ASUPRIN

ACTIVITY WORKSHEET
Compiled by: A. S. MALQUISTO No. 004
Name: RAYNERA, HEINZ DEAN E. Time & Schedule: 9:00 am – 11:00 am MW _

I. SHORT ANSWER QUESTIONS: Answer each question in a clear and organized paragraph. One or two
sentences that directly answer the short-answer question. Each question is worth 2 points.

1. Briefly describe the responsibilities of management and external auditors for internal controls.
Internal controls for the company are implemented and maintained by management company. The
Securities Exchange Act of 1934, Section 404, compels public companies' management to publicly report on the
effectiveness of its internal controls. The auditor, on the other hand, is in charge of comprehending and testing
internal financial reporting controls. Internal controls for the entity must be established and maintained.
Section 404 of the Securities Exchange Act of 1934 requires public firms' management to publicly report on the
efficacy of its internal controls. The auditor's tasks, on the other hand, include comprehending and testing
internal control over financial reporting. For public company clients, the auditor is also required by Section 404
to issue an audit report on management’s assessment of its internal controls, including the auditor’s opinion on
the operating effectiveness of those controls.

2. List the tools that can document the understanding of internal control.
Methods commonly used by auditors to obtain and document their understanding of the design
of internal control are the following:
 The entity's procedures manuals and organizational charts
 Narrative description
 Internal control questionnaires
 Flowcharts

3. Describe the auditor’s responsibilities related to communications regarding internal control matters.
The auditor creates guidelines and gives advice on how to communicate issues with an entity's internal
control over financial reporting that are discovered during a financial statement audit. They offer advice on
how to assess the degree of internal control flaws.

4. What is meant by the concept of reasonable assurance in terms of internal control?

Reasonable assurance acknowledges that the expense of an entity's internal control system should not
outweigh the projected benefits of the system. As a result, an internal control system will not identify every
possible fault since designing such a system would be prohibitively expensive.

5. What audit work is required for an auditor to assess low control risk?
Auditing services are the methodical study of a company's books of accounts and other documentation,
whereas assurance services are the analysis of the company's processes and activities.

II. TRUE OR FALSE: Write the word TRUE for each correct statement; otherwise, write FALSE.

1. TRUE If, when obtaining an understanding of control activities of a relatively small client, the
auditor identified no control activities, the auditor would probably set a high assessment of control
risk.
2. TRUE When internal controls are effective, then substantive audit tests are more reliable; thus, the
extent of substantive tests should be reduced.
3. FALSE When a company designs and implements internal controls, cost of the controls is not a
valid consideration.
4. TRUE For proper internal control, there should be adequate separation of duties. However, the extent of
separation of duties considered “adequate” depends heavily on the size of the organization.
5. FALSE When internal controls over a given financial statement account are assessed as highly effective,
the auditor need not obtain audit evidence for that account beyond testing the controls.
6. TRUE Procedures used to obtain an understanding of internal control are normally performed on
fewer transactions than procedures used to test controls.
7. TRUE There is a direct relationship between an entity's objectives and the controls it implements to
provide reasonable assurance about their achievement.
8. TRUE Internal control that is relevant in the audit pertains to reliability of financial information.
9. FALSE In a financial statement audit, CPAs are required to assess the operating effectiveness of most
significant accounting-oriented controls.

Page 1 of 3
10. FALSE Well-designed internal control will prevent all fraud by top management.

Page 2 of 3
III. MULTIPLE CHOICE QUESTIONS: Read each item carefully. Select the correct/best answer for each of the
following questions and write the letter of your choice before the number.

____A_____ 1. Which of the following is responsible for establishing a private company’s internal control?
A. Management C. Management and Auditors
B. Auditors D. Committee of Sponsoring Organizations

____A_____ 2. Internal controls can never be considered as absolutely effective because:

A. Their effectiveness is limited by the competency and dependability of employees.
B. Not all organizations have internal audit departments.
C. Controls are designed to prevent and detect only material misstatements.
D. Internal controls prevent separation of duties.

_D 3. Which of management’s concerns with respect to implementing internal controls is the auditor
primarily concerned?
A. Compliance with applicable laws and regulations.
B. Effectiveness of operations.
C. Efficiency of operations
D. Reliability of financial reporting.

_B 4. In an audit of financial statements, an auditor’s primary consideration regarding a control is

whether it
A. Reflects management’s philosophy and operating style.
B. Affects management’s financial statement assertions.
C. Provides adequate safeguards over access to assets.
D. Enhances management’s decision-making processes.

_D 5. A proper understanding of the client’s internal control is an integral part of the audit
planning process. The results of the understanding
A. Must be reported to the shareholders and the SEC.
B. Bear no relationship to the extent of substantive testing to be performed.
C. Are not reported to client management.
D. May be used as the basis for withdrawing from an audit engagement.

_B 6. Which of the following best describe the interrelated components of internal control?
A. Organizational structure, management philosophy, and planning.
B. Control environment, risk assessment, control activities, information and communication
systems, and monitoring.
C. Risk assessment, backup facilities, responsibility accounting and natural laws.
D. Legal environment of the firm, management philosophy, and organizational structure.

_D 7. Which of the following statements about internal control is correct?

A. Properly maintained internal controls reasonably assure that collusion among
employees cannot occur.
B. Establishing and maintaining internal control is the internal auditor’s responsibility.
C. Exceptionally strong control allows the auditor to eliminate substantive tests.
D. The cost-benefit relationship should be considered in designing internal control.

_A 8. After obtaining an understanding of internal control and arriving at a preliminary assessed level
of control risk, an auditor decided to perform tests of controls. The auditor most likely
decided that:
A. Additional evidence to support a reduction in the assessed level of control risk is
not available.
B. An increase in the assessed level of control risk is justified for certain financial
statement assertions.
C. It would be efficient to perform tests of controls that would result in a reduction
in planned substantive procedures.
D. There were many internal control deficiencies that would allow misstatements to
enter the accounting system.
 ____B_____ 9. Which of the following would not be a method used to conduct tests of controls?
A. Inquiry C. Walkthrough
B. Confirmation D. Observation

____A_____ 10. Proper segregation of functional responsibilities calls for separation of the functions of
A. Authorization, execution, and recording.
B. Custody, execution, and reporting.
C. Authorization, execution, and payment.
D. Authorization, payment, and recording.

IV. SITUATIONAL PROBLEM (10 points)

1. The COSO framework consists of five elements of control: the control environment, risk assessment,
control activities, information and communication, and monitoring.

The owner of Austin Powers has approached the managing partner of a CPA firm about conducting a first-time
independent audit. While discussing the nature and scope of the audit, the owner of Austin Powers asks if it is
really necessary for the auditor to gain an understanding of Austin Powers’ system of internal control.

What will be the appropriate response to this client?

Yes, it is critical for the auditor to comprehend Austin Powers' internal control system; in order to
assess a company's internal control system's efficacy, the auditor must analyze the internal control
system. The auditor must first have a complete grasp of the system in order to assess its efficiency in risk
management. This will help the auditor plan and execute his audit procedures more efficiently.

2. The following list presents various internal controls that may be found in your audit client’s revenues and
cash collection processes. Identify if it is considered as a (S) Strength or (W) Weakness.

Strength Credit is authorized by the credit manager.

Weakness A cash receipts journal is prepared by the Treasurer’s department.

Strength Collections received by check are received by the company receptionist, who has no
additional recordkeeping responsibilities.
Weakness Collections received by check are immediately forwarded unopened to the accounting Department
Strength A bank reconciliation is prepared on a monthly basis by the Treasurer’s department.

Page 3 of 3