GENERAL MULTIPLE CHOICE QUESTIONS

INTERNAL CONTROL

1. The independent auditor should acquire an understanding of a client’s internal

audit function to determine whether the work of internal auditors will be a factor
in determining the nature, timing and extent of the independent auditor’s
procedures. The work performed by internal auditors might be such a factor when
the work includes
a) Verification of the mathematical accuracy of invoices.
b) Review of administrative practices to improve efficiency and achieve
management objectives.
c) Consideration of the internal controls.
d) Preparation of internal financial reports for management purposes.

2. Effective I/C in a small company that has insufficient employees to permit proper
division of responsibilities can be best enhanced by
a) Employment of temporary personnel to aid in the separation of duties.
b) Direct participation by the owner of the business in the record keeping
activities of the business.
c) Engaging a CPA to perform monthly “write-up” work.
d) Delegation of full, clear-cut responsibility to each employee for the
functions assigned to each.

3. An auditor is considering the internal controls for purchasing and disbursement

procedures. The auditor will be least influenced by
a) The availability of a company manual describing purchasing and
disbursement procedures.
b) The scope and results of audit work by the company’s internal auditor.
c) The existence within the purchasing and disbursement area of internal
control strengths that offset weaknesses.
d) The strength or weakness of internal control in other areas, e.g., sales and
accounts receivable.

4. In general, material irregularities perpetrated by which of the following are most

difficult to detect?
a) Cashier c) Internal auditor
b) Key-punch operator d) Controller
5. If, during the course of an annual audit of a publicly held manufacturing
company, an independent auditor becomes aware of a reportable condition in the
company’s internal control, the auditor is required to communicate the reportable
condition to
a) The senior management and the board of directors of the company.
b) The senior management of the company.
c) The board of directors of the company.
d) The audit committee of the board of directors.
6. Which of the following best describes the primary reason for the auditor’s use of
flowcharts during an audit engagement?
a) To comply with the requirements of GAAS.
b) To interpret the operational effectiveness of the client’s existing
organizational structure.
c) To classify the client’s documents and transactions by major operating
functions e.g., cash receipts, cash disbursements, etc.
d) To record the auditor’s understanding of the client’s I/C.

7. The independent auditor should acquire an understanding of the internal audit

function as it relates to the independent auditor’s consideration of the I/C because
a) The audit program, working papers and reports of internal auditors can
often be used as a substitute for the work of the independent auditor’s
staff.
b) The procedures performed by the internal audit staff may eliminate the
independent auditor’s need for an extensive consideration of the I/C.
c) The work performed by internal auditors may be a factor in determining
the nature, timing and extent of the independent auditor’s procedures.
d) The understanding of the internal audit function is an important
substantive test to be performed by the independent auditor.

8. The auditor’s understanding of the client’s I/C is documented in order to

substantiate
a) Conformity of the accounting records with generally accepted accounting
principles.
b) Compliance with generally accepted auditing standards.
c) Adherence to requirements of management.
d) The fairness of the financial statement presentation.

9. The I/C normally would include procedures that are designed to provide
reasonable assurance that
a) Employees act with integrity when performing their assigned tasks.
b) Transactions are executed in accordance with management’s general or
specific authorization.
c) Decision processes leading to management’s authorization of transactions
are sound.
d) Collusion activities would be detected by segregation of employee duties.

10. In general, a reportable condition may be defined as a condition in which material

errors or irregularities ordinarily would not be detected within a timely period by
a) An auditor during the normal consideration of the internal controls.
b) A controller when reconciling accounts in the general ledger.
c) Employees in the normal course of performing their assigned duties.
d) The chief financial officer when reviewing interim F/S.
11. Proper segregation of functional responsibilities calls for separation of the
a) Authorization, approval and execution functions.
b) Authorization, execution and payment functions.
c) Receiving, shipping and custodial functions.
d) Authorization, recording and custodial functions.

12. The ultimate risk against which the auditor requires reasonable protection is a
combination of two separate risks. The first of these is that material errors will
occur in the accounting process by which the F/S are developed, and the second is
that
a) A company’s internal control system is not adequate to detect errors and
irregularities.
b) Those errors that occur will not be detected by the auditor’s examination.
c) Management may possess an attitude that lacks integrity.
d) Evidential matter is not competent enough for the auditor to form an
opinion based on reasonable assurance.

13. When an independent auditor decides that the work performed by internal
auditors may have a bearing on the nature, extent and timing of the independent
auditor’s procedures, the independent auditor should evaluate the competence and
objectivity of the internal auditors. Relative to objectivity, the independent
auditor should
a) Consider the organizational level to which internal auditors report the
results of their work.
b) Review the training program in effect for the internal auditors.
c) Examine the quality of the internal audit reports.
d) Consider the qualifications of the internal audit staff.

14. To provide the greatest degree of independence in performing internal auditing

functions, an internal auditor should probably report to the
a) Financial vice-president. c) Board of directors.
b) Corporate controller. d) Corporate stockholders.

15. When considering the client’s I/C to determine whether the necessary procedures
are prescribed and are followed satisfactorily, an auditor must
a) Develop questionnaires and checklists.
b) Review the I/C and perform tests of controls.
c) Perform tests of controls and analytical procedures.
d) Evaluate administrative policies.
16. After the auditor has prepared a flowchart of the I/C surrounding sales and
evaluated the design of the I/C, the auditor would perform tests of controls on all
internal control procedures
a) Documented in the flowchart.
b) Considered to be weaknesses that might allow errors to enter the
accounting system.
c) Considered to be strengths that the auditor plans to rely on.
d) That would aid in preventing irregularities.

17. A consideration of the I/C made in connection with an annual audit is usually not
sufficient to express an opinion on an entity’s internal control because
a) Weaknesses in the I/C may go unnoticed during the audit period.
b) A consideration of the I/C is not necessarily made during an audit
engagement.
c) Only those controls on which an auditor intends to rely are reviewed,
tested and evaluated.
d) Internal controls can change each year.

18. Which of the following would be least likely to suggest to an auditor that the
client’s management may have overridden the I/C?
a) There are numerous delays in preparing timely internal financial reports.
b) Management does not correct I/C weaknesses that it knows about.
c) Differences are always disclosed on a computer exception report.
d) There have been two new controllers this year.

19. Which of the following is intended to detect deviation from prescribed

Accounting Department procedures?
a) Substantive test specified by a standardized audit program.
b) Tests of controls designed specifically for the client.
c) Analytical procedures as designed in the industry audit guide.
d) Computerized analytical tests tailored for the configuration of EDP
equipment in use.

20. The independent auditor selects several transactions in each functional area and
traces them through the entire system, paying special attention to evidence about
whether or not the control features are in operation. This is an example of a
a) Control test. c) Substantive test
b) Tests of controls d) Functional test.
21. In the consideration of the I/C, the auditor is basically concerned that the system
provides reasonable assurance that
a) Management can not override the system.
b) Operational efficiency has been achieved i/a/w management plans.
c) Errors have been prevented or detected.
d) Controls have not been circumvented by collusion.
22. During the audit, the independent auditor identified the existence of a reportable
condition in the client’s system of internal controls and orally communicated this
finding to the client’s senior management and audit committee. The auditor
should
a) Consider the reportable condition a scope limitation and therefore disclaim
an opinion.
b) Document the matter in the working papers and consider the effects of the
condition on the audit.
c) Suspend all audit activities pending directions from the client’s audit
committee.
d) Withdraw from the engagement.

23. Which of the following statements concerning the independent auditor’s required
communication of reportable conditions is correct?
a) Conditions reported at interim dates must be repeated in the final
communication.
b) If the auditor does not become aware of any reportable conditions during
the examination, that fact must be communicated.
c) Conditions that had been reported in prior year’s communications and
have not been corrected need not be repeated in the current year’s
communication.
d) Although written communication is preferable, the auditor may
communicate the findings orally.

24. Which of the following is least likely to be evidence the auditor examines to
determine whether operations are in compliance with the internal control system?
a) Records documenting usage of EDP programs.
b) Canceled supporting documents.
c) Confirmations of accounts receivable.
d) Signatures on authorization forms.

25. The auditor’s communication of reportable conditions in internal control is

a) Required to enable the auditor to state that the examination has been made
in accordance with GAAS.
b) The principal reason for considering the I/C.
c) Incident to the auditor’s objective of forming an opinion as to the fair
presentation of the financial statements.
d) Required to be documented in a written report to the board of directors or
the board’s audit committee.

26. An auditor may compensate for a condition in the I/C by increasing the
a) Level of detection risk.
b) Extent of tests of controls.
c) Preliminary judgment about audit risk.
d) Extent of analytical procedures
27. After considering the client’s internal controls, an auditor has concluded that I/C
is well designed and is functioning as intended. Under these circumstances, the
auditor would most likely
a) Perform tests of controls to the extent outlined in the audit program.
b) Determine the control procedures that should prevent or detect errors and
irregularities.
c) Not increase the extent of predetermined substantive tests.
d) Determine whether transactions are recorded to permit preparation of F/S
in conformity with GAAP.

28. The use of fidelity bonds may indemnify a company from embezzlement losses.
The use also
a) Reduces the company’s need to obtain expensive business interruption
insurance.
b) Protects employees who make unintentional errors from possible monetary
damages resulting from such errors.
c) Allows the company to substitute the fidelity bonds for various parts of
internal control.
d) Reduces the possibility of employing persons with dubious records in
positions of trust.

29. Which of the following procedures most likely would be included as part of an
auditor’s tests of controls?
a) Inspection. c) Confirmation.
b) Reconciliation. d) Analytical procedures.

30. If the independent auditors decide that the work performed by the internal auditor
may have bearing on their own procedures, they should consider the internal
auditor’s
a) Competence and objectivity.
b) Efficiency and experience.
c) Independence and review skills.
d) Training and supervisory skills. Training and supervisory skills.

31. Which statement is correct concerning the definition of internal control developed
by the Committee of Sponsoring Organizations (COSO)?
a) Its applicability is largely limited to internal auditing applications.
b) It is recognized in the Statement on Auditing Standards.
c) It emphasizes the effectiveness and efficiency of operation rather than
reliability of financial reporting.
d) It suggests that it is important to view internal control as an end product as
contrasted to a process or means to obtain an end.
32. Monitoring is considered
a) A component of internal control.
b) An element of the control environment.
c) The primary asset safeguarding technique.
d) A portion of information and communication.

33. Which of the following is not a factor included in the control environment?
a) Integrity and ethical values.
b) Risk assessment.
c) Commitment to competence.
d) Organization structure.

34. An entity’s ongoing monitoring activities often include

a) Periodic audits by the audit committee.
b) Reviewing the purchasing function.
c) The audit of the annual financial statements.
d) Control risk assessment in conjunction with quarterly reviews.

35. The definition of internal control developed by the Committee of Sponsoring

Organizations (COSO) and included in the professional standards includes the
reliability of financial reporting, the effectiveness and efficiency of operation and
a) Compliance with applicable laws and regulation.
b) Effectiveness of prevention of fraudulent occurrences.
c) Safeguarding of entity assets.
d) Incorporation of ethical business practice standards.

36. Which statement is correct concerning the relevance of various types of controls
to a financial audit?
a) An auditor may ordinarily ignore a consideration of controls when a
substantive audit approach is taken
b) Controls over the reliability of financial reporting are ordinarily most
directly relevant to an audit but other controls may also be relevant.
c) Controls over safeguarding of assets and liabilities are of primary
importance, while control over the reliability of financial reporting may
also relevant.
d) All controls are ordinarily relevant to an audit.

37. Which of the following is not ordinarily considered a factor indicative of

increased financial reporting risk when an auditor is considering a client’s risk
assessment policies?
a) Commissioned sales personnel.
b) Implementation of a new information system.
c) Rapid growth organization.
d) Corporate restructuring.

38. While obtaining an understanding of a client’s risk assessment policies, an auditor

does not ordinarily include how management
 a) Identifies risk.
b) Eliminates significant risks.
c) Assesses the likelihood of occurrence of events due to significant risks.
d) Relates risk assessment to financial reporting.

39. When an auditor considers a client’s internal control, which of the following is
ordinarily a type of control activity that is considered?
a) Risk assessment over cash disbursements.
b) Segregation of duties over payroll.
c) Inclusion of the president as a member of the audit committee.
d) Management’s monitoring policies over cash receipts.

40. When test of controls reveal that controls are operating as anticipated, it is most
likely that the assessed level of control risk will
a) Be less than the planned assessed level of control risk.
b) Equal the planned assessed level of control risk.
c) Equal the actual control risk.
d) Be less than the actual control risk.

41. Which of the following is not a control that is designed to protect investment
securities?
a) Custody over securities should be limited to individuals who have record
keeping responsibility over the securities.
b) Securities should be properly controlled physically in order to prevent
unauthorized usage.
c) Access to securities should be vested in more than one individual.
d) Securities should be registered in the name of the owner