If a company’s control risk is initially assessed as low, the auditor needs to gather evidence on the operating effectiveness of the controls. For each of the following control activities listed as (1)–(10), do the following two tasks:
a. Describe the test of control that the auditor would use to determine the operating effectiveness of the control.
b. Briefly describe how substantive tests of account balances should be modified if the auditor finds that the control is not working as planned. In doing so, indicate (a) what misstatement could occur because of the control deficiency, and (b) how the auditor’s substantive tests should be expanded to test for the potential misstatement.
6. Employees are added to the payroll master file by the payroll department only after receiving a written authorization from the personnel department.
A)
B)
Introduction: The employees who get added to the payroll master has got high risk attached to it because of following reasons
1. There may be fictitious employees created and added to the master to process fake salary payments
2. Employees who are incapable of the position may be recruited in the company without proper authorization
Because of the above risks the control in the question should be implemented very strictly where personnel department being an independent department should give a written authorization before adding any person to the payroll master.
A) Test of operating effectiveness:- This test is performed by obtaining the list of new additions during the year and for samples checking whether there is an written authorization from the personnel head to add the new Joiner into the payroll master. Where the control is assessed to be not performing well. Then the auditor has to amend his substantive tests to ascertain a reasonable assurance on payroll cost.
B) The substantive tests should be as follows which tries to obtain maximum comfort over the payroll cost
Analytical procedures
1. Comparing the previous year payroll cost with current year payroll cost and analyzing proper reasons for the differences
2. Comparing the recruitment agency fee if any between previous year and current year and analyze the differences
Other substantive procedures
1. Estimating the payroll cost basis the master and comparing with actual payroll cost
2. Comparing the pay details with the master as well as offer letter for sample cases of joiners. (Since there are cases of no written authorization from the personnel department there may be changes of pay sheet details)
3. Checking whether the recruited employees are actually required by checking their Job requisitions by the respective departments and obtaining evidences for interview and selection procedures.
4. Obtaining attendance register and checking that the joiners were attending office.
If a company’s control risk is initially assessed as low, the auditor needs to gather evidence...
If a company’s control risk is initially assessed as low, the auditor needs to gather evidence on the operating effectiveness of the controls. For each of the following control activities listed as (1)–(10), do the following two tasks: a. Describe the test of control that the auditor would use to determine the operating effectiveness of the control. b. Briefly describe how substantive tests of account balances should be modified if the auditor finds that the control is not working as...
If a company’s control risk is initially assessed as low, the auditor needs to gather evidence on the operating effectiveness of the controls. For each of the following control activities listed as (1)–(10), do the following two tasks: a. Describe the test of control that the auditor would use to determine the operating effectiveness of the control. b. Briefly describe how substantive tests of account balances should be modified if the auditor finds that the control is not working as...
Control 2: If a company’s control risk is initially assessed as low, the auditor needs to gather evidence on the operating effectiveness of the controls. For the following control activity listed, do the following two tasks: a. Describe the test of control that the auditor would use to determine the operating effectiveness of the control. b. Briefly describe how substantive tests of account balances should be modified if the auditor finds that the control is not working as planned. In...
Control 1: If a company’s control risk is initially assessed as low, the auditor needs to gather evidence on the operating effectiveness of the controls. For the following control activity listed, do the following two tasks: a. Describe the test of control that the auditor would use to determine the operating effectiveness of the control. b. Briefly describe how substantive tests of account balances should be modified if the auditor finds that the control is not working as planned. In...
Which of the following is a false statement about the assessment of the risks of material misstatement? A. The assessed levels will affect the nature, timing, and extent of substantive testing. B. The auditor may use certain tests of details of transactions concurrently as tests of controls. C. The ultimate purpose is to determine the operating effectiveness of controls. D. The auditor’s understanding of internal control should be documented.
Which of the following should an auditor do when control risk is assessed at the maximum level? Multiple Choice A. Document the control structure more extensively. B. Perform fewer substantive tests of details. C. Document the assessment. D. Perform more tests of controls.
Question: Question 183 Processing auditor test data using the client's software application _______. -will allow the auditor to verify manual controls within the software application are functioning as designed -may corrupt the client's system, and should not be attempted -will allow the auditor to verify that the software application is functioning as designed -should be performed without the knowledge of the client's senior management Question 19 The tolerable deviation rate _______. -relates to how many immaterial misstatements the auditor finds...
If an auditor decides to assess control risk as low based on IT application control procedures, which of the following would not be part of the auditor’s strategy for testing controls? a. Testing the effectiveness of management review controls used to monitor the results of operations. b. Testing the effectiveness of manual follow-up procedures. c. Testing the effectiveness of the application with test data. d. Testing the effectiveness of IT general control procedures.
The auditor has provided a preliminary assessment of control risk of low in the revenue cycle accounts of Acco, Inc. for each of the relevant assertions. The auditor selected a sample of sales transactions for control testing. Each of the following types of control or transaction-processing deficiencies uncovered in the sample was significant enough to cause the auditor to increase control risk assessment from low to moderate. For each deficiency, label as (a) through (i), discuss the type of financial...
A firm uses the audit risk model, AR=RMMxDR, to plan audit programs, as described below. Audit Risk: The firm’s AR ranges, for any materiality amount, are: VERY LOW 1% to <5% LOW 5% to <10% MODERATE 10% to 30% HIGH Not permissible These ranges are modified according to the type of risk, as described below. If an auditor doesn’t specify a numerical risk level for AR, the auditor must specify a category...