Part C sẽ ôn lại 7 dạng bài tập quan trọng môn Audit & Assurance (F8) với chủ đề Internal Control.1. Tổng quan:
2. Dạng bài tập chi tiết:2.1. Dạng 1: Internal control componentsMức độ: Quan trọng OTQ & OT Case Câu 1: (3.6m) (Dễ) Question: Which of the following is NOT a component of an entity’s internal control? A. The selection and application of accounting policies Guidance: 5 components of internal controls References:
Answer: A The selection and application of accounting policies is not a component of an entity’s internal control. Câu 2: (9m) (Dễ) (Đọc thêm) Learning outcome: Nhận định được các components của hệ thống kiểm soát nội bộ Question: State the FIVE components of an entity’s internal control and give a brief explanation of each component. Answer: Internal control components (i) Control environment The control environment includes the governance and management functions and the attitudes, awareness, and actions of those charged with governance and management concerning the entity’s internal control and its importance in the entity. The control environment sets the tone of an organisation, influencing the control consciousness of its people. The control environment has many elements such as communication and enforcement of integrity and ethical values, commitment to competence, participation of those charged with governance, management’s philosophy and operating style, organisational structure, assignment of authority and responsibility and human resource policies and practices. (ii) Entity’s risk assessment process For financial reporting purposes, the entity’s risk assessment process includes how management identifies business risks relevant to the preparation of financial statements in accordance with the entity’s applicable financial reporting framework. It estimates their significance, assesses the likelihood of their occurrence, and decides upon actions to respond to and manage them and the results thereof. (iii) Information system, including the related business processes, relevant to financial reporting, and communication The information system relevant to financial reporting objectives, which includes the accounting system, consists of the procedures and records designed and established to initiate, record, process, and report entity transactions (as well as events and conditions) and to maintain accountability for the related assets, liabilities, and equity. (iv) Control activities relevant to the audit Control activities are the policies and procedures that help ensure that management directives are carried out. Control activities, whether within information technology or manual systems, have various objectives and are applied at various organizational and functional levels. (v) Monitoring of controls Monitoring of controls is a process to assess the effectiveness of internal control performance over time. It involves assessing the effectiveness of controls on a timely basis and taking necessary remedial actions. Management accomplishes the monitoring of controls through ongoing activities, separate evaluations, or a combination of the two. Ongoing monitoring activities are often built into the normal recurring activities of an entity and include regular management and supervisory activities. Câu 3: (3.6m) (TB) Question: One of the control objectives of the sales system of B Co is to ensure that goods and services sold to credit-worthy customers. Which of the following control activities would assist B Co in achieving this objective? A. Credit limits are checked before sales orders are
accepted. Guidance: You can use the control activities definition of “control activities are those policies and procedures that help management achieve control objective” as a guidance to choose appropriate control activities. There is no specific way to identify appropriate control activities, but seeing examples of them can help you easier to do that. You can see them in F8 BPP Chapter 10: Tests of controls or ACCA past exam. Answer: A
Câu 4: (3.6m) (TB) Question: B Co maintains perpetual inventory records. Which of the following control activities would contribute to the auditor's confidence that inventory recorded in the financial statements exists?
Answer: D
Câu 5: (7.2m) (Dễ) (Đọc thêm) Learning outcome: Hiểu được các loại hoạt động kiểm soát khác nhau Question: Describe FOUR different types of control activities and, for each type, provide an example control a company may implement. Answer: Control activities Segregation of duties – assignment of roles or responsibilities to ensure the tasks of authorising and recording transactions and maintaining custody of assets are carried out by different people, thereby reducing the risk of fraud and error occurring. For example, the purchase ledger clerk recording invoices onto the purchase ledger, and the finance director authorising the payment of those purchase invoices. Information processing – controls including application and general IT controls, which ensure the completeness, accuracy, and authorization of information being processed. For example, the use of batch control totals when entering transactions into the system. Authorisation – approval of transactions by a suitably responsible official to ensure transactions are genuine. For example, authorisation by a responsible official of all purchase orders. Physical controls – restricting access to physical assets as well as computer programs and data files, thereby reducing the risk of theft. For example, cash being stored in a safe which only a limited number of employees are able to access. Performance reviews – comparison or review of the performance of the business by looking at areas such as budget versus actual results. For example, the review by department heads of monthly results of actual trading to budget and prior year, with analysis of variances. Câu 6: (1.8m) (Trung bình) Learning outcome: Hiểu được các inherent limitation của hệ thống kiểm soát nội bộ Question: Which of the following is NOT an inherent limitation of internal control systems? A. Insufficient segregation of duties Answer: A A is incorrect as it is not an inherent limitation of an internal control system; rather it is an internal control deficiency. References: F8 BPP Chapter 9: Internal controls phần 1.7 Limitations of accounting and control systems Câu 7: (3.6m) (Trung bình) Question: Who is ultimately responsible for a company's system of internal controls? A. External auditors Answer: B Internal control is the process designed, implemented, and maintained by those charged with governance, management, and other personnel to provide reasonable assurance about the achievement of an entity's objectives with regard to the reliability of financial reporting, effectiveness, and efficiency of operations, and compliance with applicable laws and regulations. Reference: F8 BPP Chapter 9: Internal control system phần 1 Internal control systems 2.2. Dạng 2+3: Test of controls + Communication on internal controlMức độ: Quan trọng OTQ & OT Case Câu 8: (3.6m) (Trung bình) Question: Which of the following statements about the nature and extent of tests of controls are true?
Answer: D
References: F8 BPP Chapter 9: Internal control system phần 3 The evaluation of internal control components Câu 9-11: Cherry Blossom Co (Cherry) manufactures custom made furniture and its year-end is 30 April. You are the audit supervisor of Poplar & Co and are developing the audit programs for Cherry's forthcoming interim audit. You have ascertained that Cherry purchases its raw materials from a wide range of approved suppliers. When production supervisors require raw materials, they complete a requisition form and this is submitted to the purchase ordering department. Requisition forms do not require authorisation and no reference is made to the current inventory levels of the materials being requested. Cherry has an internal audit department that has provided you with details of the internal controls around the non-current assets cycle. One such control is that upon receipt of a new asset, each asset is assigned a unique serial number and this is recorded on the asset and in the non-current assets register. Câu 9: (3.6m) (TB) Which TWO of the following statement are DEFICIENCIES of purchases system of Cherry? A. Cherry purchases its raw materials from a wide range of approved suppliers. Guidance: To identify deficiencies you should look for information that indicates:
Answer: B+C Options A and D are control activities Options B and C are deficiencies (Controls are missing) Câu 10: (3.6m) (Trung bình) Learning outcome: Nhận diện được consequences của internal control deficiency. Đề bài: Which of the following are the most likely consequences of the internal control deficiency described in the requisition system for raw materials?
Answer: B Risk of raw materials are being ordered without reviewing inventory levels => Both stock-outs and excess obsolescent inventory are likely to occur => Option B + C are true (The lack of authorisation means that fraudulent purchases could be made, but there is an approved supplier list and money-laundering risks seem far-fetched. Likewise, poorer quality goods may be ordered but the approved supplier list does act as a control here – and going concern risks are irrelevant.) => Giải thích thêm với đáp án sai Câu 11: (3.6m) (Trung bình) Learning outcome: Nhận diện các assertion Question: While reviewing Cherry's purchases cycle, you identified that goods received notes for raw material purchases are not sequentially numbered. Which of the following areas would you consider to be most at risk of material misstatement, as a result of this internal control deficiency? A. Rights and obligations of inventory Answer: D The fact that goods received notes (GRNs) are not sequentially numbered means that GRNs may be omitted from accounting records and it would be difficult to trace the unrecorded GRNs. As a result, the risk is that payables (and inventory) are understated. Câu 12: (3.6m) (Trung bình) Question In relation to the control relating to the receipt of a new asset, which TWO of the following describe the MOST RELIABLE audit procedures which enable the auditor to assess whether this control is operating effectively?
Guidance: To be able to identify a test of control, you need to understand the cycle relate to the scenario and control activities designed by clients. You can your definition of a test of controls “an audit procedure designed to evaluate the operating effectiveness of controls in preventing, or detecting and correcting, material misstatements at the assertion level” as a guide to identify test of controls. There is no specific way to identify tests of controls, but seeing examples of them can help you easier to do that. You can see them in F8 BPP Chapter 10: Tests of controls or ACCA past exam. Answer: A Control activities: Upon receipt of a new asset, each asset is assigned a unique serial number and this is recorded on the asset and in the non-current assets register. Select a sample of capital additions on-site, agree that a serial number is recorded on the asset, and confirm it is included in the non-current assets register helps the auditor to ensure serial number is recorded on both asset and register. => 1 is true Statement (2) is not a reliable procedure because it doesn’t test the effectiveness of this control activity. Reviewing the non-current register to identify duplicate serial numbers will identify instances when the serial numbers assigned were not unique. => Statement (3) is true Observation is a valid audit procedure, but it provides a weak form of audit evidence since it does not assure the auditor that the control would be operated when the auditor is not there to observe it. => 4 are false Câu 13-15: Primrose Co has recently upgraded its computer system to enable greater automation of transaction processing. The new system has integrated the sales, inventory, and purchasing systems resulting in minimal manual entry. Sales orders are entered into the system manually. The inventory system is automatically updated to reflect that inventory has been allocated to an order. The system will flag if there is insufficient inventory to fulfill the order. The inventory system is linked to the purchasing system so that when inventory falls to a minimum level a purchase order is automatically created and sent to the purchasing manager for authorization. Once the manager clicks ‘authorised’ the order is automatically sent electronically to the approved supplier for that item. The system is backed up daily to ensure minimal loss of data in the event of a system failure. Primrose Co’s internal auditors were present during the implementation of the new system and performed tests during the process to ensure the information transferred into the new system was free from error. The internal audit plan of work has been updated to include regular tests of the system throughout the year to ensure it is working effectively. The external auditor of Primrose Co is planning to use automated tools and techniques during the audit for the first time this year as a result of the new system and is also planning to use the work of Primrose Co’s internal audit department if possible. Câu 13: (3.6m) (TB) Question: Which of the following is NOT a test of control in respect of Primrose Co’s system? A. Trace a sample of purchase orders through to the approved supplier list to ensure the supplier used is approved Answer: B Tracing a transaction through the system to ensure it is recorded in the sales day book is a substantive procedure testing the assertion of completeness. Câu 14: (3.6m) (TB) Question: Select whether the following controls identified in Primrose Co’s systems are general or application controls?
Answer:
Backups relate to the whole computer system therefore are a general control. Authorisation, minimum order quantities and automatic updating of inventory related to individual aspects of the purchasing and inventory systems, therefore, are application controls. References: F8 BPP chapter 9: Internal controls phần 4 Internal Controls in a computerized environment Câu 15: (3.6m) (TB) Question: Which can be tested by placing a dummy sales order for a large quantity of goods into the system? Select all that apply.
Answer:
As all of the controls stated are computerized controls, a dummy order can be used to test them. 2.3. Dạng 4: Internal control in computerised environmentMức độ: Quan trọng Câu 16: (3.6m) (Dễ) Question: Which TWO of the following are application controls?
Answer: D One-for-one checking (3) and batch controls (2) are application controls. They apply separately to each application. Password protection of programs (1) and Regular backup of programs (4) are general IT controls Câu 17: (3.6m) (Dễ) Question: General IT controls are policies and procedures that relate to many applications and support the effective functioning of application controls. Which two of the following are general IT controls?
Answer: D Disaster recovery procedures (3) and System software acquisition (4) are general IT controls that relate to many applications. Testing procedures using test data (1) and Arithmetic checks (2) are application controls. Câu 18: (3.6m) (trung bình) Question: Fox Industries Co (Fox) manufactures engineering parts. It has one operating site and a customer base spread across Europe. The company’s year-end was 30 April 2013. While evaluating the purchasing system of Fox, you realized that Purchase invoices are input daily by the purchase ledger clerk and he does not apply any application controls over the input process. It can raise the risk that invoices could be input into the system with inaccuracies or they may be missed out entirely. Which application controls should be adopted by Fox Industries Co to ensure the completeness and accuracy of the input of purchase invoices:
Answer: D Statement (1) helps to ensure completeness of input. Statement (2) helps to ensure completeness and accuracy of input. Statement (3) helps to ensure the accuracy of input. Statement (4) helps to ensure the accuracy of input. 2.4. Dạng 5: Internal audit assignmentsMức độ: Ít quan trọng: Câu 19: (3.6m) (Dễ) Question: The examination of the economy, efficiency, and effectiveness of activities and processes. Which of the following internal audit assignments is described below? A. Regulatory compliance audit Answer: B References: F8 BPP Chapter 5: Internal audit phần 4.1 Value for money audits Câu 20: (3.6m) (Dễ) Question: Which of the following best summarises the meaning of 'efficiency' in the context of a Value for Money audit as requested by KLE Co's management? A. The lowest cost at which the appropriate quantity and quality of physical, human, and financial resources can be achieved Answer: D Option A describes the economy. Option B only describes one aspect of efficiency. Option C describes effectiveness. Option D describes efficiency. References: F8 BPP Chapter 5: Internal audit phần 4.8 Operational audits Câu 21: (5.4m) (Dễ) Question: Define the ‘three Es’ of a value for money audit. Answer: Value for money audit In performing a value for money audit, there are three areas which an auditor will commonly focus on being economy, efficiency, and effectiveness, and these are known as the ‘three Es’. Economy – Keeping the cost of resources used to a minimum. Efficiency – The relationship between the output from goods and services and the resources used to produce them. Effectiveness – How well the organisation’s objectives have been achieved. Câu 22: (3.6m) (TB) Question: Management of A Co wants to increase the range of assignments that the company's internal audit undertakes. Which of the following assignments could the internal audit department be asked to perform by management? A. Undertake 'mystery shopper' reviews, where they
enter the store as a customer, purchase goods, and rate the overall shopping experience Answer: A Undertake 'mystery shopper' reviews, where they enter the store as a customer, purchase goods, and rate the overall shopping experience is an example of Customer service reviews assignments Bank confirmations should always be carried out by the auditor. => B is false Providing advice on the implementation of a new payroll system would impair the internal auditors' independence. => C is false Reviewing the financial statements on behalf of the board is the responsibility of the audit committee, not internal audit => D is false 2.5. Dạng 6: Internal audit vs external auditMức độ: Ít quan trọng:
Câu 23: (3.6m) (Dễ) Question: Which of the following statements relating to internal and external auditors is correct? A. Internal auditors are required to be members of a professional body Answer: B A is incorrect as internal auditors are not required to be members of any professional body. C is incorrect as external auditors report to shareholders rather than those charged with governance. D is incorrect as internal auditors can be independent of the company, if, for example, the internal audit function has been outsourced. Câu 24: (3.6m) (Dễ) Question: Which two of the following characteristics apply to internal audits?
Answer: A (1) and (3) are characteristics of internal audit (2) and (4) are characteristic of external audit Câu 25: (3.6m) (Dễ) Question: With which of the following activities should the internal audit function NOT be involved? A. Monitoring of management's performance Answer: C The internal audit function is a review and monitoring function. It should not take operational responsibility for any part of the accounting or information systems Câu 26: (3.6m) (Dễ) Question: Which of the following statements about the responsibilities of external and internal auditors with regards to fraud is NOT correct? A. The external auditor must maintain an attitude of professional skepticism throughout the audit, recognising the possibility that a material misstatement due to fraud could exist. Answer: B Option A is true because of the requirement of ACCA Code of Ethics The need to consider the potential of management override applies mainly to the external auditors => B is false The external auditor's objective is to conclude whether the financial statements are free from material misstatement, whether from error or fraud => C is true Internal auditors can help to prevent fraud by carrying out work on assessing the adequacy and effectiveness of control systems => D is true 2.6. Dạng 7: Outsourcing internal auditMức độ: Ít quan trọng: Câu 27: (3.6m) (TB) Question: Each of the following statements is the advantage of an internal audit function consisting of employees of the company or outsourcing internal audit.
Answer:
Where the internal audit department is outsourced to an external firm, a company will benefit from
However, if the staff is employed by the company, this increases the skills held within the business and therefore increases the value of the workforce which is a strength of the company. Câu 28: (3.6m) (TB) Question Saxophone Enterprises Co (Saxophone) has been trading for 15 years selling insurance and has recently become a listed company. In accordance with corporate governance principles, Saxophone maintains a small internal audit department. The directors feel that the team needs to increase in size and specialist skills are required, but they are unsure whether to recruit more internal auditors or to outsource the whole function to their external auditors, Cello & Co. Required: Explain the advantages and disadvantages for each of Saxophone Enterprises Co AND Cello & Co of outsourcing the internal audit department. Answer:
Author: Hong Quan What are the 5 key components of internal control?There are five interrelated components of an internal control framework: control environment, risk assessment, control activities, information and communication, and monitoring.
Which of the following is not one of the five components of internal controls?The correct answer is D) Auditing system. The basic categories of internal control are the following; Control Environment. Risk Assessment.
Which is not a component of internal control?Control Risk is not a component of internal control.
Which of the following is not considered one of the five major components of internal control * 1 point risk assessment segregation of duties control activities monitoring?As a result, the answer is the segregation of duties. It is not a component of internal control but a key control activity in the control activities component.
|