AUDITING THEORY lifted from CPA REVIEW SCHOOL OF THE PHILIPPINES

• PSA 300 PLANNING AN AUDIT OF FINANCIAL STATEMENTS

• PSA 315 IDENTIFYING AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT
THROUGH UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT

PSA 300
PLANNING AN AUDIT OF FINANCIAL STATEMENTS

1. Planning an audit involves:

• establishing the overall audit strategy for the engagement; and

• developing an audit plan.

Preliminary Engagement Activities

2. The auditor shall perform the following activities at the beginning of the current audit
engagement:

• Perform procedures regarding the continuance of the client relationship and the
specific audit engagement.
• Evaluate compliance with ethical requirements, including independence.
• Establish an understanding of the terms of the engagement.

Planning Activities

3. The auditor shall establish an overall audit strategy for the audit. The overall audit strategy sets
the scope, timing and direction of the audit, and guides the development of the more
detailed audit plan.

4. The establishment of the overall audit strategy involves:

a) Determining the characteristics of the engagement that define its scope;
b) Ascertaining the reporting objectives of the engagement to plan the timing of the
audit and the nature of the communications required;
c) Considering the important factors that will determine the focus of the
engagement team’s efforts;
d) Considering the results of preliminary engagement activities and, where
applicable, whether knowledge gained on other engagements performed by the
engagement partner for the entity is relevant; and
e) Ascertaining the nature, timing and extent of resources necessary to perform
the engagement.

5. The auditor shall develop an audit plan that shall include a description of:
a) The nature, timing and extent of planned risk assessment procedures, as
determined under PSA 315.
b) The nature, timing and extent of planned further audit procedures at the assertion
level, as determined under PSA 330.
c) Other planned audit procedures that are required to be carried out so that
the engagement complies with PSAs.

Page 1 of 12
Changes to Planning Decisions During the Course of the Audit

The overall audit strategy and the audit plan shall be updated and changed as necessary during
the course of the audit.

Direction, Supervision and Review

1. The auditor shall plan the nature, timing and extent of direction and supervision of
engagement team members and review their work.

2. The nature, timing and extent of the direction and supervision of engagement team
members and review of their work vary depending on many factors, including:
• The size and complexity of the entity;
• The area of the audit;
• The risks of material misstatement; and
• The capabilities and competence of the individual team members performing the
audit work.

3. The auditor plans the nature, timing and extent of direction and supervision of
engagement team members based on the assessed risk of material misstatement.

Documentation

The auditor shall document the overall audit strategy and the audit plan, including any
significant changes made during the audit engagement.

Additional Considerations in Initial Audit Engagements

The auditor shall perform the following activities prior to starting an initial audit:
1. Perform procedures regarding the acceptance of the client relationship and the specific
audit engagement.
2. Communicate with the previous auditor, where there has been a change of auditors, in
compliance with relevant ethical requirements.

PSA 315
IDENTIFYING AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT THROUGH
UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT

1. The objective of the auditor is to

 identify and assess the risks of material misstatement, whether due to fraud or
error, at the financial statement and assertion levels,
 through understanding the entity and its environment, including its internal control,
 thereby providing a basis for designing and implementing responses to the
assessed risks of material misstatement.

2. The auditor shall perform risk assessment procedures to provide a basis for the
identification and assessment of risks of material misstatement at
 the financial statement level; and
 the assertion level for classes of transactions, account balances, and
disclosures. to provide a basis for designing and performing further audit
procedures.
3. The auditor shall:
a) Identify risks throughout the process of obtaining an understanding of the entity and
its environment, including relevant controls that relate to the risks, and by
considering the classes of transactions, account balances, and disclosures in the
financial statements.
b) Assess the identified risks, and evaluate whether they relate more pervasively to
the financial statements as a whole and potentially affect many assertions.
c) Relate the identified risks to what can go wrong at the assertion level, taking
account of relevant controls that the auditor intends to test.
d) Consider the likelihood of misstatement, including the possibility of multiple
misstatements, and whether the potential misstatement is of a magnitude that
could result in a material misstatement.

4. Risk assessment procedures by themselves do not provide sufficient appropriate audit

evidence on which to base the audit opinion.

5. The risk assessment procedures shall include the following:

a) Inquiries of management and others within the entity;
b) Analytical procedures; and
c) Observation and inspection.

6. The auditor’s understanding of the entity and its environment consists of an understanding
of the following aspects:
a) Industry, regulatory, and other external factors, including the applicable financial
reporting framework.
b) Nature of the entity, including the entity’s selection and application of accounting policies.
c) Objectives and strategies and the related business risks that may result in a material
misstatement of the financial statements.
d) Measurement and review of the entity’s financial performance.
e) Internal control.

INTERNAL CONTROL

1. Internal control is the process designed, implemented and maintained by those charged
with governance, management and other personnel to provide reasonable assurance about
the achievement of an entity’s objectives with regard to:

• Reliability of financial reporting;

• Effectiveness and efficiency of operations; and
• Compliance with applicable laws and regulations.

2. When obtaining an understanding of controls that are relevant to the audit, the auditor
shall:
 evaluate the design of those controls; and
 determine whether they have been implemented
by performing procedures in addition to inquiry of the entity’s personnel.

COMPONENTS OF INTERNAL CONTROL

1. Control Environment

The control environment includes the governance and management functions and the
attitudes, awareness, and actions of those charged with governance and management
concerning the entity’s internal control and its importance in the entity.
 Elements of control environment:
a) Communication and enforcement of integrity and ethical values.
b) Commitment to competence.
c) Participation by those charged with governance.
d) Management’s philosophy and operating style.
e) Organizational structure.
f) Assignment of authority and responsibility.
g) Human resource policies and practices.

The auditor shall obtain an understanding of the control environment. As part of obtaining
this understanding, the auditor shall evaluate whether:
a) Management, with the oversight of those charged with governance, has created
and maintained a culture of honesty and ethical behavior; and
b) The strengths in the control environment elements collectively provide an
appropriate foundation for the other components of internal control, and whether
those other components are not undermined by deficiencies in the control
environment.

2. The Entity’s Risk Assessment Process

The auditor shall obtain an understanding of whether the entity has a process for:
a) Identifying business risks relevant to financial reporting objectives;
b) Estimating the significance of the risks;
c) Assessing the likelihood of their occurrence; and
d) Deciding about actions to address those risks.

3. The information system, including the related business processes, relevant to financial
reporting, and communication

The auditor shall obtain an understanding of the information system, including the related
business processes, relevant to financial reporting, including the following areas:
 The classes of transactions in the entity’s operations that are significant to the financial
statements.
 The procedures, within both IT and manual systems, by which those transactions are
initiated, recorded, processed, corrected as necessary, transferred to the general
ledger and reported in the financial statements.
 The related accounting records, whether electronic or manual, supporting information,
and specific accounts in the financial statements that are used to initiate, record,
process and report transactions; this includes the correction of incorrect information
and how information is transferred to the general ledger.
 How the information system captures events and conditions, other than
transactions, that are significant to the financial statements.
 The financial reporting process used to prepare the entity’s financial statements,
including significant accounting estimates and disclosures.
 Controls surrounding journal entries, including non-standard journal entries used to
record non-recurring, unusual transactions or adjustments.

The auditor shall obtain an understanding of how the entity communicates financial reporting
roles and responsibilities and significant matters relating to financial reporting, including:
 Communications between management and those charged with governance; and
 External communications, such as those with regulatory authorities.
4. Control activities relevant to the audit
 Control activities are the policies and procedures to help ensure that management
directives are carried out. Examples of control activities include those relating to the
following:
 Authorization
 Performance reviews
 Information processing
 Physical controls
 Segregation of duties

 The auditor shall obtain a sufficient understanding of control activities to:

 Assess the risks of material misstatement at the assertion level; and
 Design further audit procedures responsive to assessed risks.

5. Monitoring of controls

 Monitoring of controls involves assessing the design and operation of controls on a

timely basis and taking the necessary corrective actions modified for changes in
conditions.

 The auditor shall obtain an understanding of the major activities that the entity uses to
monitor internal control over financial reporting, including those related to those control
activities relevant to the audit, and how the entity initiates remedial actions to
deficiencies in its controls.

 If the entity has an internal audit function, the auditor shall obtain an understanding of
the following in order to determine whether the internal audit function is likely to be
relevant to the audit:
a. The nature of the internal audit function’s responsibilities and how the internal audit
function fits in the entity’s organizational structure; and
b. The activities performed, or to be performed, by the internal audit function.

 The auditor shall obtain an understanding of the sources of the information used in the
entity’s monitoring activities, and the basis upon which management considers the
information to be sufficiently reliable for the purpose.

MULTIPLE CHOICE QUESTIONS

1. Before accepting an engagement to audit a new audit client, a CPA is required to

obtain
A. An understanding of the prospective client’s industry and business
B. The prospective client’s signature to the engagement letter
C. A preliminary understanding of the prospective client’s control environment
D. The prospective client’s consent to make inquiries of the predecessor auditor, if
any.

2. Before accepting an audit engagement, a successor auditor should make specific

inquiries of the predecessor auditor regarding
A. The predecessor’s assessment of inherent risk and judgments about materiality
B. The degree of cooperation the predecessor received concerning the inquiry of
client’s lawyer
C. The predecessor’s evaluation of matters of continuing accounting significance
D. Disagreements the predecessor had with the client concerning auditing
procedures and accounting principles
3. Adequate planning of the audit work helps to ensure that
A B C D
Appropriate attention is devoted to important
areas of the audit Yes No Yes No
Potential problems are identified Yes Yes Yes No
The work is completed expeditiously No Yes Yes No

4. Which of the following matters should be considered by the auditor in developing

the overall audit strategy?
A. Important characteristics of the entity, its business, its financial performance
and its reporting requirements including changes since the date of the prior
audit.
B. Conditions requiring special attention, such as the existence of related parties.
C. The setting of materiality levels for audit purposes.
D. All of the above.

5. An auditor should design the audit plan so that

A. All material transactions will be selected for substantive testing.
B. Substantive tests prior to the balance sheet date will be minimized.
C. The audit procedures selected will achieve specific audit objectives.
D. Each account balance will be tested under either tests of controls or tests of
transactions.

6. Audit plans should be designed so that

A. Most of the required procedures can be performed as interim work.
B. Inherent risk is assessed at a sufficiently low level.
C. The auditor can make constructive suggestions to management.
D. The audit evidence gathered supports the auditor’s conclusions.

7. An auditor most obtains knowledge about a new client’s business and industry to
A. Make constructive suggestions concerning improvements to the client’s internal
control.
B. Develop an attitude of professional skepticism concerning management’s
financial statement assertions.
C. Evaluate whether the aggregation of known misstatements causes the
financial statements taken as a whole to be materially misstated.
D. Understand the events and transactions that may have an effect on the client’s
financial statements

8. With respect to planning an audit, which of the following statements is always true
A. Final staffing decisions must be made prior to completion of the planning stage
B. An inventory count must be observed at year-end
C. It is acceptable to perform a portion of the audit of a continuing audit client at
interim dates.
D. An engagement should not be accepted after the client’s year-end.

9. To obtain an understanding of a continuing client’s business, an auditor most likely

would
A. Perform tests of details of transactions and balances.
B. Reevaluate the client’s internal control environment
C. Review prior year working papers and the permanent file for the client.
D. Read current issues of specialized industry journals
10. Which of the following is least likely to be considered a risk assessment procedure?
A. Confirmation of ending accounts receivable
B. Analytical procedures
C. Inspection of documents
D. Observation of the performance of certain accounting principles
11. A measure of how willing the auditor is to accept that the financial statements
may be materially misstated after the audit is completed and an unmodified opinion
has been issued is the
A. Inherent risk C. Control risk
B. Acceptable audit risk D. Detection risk

12. Which of the following audit risk components may be assessed in quantitative
terms?
Inherent risk Control risk Detection risk
A. Yes No Yes
B. Yes Yes Yes
C. No No No
D. No No Yes

13. A measure of the auditor’s assessment of the likelihood that there are material
misstatements in an account before considering the effectiveness of the client’s
internal control is called
A. Audit risk C. Inherent risk
B. Detection risk D. Control risk

14. Assessing control risk at a low level most likely would involve
A. Performing more extensive substantive tests with larger sample sizes than
originally planned.
B. Reducing inherent risk for most of the assertions relevant to significant account
balances.
C. Changing the timing of substantive tests by omitting interim-date testing and
performing the tests at year-end.
D. Identifying specific controls relevant to specific assertions.

15. An auditor assesses control risk because it

A. Is relevant to the auditor’s understanding of the control environment.
B. Provides assurance that the auditor’s materiality levels are appropriate.
C. Indicates to the auditor where inherent risk may be the greatest.
D. Affects the level of detection risk that the auditor may accept.

16. Which of the following is not a step in an auditor’s assessment of control risk?
A. Evaluate the effectiveness of internal control with tests of controls.
B. Obtain an understanding of the entity’s information system and control
environment.
C. Perform tests of details of transactions to detect material misstatements in the
financial statements.
D. Consider whether controls can have a pervasive effect on financial statement
assertions.

17. It is the process designed and effected by those charged with governance,
management, and other personnel to provide reasonable assurance about the
achievement of the entity’s objectives.
A. Internal auditing C. Business strategy
B. Internal control D. Accounting process

18. Which of the following is not one of the three primary objectives of effective internal
control?
A. Reliability of financial reporting.
B. Efficiency and effectiveness of operations.
C. Compliance with laws and regulations.
 D. Assurance of elimination of business risk.

19. The overall attitude and awareness of an entity’s board of directors concerning the
importance of internal control usually is reflected in its
A. Computer based controls
B. System of segregation of duties
C. Control environment
D. Safeguard over access to assets
20. Which of the following are considered control environment
elements?
Commitment to Organizational
Competence Detection risk Structure
A. No Yes No
B. Yes Yes Yes
C. Yes No Yes
D. No No Yes

21. Which of the following statements concerning the relevance of various types of
controls to a financial statement audit is correct?
A. All controls are ordinarily relevant to a financial statement audit.
B. Controls over safeguarding of assets and liabilities are of primary
importance, while controls over the reliability of financial reporting may also
be relevant.
C. Controls over the reliability of financial reporting are ordinarily most directly
relevant to a financial statement audit, but other controls may also be
relevant.
D. An auditor may ordinarily ignore a consideration of controls when a
substantive audit approach is taken.

22. Under PSA 315, monitoring of controls is an internal control component that
involves a process of assessing the quality of internal control performance over
time. It involves assessing the design and operation of controls on a timely basis
and taking necessary corrective actions. Monitoring of controls is accomplished
through ongoing monitoring activities, separate evaluations, or a combination of
two. An entity’s ongoing monitoring activities often include
A. Periodic reporting by the entity’s internal auditors about the functioning of
internal control
B. Reviewing the purchasing function
C. Periodic audits by the audit committee
D. The audit of the annual financial statements.

23. An auditor should consider two key issues when obtaining an

understanding of a client’s internal controls. These issues are
A. The effectiveness and efficiency of the controls.
B. The frequency and effectiveness of the controls.
C. The design and implementation of the controls.
D. The implementation and efficiency of the controls.

24. Which of the following statements is most correct with respect to separation
duties?
A. Employees should not have temporary and permanent custody of assets
B. Employees who authorize transactions should not have custody of related
assets
C. It is permissible to allow an employee to open cash receipts and record
those receipts
D. Employees who authorize transactions should have recording responsibility
for these transactions.

25. Authorizations can be either general or specific. Which of the following is not an
example of a general authorization?
A. Automatic reorder points for raw materials inventory.
B. A sales manager’s authorization for a sales return.
C. Credit limits for various classes of transactions.
 D. A sales price list for merchandise.
26. When obtaining knowledge about an entity’s internal control, it is important for the
auditor to consider the competence of its employees, because their competence
bears directly and importantly upon the
A. Cost-benefit relationship of internal control.
B. Comparison of recorded accountability with assets.
C. Achievement of the objectives of internal control.
D. Timing of substantive tests to be performed.

27. Control activities are the policies and procedures that help ensure that management
directives are carried out. These include activities relating to authorization,
performance reviews, information processing, physical controls, and segregation of
duties. There is proper segregation of duties when an individual who
A. Records a transaction does not compare the accounting record of the asset
with the asset itself.
B. Authorizes a transaction records it.
C. Authorizes a transaction maintains custody of the asset that resulted from the
transaction.
D. Maintains custody of an asset has access to the accounting records for the asset.
28. An auditor should obtain sufficient knowledge of an entity’s information system,
including the related business processes relevant to financial reporting, to
understand the
A. Policies used to detect the concealment of fraud.
B. Process used to prepare significant accounting estimates.
C. Safeguards used to limit access to computer facilities.
D. Procedures used to assure proper authorization of transactions.

29. The primary objective of procedures performed to obtain an understanding of

internal control is to provide an auditor with
A. Knowledge necessary to plan the audit.
B. A basis for modifying tests of controls.
C. Information necessary to prepare flowcharts.
D. Evidence to use in reducing detection risk.

30. In obtaining an understanding of internal control relevant to the audit, an auditor is

required to obtain knowledge about the
A. Effectiveness of controls that have been implemented
B. Consistency with which controls are currently being applied
C. Design of controls pertaining to internal control components
D. Controls related to each class of transactions and account balance

31. After reconsidering a client’s internal controls, an auditor has concluded that it is
well designed and is functioning as intended. Under these circumstances, the auditor
would most likely
A. Perform test of controls to the extent outlined in the audit program
B. Determine the control procedures that should prevent or detect errors and
fraud
C. Not increase the extent of predetermined substantive test
D. Determine whether transactions are recorded to permit preparation of
financial statements in accordance with PFRS.

32. Audit evidence concerning proper segregation of duties normally is best obtained by
A. Direct personal observation of the employee who applies control procedures.
B. Making inquiries of co-workers about the employee who applies control
procedures.
C. Preparation of a flowchart of duties performed and available personnel.
D. Inspection of third-party documents containing the initials of who applied
control procedures.

33. In conducting an audit in accordance with PSAs, the auditor is required to identify
and assess the risks of material misstatement at the financial statement level, and
at the assertion level for classes of transactions, account balances, and disclosures.
Some of these risks, in the auditor’s judgment, require special audit consideration,
such as those that involve fraud or complex transactions. Such risks are called
A. Business risks C. Significant risks
B. Audit risks D. Material risks

34. As a result of obtaining an understanding of an entity’s internal control system, the

auditor may become aware of material weaknesses in the design or
implementation of internal control. The auditor is required to communicate this
matter to
A. Those charged with governance or management
B. Chief executive officer
C. Securities and Exchange Commission
D. Board of Accountancy
35. Which of the following controls most likely would provide reasonable assurance
that all credit sales transactions of an entity are recorded?
A. The accounting department supervisor controls the mailing of monthly
statements to customers and investigates any differences reported by
customers.
B. The accounting department supervisor independently reconciles, on a monthly
basis, the accounts receivable subsidiary ledger to the accounts receivable
control account.
C. The billing department supervisor matches prenumbered shipping documents
with entries in the sales journal.
D. The billing department supervisor sends copies of approved sales orders to
the credit department for comparison to authorized credit limits and current
customer account balances.
36. A sound internal control procedure should require that defective merchandise
returned by customers be presented initially to the
A. Receiving clerk
B. Accounts receivable supervisor
C. Billing clerk
D. Shipping department supervisor
37. Macho Dancer Company uses its sales invoices for posting perpetual inventory
records. Inadequate internal control over the invoicing function allows goods to be
shipped but not invoiced. The inadequate controls could cause what type of
misstatement in each of the following accounts?
Revenues Receivables Inventories
A. Understatement Understatement Understatement
B. Overstatement Overstatement Understatement
C. Understatement Understatement Overstatement
D. Overstatement Overstatement Overstatement

38. Which of the following control activities in an entity’s revenue/receipt cycle would
provide reasonable assurance that all billed sales are correctly posted to the
accounts receivable ledger?
A. Each shipment of goods on credit is supported by a prenumbered sales invoice.
B. The accounts receivable subsidiary ledger is reconciled daily to the accounts
receivable control account in the general ledger.
C. Daily sales summaries are compared to daily postings to the accounts receivable
ledger.
D. Each sales invoice is supported by a prenumbered shipping document.

39. The auditor’s primary objective in obtaining an understanding of the client’s

controls over the purchasing function is to
A. Investigate the recording of unusual transactions regarding raw materials.
B. Determine the reliability of financial reporting by the purchasing function.
C. Observe the annual physical count.
D. Ascertain that raw materials paid for are on hand.

40. Effective controls relevant to purchasing of raw materials should usually include
all of the following, except
A. Determining the need for the raw materials prior to preparing the purchase order.
B. Systematic reporting of product changes that will affect raw materials.
C. Obtaining financial approval prior to making a commitment.
D. Obtaining third-party written quality and quantity reports prior to payment for
the raw materials.

41. Which of the following controls is not usually performed in the accounts payable
department?
A. Indicating on the voucher the affected asset and expense accounts to be debited.
B. Approving vouchers for payment by having an authorized employee sign the
vouchers.
C. Accounting for unused prenumbered purchase orders and receiving reports.
D. Matching the vendor’s invoice with the related purchase requisition, purchase
order, and receiving report.
42. The following are appropriate questions on an internal control questionnaire
concerning purchase transactions, except
A. Are all goods received in a centralized receiving department and counted,
inspected, and compared with purchase orders on receipt?
B. Are intact cash receipts deposited daily in the bank?
C. Are prenumbered purchase orders and receiving reports used and accounted for?
D. Are an approved purchase requisition and a signed purchase order required
for each purchase?

43. Which of the following is of least concern to an auditor in assessing the risks of
material misstatement?
A. Signed checks are distributed by the controller to approved payees.
B. Checks are signed by one person.
C. Cash receipts are not deposited intact daily.
D. Treasurer does not verify the names and addresses of check payees.
44. To provide assurance that each voucher is submitted and paid only once, an
auditor most likely would examine a sample of paid vouchers and determine
whether each voucher is
A. Supported by a vendor’s invoice.
B. Stamped “paid” by the check signer.
C. Prenumbered and accounted for.
D. Approved for authorized purchases.

45. Which of the following is an essential control procedure to ensure the accuracy of the
recorded inventory quantities?
A. Calculating unit costs and valuing obsolete or damaged inventory items in
accordance with inventory policy.
B. Testing inventory extensions.
C. Performing a gross profit test.
D. Establishing a cutoff for goods received and shipped.

46. Effective internal controls over inventories are designed and implemented for the
following reasons, except
A. Inventories typically represent a large component of an entity’s current assets.
B. Inventories are the most liquid asset.
C. Inventories directly affect the financial performance of an entity.
D. Inventories typically represent a large portion of an entity’s total assets.

47. An auditor generally tests the segregation of duties related to inventory by

A. Personal inquiry and observation
B. Test counts and cutoff procedures
C. Analytical procedures and invoice recomputation
D. Document inspection and reconciliation

48. Your client, a merchandising concern, has annual sales of P30,000,000 and a 40%
gross profit rate. Tests reveal that 2% of the peso amount of purchases do not get
into inventory because of breakage and inventory pilferage by employees. The
company estimates that these losses could be reduced to 0.5% of purchases by
designing and implementing certain controls costing approximately P350,000.
Should the controls be designed and implemented?
A. Yes, regardless of cost-benefit considerations, because the situation involves
employee theft.
B. Yes, because the ideal system of internal control is the most extensive one.
C. No, because the cost of designing and implementing the added controls
exceeds the projected savings.
D. Yes, because the expected benefits to be derived exceed the cost of the added
controls.

49. Which of the following controls most likely would be implemented to achieve the
production cycle control objective of maintaining accurate inventory records?
A. Periodic inventory counts are used to adjust the perpetual inventory records.
B. A just-in-time inventory ordering system keeps inventory levels to a desired
minimum.
C. Perpetual inventory records are periodically compared with the net realizable
value of individual inventory items.
D. Purchase requisitions, receiving reports, purchase orders, and vendor
invoices are independently matched before payment is approved.
50. An internal control objective concerning property, plant, and equipment (PPE)
acquisitions is that they be recorded at the correct amounts and in the proper period,
and properly classified. In which of the following conditions would an auditor most
likely assess a high level of risk of material misstatement?
A. All material acquisitions of PPE are required to be approved by the board of
directors.
B. Most additions are self-constructed by the entity.
C. Recently acquired loans include covenants that preclude further plant
acquisitions for 5 years.
D. Gross PPE increased 30% during the current period.

51. Which of the following controls would an entity most likely use in safeguarding
against the loss of trading securities?
A. The independent auditor traces all purchases and sales of trading securities
through the subsidiary ledgers to the general ledger.
B. An independent trust company that has no direct contact with the employees
who have record-keeping responsibilities has possession of the securities.
C. The internal auditor inspects the trading securities in the entity’s safe each
year on the balance sheet date.
D. A designated member of the board of directors controls the securities in a
bank safe- deposit box.

52. The following controls are designed to protect investment securities, except
A. Investment securities should be properly controlled physically in order to
prevent unauthorized usage.
B. Custody over investment securities should be limited to personnel having
record-keeping responsibility over the securities.
C. Securities should be registered in the entity’s name.
D. Access to securities should be vested in two individuals.

53. Effective controls over the payroll function may include

A. Custody of rate authorization records by the supervisor of the payroll department.
B. Preparation of payroll transaction journal entries by an employee who
reports to the supervisor of the personnel department.
C. Verification of agreement of job time tickets with employee clock card hours by
a payroll department employee.
D. Reconciliation of totals on job time tickets with job reports by employees
responsible for those specific jobs.

54. Employees of a manufacturing entity are often required to use time cards and job time
tickets. Which of the following statements concerning the use of these documents
is incorrect?
A. Time reported on job time tickets should be reconciled to time cards.
B. Payroll should be calculated based on job time tickets.
C. Each employee should have only one time card.
D. An employee may have one or many job time tickets in a day.
55. Which of the following personnel department procedures reduces the risk of payroll
fraud and represents an appropriate responsibility for the department?
A. Authorizing the addition or deletion of employees from the payroll.
B. Authorizing overtime hours.
C. Collection and retention of unclaimed paychecks.
D. Distributing paychecks.

--- END --