Nature of Internal Control: Multiple Choice Questions

Download as pdf or txt
Download as pdf or txt
You are on page 1of 11

Multiple Choice Questions

Nature of internal control

1. The primary responsibility for establishing and maintaining an internal control rests with
a. The external auditors
b. The internal auditors
c. Management and those charged with governance
d. The controller or the treasurer
2. The fundamental purpose of an internal control is to
a. Safeguard the resources of the organization
b. Provide reasonable assurance that the objectives of the organization are achieved
c. Encourage compliance with organization objectives
d. Ensure the accuracy, reliability, and timeliness of information
3. Which of the following internal control objectives would be most relevant to the audit?
a. Operational objective
b. Compliance objective
c. Financial reporting objective
d. Administrative control objective
4. An auditor would most likely be concerned with internal control policies and procedures that
provide reasonable assurance about the
a. Efficiency of management’s decision-making process
b. Appropriate prices the entity should charge for its products
c. Methods of assigning production tasks to employees
d. Entity’s ability to process and summarize financial data
5. In an audit of financial statements, an auditor’s primary consideration regarding an internal
control activity is whether the control
a. Reflects management’s philosophy and operating style
b. Affects management’s financial statements assertions
c. Provides adequate safeguards over access to assets
d. Enhances management’s decision-making processes
6. Internal control can provide only reasonable assurance of achieving entity’s control objectives.
One factor limiting the likelihood of achieving those objectives is that
a. The auditor’s primary responsibility is the detection of fraud
b. The board of directors is active and independent
c. The cost of internal control should not exceed its benefits
d. Management monitors internal control
7. Inherent limitations in an internal control must be considered in evaluating its effectiveness in
preventing and detecting errors and fraud. Inherent limitations do not include
a. Misunderstanding of instructions, mistakes of judgment, personal carelessness, distraction,
or fatigue
b. Incompatible functions performed by the same person
c. Collusion among employees
d. Management override of certain policies or procedures
8. Which of the following best describes an inherent limitation that should be recognized by an
auditor when considering the potential effectiveness of an internal control structure?
a. Procedures whose effectiveness depends on segregation of duties can be circumvented by
collusion
b. The competence and integrity of client personnel provide an environment conducive to
control and provides assurance that effective control will be achieved
c. Procedures designed to assure the execution and recording of transactions in accordance
with proper authorizations are effective against fraud perpetrated by management
d. The benefits expected to be derived from effective internal control usually do not exceed the
cost of such control
9. When considering the effectiveness of a system of internal accounting control, the auditor
should recognize that inherent limitations do exist. Which of the following is an example of an
inherent limitation in a system of internal accounting control?
a. The effectiveness of procedures depends on the segregation of employee duties
b. Procedures are designed to assure the execution and recording of transactions in accordance
with management’s authorization
c. In the performance of most control procedures, there are possibilities of errors arising from
mistakes in judgment
d. Procedures for handling large numbers of transactions are processed by electronic data
processing equipment
10. An effective system of internal control
a. Cannot be circumvented by management
b. Can reduce the cost of an external audit
c. Can prevent collision among employees
d. Eliminates risks and potential loss to the organization
11. The internal control cannot be designed to provide reasonable assurance that
a. Transactions are executed in accordance with management’s authorization
b. Fraud will be eliminated
c. Access to assets is permitted only in accordance with management’s authorization
d. The recorded accountability for assets is compared with the existing assets at reasonable
intervals
12. Which of the following statements about internal control is correct?
a. Properly maintained internal control reasonably ensures that collusion among employees
cannot occur
b. The establishment and maintenance of internal control are important responsibilities of the
internal auditor
c. Exceptionally strong internal control is enough for the auditor to eliminate substantive tests
on a significant account balance
d. The cost-benefit relationship is a primary criterion that should be considered in designing
internal control
13. Internal control, no matter how well designed and operated, can only provide an entity with
reasonable assurance about achieving the entity’s objectives. The likelihood of achievement is
affected by limitations inherent to internal control. These limitations do not include
a. Collusion among employees
b. Inappropriate management override of internal control
c. Human failures
d. Incompatible functions performed by the same person
Components of Internal Control

14. Which of the following best describes the interrelated components of internal control?
a. Organizational structure, management, philosophy, and planning
b. Control environment, risk assessment, control activities, information and communication
systems, and monitoring
c. Risk assessment, backup facilities, responsibility accounting, and natural laws
d. Internal audit and management’s philosophy and operating style
15. Which of the following is not one of the components of an entity’s internal control?
a. Control risk
b. Control activities
c. Information and communication
d. The control environment
16. The overall attitude and awareness of an entity’s board of directors concerning the importance
of the internal control usually is reflected in its
a. Computer-based controls
b. Systems of segregation of duties
c. Control environment
d. Safeguards over access to assets
17. When obtaining an understanding of an entity’s control environment, an auditor should
concentrate on the substance of management’s policies and procedures rather than form
because
a. The auditor may believe that the policies and procedures are inappropriate for that
particular entity
b. The board of directors may not be aware of management’s attitude toward the control
environment
c. Management may establish appropriate policies and procedures but bot act on them
d. The policies and procedures may be so ineffective that the auditor may assess control risks
at a high level
18. Basic to a proper control environment are the quality and integrity of personnel who must
perform the prescribed procedures. Which is not a factor in providing for competent personnel?
a. Segregation of duties
b. Hiring practices
c. Training programs
d. Performance evaluations
19. In evaluating the design of the entity’s internal control environment, the auditor considers the
following elements and how they have been incorporated into the entity’s processes. Such
elements would include all of the following except
a. Integrity and ethical values
b. Commitment to competence
c. Organizational structure
d. Information and communication systems
20. It is important for the auditor to consider the competence of the audit client’s employees,
because their competence bears directly and importantly upon the
a. Cost-benefit relationship of internal control
b. Achievement of the objectives of internal control
c. Comparison of recorded accountability with assets
d. Timing of the tests to be performed
21. Which of the following components of an entity’s internal control structure includes the
development of employee promotion and training policies?
a. Control activities
b. Control environment
c. Information and communication
d. Quality control system
22. A proper segregation of duties requires
a. An individual authorizing a transaction records it
b. An individual authorizing a transaction maintain a custody of the asset that resulted from
the transaction
c. An individual maintaining custody of an asset be entitled to access the accounting records
for the assets
d. An individual recording a transaction not compare the accounting record of the asset with
the asset itself
23. The single most effective control procedure established to avoid allowing any person to be in a
position to perpetrate and the conceal errors or fraud is
a. The separation of the functional responsibilities custodianship, record keeping, operations,
and authorization
b. Require each employee to take a vacation each year
c. Established an internal auditing department
d. Require the bonding of personnel in positions that necessities handling of cash and other
universally desirable valuables.
24. Which of the following would contribute most to the safeguarding of assets?
a. Access to computer facilities and records is limited to authorization personnel
b. Training programs are conducted to develop competence of newly hire personnel
c. Control and subsidiary accounts are reconciled on a regularly scheduled basis
d. Blank stock of all purchase orders and sales invoices are prenumbered
25. Which if the following statements best describes the entity’s rish assessment process?
a. Entity’s process of identifying business risks relevant to financial reporting objectives and
deciding about actions to address those risks.
b. Entity’s assessment of audit risks affecting the financial statements
c. Entity’s process of evaluating the risks of misstatements due to fraud
d. Entity’s assessment of risks that internal control may fail to detect misstatements affecting
the financial statements
26. The policies and procedures that help ensure that management directives are carried out are
referred to as the:
a. Control environment
b. Control activities
c. Monitoring of controls
d. Information system
27. Which of the following is not one of the specific control procedures that are relevant to financial
statement audit?
a. Performance reviews
b. Physical controls
c. Segregation of duties
d. Monitoring
28. Proper segregation of functional responsibilities in an effective structure of internal control calls
for separation of the functions of
a. Authorization, execution, and payment
b. Authorization, recording, and custody
c. Custody, execution, and reporting
d. Authorization, payment, and recording
29. A small entity may use less formal means to ensure that internal control objectives are achieved.
For example, extensive accounting procedures, sophisticated accounting records, or formal
controls are least likely to be needed if
a. Management is closely involved in operations
b. The entity is involved in complex transactions
c. The entity is subject to legal or regulatory requirements also found in large entities
d. Financial reporting objectives have been established

Consideration of internal control

30. Auditing standards require the auditor to obtain an understanding of the client’s internal control
structure
a. For every audit
b. For first time audits
c. Sufficient to find any frauds which may exist
d. Whenever it would be appropriate
31. Evaluating the design of the entity’s internal control would involve
a. Considering whether the control, individually or in combination with other controls, is
capable of effectively preventing, or detecting and correcting, material misstatements
b. Determining whether control exists and the entity is using it
c. Determining whether the control is operating effectively
d. Determining the consistency of application of internal control procedures
32. Obtaining knowledge about whether the control is implemented can best be obtained by
a. Inquiry of client’s personnel
b. Reading procedures manual
c. Tracing transactions through the information system relevant to financial reporting
d. Performing tests of control
33. The auditor uses his understanding of accounting and internal control systems together with the
inherent and control risks assessments to perform all of the following except
a. Identify the types of misstatements that could occur
b. Consider factors that affect the risk of material misstatements
c. Design appropriate audit procedures
d. Evaluate the effectiveness of the accounting and control systems
34. When obtaining an understanding of the accounting and internal control systems to plan the
audit, the auditor obtains knowledge of the
Design of the accounting and Operation of Accounting and
internal control systems internal control systems
a. YES YES
b. YES NO
c. NO NO
d. NO YES
35. The procedure of tracing a few transactions through the accounting system to determine
whether internal controls have been placed in operations is called
a. Test of control
b. Substantive test
c. Control documentation
d. Walk-through test
36. Which of the following statements is incorrect about walk-through tests?
a. It involves tracing a few transactions through the accounting systems
b. This procedure may be treated as part of test of control
c. The nature and extent of walk-through test performed by the auditor are such that they
alone would provide sufficient appropriate audit evidence to support a control risk
assessment which is less than high
d. The procedure is performed to determine whether the controls are implemented by the
client
37. The auditor’s understanding of the accounting and internal control systems significant to the
audit is ordinarily obtained through previous experience with the entity. In addition, the auditor
may perform the following procedures, except
a. Inquires of appropriate management, supervisory and other personnel at various
organizational levels within the entity, together with reference to documentation, job
descriptions and flow charts
b. Inspection of documents and records produced by the accounting and internal control
system
c. Observation of the entity’s activities and operations, including observation of the
organization of computer operations, management personnel and the nature of transaction
processing
d. Reperformance of internal control procedures
38. When obtaining understanding of the entity’s internal control, the auditor should obtain
knowledge about the system’s
Design Implementation Operating effectiveness
a. YES YES YES
b. YES YES NO
c. YES NO NO
d. NO NO YES
39. Which of the following would an auditor least likely perform when obtaing understanding of the
entity’s accounting and internal control systems?
a. Inquires of appropriate personnel
b. Inspection of documents and record
c. Observation of the entity’s activities and operations
d. Reperformance of internal control
40. After obtaining sufficient understanding of the entity’s accounting and internal control systems,
the auditor should make a preliminary assessment of
a. Audit risk
b. Control risk
c. Inherent risk
d. Detection risk
41. Which of the following is not a medium that can normally be used by an auditor to record
information concerning a client’s internal control policies and procedures?
a. Narrative memorandum
b. Flowchart
c. Procedures manual
d. Questionnaire
42. The auditor observes client employees while gaining an understanding of the internal control
structure to
a. Prepare a flowchart
b. Update information contained in the organization and procedure manuals
c. Gain knowledge of the design and application of relevant policies, procedures, and records
relating to the control structure
d. Determine the extent of compliance with quality control standards
43. Which of the following statements regarding auditor documentation of the client’s internal
control structure is correct?
a. Documentation must include flow charts
b. Documentation must include procedural write-ups
c. No Documentation is necessary although it is desirable
d. No one particular form of documentation is necessary, and the extent of documentation may
vary
44. In gaining an understanding of the internal control structure, the auditor may trace several
transactions through the control process. The primary purpose of this task is to
a. Replace substantive tests
b. Detect fraud
c. Determine the effectiveness of the control procedures
d. Determine whether the controls have been placed in operation
45. The conclusion reached as a result of assessing control risk is referred to as the:
a. Assurance provided by internal control structure
b. Determined level of acceptable detection risk
c. Product of the understanding of internal control
d. Assessed level of control risk
46. An auditor assess control risk because it
a. Is relevant to the auditor’s understanding of the control environment
b. Provides assurance that the auditor’s materiality levels are appropriate
c. Indicates to the auditor where inherent risk may be the greatest
d. Affects the level of detection risk that the auditor may accept
47. Which of the following statements concerning control risk is correct?
a. Assessing control risk and obtaining an understanding of an entity’s internal control
structure may be performed concurrently
b. When control risk is at a high level, an auditor is required to document the basis for that
assessment
c. Control risk may be assessed sufficiently low to eliminate substantive testing for significant
transaction classes
d. When assessing control risk an auditor should not consider evidence obtained in prior audits
about the operation of control procedures
48. Which of the following is a step in an auditor’s decision to assess control rosk at less than high
level?
a. Apply analytical procedures to both financial data and nonfinancial information to detect
conditions that may indicate weak controls
b. Perform tests of details of transactions and accounts balances to identify potential errors
and fraud
c. Identify specific internal control policies and procedures that are likely to detect or prevent
material misstatements
d. Document that the additional audit effort to perform tests of controls exceeds the potential
reduction in substantive testing
49. If, after obtaining an initial understanding of a client’s internal control, the auditor wishes to
further reduce the assessed level of control risk relating to plant asset transactions, the auditor
should next
a. Make extensive substantive tests of plant asset balances
b. Establish the physical existence of current year additions
c. Complete the plant asset section of the internal accounting control questionnaire
d. Further test those internal control procedures relating to processing and recording plant
asset transactions
50. An auditor uses the knowledge provided by the understanding of internal control and the final
assessed level of control risk primarily to determine the nature, timing, and extent of the
a. Attribute tests
b. Tests of controls
c. Compliance tests
d. Substantive tests
51. Control testing is performed in order to determine whether or not
a. The assessed level of control risk can be reduced
b. Necessary controls are absent
c. Incompatible functions exist
d. Material peso errors exist
52. To obtain evidential matter about control risk, an auditor selects test from a variety of
techniques including
a. Inquiry
b. Analytical procedures
c. Calculation
d. Confirmation
53. For certain controls, such as segregation of duties, documentary evidence may not exist. An
auditor would most likely test the procedures by
a. Reperformance and corroboration
b. Observing and inquiry
c. Inspection and vouching
d. Confirmation and recomputation
54. Based on a study and evaluation completed at an interim date, the auditor concludes that no
significant internal accounting control weaknesses exist. The records and procedures would most
likely be tested again at year-end if
a. Compliance tests were not performed by the internal auditor during the remaining period
b. The internal accounting control system provides a basis for reliance in reducing the extent of
substantive testing
c. The auditor used non-statistical sampling during the interim period compliance testing
d. Inquiries and observation lead the auditor to believe that conditions have changed
55. After obtaining an understanding of the internal control structure and assessing control risk, an
auditor decided to perform tests of controls. The auditor most likely decided that
a. It would be efficient to perform tests of controls that would results in a reduction in planned
substantive tests
b. Additional evidence to support further reduction on control risk is not available
c. An increase in the assessed level of control risk is justified for certain financial statement
assertions
d. There were may internal control weakness that could allow errors to enter the accounting
system
56. After studying and evaluating a client’s existing internal control, an auditor has concluded that
the policies and procedures are well designed and functioning as intended. Under these
circumstances, the auditor would most likely
a. Perform further control tests to the extent outlined in the audit program
b. Determine the control policies and procedures that should prevent or detect errors and
fraud
c. Set detection risk at a higher level than would be set under conditions of weak internal
control
d. Set detection risk at a lower level than would be set under conditions of weak internal
control
57. The auditor would most likely assess control risk at a high level when
a. It would be efficient to perform test of control
b. The entity’s accounting and internal control
c. The auditor wishes to rely on the entity’s accounting and internal control systems
d. The auditor wants to restrict substantive tests
58. When obtaining audit evidence about the effective operation of internal controls, the auditor
considers all of the following except
a. How they were applied
b. The consistency with which they were applied during the period
c. By whom they were applied
d. Why they were applied
59. When control risk is assessed at a high level, the auditor should document his
Understanding of Conclusion that Basis for concluding that
Internal control control risk is at a control risk is at a high level
Components high level
a. YES YES YES
b. YES YES NO
c. YES NO NO
d. NO YES NO
60. When control risk is assessed at less than high level, the auditor should document his
Understanding of Assessment of control Basis for assessing control risk
Internal control risk at less than high level
Components
a. YES YES YES
b. YES YES NO
c. YES NO NO
d. NO YES NO
61. The auditor may decide to perform some tests of control during an interim visit in advance of
the period end. However, the auditor cannot rely on the results of such test without considering
the need to obtain further audit evidence relating to the remainder of the period. Factors to be
considered in deciding whether to perform tests of controls for the remaining period would not
include
a. The results of the interim tests
b. The length of remaining period
c. Whether any changes have occurred in the accounting and internal control systems during
the remaining period
d. The results of substantive tests
62. Which of the following is correct when the auditor assess control risk at a high level?
a. The auditor should document the basis for his assessment
b. The auditor should perform test of controls
c. The auditor should document his conclusion that control risks is at a high level
d. The auditor need not document his understanding of internal control
63. The auditor ordinarily assess control risk at a high level for some or all assertions when

The entity’s internal control is Evaluating the effectiveness of the control


Effective would not be efficient
a. YES YES
b. YES NO
c. NO NO
d. NO YES
64. Tests of controls are designed to obtain evidence to support the auditor’s assessment of control
risk
a. At a high level
b. At less than high level
c. At zero level
d. At the maximum level

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy