Business Management MCQs, Commerce and Finance MCQs

ISA 315 Identifying and assessing the risks of material misstatement MCQs

ISA 315 states that the objective of the auditor is to identify and assess the risk of material misstatement, whether due to fraud or error

More MCQs
HOME
Categories
Courses
Audit and Assurance MCQs

» ISA 260 Communication with those charged with governance MCQs
» ISA 265 Communicating deficiencies in internal control MCQs
» ISA 300 Planning an audit of financial statements MCQs
» ISA 315 Identifying and assessing the risks of material misstatement MCQs
» ISA 320 Materiality in planning and performing an audit MCQs

ISA 315, Identifying and assessing the risks of material misstatement through understanding the entity and its environment

ISA 315 states that the objective of the auditor is to identify and assess the risk of material misstatement, whether due to fraud or error, at the financial statement and assertion levels. Here on MCQs.club we have prepared easy Multiple-Choice Questions (MCQs) on ISA 315 revised IFAC, the ISA 315 summary, ISA 315 MCQs with answers. These MCQ on SA 315 are helpful for Competitive exams, Business management exams and Professional Accountancy exams.

ISA 315 states that the objective of the auditor is to identify and assess the risk of material misstatement, whether due to fraud or error, at the financial statement and assertion levels, through understanding the entity and its environment, including the entity’s internal control, thereby providing a basis for designing and implementing responses to the assessed risks of material misstatement.’

1. The above statement is correct
2. The above statement is incorrect

The Risk assessment procedures includes:

1. Enquiries with management
2. Analytical procedures
3. Observation
4. Inspection
5. All of the above

In order to identify the risks of material misstatement in the financial statements the auditor is required to obtain an understanding of:

1. their clients
2. their clients’ environments
3. their clients’ internal controls
4. All of the above

The Understanding the entity and its environment generally include:

1. Relevant industry, regulatory and other external factors
2. Entity’s selection and application of accounting policies.
3. Entity’s objectives, strategies and related business risks
4. Internal controls relevant to the audit
5. All of the above

The auditor is required to perform analytical procedures as risk assessment procedures in accordance with ISA 315 in order to:

1. Identify aspects of the entity of which the auditor was unaware.
2. Assist in assessing the risks of material misstatement in order to provide a basis for designing and implementing responses to the assessed risks.
3. Help identify the existence of unusual transactions or events, and amounts, ratios, and trends that might indicate matters that have audit implications.
4. Assist the auditor in identifying risks of material misstatement due to fraud.
5. All of the above

ISA 315 requires the auditor to perform analytical procedures as risk assessment procedures in order to help the auditor:

1. to obtain an understanding of the entity
2. assess the risk of material misstatement.
3. Both A&B
4. None

Which of the following is correct regarding Business risks?

1. The risks occurring as a result of significant conditions, events, circumstances, actions or inactions that could affect an entity’s ability to reach its objectives and carry out its strategies.
2. Business risks can occur as a result of setting of inappropriate objectives, strategies or goals.
3. Both A&B
4. None

If the entity has an internal audit function then auditor shall obtain an understanding of the nature of the internal audit function’s responsibilities, its organizational status, and the activities performed, or to be performed.

1. The above statement is correct
2. The above statement is incorrect

The auditor should try to reach a judgment about how strong (or weak) the internal controls are, in order to make a decision about the amount of testing that should be carried out in the audit. He should consider:

1. his previous knowledge of the client company
2. any recent changes
3. any known problems in the internal controls of the client
4. the effect of any new auditing or accounting requirements.
5. All of the above

Assertions – Representations by management, explicit or otherwise, that are embodied in the financial statements, as used by the auditor to consider the different types of potential misstatements that may occur.

1. True
2. False

Categories of assertions as set out in ISA 315 are:

1. Assertions about classes of transactions and events and related disclosures for the period under audit (i.e. income statement assertions)
2. Assertions about account balances and related disclosures at the period end (i.e. statement of financial position assertions)
3. Both A&B
4. None

Assertions about classes of transactions and events and related disclosures include:

1. Occurrence, Completeness, Accuracy
2. Cut-off, Classification and Presentation
3. Both A&B
4. None

Assertions about account balances and related disclosures include:

1. Existence, Rights and obligations, Completeness
2. Accuracy, valuation and allocation, Classification
3. Both A&B
4. None

The auditor is required by ISA 315 to identify and assess the risks of material misstatement at:

1. financial statement level
2. assertion level
3. Both A&B
4. None

Financial statement level risks –

1. refers to risks which are pervasive to the financial statements as a whole and which potentially affect many assertions
2. refers to specific objectives of the financial statements, for example, that all liabilities have been recorded and that recorded assets exist.
3. Both A&B
4. None

The assertion level risks –

1. refers to risks which are pervasive to the financial statements as a whole and which potentially affect many assertions
2. refers to specific objectives of the financial statements, for example, that all liabilities have been recorded and that recorded assets exist.
3. Both A&B
4. None

Risk assessment is an important aspect of planning an audit. Issues to consider are:

the areas where risk of misstatement (error) appear to exist, and the nature of the risk
when an error should be considered material, and when it may be ignored
what aspects of the audit will be the most difficult to plan because of the high risk of misstatement.
All of the above

For Risk assessment the auditor should consider:

1. assessments of inherent risks and control risks, and the identification of significant audit areas
2. setting materiality levels
3. the possibility of material misstatements, including those arising because of fraud
4. the identification of complex accounting areas, particularly those involving accounting estimates.
5. All of the above

The responses at the assertion level involve the auditor selecting appropriate audit procedures. The choice of audit procedures will depend on the auditor’s assessment of both:

1. inherent risk
2. control risk
3. Both A&B
4. None

The auditor can never eliminate the need for substantive procedures entirely because there are inherent limitations to the reliance that can be placed on internal controls due to:

1. Human error, Ineffective controls.
2. Collusion of staff in circumventing controls.
3. The abuse of power by those with ultimate controlling responsibility (i.e. management override).
4. Use of management judgment on the nature and extent of controls it chooses to implement.
5. All of the above

Internal control may be defined as the process designed, put in place and maintained to provide assurance of a reasonable level regarding the achievement of the objectives of an entity. These objectives relate to:

1. the reliability of the financial reports
2. the efficiency and effectiveness of operations
3. adherence to relevant and applicable laws and regulations.
4. All of the above

The degree of effectiveness of an internal control system will depend on:

1. The design of the internal control system and the individual internal controls.
2. The proper implementation of the controls.
3. Both A&B
4. None

ISA 315 Identifying and Assessing the Risks of Material Misstatement Through Understanding the Entity and its Environment, states that auditors need to understand an entity’s internal controls. To assist this process, it identifies components of an internal control system including:

1. The control environment
2. The risk assessment process
3. The information system
4. Control activities and Monitoring of controls
5. All of the above

The control environment –

1. The control environment includes the governance and management function of an organisation.
2. It focuses largely on the attitude, awareness and actions of those responsible for designing, implementing and monitoring internal controls.
3. Both A&B
4. None

Elements of the control environment that are relevant when the auditor obtains an understanding include the following:

1. Communication and enforcement of integrity and ethical values
2. Commitment to competence
3. Participation by those charged with governance
4. Management’s philosophy and operating style
5. Organisational structure
6. Assignment of authority and responsibility
7. Human resource policies and practices.

1. All of the above
2. (I) (III) and (VI) only
3. (II) (III) and (V) only
4. None

In evaluating the control environment, the auditor should consider such factors as:

1. management participation in the control process, including participation by the board of directors
2. management’s commitment to a control culture
3. the existence of an appropriate organisation structure with clear divisions of authority and responsibility
4. an organisation culture that expects ethically-acceptable behaviour from its managers and employees
5. All of the above

ISA 315 requires the auditor to gain an understanding of risk assessment processes used by the client company’s management. Risks can arise or change due to circumstances such as:

1. changes in the entity’s operating environment
2. new business models, products or activities
3. new accounting pronouncements
4. All of the above

The “information system” refers to all of the business processes relevant to financial reporting and communication. It includes the procedures within both information technology and manual systems.

1. True
2. False

An information system consists of:

1. infrastructure (physical and hardware components)
2. software, people, procedures, and data.
3. Both A&B
4. None

The information system includes all of the procedures and records which are designed to:

1. Initiate, record, process and report transactions.
2. Maintain accountability for assets, liabilities and equity.
3. Resolve incorrect processing of transactions.
4. Process and account for system overrides.
5. Transfer information to the general/nominal ledger.
6. Capture information relevant to financial reporting for other events and conditions.
7. Ensure information required to be disclosed is appropriately reported.

1. (I) (III) and (V) only
2. (II) (IV) and (VII) only
3. All of the above
4. None

ISA 315 requires the auditor to gain an understanding of the business information systems (including the accounting systems) used by management. This aspect of the auditor’s work will involve identifying and understanding:

1. how the transactions and other events relevant to the financial reporting process are “captured” (identified and recorded) by the entity.
2. the accounting records used, both manual and computerised, to support the figures appearing in the financial statements.
3. the processes used in the preparation of the financial statements
4. All of the above

Control activities are the specific procedures designed:

1. to prevent errors that may arise in processing information
2. to detect and correct errors that may arise in processing information.
3. Both A&B
4. None

The control activities include all policies and procedures designed to ensure that management directives are carried out throughout the organisation. Examples of specific control activities include those relating to:

1. Authorisation, Performance review, Information processing
2. Physical controls and Segregation of duties.
3. Both A&B
4. None

Preventive Controls – These controls are designed to stop errors or anomalies from occurring. Examples of preventive controls are:

1. Adequate segregation of Duties
2. Proper authorization of transactions
3. Adequate documentation and control of assets
4. All of the above

Detective Controls – These controls are designed to find errors or irregularities after they have occurred. Examples of detective controls are:

1. Exception reports: Computerised reports to identify unexpected results or unusual conditions that require follow-up.
2. Reconciliations: An employee relates different sets of data to one another, identifies and investigates differences, and takes corrective action, when necessary.
3. Periodic audits: Both internal audit and independent external audit are done to detect error, irregularities and non-compliance with laws and regulations.
4. All of the above

Corrective controls – are designed to prevent errors and irregularities from reoccurring once they are discovered. Examples of these corrective controls are:

1. policies and procedures for reporting errors and irregularities so they can be corrected.
2. training employees on new policies and procedures developed as part of the corrective actions.
3. Both A&B
4. None

IT affects the way in which control activities are implemented. It is important that auditors assess how controls over IT maintain the integrity and security of information held. Such controls are normally divided into:

1. Application controls.
2. General controls.
3. Both A&B
4. None

Application controls –

1. Application controls are either manual or automated and typically operate at the business process level.
2. Application controls relate to data integrity and ensure that only valid data is being processed and is being processed completely and accurately.
3. Both A&B
4. None

Examples of Application controls include:

1. Sequence checks (to ensure the number sequence is complete and no items are missing).
2. Authorisation of transaction entries (to ensure the transaction is valid and should be processed).
3. Arithmetic checks (to verify arithmetical accuracy).
4. All of the above

General controls –

1. Are policies and procedures that relate to many applications.
2. They support the effective functioning of application controls by helping to ensure the continued proper operation of information systems.
3. Both A&B
4. None

Examples of General controls include:

1. System software acquisition – tendering, testing, controls during installation, training.
2. Program change and maintenance – testing, authorisation, restricted access.
3. Both A&B
4. None

When evaluating the general controls and application controls in a client’s computer systems, the auditor needs to take account of the type of computer-based information system that the client is using. Common types of system that may require special attention include:

1. microcomputer systems
2. online systems
3. electronic data interchange (EDI) systems.
4. All of the above

Controls over data transmission help to ensure data is transmitted both intact (complete and as intended) and also securely without fear of breach of confidentiality. Controls over data transmission include:

1. Programme controls that ensure data is transmitted in the correct format
2. Firewalls to prevent intrusion into the programs that send and receive data
3. Restricting access to source data that is transmitted
4. All of the above

Procedures used to obtain evidence regarding the design and implementation of controls include:

1. Enquiries of relevant personnel.
2. Observing the application of controls.
3. Tracing a transaction through the system to understand what happens (a walkthrough test).
4. Inspecting documents, such as internal procedure manuals.
5. All of the above

The auditor must document the client’s control systems before evaluating whether the system is adequate and working effectively. Possible ways of documenting systems include:

1. Narrative notes – a written description of a system.
2. Flowcharts – diagrammatical representation of the system.
3. Questionnaires – Such as Internal Control Questionnaire (ICQ) and Internal Control Evaluation Questionnaire (ICEQ)
4. All of the above

The idea behind the ICEQ is to draw up a small number of key control questions designed to establish whether major weaknesses may exist in a control system. Which of the following is correct?

1. Using an ICQ, the auditor is looking for „good news‟ and expects to find particular controls in place.
2. Using an ICEQ, the auditor is on the look-out for „bad news‟ and the possibility that controls may be weak.
3. Both A&B
4. None

The advantages of flowcharts are:

1. A complete flowchart is an easily evaluated and informative description of the system.
2. Flowcharts ensure that a system is recorded in its entirety as all documents have to be traced from the beginning to end.
3. It serves as a permanent record of a system that can be subject to a minor amendment on a year to year basis.
4. All of the above

The limitations of flowcharts are:

1. Flowcharts are not appropriate for recording systems with further classifications of subsystems or subroutines.
2. Flowcharts are difficult to amend because a single amendment may require changes in the entire chart.
3. Both A&B
4. None

Different types of flowcharts are:

1. Linear
2. Deployment
3. Opportunity
4. All of the above

A test of control involves the auditor obtaining evidence that the client has implemented the controls they say they have, and that they have worked effectively, during the period. Typical methods of controls testing include:

1. Observation of control activities
2. Inspection of documents recording performance of the control
3. Computer assisted audit techniques
4. All of the above

Segregation of duties – means dividing the work to be done between two or more individuals, so that the work done by one individual acts as a check on the work of the others. This reduces the risk of error or fraud.

1. True
2. False

A log file is a file that records events taking place in the execution of a system. This generates an audit trail that can be used to understand the activity of the system and to diagnose problems. Examples of system logs include:

1. Which user logged-in, when and where from
2. Changes made to a program – what, when and by whom
3. Which web pages a user accessed
4. All of the above

Internal control systems are never fool proof. All systems, no matter how effective they may appear to be, have several limitations such as:

1. Human error may result in incomplete or inaccurate processing which may not be detected by control systems.
2. It may not be cost-effective to establish certain types of controls within an organisation.
3. Controls may be in place, but they may be ignored or overridden by employees or management.
4. All of the above

—more to come soon—

Leave a Reply Cancel reply

You must be logged in to post a comment.

ISA 315 Identifying and assessing the risks of material misstatement MCQs

SHARE THIS

ISA 315, Identifying and assessing the risks of material misstatement through understanding the entity and its environment

Leave a Reply Cancel reply

Join us

Recent Post

Financial Ratios and Ratio Analysis MCQs

MCQs on Risk Management

MCQs on Strategic Control – Performance measurement

Follow us

Sign up for Free MCQs

ISA 315 Identifying and assessing the risks of material misstatement MCQs

SHARE THIS

ISA 315, Identifying and assessing the risks of material misstatement through understanding the entity and its environment

Leave a Reply Cancel reply

Join us

Recent Post

Financial Ratios and Ratio Analysis MCQs

MCQs on Risk Management

MCQs on Strategic Control – Performance measurement

Follow us

Sign up for Free MCQs

Welcome to the Club

Log in to continue. IT'S FREE