When obtaining an understanding of an entitys internal controls An auditor should concentrate on the substance of the controls rather than their form because?

105. When obtaining an understanding of an entity’s control environment, an auditor should concentrate on the substance of controls rather than their form because c. Management may establish appropriate controls but not act on them.

When obtaining an understanding of the design and implementation of an entity’s internal controls the auditor should?

12. When obtaining an understanding of an entity’s internal control, an auditor should concentrate on their substance rather than their form because 5.3 Understanding Internal Control 10.

How do you assess the risk of material misstatement?

Having obtained and documented an understanding of the entity including its internal control, the auditor is now in a position to identify and assess the risks of material misstatement, which should be done at the financial statement level, and at the assertion level for classes of transactions, account balances and …

When obtaining an understanding of the entity and its environment we obtain an understanding of?

The audit procedures performed to obtain an understanding of the entity and its environment, in- cluding the entity’s internal control, to identify and assess the risks of material misstatement, whether due to fraud or error, at the financial statement and relevant assertion levels.

Who is responsible to obtain an understanding of internal control?

Management is responsible for establishing internal controls. In order to maintain effective internal controls, management should: Maintain adequate policies and procedures; Communicate these policies and procedures; and.

What are the components of an entity’s internal control?

The major components of internal control include control environment, entity’s risk assessment process, information system (including the related business processes, control activities relevant to the audit, relevant to financial reporting, and communication) and monitoring of controls.

What is material misstatement examples?

For example, a material misstatement of revenue could trigger a decision to buy a company’s stock, causing losses for the investor when the misstatement is later corrected and the price of the stock declines.

What is the auditor’s responsibility to identify risks of material misstatement?

The objective of the auditor is to identify and assess the risks of material misstatement, whether due to fraud or error, at the financial statement and assertion levels, through understanding the entity and its environment, including the entity’s internal control, thereby providing a basis for designing and …

What are the three types of audit risks?

There are three common types of audit risks, which are detection risks, control risks and inherent risks.

What is control risk in audit?

Control risk, which is the risk that a misstatement due to error or fraud that could occur in an assertion and that could be material, individually or in combination with other misstatements, will not be prevented or detected on a timely basis by the company’s internal control.

What is audit evidence and examples?

Audit evidence is evidence obtained by auditors during a financial audit and recorded in the audit working papers. Auditors need audit evidence to see if a company has the correct information considering their financial transactions so a C.P.A. (Certified Public Accountant) can confirm their financial statements.

What are the qualities of audit evidence?

Appropriateness is the measure of the quality of audit evidence, i.e., its relevance and reliability. To be appropriate, audit evidence must be both relevant and reliable in providing support for the conclusions on which the auditor’s opinion is based.

What is meant by sufficient audit evidence?

Sufficient audit evidence is the context that refers to the quantity or number of audit evidence. Likewise, the quantity of audit evidence will be influenced by the risk of material misstatement of financial statements and the quality of evidence obtained.

What is the reliable source of audit evidence?

Audit evidence is more reliable when it exists in documentary form, whether paper, electronic, or other medium (for example, a contempo- raneously written record of a meeting is more reliable than a subse- quent oral representation of the matters discussed). audit evidence provided by photocopies or facsimiles.

Page 1 of 13

AT-5910

CPA REVIEW SCHOOL OF THE PHILIPPINES

M a n i l a

AUDITING THEORY

INTERNAL CONTROL

Related PSAs/PAPSs: PSA 400, 402 and 315

The auditor should obtain an understanding of the accounting and internal control systems sufficient

to plan the audit and develop an effective audit approach.

Accounting system means the series of tasks and records of an entity by which transactions are

processed as a means of maintaining financial records. Such systems identify, assemble, analyze,

calculate, classify, record, summarize and report transactions and other events.

Internal Control System means all the policies and procedures (internal controls) adopted by the

management of an entity to assist in achieving management’s objective of ensuring, as far as

practicable,:

• orderly and efficient conduct of its business, including adherence to management policies;

• safeguarding of assets;

• prevention and detection of fraud and error;

• accuracy and completeness of the accounting records; and

• timely preparation of reliable financialinformation.

The internal control system extends beyond those matters which relate directly to the functions of the

accounting system.

Internal Control Components (PSA 315)

(a) The control environment;

(b) The entity’s risk assessment process;

(c) The information system, including the related business processes, relevant to financial reporting,

and communication;

(d) Control activities; and

(e) Monitoring of controls.

Control environment

The control environment includes the attitudes, awareness, and actions of management and those

charged with governance concerning the entity’s internal control and its importance in the entity. The

control environment also includes the governance and management functions and sets the tone of an

organization, influencing the control consciousness of its people. It is the foundation for effective

internal control, providing discipline and structure.

The control environment encompasses the following elements:

• Communication and enforcement of integrity and ethical values.

• Commitment to competence.

• Participation by those charged with governance.

• Management’s philosophy and operating style.

• Organizational structure.

• Assignment of authority and responsibility.

• Human resource policies and practices.

Entity’s risk assessment process

An entity’s risk assessment process is its process for identifying and responding to business risks and

the results thereof. For financial reporting purposes, the entity’s risk assessment process includes

how management identifies risks relevant to the preparation of financial statements that are presented

fairly, in all material respects in accordance with the entity’s applicable financial reporting framework,

estimates their significance, assesses the likelihood of their occurrence, and decides upon actions to

manage them.

When obtaining an understanding of an entity's internal control an auditor should concentrate on the substance of controls?

When obtaining an understanding of the entity's internal control the auditor should obtain knowledge about the system's?

What is the most likely reason why the auditor should focus on the substance rather the form of the management's policies and procedures?

When obtaining an understanding of the entity and its environment the auditor should obtain an understanding of internal controls primarily to?