This preview shows pages 1–3. Sign up to view the full content.
This preview has intentionally blurred sections. Sign up to view the full version.View Full Document
Unformatted text preview: Chapter 07 - Auditing Internal Control over Financial Reporting CHAPTER 7 AUDITING INTERNAL CONTROL OVER FINANCIAL REPORTING Answers to Review Questions 7-1 Following are management’s and the auditor’s responsibilities under Section 404 of the Sarbanes-Oxley Act of 2002: Managements Responsibilities • Accept responsibility for the effectiveness of the entity's ICFR. • Evaluate the effectiveness of the entity's ICFR using suitable control criteria. • Support its evaluation with sufficient evidence, including documentation. • Present a written assessment of the effectiveness of the entity's ICFR as of the end of the entity's most recent fiscal year. Auditor’s Responsibilities • The auditor must plan and perform the audit to obtain reasonable assurance about whether the entity maintained, in all material respects, effective internal control as of the date specified in management's assessment. • The audit of internal control should be “integrated” with the financial statement audit, and should express an opinion on the effectiveness of the entity’s ICFR. 7-2 “Likelihood” refers to the probability that a misstatement will not be prevented or detected. For a significant deficiency or a material weakness to exist, the likelihood of such an occurrence must be either “reasonably possible” or “probable.” “Magnitude” refers to the significance that the control deficiency could have on the financial statements according to the judgment of a prudent official who considers the possibility of further, undetected, misstatements. If the auditor’s likelihood assessment is “reasonably possible” and if the magnitude of the deficiency is assessed as “significant,” then either a significant deficiency or material weakness exists depending on the magnitude of the potential effects of the deficiency on the entity’s financial statements. 7-1 Chapter 07 - Auditing Internal Control over Financial Reporting 7-3 All of the following controls would typically be tested: • Controls over initiating, authorizing, recording, processing, and reporting significant accounts and disclosures and related assertions embodied in the financial statements. • Controls over the selection and application of accounting policies that are in conformity with GAAP. • Antifraud programs and controls. • Controls, including IT general controls, on which other controls are dependent. • Controls over significant nonroutine and nonsystematic transactions, such as accounts involving judgments and estimates. • Company level controls, including (1) the control environment and (2) controls over the period-end financial reporting process (e.g., controls over procedures used to enter transaction totals into the general ledger; to initiate, authorize, record, and process journal entries in the general ledger; and to record recurring and nonrecurring adjustments to the financial statements)....
View Full Document
This note was uploaded on 12/19/2009 for the course ACCT 3222 taught by Professor Delaune,l during the Spring '08 term at LSU.
- Spring '08