NAME: ___________________________________________

CSC42 QUIZ 2:

TRUE/FALSE. BEFORE EACH ITEM, WRITE T (FOR TRUE) OR F (FOR FALSE). FALSE
STATEMENTS REQUIRE EXPLANATION.

1. Internal control is a process designed to guarantee the achievement of the objectives of reliable
financial reporting, compliance with laws and regulations and ineffective and inefficient operations.

2. Internal control is a process designed to provide reasonable assurance regarding the achievement of the
objectives of reliable financial reporting, compliance with laws and regulations and effective and
efficient operations, and safeguarding of the assets.

3. The quality of an organization's internal control will affect both the audit approach and the amount of
testing needed for an engagement.

4. An entity's control system affects the approach to and quantity of testing in an audit engagement.

6. Safeguarding of assets includes controls designed to protect against theft.

7. Control is considered to be part of corporate governance.

8. Good control means that risks are identified and dealt with effectively.

9. Investors and lenders are not concerned with internal control of the companies in which they invest.

10. Management of public companies are required to report on internal controls.

11. A separate external audit of internal accounting control should never be performed.

12. The external audit function is a critical component of a company's internal control process.

13. The five major components of an organization's internal control are: the control environment, risk
assessment, control activities, information and communication, and monitoring.

14. A company's internal auditing practices should not be considered when assessing control risk.

15. An organization's control environment is established and maintained by the internal auditing
department.

16. A well-controlled organizational structure must match the organization's operations, or the structure is
not effective.

17. Monitoring of the internal controls involves assessment by appropriate personnel of the design and
operation of controls on a timely basis and taking necessary actions.

18. An auditor is not required to obtain evidence about the design and operation of the internal controls to
reduce the assessment of control risk below maximum.

1
19. Segregation of duties refers to the duties of authorizing a transaction, recording the transaction, and
taking physical custody of assets related to the transaction.

20. In addition to controls being specific, they may be broad, such as policies regarding a code of ethics.

21. Physical controls to safeguard assets are not intended to include simple controls such as fences and
locks.

22. Auditors are not allowed to use flowcharts to document understanding of internal control.

23. When control risk is assessed at a maximum level, the auditor assumes that the internal controls are
reliable in preventing or detecting material misstatements.

24. When control risk is assessed at a minimum level, the auditor assumes that the internal controls are
reliable in preventing or detecting material misstatements.

25. Performing a walk-through provides an auditor an understanding of the nature of processing in

important accounting applications.

26. Reviewing systems flowcharts is usually sufficient to understand the client's internal controls.

27. An auditor cannot assess the control risk for subsystems at a different level than the whole accounting
system.

28. The auditor's preliminary assessment of control risk is based on an understanding of the control system
as it has operated in the past and is designed to operate.

29. When control risk is assessed at less than maximum, the auditor must gain assurance that the control
procedures are effective.

30. The auditor is obligated to report significant deficiencies in the control structure discovered during an
audit to the audit committee or its equivalent.

31. One of the advantages of a computerized accounting system is that the computerized system eliminates
the need for internal controls.

32. Accounting subsystems are accounting cycles composed of one or more accounting applications.

33. Control risk can be evaluated on a scale from high to low.

34. Testing internal control for effectiveness is done in every audit.

35. Walk-throughs and inquiries are often used to obtain an understanding of internal controls.

36. A flowchart is a graphical representation showing the flow of documents through a system.

37. Questionnaires are designed so that a positive answer indicates the absences of a key control activity
or an inadequate segregation of duties.

38. When the auditor believes the design of controls of a non-public company is effective but does not test
the controls, the auditor can assess control risk as moderate in some circumstances but otherwise it
should be assessed as high.

2
 39. Transaction oriented controls are designed to operate on every transaction throughout the year.

40. A narrative is a systematic set of questions designed to develop an understanding of an organizations’

internal controls and those responsible for implementing control activities.

41 One of the components of internal control, monitoring, refers to the process of identifying, capturing,
and exchanging information in a timely fashion to enable accomplishment of the organization’s
objectives.

42. One of the components of internal control, the control environment, is considered pervasive and the
auditor should start the evaluation of controls at this level.

43. Control activities may be implemented at the organizational level and at the transactional level.

ESSAY
1. Identify to indicate whether each procedure is a preventive or detective control.

a. authorizing a credit sale Preventive Detective

b. preparing a bank reconciliation Preventive Detective
c. locking the warehouse Preventive Detective
d. preparing a trial balance Preventive Detective
e. counting inventory Preventive Detective

Use the internal control procedures listed below to complete the statements.

segregation of duties specific authorization

general authorization accounting records
access controls independent verification
supervision

2. A clerk reorders 250 items when the inventory falls below 25 items. This is an example of
__________________________.

3. The internal audit department recalculates payroll for several employees each pay period. This
is an example of __________________________.

4. Locking petty cash in a safe is an example of __________________________.

5. Approving a price reduction because goods are damaged is an example of

__________________________.

6. Using cameras to monitor the activities of cashiers is an example of

__________________________.

3
 7. Not permitting the computer programmer to enter the computer room is an example of
_______________________________.

8. Sequentially numbering all sales invoices is an example of __________________________.

9. Documenting internal control understanding

Auditors must document their understanding and evaluation of the internal control system. Identify
and briefly describe the three most commonly used methods for such documentation.

10. Pervasive control activities

Discuss what pervasive control activities are and provide an example of at least three.