibilities related to transaction authorization, record keeping, and asset custody, it minimizes the opportunity for any one person to both perpetrate and conceal fraudulent activity .

The COSO framework contributes to assessing internal control adequacy by providing a structured and comprehensive set of guidelines for evaluating the effectiveness of internal controls. The SEC and PCAOB mandate its use because it offers a widely recognized model that standardizes the approach to internal control assessment, making it transparent and reliable for management, auditors, and regulators .

You might also like