Professional Documents
Culture Documents
22
22
22
The tests of controls phase involves confirming the existence and effectiveness of internal controls. The
substantive testing phase entails an in-depth investigation of particular account balances and
transactions.
audit risk is the risk that the auditor expresses an inappropriate audit opinion when the financial
statements are materially misstated
24 Distinguish between errors and irregularities. Which do you think concern auditors the most?
25.Distinguish between inherent risk and control risk. How do internal controls affect inherent risk and
control risk, if at all? What is the role of detection risk?
27.SOX contains many sections. Which sections does this chapter focus on?
In accordance with SOX Sections 302 and 404, this chapter focuses on internal control and audit duties.
The PCAOB recommends using COSO as the model for control evaluation.
29 COSO identifies two broad groupings of information system controls. What are they?
The two broad groupings of information system controls recognized by COSO are application controls
and general controls.
Transaction logging All transactions are identified with unique id and logged
Separation of business functions Transaction initiation and authorization done by separate individuals
An account receivable check digit procedure that validates customer account numbers on sales
transactions.
1. Define general controls.
General controls govern the design, security, and use of computer programs General controls apply to
all systems. General controls needed to support functioning of
financial reporting