ReSA - THE REVIEW SCHOOL OF ACCOUNTANCY

CPA Review Batch 42  October 2021 CPA Licensure Exam  Week No. 8/9

AUDITING (Auditing Theory) J. Ireneo  M. Ngina  F. Tugas  F. Yabut

AT-10: RISK ASSESSMENT AND RESPONSES TO ASSESSED RISK

1. In an audit of financial statements, an auditor’s primary consideration regarding a control is
whether it:
A. Enhances management’s decision-making processes.
B. Reflects management’s philosophy and operating style.
C. Affects management’s financial statement assertions.
D. Provides adequate safeguards over access to assets.

2. S1 The performance of risk assessment procedures is designed to help the auditor obtain an
understanding of the entity.
S2 Auditors are not allowed to make inquires of employees who are not considered management,
such as marketing or sales personnel.
A. True, true B. False, false C. True, false D. False, true

3. Which of the following is not a step in an auditor’s assessment of control risk?

A. Evaluate the effectiveness of internal control with tests of controls.
B. Obtain an understanding of the entity’s information system and control environment.
C. Perform tests of details of transactions to detect material misstatements in the financial
statements.
D. Consider whether controls can have a pervasive effect of financial statement assertions.

4. Risk assessment procedures include

A. A required discussion among the staff members of the audit and the client regarding
material misstatements in the financial statement.
B. Determination of the type of audit opinion to issue.
C. Observation of the entity's operations.
D. Assessing acceptable audit risk.

5. When obtaining an understanding of the accounting and internal control system the auditor may
trace a few transactions through the accounting system. This technique is:
A. Reperformance C. Control test
B. Walk-through D. Validity test

6. Obtaining an understanding of internal control involves:

A B C D
• Evaluating the DESIGN of a control Yes Yes Yes No
• Determining whether the control has been IMPLEMENTED Yes Yes No Yes
• Testing the EFFECTIVENESS of a control No Yes Yes Yes

7. Which of the following statements is/are correct?

I. Flowcharts are harder to read and update than narratives.
II. When documenting their understanding of a client's internal controls, auditors are required to
use narratives.
III. Narratives, flowcharts, and internal control questionnaires are three commonly used methods
of documenting the study of internal controls.

A. I and III only B. I only C. II and III only D. I, II and III

8. Which of the following factors is most likely to affect the extent of the documentation of the
auditor's understanding of a client's system of internal controls?
A. The industry and the business and regulatory environments in which the client operates
B. The degree to which information technology is used in the accounting function
C. The relationship between management, the board of directors, and external stakeholders
D. The degree to which the auditor intends to use internal audit personnel to perform
substantive tests

9. When dealing with the documentation of internal control,

A. In a narrative, most questions simply require a "yes" or "no" response.
B. Questionnaires offer useful checklists to remind the auditor of the many different types of
internal controls that should exist.
C. Questionnaires and flowcharts should not be used together.
D. Flowcharts fail to show the segregation of duties in the company.

Page 1 of 3 0915-2303213/0908-6567516  www.resacpareview.com

ReSA – THE REVIEW SCHOOL OF ACCOUNTANCY AT-10
Week 8/9: RISK ASSESSMENT AND RESPONSES TO ASSESSED RISK

10. An auditor with the CPA firm of Advanced and Mag-isip is working to understand a client’s inventory
procurement system. In hopes of assessing the control risk present in this system, the auditor is
reviewing a flowchart created by company employees. One symbol has a rectangle shape. What
does that symbol represent?
A. A document within the system
B. A decision made within the system
C. A process carried out within the system
D. The input of information within the system

11. After obtaining a sufficient understanding of internal control, the auditor:

A. Assesses the need to apply GAAS.
B. Determines the preliminary assessment of control risk.
C. Assesses detection risk to determine the acceptable level of inherent risk.
D. Determines the assessed levels of detection risk and inherent risk.

12. What are the different levels of risk assessment?

A. “High” and “Low”.
B. “High” and “Less than High”.
C. “Maximum” and “Minimum”.
D. “Higher” and “Lower”.

13. An auditor’s preliminary control risk assessment is at a HIGH level. Which of the following are
possible reasons for this preliminary assessment?
I. The entity’s internal control system is not effective
II. Evaluating the effectiveness of the entity’s internal control system would not be efficient.

A. I only B. II only C. Both I and II D. Neither I and II

14. When control risk is assessed at less than high for all financial statements assertions, an auditor
should document the auditor’s
A B C D
• Understanding of the entity’s internal control structure Yes Yes No Yes
• Conclusion that control risk is less than high No Yes Yes Yes
• Basis for the conclusion that control risk is less than high Yes Yes No No

15. Overall responses to address the risks of material misstatement at the financial statement level
include:
A. Emphasizing to the audit team the need to maintain professional skepticism in gathering
and evaluating audit evidence.
B. Assigning more experienced staff or those with special skills or using experts
C. Incorporating additional elements of unpredictability in the selection of further audit
procedures.
D. All of the answers.

16. After documenting internal control in an audit engagement, the auditor may perform tests on:
A. Those controls in which deficiencies or weaknesses were identified.
B. Those controls that have a material effect on the balances in the financial statements.
C. Those controls that were reviewed (selected on a random basis).
D. Those controls that the auditor plans to rely on.
17. After considering a client’s internal control structure, an auditor has concluded that it is well
designed and is functioning as intended. Under these circumstances the auditor would most likely
A. Perform tests of control to the extent outlined in the audit program.
B. Determine the control procedures that should prevent or detect errors and irregularities.
C. Not increase the extent of predetermined substantive tests.
D. Determine whether transactions are recorded to permit preparation of financial statements
in conformity with generally accepted accounting principles.
18. Which of the following is a correct response of the auditor when he allows a lower acceptable level
of detection risk?
Nature of substantive tests Timing of substantive tests Extent of substantive tests
A. More extensive Year-end More effective
B. Less effective Interim Less extensive
C. More effective Year-end More extensive
D. More extensive Interim Less effective

Page 2 of 3 0915-2303213/0908-6567516  www.resacpareview.com

ReSA – THE REVIEW SCHOOL OF ACCOUNTANCY AT-10
Week 8/9: RISK ASSESSMENT AND RESPONSES TO ASSESSED RISK

19. If the auditor wants to perform more effective substantive tests, the auditor will perform:
A. More test of details (transactions and balances) and less analytical procedures
B. More analytical procedures and less test of details (transactions and balances)
C. Test of details and analytical procedures in equal proportion
D. Neither test of details nor analytical procedures

20. Which of the following statements is/are correct?

I. The audit risk model is used primarily for planning purposes in determining how much
evidence to accumulate.
II. The audit risk model is expressed as: AR = L + D + R
III. Inherent risk and control risk differ from detection risk in that inherent risk and control risk
are functions of the client and its environment while detection risk is not.
IV. The acceptable level of detection risk (ADR) and the combined level of inherent risk (IR) and
control risk (CR) are directly related.

A. I and III only B. I only C. II and III only D. I, II, III and IV

21. Which of the following is not a consideration when the auditor is attempting to assess the inherent
risk?
A. Nature of the client’s business.
B. Existence of related parties.
C. Frequency and intensity of top management review.
D. Susceptibility to defalcation.

22. Inherent risk is reduced when the likelihood of defalcations is low. This would be true for an account
such as:
A. Property, plant and equipment. C. Cash.
B. Held for trading securities. D. Accounts receivable.

23. Which of the following is an incorrect statement?

A. Detection risk is a function of effectiveness of an auditing procedure and its application.
B. Detection risk arises partly from uncertainties that exist when the auditor does not examine
100 percent of the population.
C. Detection risk arises partly because of other uncertainties that exist even if the auditor
were to examine 100 percent of the population.
D. Detection risk exists independently of the audit of the financial statements.

24. Which of the following pertains to detection risk?

A. An entity’s asset custodian and record-keeping function for cash are handled by one
process owner.
B. An entity operates in a highly complex business environment.
C. An auditor uses substantive analytical procedures instead of test of balances.
D. None of the above.

25. Which of the following statements is correct concerning an auditor’s assessment of control risk?
A. Assessing control risk may be performed concurrently during an audit with obtaining an
understanding of the entity’s internal control.
B. Evidence about the operation of internal control in prior audits may not be considered
during the current year’s assessment of control risk.
C. The basis for an auditor’s conclusions about the assessed level of control risk need not be
documented unless control risk is assessed at the maximum level.
D. The lower the assessed level of control risk, the less assurance the evidence must provide
that the control procedures are operating effectively.

- END -

Page 3 of 3 0915-2303213/0908-6567516  www.resacpareview.com