Presentation on theme: "Internal Audit Standards"—

Presentation transcript:
1 Internal Audit Standards
Includes an update on changes to the ‘International Professional Practices Framework’ (IPPF)
and the ‘International Standards or the Professional Practice of Internal Auditing’ effective from
1 January 2017 Prepared by The Institute of Internal Auditors–Australia Copyright © 2017 by
The Institute of Internal Auditors–Australia

2 1. Introduction

3 What is the purpose of this presentation?

Explain why standards are important for professional practice of internal auditing. Explain how
standards apply to your work. The audience for this presentation is: Internal Audit personnel.
Internal Audit service providers. Staff from outside Internal Audit who might work on specific
internal audit engagements, for example as Guest Auditors.

4 What does Internal Audit do?

Provides independent, unbiased assessment of organisation operations. Provides management
with information on the effectiveness of risk management, control and governance processes.
Acts as a catalyst for improvement in risk management, control and governance. Is an adviser
that tells management what it needs to know, when it needs to know it.

5 What are Internal Audit’s objectives?

Review achievement of organisation objectives. Assess if decisions are properly authorised.
Assess reliability and integrity of information. Review that assets are safeguarded. Assess
compliance with laws, regulations, policies and contracts. Assess efficiency, effectiveness,
economy and ethical conduct of business activities. Consider fraud risk scenarios. Follow-up
previous audits to assess if remedial action has been effectively implemented. Look for business
improvements and better ways of doing things.

6 Internal Audit vs External Audit

From outside the organisation Status Employees of the organisation True and fair view of
Financial Statements Objective Varies according to the audit Historical Focus Forward-looking
Shareholders, Board of Directors and Audit Committee Reports go to Management and Audit
Committee External audit standards Standards Internal audit standards Mandatory Qualifications
Not mandatory

7 Is Internal Auditing a Profession?

A profession requires: A theoretical body of knowledge. Internal auditing has the International
Professional Practices Framework (IPPF). Relative independence in decision-making in practice.
Internal Auditors perform their work autonomously by using consistent practices aligned with
professional standards contained in the IPPF. Specialised education. Internal auditing has
specialised education and examinations, for example Certified Internal Auditor (CIA). A code of
ethics for behaviour of its members. Internal auditing has its own Code of Ethics.

8 2. The International Professional Practices Framework (IPPF)

9 Who is the Chief Audit Executive (CAE)?

The top position within the organisation responsible for Internal Audit – normally a person in a
senior position responsible for managing Internal Audit. The specific job title of the Chief Audit
Executive may vary across organisations. Where Internal Audit services are obtained from a
service provider, the Chief Audit Executive should be the person within the organisation
responsible for overseeing the Internal Audit service contract and quality of the services.

10 The IPPF The International Professional Practices Framework (IPPF) provides a globally
accepted basis for the operation of Internal Audit. It is issued by the Institute of Internal Auditors
(IIA). When the IPPF is adopted: It eliminates the need for local development of standards, thus
reducing the cost of regulation. It provides an international benchmark for establishing the
quality of Internal Audit operations. It facilitates trans-national operations by contributing to a
uniform regulatory Internal Audit regime worldwide.

11 The IPPF IPPF standards and guidance are the responsibility of the Internal Auditing
Standards Board of IIA–Global. The Board is comprised of a mix of people from around the
world including the IIA, Big 4 firms, US Government Accountability Office, chartered
accountants, external auditors, and practising internal auditors. Procedures for the mandatory
IPPF provisions require public exposure and formal consideration of comments received from
both IIA members and non-members. The standards development process is supervised by an
independent body the IPPF Oversight Council of the IIA–Global which is appointed by the IIA–
Global Board of Directors and comprises stakeholder representatives. The IPPF was most
recently updated in 2017.

12 The IPPF In the IPPF: Board means the highest level of governing body in an organisation –
the Board of Directors. Can also mean the Audit Committee where the Board has delegated
certain functions. The Chief Audit Executive (CAE) is the most senior person responsible for
managing Internal Audit. ‘Must’ means ‘an unconditional requirement’ of the IPPF (mandatory).
The Standards were updated with effect from 1 January 2017. Audit reports may specify audit
work has been “Conducted in conformance with the International Standards for the Professional
Practice of Internal Auditing.”

13 Internal Audit Mission

“To enhance and protect organisational value by providing risk-based and objective assurance,
advice, and insight.” Source: International Professional Practices Framework issued by the
Institute of Internal Auditors

14 The IPPF – Mandatory Guidance

Core Principles for the Professional Practice of Internal Auditing. Definition of Internal
Auditing. Code of Ethics. International Standards for the Professional Practice of Internal
Auditing.

15 Core Principles Demonstrates integrity.

Demonstrates competence and due professional care. Is objective and free from undue influence
(independent). Aligns with the strategies, objectives, and risks of the organisation. Is
appropriately positioned and adequately resourced. Demonstrates quality and continuous
improvement. Communicates effectively. Provides risk-based assurance. Is insightful, proactive,
and future-focused. Promotes organisational improvement.

16 Definition of Internal Auditing

“Internal auditing is an independent, objective assurance and consulting activity designed to add
value and improve an organisation’s operations. It helps an organisation accomplish its
objectives by bringing a systematic, disciplined approach to evaluate and improve the
effectiveness of risk management, control and governance processes.” Independent – Freedom to
work in an unbiased manner. Objective – Unbiased mental attitude with no compromises.
Assurance – Objective assessment of evidence to provide an independent opinion or conclusion.
Consulting – Advisory in nature and generally performed at the specific request of a client. Add
value – Providing objective and relevant assurance, and contributing to effectiveness and
efficiency of governance, risk management and control processes. Systematic, disciplined
approach – Leads to reliability and trustworthiness, and distinguishes an internal audit
engagement from a casual enquiry. Evaluate and improve – Internal Audit needs to have an
improvement focus.

17 Code of Ethics States the principles and expectations governing the behaviour of individuals
and organisations in the conduct of internal auditing. Describes the minimum requirements for
conduct and behaviour expectations – (1) Principles and (2) Rules of Conduct. Code of Ethics
principles are: Integrity – The integrity of Internal Auditors establishes trust and this provides
the basis for reliance on their judgement. Objectivity – Internal Auditors exhibit the highest level
of professional objectivity in gathering, evaluating and communicating information about the
activity or process being examined. Internal Auditors make a balanced assessment of all the
relevant circumstances and are not unduly influenced by their own interests or by others in
forming judgements. Confidentiality – Internal Auditors respect the value and ownership of
information they receive and do not disclose information without appropriate authority unless
there is a legal or professional obligation to do so. Competency – Internal Auditors apply the
knowledge, skills and experience needed in the performance of Internal Audit services.

18 The Standards The Standards for internal auditing worldwide are the ‘International Standards
for the Professional Practice of Internal Auditing’ issued by the IIA. The Standards are contained
in the IPPF. There are 11 overarching Standards and 41 underlying Standards.

19 The Standards – overarching and underlying Standards Example

Overarching standard for Internal Audit quality Standard 1300 – Quality Assurance and
Improvement Program Underlying standards for Internal Audit quality Standard 1310 –
Requirements of the Quality Assurance and Improvement Program Standard 1311 – Internal
Assessments Standard 1312 – External Assessments Standard 1320 – Reporting on the Quality
Assurance and Improvement Program Standard 1321 – Use of “Conforms with the International
Standards for the Professional Practice of Internal Auditing” Standard 1322 – Disclosure of Non-
conformance

20 The Standards Revised Standards implemented in 2001.

The IPPF and revised Standards released in 2009. The IPPF is revised every 2 years (2011, 2013,
2015). The Standards were most recently updated with effect from 1 January

21 Why have Standards? Provide the principles that represent the practice of internal auditing as
it should be. Foster improved Internal Audit process and operations. Provide a framework for
performing and promoting a range of value- adding Internal Audit activities. Establish the basis
for evaluation of Internal Audit performance.

22 The Standards The Standards are principle-based (not rule-based) and are therefore not
prescriptive. They provide a framework for performing and promoting Internal Audit work. The
Standards are mandatory and consist of: Statements of basic requirements for internal auditing.
Requirements that are internationally applicable at organisation and individual levels.
Interpretations which clarify terms or concepts within the statements. Glossary of terms.
23 The Standards The Standards are mandatory and comprise:
Attribute Standards. Performance Standards. Implementation Standards. The Implementation
Standards relate to: A = Assurance. C = Consulting.

24 Attribute Standards Attribute Standards = Internal Audit foundations.

1000 – Purpose, Authority and Responsibility 1100 – Independence and Objectivity 1200 –
Proficiency and Due Professional Care 1300 – Quality Assurance and Improvement Program

25 Performance Standards
Performance Standards = How Internal Auditors do their work. 2000 – Managing the Internal
Audit Activity 2100 – Nature of Work 2200 – Engagement Planning 2300 – Performing the
Engagement 2400 – Communicating Results 2500 – Monitoring Progress 2600 –
Communicating the Acceptance of Risks

26 Implementation Standards
Implementation Standards = How Standards apply to assurance and consulting engagements.
Implementation Standards expand attribute standards and performance standards to prescribe
specific standards applicable to assurance and consulting engagements. Numbering is integrated
with each standard being expanded upon, for example: 1210.A1. 1210.C1.

27 Glossary Contains useful definitions, explains terminology, and expands meanings. The
Glossary is part of the Standards and needs to be read in conjunction with the Standards to gain
greater understanding. Contains definitions for: Assurance services – An objective examination
of evidence for the purpose of providing an independent assessment on governance, risk
management, and control processes for the organisation. Examples may include financial,
performance, compliance, system security, and due diligence engagements. Consulting services
– Advisory and related client service activities, the nature and scope of which are agreed with the
client, are intended to add value and improve an organisation’s governance, risk management,
and control processes without the Internal Auditor assuming management responsibility.
Examples include counsel, advice, facilitation, and training.

28 Implementation Guidance – Implementation Guides

Implementation Guides replace Practice Advisories. Contain recommended guidance for
conducting Internal Audit activities. Assist Internal Auditors to apply the Standards. Address
approach, methodology and considerations, but not detailed processes and procedures. Guidance
to assist Internal Auditors in applying the Standards and promoting good practices. Includes
practices relating to: International, country, or industry-specific issues. Specific types of
engagements. Legal or regulatory issues.

29 Implementation Guidance – Practice Guides

Contains recommended guidance for conducting Internal Audit activities. Provides detailed
guidance for conducting Internal Audit activities. Includes: Topical areas. Sector-specific issues.
Processes and procedures. Tools and techniques. Programs. Step-by-step approaches. Examples
of deliverables.

30 3. Standards Update 2017 – what’s changed?

31 Standards Update 2017 – what’s changed?

Introduction to the Standards Some word changes, plus new: The Standards, together with the
Code of Ethics, encompass mandatory elements of the International Professional Practices
Framework (IPPF); therefore, conformance with the Standards and Code of Ethics indicates
conformance with mandatory elements of the IPPF. It is necessary to consider the Standards and
their interpretations as well as the specific meanings from the Glossary to understand and apply
the Standards correctly. If the Standards are used in conjunction with standards issued by other
authoritative bodies, Internal Audit communications may also cite the use of other standards, as
appropriate. In such a case, if the Internal Audit activity indicates conformance with the
Standards and inconsistencies exist between the Standards and other standards, Internal Auditors
and the Internal Audit activity must conform with the Standards, and may conform with the
other standards if they are more restrictive.

32 Standards Update 2017 – what’s changed?

Standard 1000 – Purpose, Authority, and Responsibility The purpose, authority, and
responsibility of the Internal Audit activity must be formally defined in an Internal Audit
Charter, consistent with the Core Principles for the Professional Practice of Internal Auditing,
the Definition of Internal Auditing, the Code of Ethics, and the Standards. The Chief Audit
Executive must periodically review the Internal Audit Charter and present it to senior
management and the Board for approval.

33 Standards Update 2017 – what’s changed?

Standard 1010 – Recognition of the Core Principles for the Professional Practice of Internal
Auditing, the Definition of Internal Auditing, the Code of Ethics, and the Standards in the
Internal Audit Charter. The mandatory nature of the Core Principles for the Professional Practice
of Internal Auditing, Definition of Internal Auditing, the Code of Ethics, and the Standards must
be recognised reflected in the Internal Audit Charter. The Chief Audit Executive should discuss
the Mission, the Core Principles for the Professional Practice of Internal Auditing, the Definition
of Internal Auditing, the Code of Ethics, and the Standards with senior management and the
Board.

34 Standards Update 2017 – what’s changed?

Standard 1110.A1 The Internal Audit activity must be free from interference in determining the
scope of internal auditing, performing work, and communicating results. The Chief Audit
Executive must disclose such interference to the Board and discuss the implications.

35 Standards Update 2017 – what’s changed?

New Standard 1112 – Chief Audit Executive Roles beyond Internal Auditing Where the Chief
Audit Executive has or is expected to have roles and/or responsibilities that fall outside of
internal auditing, safeguards must be in place to limit impairments to independence or
objectivity. Interpretation: The Chief Audit Executive may be asked to take on additional roles
and responsibilities outside of internal auditing, such as responsibility for compliance or risk
management activities. These roles and responsibilities may impair, or appear to impair, the
organisational independence of the Internal Audit activity, or the individual objectivity of the
Internal Auditor. Safeguards are those oversight activities, often undertaken by the Board, to
address these potential impairments, and may include such activities as periodically evaluating
reporting lines and responsibilities, and developing alternative processes to obtain assurance
related to the areas of additional responsibility.

36 Standards Update 2017 – what’s changed?

New Standard 1130.A3 Internal Audit may provide assurance services where they have
previously performed consulting services, provided the nature of the consulting did not impair
objectivity, and provided individual objectivity is managed when assigning resources to the
engagement.
37 Standards Update 2017 – what’s changed?
Standard 1210 – Proficiency Proficiency is a collective term that refers to the knowledge, skills,
and other competencies is a collective term that refers to the professional proficiency required of
Internal Auditors to effectively carry out their professional responsibilities. It encompasses
consideration of current activities, trends, and emerging issues, to enable relevant advice and
recommendations. Internal Auditors are encouraged to demonstrate their proficiency by
obtaining appropriate professional certifications and qualifications, such as the Certified Internal
Auditor designation and other designations offered by the Institute of Internal Auditors and other
appropriate professional organisations.

38 Standards Update 2017 – what’s changed?

Standard 1300 – Quality Assurance and Improvement Program The Chief Audit Executive must
develop and maintain a Quality Assurance and Improvement Program that covers all aspects of
the Internal Audit activity. Interpretation: A Quality Assurance and Improvement Program is
designed to enable an evaluation of the Internal Audit activity’s conformance with the Definition
of Internal Auditing and the Standards and an evaluation of whether Internal Auditors apply the
Code of Ethics. The program also assesses the efficiency and effectiveness of the Internal Audit
activity and identifies opportunities for improvement.

39 Standards Update 2017 – what’s changed?

Standard 1312 – External Assessments External assessments must be conducted at least once
every five years by a qualified, independent assessor or assessment team from outside the
organisation. The Chief Audit Executive must discuss with the Board: The form and frequency
of external assessment. The qualifications and independence of the external assessor or
assessment team, including any potential conflict of interest. Interpretation: External assessments
enhance a complete Quality Assurance and Improvement Program and may be accomplished
through can be in the form of a full external assessment, or a self-assessment with independent
external validation. The external assessor must conclude as to conformance with the Standards;
the external assessment may also include operational or strategic comments.

40 Standards Update 2017 – what’s changed?

Standard 1312 – External Assessments continued A qualified assessor or assessment team
demonstrates competence in two areas: the professional practice of internal auditing and the
external assessment process. Competence can be demonstrated through a mixture of experience
and theoretical learning. Experience gained in organisations of similar size, complexity, sector or
industry, and technical issues is more valuable than less relevant experience. In the case of an
assessment team, not all members of the team need to have all the competencies; it is the team as
a whole that is qualified. The Chief Audit Executive uses professional judgment when assessing
whether an assessor or assessment team demonstrates sufficient competence to be qualified. An
independent assessor or assessment team means not having either an actual or a perceived real or
an apparent conflict of interest and not being a part of, or under the control of, the organisation
to which the Internal Audit activity belongs. The Chief Audit Executive should encourage board
participation in the Quality Assurance and Improvement Program to reduce perceived or
potential conflicts of interest.

41 Standards Update 2017 – what’s changed?

Standard 1320 – Reporting on the Quality Assurance and Improvement Program The Chief
Audit Executive must communicate the results of the Quality Assurance and Improvement
Program to senior management and the Board. Disclosure should include: The scope and
frequency of both the internal and external assessments. Conclusions of assessors. Corrective
action plans. The qualifications and independence of the assessor or assessment team, including
potential conflicts of interest.

42 Standards Update 2017 – what’s changed?

Standard 1320 – Reporting on the Quality Assurance and Improvement Program continued
Interpretation: The form, content, and frequency of communicating the results of the quality
assurance and improvement program is established through discussions with senior management
and the Board and considers the responsibilities of the Internal Audit activity and Chief Audit
Executive as contained in the Internal Audit Charter. To demonstrate conformance with the
Definition of Internal Auditing, the Code of Ethics and the Standards, the results of external and
periodic internal assessments are communicated upon completion of such assessments and the
results of ongoing monitoring are communicated at least annually. The results include the
assessor’s or assessment team’s evaluation with respect to the degree of conformance.

43 Standards Update 2017 – what’s changed?

Standard 1321 – Use of “Conforms with the International Standards for the Professional Practice
of Internal Auditing” The Chief Audit Executive may state that Indicating that the Internal Audit
activity conforms with the International Standards for the Professional Practice of Internal
Auditing is appropriate only if the results of the Quality Assurance and Improvement Program
support this such a statement. Interpretation: The Internal Audit activity conforms with the
Standards when it achieves the outcomes described in the Definition of Internal Auditing, Code
of Ethics and the Standards. The results of the Quality Assurance and Improvement Program
include the results of both internal and external assessments. All Internal Audit activities will
have the results of internal assessments. Internal Audit activities in existence for at least five
years will also have the results of external assessments.

44 Standards Update 2017 – what’s changed?

Standard 1322 – Disclosure of Non-conformance When non-conformance with the Definition of
Internal Auditing, the Code of Ethics or the Standards impacts the overall scope or operation of
the Internal Audit activity, the Chief Audit Executive must disclose the non- conformance and
the impact to senior management and the Board.

45 Standards Update 2017 – what’s changed?

Standard 2000 – Managing the Internal Audit Activity The Chief Audit Executive must
effectively manage the Internal Audit activity to ensure it adds value to the organisation.
Interpretation: The Internal Audit activity is effectively managed when: The results of the
Internal Audit activity’s work achieve the purpose and responsibility included in the Internal
Audit Charter. The Internal Audit activity conforms with the Definition of Internal Auditing and
the Standards. The individuals who are part of the Internal Audit activity demonstrate
conformance with the Code of Ethics and the Standards. The Internal Audit activity considers
trends and emerging issues that could impact the effectiveness of the Internal Audit activity. The
Internal Audit activity adds value to the organisation and its stakeholders when it considers
strategies, objectives, and risks; strives to offer ways to enhance provides objective and relevant
assurance, and contributes to the effectiveness and efficiency of governance, risk management
and control processes; and objectively provides relevant assurance.

46 Standards Update 2017 – what’s changed?

Standard 2010 – Planning The Chief Audit Executive must establish a risk-based plan to
determine the priorities of the Internal Audit activity, consistent with the organisation’s goals.
Change to interpretation: To develop the risk-based plan, the Chief Audit Executive first
considers the risk management framework and consults with senior management and the Board
and then draws conclusions reached from Internal Audit’s risk assessment. The Chief Audit
Executive is responsible for developing a risk-based plan. The Chief Audit Executive takes into
account the organisation’s risk management framework, including using risk appetite levels set
by management for the different activities or parts of the organisation. If a framework does not
exist, the Chief Audit Executive uses his/her own judgment of risks after consideration of input
from senior management and the Board. The Chief Audit Executive must review and adjust the
plan, as necessary, in response to changes in the organisation’s business, risks, operations,
programs, systems, and controls.

47 Standards Update 2017 – what’s changed?

Standard 2050 – Co-ordination and Reliance The Chief Audit Executive should share
information and coordinate activities with other internal and external providers of assurance and
consulting service providers to ensure proper coverage and minimise duplication of efforts. New
interpretation: In co-ordinating activities, the Chief Audit Executive may rely on the work of
other assurance and consulting service providers. A consistent process for the basis of reliance
should be established, and the Chief Audit Executive should consider the competency,
objectivity, and due professional care of the assurance and consulting service providers. The
Chief Audit Executive should also have a clear understanding of the scope, objectives, and
results of the work performed by other providers of assurance and consulting services. Where
reliance is placed on the work of others, the Chief Audit Executive is still accountable and
responsible for ensuring adequate support for conclusions and opinions reached by the Internal
Audit activity.

48 Standards Update 2017 – what’s changed?

Standard 2060 – Reporting to Senior Management and the Board The Chief Audit Executive
must report periodically to senior management and the Board on the Internal Audit activity’s
purpose, authority, responsibility, and performance relative to its plan, and on its conformance
with the Standards. Reporting must also include significant risk exposures and control issues,
including fraud risks, governance issues, and other matters needed or requested by that require
the attention of senior management and/or the Board.

49 Standards Update 2017 – what’s changed?

Standard 2060 – Reporting to Senior Management and the Board Change to interpretation: The
frequency and content of reporting are determined collaboratively by the Chief Audit Executive,
in discussion with senior management, and the Board. The frequency and content of reporting
and depend on the importance of the information to be communicated and the urgency of the
related actions to be taken by senior management and/or the Board. The Chief Audit Executive’s
reporting and communication to senior management and the Board must include information
about: The audit charter. Independence of the Internal Audit activity. The audit plan and
progress against the plan. Resource requirements. Results of audit activities. The level of
conformance with the Standards and action plans to address any significant conformance issues.
Risk accepted by management that may be unacceptable to the organisation. These and other
Chief Audit Executive communication requirements are referenced throughout the Standards.

50 Standards Update 2017 – what’s changed?

Standard 2070 – External Service Provider and Organisational Responsibility for Internal
Auditing When an external service provider serves as the Internal Audit activity, the provider
must make the organisation aware that the organisation has the responsibility for maintaining an
effective Internal Audit activity. Interpretation This responsibility is demonstrated through the
Quality Assurance and Improvement Program which assesses conformance with the Definition
of Internal Auditing, the Code of Ethics, and the Standards.
51 Standards Update 2017 – what’s changed?
Standard 2100 – Nature of Work The Internal Audit activity must evaluate and contribute to the
improvement of governance, risk management, and control processes using a systematic, and
disciplined, and risk-based approach. Internal Audit credibility and value are enhanced when
auditors are proactive and their evaluations offer new insights and consider future impact.

52 Standards Update 2017 – what’s changed?

Standard 2110 – Governance The Internal Audit activity must assess and make appropriate
recommendations to improve the organisation’s governance processes for: in its accomplishment
of the following objectives: Making strategic and operational decisions. Overseeing risk
management and control. Promoting appropriate ethics and values within the organisation.
Ensuring effective organisational performance management and accountability. Communicating
risk and control information to appropriate areas of the organisation. Co-ordinating the activities
of, and communicating information among, the Board, external and Internal Auditors, other
assurance providers, and management.

53 Standards Update 2017 – what’s changed?

Standard 2200 – Engagement Planning Internal Auditors must develop and document a plan for
each engagement, including the engagement’s objectives, scope, timing, and resource
allocations. The plan must consider the organisation’s strategies, objectives, and risks relevant to
the engagement.

54 Standards Update 2017 – what’s changed?

Standard 2201 – Planning Considerations In planning the engagement, Internal Auditors must
consider: The strategies and objectives of the activity being reviewed and the means by which
the activity controls its performance. The significant risks to the activity’s, its objectives,
resources, and operations and the means by which the potential impact of risk is kept to an
acceptable level. The adequacy and effectiveness of the activity’s governance, risk management,
and control processes compared to a relevant framework or model. The opportunities for making
significant improvements to the activity’s governance, risk management, and control processes.

55 Standards Update 2017 – what’s changed?

Standard 2210.A3 Adequate criteria are needed to evaluate governance, risk management, and
controls. Internal Auditors must ascertain the extent to which management and/or the Board has
established adequate criteria to determine whether objectives and goals have been accomplished.
If adequate, Internal Auditors must use such criteria in their evaluation. If inadequate, Internal
Auditors must work with management and/or the Board to develop appropriate evaluation
criteria identify appropriate evaluation criteria in discussion with management and/or the Board.
New interpretation: Internal Auditors may leverage different types of evaluation criteria such as:
Internal criteria (eg policies and procedures of the organisation). External criteria (eg laws and
regulations imposed by statutory bodies). Leading practices criteria (eg industry and professional
guidance).

56 Standards Update 2017 – what’s changed?

Standard 2230 – Engagement Resource Allocation Internal Auditors must determine appropriate
and sufficient resources to achieve engagement objectives based on an evaluation of the nature
and complexity of each engagement, time constraints, and available resources. Interpretation:
Appropriate refers to the mix of knowledge, skills, and other competencies needed to perform
the engagement. Sufficient refers to the quantity of resources needed to accomplish the
engagement with due professional care.
57 Standards Update 2017 – what’s changed?
Standard 2330 – Documenting Information Internal Auditors must document sufficient, reliable,
relevant, and useful information to support the conclusions and engagement results and
conclusions.

58 Standards Update 2017 – what’s changed?

Standard 2410 – Criteria for Communicating Communications must include the engagement’s
objectives, and scope, and results. as well as applicable conclusions, recommendations, and
action plans.

59 Standards Update 2017 – what’s changed?

Standard 2410.A1 Final communication of engagement results must include applicable
conclusions. Final communication of engagement results must also include all applicable
recommendations and/or action plans. Where appropriate, the Internal Auditors’ opinion should
be provided. contain the Internal Auditors’ opinion and/or conclusions. When issued, An opinion
or conclusion must take into account of the expectations of senior management, the Board, and
other stakeholders and must be supported by sufficient, reliable, relevant, and useful
information.

60 Standards Update 2017 – what’s changed?

Standard 2430 – Use of “Conducted in Conformance with the International Standards for the
Professional Practice of Internal Auditing” Stating Internal auditors may report that their
engagements are “conducted in conformance with the International Standards for the
Professional Practice of Internal Auditing” is appropriate only if the results of the Quality
Assurance and Improvement Program support the statement.

61 Standards Update 2017 – what’s changed?

Standard 2431 – Engagement Disclosure of Non-conformance When non-conformance with the
Definition of Internal Auditing, the Code of Ethics or the Standards impacts a specific
engagement, communication of the results must disclose the: Principle(s) or rule(s) of conduct of
the Code of Ethics or the standard(s) with which full conformance was not achieved. Reason(s)
for non-conformance. Impact of non-conformance on the engagement and the communicated
engagement results.

62 Standards Update 2017 – what’s changed?

Standard 2450 – Overall Opinions When an overall opinion is issued, it must take into account
the strategies, objectives, and risks of the organisation; and the expectations of senior
management, the Board, and other stakeholders. The overall opinion and must be supported by
sufficient, reliable, relevant, and useful information. Interpretation: The communication will
identify include: The scope, including the time period to which the opinion pertains. Scope
limitations. Consideration of all related projects, including the reliance on other assurance
providers. A summary of the information that supports the opinion. The risk or control
framework or other criteria used as a basis for the overall opinion. The overall opinion,
judgment, or conclusion reached. The reasons for an unfavourable overall opinion must be
stated.

63 Standards Update 2017 – what’s changed?

Glossary – Board The highest level of governing body charged with the responsibility to direct
and/or oversee the activities and hold senior management of the organisation. Typically, this
includes an independent group of directors accountable (eg a board of directors, a supervisory
board, or a board of governors or trustees). If such a group does not exist, the “board” may refer
to the head of the organisation. “Board” may refer to an audit committee to which the governing
body has delegated certain functions. Although governance arrangements vary among
jurisdictions and sectors, typically the Board includes members who are not part of management
and is not solely comprised of members of management. If a Board does not exist, the word
“board” in the Standards refers to a group or person charged with governance. Furthermore,
“Board” in the Standards may refer to a committee or another body to which the governing body
has delegated certain functions (eg an Audit Committee or Risk Committee).

64 Standards Update 2017 – what’s changed?

Glossary – Chief Audit Executive Chief Audit Executive describes a person in a senior position
responsible for effectively managing the Internal Audit activity in accordance with the Internal
Audit Charter, the Definition of Internal Auditing, the Code of Ethics, and the Standards. The
Chief Audit Executive or others reporting to the Chief Audit Executive will have appropriate
professional certifications and qualifications. The specific job title and/or role of the Chief Audit
Executive may vary across organisations.

65 Standards Update 2017 – what’s changed?

Glossary – Core Principles for the Professional Practice of Internal Auditing The Core Principles
for the Professional Practice of Internal Auditing (Core Principles) are the key elements that
describe Internal Audit effectiveness. The Core Principles underpin the Code of Ethics and the
Standards.

66 Standards Update 2017 – what’s changed?

Glossary – International Professional Practices Framework The conceptual framework that
organises the authoritative guidance promulgated by the IIA. Authoritative Guidance is
comprised of two categories – (1) mandatory and (2) strongly recommended.

67 4. Attribute Standards

68 Attribute Standard 1000 ‘Purpose, Authority and Responsibility’

Overarching Standard 1000 – Purpose, Authority and Responsibility The purpose, authority and
responsibility of the Internal Audit activity must be formally defined in an Internal Audit
Charter, consistent with the Core Principles for the Professional Practice of Internal Auditing,
the Definition of Internal Auditing, the Code of Ethics and the Standards. The Chief Audit
Executive must periodically review the Internal Audit Charter and present it to senior
management and the Board for approval. Underlying Standard 1010 – Recognition of the Core
Principles for the Professional Practice of Internal Auditing, the Definition of Internal Auditing,
the Code of Ethics, and the Standards in the Internal Audit Charter. The mandatory nature of the
Core Principles for the Professional Practice of Internal Auditing, Definition of Internal
Auditing, the Code of Ethics, and the Standards must be reflected in the Internal Audit Charter.
The Chief Audit Executive should discuss the Mission, the Core Principles for the Professional
Practice of Internal Auditing, the Definition of Internal Auditing, the Code of Ethics, and the
Standards with senior management and the Board.

69 Attribute Standard 1100 ‘Independence and Objectivity’

Overarching Standard 1100 – Independence and Objectivity The Internal Audit activity must be
independent, and Internal Auditors must be objective in performing their work. Underlying
Standards 1110 – Organisational Independence 1111 – Direct Interaction with the Board 1112 –
Chief Audit Executive Roles beyond Internal Auditing 1120 – Individual Objectivity 1130 –
Impairment to Independence or Objectivity
70 Attribute Standard 1100 ‘Independence and Objectivity’
Standard 1110 – Organisational Independence The Chief Audit Executive must report to a level
within the organisation that allows the Internal Audit activity to fulfil its responsibilities. The
Chief Audit Executive must confirm to the Board at least annually the organisational
independence of the Internal Audit activity. Standard 1111 – Direct Interaction with the Board
The Chief Audit Executive must communicate and interact directly with the Board. Standard
1112 – Chief Audit Executive Roles beyond Internal Auditing When the Chief Audit Executive
has or is expected to have roles and/or responsibilities that fall outside of internal auditing,
safeguards must be in place to limit impairments to independence or objectivity. Standard 1120 –
Individual Objectivity Internal Auditors must have an impartial, unbiased attitude and avoid any
conflict of interest. Standard 1130 – Impairment to Independence or Objectivity If independence
or objectivity is impaired in fact or appearance, the details of the impairment must be disclosed
to appropriate parties. The nature of the disclosure will depend upon the impairment.

71 How is Internal Audit independent?

Internal Audit is independent of the organisation management structure  Board of Directors
Chief Executive Officer Internal Audit administrative reporting  Audit Committee Functional
reporting for Internal Audit operations Chief Audit Executive Internal Audit function

72 Attribute Standard 1200 ‘Proficiency and Due Professional Care’

Overarching Standard 1200 – Proficiency and Due Professional Care Engagements must be
performed with proficiency and due professional care. Underlying Standards 1210 – Proficiency
1220 – Due Professional Care 1230 – Continuing Professional Development

73 Attribute Standard 1200 ‘Proficiency and Due Professional Care’

Internal Auditors must possess the knowledge, skills, and other competencies needed to perform
their individual responsibilities. The Internal Audit activity collectively must possess or obtain
the knowledge, skills and other competencies needed to perform its responsibilities. Standard
1220 – Due Professional Care Internal Auditors must apply the care and skill of a reasonably
prudent and competent Internal Auditor. Due professional care does not imply infallibility.
Standard 1230 – Continuing Professional Development Internal Auditors must enhance their
knowledge, skills and other competencies through continuing professional development.

74 Attribute Standard 1300 ‘Quality Assurance and Improvement Program’

Overarching Standard 1300 – Quality Assurance and Improvement Program The Chief Audit
Executive must develop and maintain a Quality Assurance and Improvement Program that
covers all aspects of the Internal Audit activity. Underlying Standards 1310 – Requirements of
the Quality Assurance and Improvement Program 1311 – Internal Assessments 1312 – External
Assessments 1320 – Reporting on the Quality Assurance and Improvement Program 1321 – Use
of “Conforms with the International Standards for the Professional Practice of Internal Auditing”
1322 – Disclosure of Non-conformance

75 Attribute Standard 1300 ‘Quality Assurance and Improvement Program’

Standard 1310 – Requirements of the Quality Assurance and Improvement Program The Quality
Assurance and Improvement Program must include both internal and external assessments.
Standard 1311 – Internal Assessments Internal assessments must include: Ongoing monitoring of
the performance of the Internal Audit activity. Periodic self-assessments or assessments by other
persons within the organisation with sufficient knowledge of Internal Audit practices. Standard
1312 – External Assessments External assessments must be conducted at least every 5 years by a
qualified, independent assessor or assessment team from outside the organisation. The Chief
Audit Executive must discuss with the Board: The form and frequency of external assessment.
The qualifications and independence of the external assessor or assessment team, including any
potential conflict of interest.

76 Attribute Standard 1300 ‘Quality Assurance and Improvement Program’

Standard 1320 – Reporting on the Quality Assurance and Improvement Program The Chief
Audit Executive must communicate the results of the Quality Assurance and Improvement
Program to senior management and the Board. Disclosure should include: The scope and
frequency of both the internal and external assessments. Conclusions of assessors. Corrective
action plans. The qualifications and independence of the assessor or assessment team, including
potential conflicts of interest. Standard 1321 – Use of “Conforms with the International
Standards for the Professional Practice of Internal Auditing” Indicating that the Internal Audit
activity conforms with the International Standards for the Professional Practice of Internal
Auditing is appropriate only if the results of the Quality Assurance and Improvement Program
support such a statement. Standard 1322 – Disclosure of Non-conformance When non-
conformance with the Code of Ethics or the Standards impacts the overall scope or operation of
the Internal Audit activity, the Chief Audit Executive must disclose the non- conformance and
the impact to senior management and the Board.

77 5. Performance Standards

78 Performance Standard 2000 ‘Managing the Internal Audit Activity’

Overarching Standard 2000 – Managing the Internal Audit Activity The Chief Audit Executive
must effectively manage the Internal Audit activity to ensure it adds value to the organisation.
Underlying Standards 2010 – Planning. 2020 – Communication and Approval 2030 – Resource
Management 2040 – Policies and Procedures 2050 – Co-ordination 2060 – Reporting to Senior
Management and the Board 2070 – External Service Provider and Organisational Responsibility
for Internal Auditing

79 Attribute Standard 2000 ‘Managing the Internal Audit Activity’

Standard 2010 – Planning The Chief Audit Executive must establish a risk-based plan to
determine the priorities of the Internal Audit activity, consistent with the organisation’s goals.
Standard 2020 – Communication and Approval The Chief Audit Executive must communicate
the Internal Audit activity’s plans and resource requirements, including significant interim
changes, to senior management and the Board for review and approval. The Chief Audit
Executive must also communicate the impact of resource limitations. Standard 2030 – Resource
Management The Chief Audit Executive must ensure that Internal Audit resources are
appropriate, sufficient, and effectively deployed to achieve the approved plan. Standard 2040 –
Policies and Procedures The Chief Audit Executive must establish policies and procedures to
guide the Internal Audit activity.

80 Attribute Standard 2000 ‘Managing the Internal Audit Activity’

Standard 2050 – Co-ordination an Reliance The Chief Audit Executive should share information
and co-ordinate activities with other internal and external assurance and consulting service
providers to ensure proper coverage and minimise duplication of efforts. Standard 2060 –
Reporting to Senior Management and the Board The Chief Audit Executive must report
periodically to senior management and the Board on the Internal Audit activity’s purpose,
authority, responsibility, and performance relative to its plan, and on its conformance with the
Standards. Reporting must also include significant risk and control issues, including fraud risks,
governance issues, and other matters that require the attention of senior management and/or the
Board. Standard 2070 – External Service Provider and Organisational Responsibility for Internal
Auditing When an external service provider serves as the Internal Audit activity, the provider
must make the organisation aware that the organisation has the responsibility for maintaining
effective an Internal Audit activity.

81 Performance Standard 2100 ‘Nature of Work’

Overarching Standard 2100 – Nature of Work The Internal Audit activity must evaluate and
contribute to the improvement of governance, risk management, and control processes using a
systematic, disciplined, and risk-based approach. Internal Audit credibility and value are
enhanced when auditors are proactive and their evaluations offer new insights and consider
future impact. Underlying Standards 2110 – Governance 2120 – Risk Management 2130 –
Control

82 Performance Standard 2100 ‘Nature of Work’

Standard 2110 – Governance The Internal Audit activity must assess and make appropriate
recommendations to improve the organisation’s governance processes for: Making strategic and
operational decisions. Overseeing risk management and control. Promoting appropriate ethics
and values within the organisation. Ensuring effective organisational performance management
and accountability. Communicating risk and control information to appropriate areas of the
organisation. Co-ordinating the activities of, and communicating information among, the Board,
external and internal auditors, other assurance providers, and management. Standard 2120 – Risk
Management The Internal Audit activity must evaluate the effectiveness and contribute to the
improvement of risk management processes. Standard 2130 – Control The Internal Audit activity
must assist the organisation in maintaining effective controls by evaluating their effectiveness
and efficiency and by promoting continuous improvement.

83 Performance Standard 2100 ‘Nature of Work’

Governance: Promote appropriate ethics and values within the organisation. Ensure effective
organisational performance management and accountability. Communicate risk and control
information to appropriate areas of the organisation. Co-ordinate activities and communicate
information among the Board, external auditors, internal auditors, other assurance providers, and
management. Risk Management: Monitor and evaluate the risk management system. Identify
and evaluate significant exposures to risk. Contribute to improvement of risk management.
Incorporate knowledge gained during consulting engagements into the regular Internal Audit
program of work. Control: Evaluate the effectiveness and efficiency of controls. Promote
continuous improvement. Consider controls in the context of risk assessment. Ensure operating
and program goals are consistent with those of the organisation. Ensure management have
established adequate criteria for determining whether objectives have been achieved.

84 Performance Standard 2200 ‘Engagement Planning’

Overarching Standard 2200 – Engagement Planning Internal Auditors must develop and
document a plan for each engagement, including the engagement’s objectives, scope, timing and
resource allocations. The plan must consider the organisation’s strategies, objectives, and risks
relevant to the engagement. Underlying Standards 2201 – Planning Considerations 2210 –
Engagement Objectives 2220 – Engagement Scope 2230 – Engagement Resource Allocation
2240 – Engagement Work Program

85 Performance Standard 2200 ‘Engagement Planning’

Standard 2201 – Planning Considerations In planning the engagement, Internal Auditors must
consider: The strategies and objectives of the activity being reviewed and the means by which it
controls its performance. Significant risks to the activity’s objectives, resources, and operations
and the means by which the potential impact of risk is kept to an acceptable level. The adequacy
and effectiveness of the governance, risk management and control processes compared to a
relevant control framework or model. The opportunities for making significant improvements to
governance, risk management and control processes.

86 Performance Standard 2200 ‘Engagement Planning’

Standard 2210 – Engagement Objectives Objectives must be established for each engagement.
Standard 2220 – Engagement Scope The established scope must be sufficient to achieve the
objectives of the engagement. Standard 2230 – Engagement Resource Allocation Internal
Auditors must determine appropriate and sufficient resources to achieve engagement objectives
based on an evaluation of the nature and complexity of each engagement, time constraints, and
available resources. Standard 2240 – Engagement Work Program Internal Auditors must develop
and document work programs that achieve the engagement objectives.

87 Performance Standard 2300 ‘Performing the Engagement’

Overarching Standard 2300 – Performing the Engagement Internal Auditors must identify,
analyse, evaluate and document sufficient information to achieve the engagement’s objectives.
Underlying Standards 2310 – Identifying Information 2320 – Analysis and Evaluation 2330 –
Documenting Information 2340 – Engagement Supervision

88 Performance Standard 2300 ‘Performing the Engagement’

Standard 2310 – Identifying Information Internal Auditors must identify sufficient, reliable,
relevant and useful information to achieve the engagement’s objectives. Standard 2320 –
Analysis and Evaluation Internal Auditors must base conclusions and engagement results on
appropriate analyses and evaluations. Standard 2330 – Documenting Information Internal
Auditors must document sufficient, reliable, and useful information to support the engagement
results and conclusions. Standard 2340 – Engagement Supervision Engagements must be
properly supervised to ensure objectives are achieved, quality is assured, and staff is developed.

89 Performance Standard 2300 ‘Performing the Engagement’

Standard 2310 – Identifying Information Information must be: Sufficient – Factual, adequate,
convincing. Reliable – Repeatable, best available. Relevant – Support engagement observations.
Useful – Help the organisation meet its goals.

90 Performance Standard 2300 ‘Performing the Engagement’

91 Performance Standard 2400 ‘Communicating Results’

Overarching Standard 2400 – Communicating Results Internal Auditors must communicate the
results of engagements. Underlying Standards 2410 – Criteria for Communicating 2420 –
Quality of Communications 2421 – Errors and Omissions 2430 – Use of “Conducted in
accordance with the International Standards for the Professional Practice of Internal Auditing”
2431 – Engagement Disclosure of Non-conformance 2440 – Disseminating Results 2450 –
Overall Opinions

92 Performance Standard 2400 ‘Communicating Results’

Standard 2410 – Criteria for Communicating Communications must include the engagement’s
objectives, scope, and results. Standard 2420 – Quality of Communication Communications
must be accurate, objective, clear, concise, constructive, complete, and timely. Standard 2421 –
Errors and Omissions If a final communication contains a significant error or omission, the Chief
Audit Executive must communicate corrected information to all parties who received the
original communication. Standard 2430 – Use of “Conducted in Conformance with the
International Standards for the Professional Practice of Internal Auditing” Stating engagements
are “Conducted in conformance with the International Standards for the Professional Practice of
Internal Auditing” is appropriate only if the results of the Quality Assurance and Improvement
Program support the statement.

93 Performance Standard 2400 ‘Communicating Results’

Standard 2431 – Engagement Disclosure of Non-conformance When non-conformance with the
Code of Ethics or the Standards impacts a specific engagement, communication of the results
must disclose the: Principle(s) or rule(s) of conduct of the Code of Ethics or the Standards with
which full conformance was not achieved. Reason(s) for non-conformance. Impact of non-
conformance on the engagement and the communicated engagement results. Standard 2440 –
Disseminating Results The Chief Audit Executive must communicate results to the appropriate
parties. Standard 2450 – Overall Opinions When an overall opinion is issued, it must take into
account the strategies, objectives, and risks of the organisation; and the expectations of senior
management, the Board, and other stakeholders. The overall opinion must be supported by
sufficient, reliable, relevant, and useful information.

94 Performance Standard 2400 ‘Communicating Results’

Communications (reports) should be: Accurate. Objective. Clear. Concise. Constructive.
Complete. Timely. Plus “Internal Auditors are encouraged to acknowledge satisfactory
performance in engagement communications.”

95 Performance Standard 2400 ‘Communicating Results’

An observation should contain: Condition – What is. Criteria – What should be. Observation –
The difference between ‘what is’ and ‘what should be’. Effect – The result (risk or impact).
Cause – Why the effect occurred. Agreed Management Action Plan (MAP) – How to fix the
cause.

96 Performance Standard 2500 ‘Monitoring Progress’

Overarching Standard 2500 – Monitoring Progress The Chief Audit Executive must establish
and maintain a system to monitor the disposition of results communicated to management.
Underlying Standards There are no underlying Standards.

97 Performance Standard 2600 ‘Communicating the Acceptance of Risks’

Overarching Standard 2600 – Communicating the Acceptance of Risks When the Chief Audit
Executive concludes that management has accepted a level of risk that may be unacceptable to
the organisation, the Chief Audit Executive must discuss the matter with senior management. If
the Chief Audit Executive determines that the matter has not been resolved, the Chief Audit
Executive must communicate the matter to the Board. Underlying Standards There are no
underlying Standards.

Type of audit’s opinions:

Here is the list of four types of audit opinion,

Unmodified Opinion:

As mentioned above, unmodified opinion is expressed to the financial statements that prepared
in all material respect and complying with the applicable framework.

This opinion is issued once auditors obtain sufficient and appropriate audit evidence to the
financial statements as the result of their testing.
Qualified Opinion:

Qualifies opinion is the type of modified audit opinion where auditors make a conclusion after
their testing that there is material misstatement found in the financial statements; however, those
misstatements are not pervasive. Pervasive here is a bit subjective as it is based on auditor’s
judgment.

But, as said in standard, misstatement is pervasive to financial statements if those misstatements

are not effecting the financial statements and users’ decision making. The auditor may issue a
qualified opinion on the opening balance of financial statements of the previous year’s financial
statements that were not audited by them.

Adverse Opinion:

The adverse opinion is issued to the financial statements where auditors examined and concluded
that those financial statements are materially misstated and pervasive. Compared to qualified
opinion, adverse opinion is more serious than.

This opinion is the message to users of financial statements that they should not rely on these
financial statements in their decision making.

This opinion is a bit different from a qualified opinion. For a qualified opinion, the auditor found
material misstatement in the financial statements, but those misstatements are not pervasive.

Yet, in Adverse opinion, misstatements are both material and pervasive.

Disclaimer of Opinion:

Disclaimer of opinion, by the way, is different from both qualified and adverse. The auditor
issued the disclaimer of opinion where they could not obtain and unable to access the audit
evidence for individual items or in aggregation in the to support their testing.

Auditor believes that for those items that they are not able to access and obtain information
could be materially misstated and pervasive.

This is happening after the auditor tries their best to negotiate with the client to obtain all of that
important information and the client still rejects no matter it is the intention or unintentional.

Auditing: 50 multiple choice audit questions

1 Which one of the following is not a General Standard?
a. Proper planning and supervision.
b. Independence of mental attitude.
c. Adequate training and proficiency.
d. Due professional care.
2 Which one of the following is not a Field Work Standard?
a. Proper planning and supervision.
b. Due professional care.
c. Study the internal control structure.
d. Gather sufficient competent evidence.

3 The general standards stress the importance of

a. evidence accumulation.
b. the personal qualities which the auditor should possess.
c. communicating the auditor’s findings to the reader.
d. all of the above.

4 The generally accepted auditing standard that requires “Adequate technical training and
proficiency” is normally interpreted as requiring the auditor to have
a. formal education in auditing and accounting.
b. adequate practical experience for the work being performed.
c. continuing professional education.
d. all of the above.

5 In any case in which the CPA or the CPA’s assistants are not qualified to perform the work, a
professional obligation exists to
a. acquire the requisite knowledge and skills.
b. suggest someone else who is qualified to perform the work.
c. decline the engagement.
d. any of the above.

6 A member CPA firm is required by the AICPA to belong to the SEC Practice Section if it
a. wishes to audit companies whose assets exceed $250 million.
b. does any audits.
c. does any reviews or audits.
d. audits one or more publicly-held companies.

7 If it is probable that the judgment of a reasonable person would have been changed or
influenced by the omission or misstatement of information, then that information is, by
definition of FASB Statement No. 2,
a. material.
b. insignificant.
c. significant.
d. relevant.

8 The preliminary judgment about materiality is the amount by which the auditor believes the
statements could be misstated and still not affect the decisions of reasonable users.
a. minimum
b. maximum
c. mean average
d. median average

9 When auditors allocate the preliminary judgment about materiality to account balances, the
materiality allocated to any given account balance is referred to in SAS No. 39 as
a. the materiality range.
b. the error range.
c. tolerable materiality.
d. tolerable misstatement.

10 Why do auditors establish a preliminary judgment about materiality?

a. To help the auditor plan the appropriate evidence to accumulate.
b. So that the client can know what records to make available to the auditor.
c. To determine what level of staffing (i.e., work experience) is required for the audit.
d. None of the above.

11 If an auditor establishes a relatively low level for materiality, then the auditor will
a. accumulate more evidence than if a higher level had been set.
b. accumulate less evidence than if a higher level had been set.
c. accumulate approximately the same evidence as would be the case were a higher level set.
d. accumulate an undetermined amount of evidence.

12 After the preliminary judgment about materiality has been established, auditors may
a. not adjust it.
b. adjust it downward only.
c. adjust it upward only.
d. adjust it either downward or upward.

13 Which of the following “decisions” are relevant to the auditor’s evidence accumulation?
a. Type of audit procedure to use.
b. Number of items to examine.
c. Timing of audit procedures.
d. All of the above are relevant.

14 Audit procedures are normally performed

a. early in the accounting period being examined.
b. throughout the accounting period being examined, but with emphasis on the transactions near
the end.
c. within one to three months after the close of the accounting period.
d. during all three of the above periods.

15 The third standard of fieldwork requires the auditor to accumulate sufficient competent
evidence to support the opinion issued. Because of the nature of audit evidence, it is
a. unlikely the auditor will be completely convinced that the opinion is correct.
b. likely the auditor will be completely convinced that the opinion is correct.
c. unlikely the auditor will arrive at a conclusion.
d. likely that the auditor would change his/her mind about the opinion if he/she took the time to
gather additional evidence.

16 Which of the following forms of evidence is most reliable?

a. General ledger account balances.
b. Confirmation of A/R balance received from a customer.
c. Internal memo explaining the issuance of a credit memo.
d. Copy of month-end adjusting entries.

17 Evidence obtained directly by the auditor is more competent than information obtained
indirectly. Which of the following is not an example of the auditor’s direct knowledge?
a. Physical examination.
b. Observation.
c. Computation.
d. Inquiry.

18 When an auditor calculates the gross margin as a percent of sales and compares it with
previous periods, this type of evidence is called
a. physical examination.
b. computation.
c. observation.
d. inquiry

19 Which of the following is not one of the three main reasons why the auditor should properly
plan engagements?
a. To enable proper on-the-job training of employees.
b. To enable the auditor to obtain sufficient competent evidence.
c. To avoid misunderstandings with the client.
d. To help keep audit costs reasonable.

20 A measure of how willing the auditor is to accept that the financial statements may be
materially misstated after the audit is completed and an unqualified opinion has been issued is
the
a. inherent risk.
b. acceptable audit risk.
c. statistical risk.
d. financial risk.

21 A measure of the auditor’s assessment of the likelihood that there are material misstatements
in an account before considering the effectiveness of the client’s internal control is
a. control risk.
b. acceptable audit risk.
c. statistical risk.
d. inherent risk.

22 The auditor is likely to accumulate more evidence when the audit is for a company
a. whose stock is publicly held.
b. which has extensive indebtedness.
c. which is to be sold in the near future.
d. All three of the above.

23 Which of the following is not typically included initial audit planning?

a. Client acceptance/continuation decisions.
b. Determination of the purpose of the audit.
c. Schedule engagement staff and audit specialists.
d. Perform preliminary analytical procedures.

24 Most auditors assess inherent risk as high for related parties and related-party transactions
because
a. of the accounting disclosure requirement.
b. of the lack of independence between the parties.
c. both a and b.
d. it is required by generally accepted accounting principles.
25 Which of the following parties is responsible for establishing an entity’s internal controls?
a. Management.
b. Auditors.
c. Management and auditors.
d. Committee of Sponsoring Organizations.

26 For an internal audit function to be effective, it is essential that the internal audit staff
a. be independent of the operating departments.
b. be independent of the accounting department.
c. report directly to a high level of authority within the organization such as the audit committee.
d. achieve all of the above.

27 Management is often unwilling to implement an ideal system of internal controls because

a. control failures are infrequent.
b. such a system is too expensive.
c. sufficient technology does not exist to afford an ideal system.
d. risks are often overstated.

28 Internal controls can never be considered as absolutely effective because

a. their effectiveness is limited by the competency and dependability of the company’s
personnel.
b. controls always have inherent weaknesses that can be exploited.
c. controls are designed to prevent and detect only material misstatements.
d. none of the above.

29 A major control available in a small company, which might not be feasible in a large
company, is
a. a wider segregation of duties.
b. a voucher system.
c. fewer transactions to process.
d. the owner-manager’s personal interest and close relationship with personnel.

30 An auditor’s attempt to gain an understanding of the accounting system is typically

accomplished and documented by
a. a narrative description of the system.
b. a flowchart.
c. a questionnaire.
d. using any of the above.

31 IT has several significant effects on an organization. Which of the following would not be
important from an auditing perspective?
a. Organizational changes.
b. The visibility of information.
c. The potential for material misstatement.
d. None of the above; i.e., they are all important.

32 The audit procedure which is least useful in gathering evidence on significant computer
processes is
a. documentation.
b. observation.
c. test decks.
d. generalized audit software.

33 Which of the following is not a benefit of using IT based controls?

a. Ability to process large volumes of transactions.
b. Ability to replace manual controls with computer-based controls.
c. Reduction in misstatements due to consistent processing of transactions.
d. Over-reliance on computer generated reports.

34 Which of the following is not a risk specific to IT environments?

a. Reliance on the functioning capabilities of hardware and software.
b. Increased human involvement.
c. Loss of data due to insufficient backup.
d. Reduced segregation of duties.

35 Which of the following is not an enhancement to internal control that will occur as a
consequence of increased reliance on IT?
a. Computer controls replace manual controls.
b. Higher quality information is available.
c. Computer-based controls provide opportunities to enhance segregation of duties.
d. All of the above are enhancements.

36 Which of the following are not an application control?

a. Processing controls.
b. Output controls.
c. Hardware controls.
d. Input controls.

37 A sample in which the characteristics of the sample are the same as those of the population is
a(n)
a. variables sample.
b. representative sample.
c. attributes sample.
d. random sample.

38 When the auditor decides to select less than 100 percent of the population for testing, the
auditor is said to be using
a. audit sampling.
b. representative sampling.
c. poor judgment.
d. none of the above.

39 One of the ways to eliminate nonsampling risk is through

a. proper supervision and instruction of the client’s employees.
b. proper supervision and instruction of the audit team.
c. the use of attributes sampling rather than variables sampling.
d. controls which ensure that the sample drawn is random and representative.

40 One cause of nonsampling risk is

a. ineffective use of audit procedures.
b. testing less than the entire population.
c. use of extensive tests of controls.
d. any of the above.

41 When the auditor goes through a population and selects items for the sample without regard
to their size, source, or other distinguishing characteristics, it is called
a. block sample selection.
b. haphazard selection.
c. systematic sample selection.
d. statistical selection.

42 When the auditor intends to evaluate a sample statistically, the only acceptable selection
method is
a. probabilistic selection.
b. judgmental selection.
c. haphazard selection.
d. block sample selection.

43 When monetary-unit sampling has been concluded and the population is not considered
acceptable, which one of the following courses of action would not be appropriate for the
auditor?
a. Increase the sample size to see if this may satisfy the auditor’s tolerable misstatement
requirements.
b. Increase the tolerable misstatement amounts so that the error bounds are acceptable.
c. Request the client to correct the population.
d. Refuse to give an unqualified opinion.

44 Both sampling and nonsampling risks are associated with

a. tests of controls.
b. substantive tests of transactions.
c. tests of details of balances.
d. all of the above.

45 Tolerable misstatements for overstatements and understatements

a. may be different amounts.
b. must be different amounts.
c. must be set at the same amount.
d. will be determined by the statistical tables.

46 Monetary-unit sampling is most commonly used when

a. zero or few exceptions are expected.
b. a dollar result is desired.
c. the population data are maintained on computer files.
d. all of the above.

47 Tests for rates of occurrence are appropriately used in all but which of the following
situations?
a. Testing of internal controls.
b. Substantive testing of transactions.
c. Substantive testing of details of balances.
d. Tests for rates of occurrence are appropriate for all of the above.
48 Which of the following is not a type of statistical method that provides results in dollar terms?
a. Variables sampling.
b. Attributes sampling.
c. Monetary-unit sampling.
d. Sampling with probability proportional to size.

49 SAS 99 provides U.S. auditors expanded guidance

a. for detecting material fraud

b. how to strengthen internal control
c. audit sampling
d. both a and b

50 Fraud can be difficult to detect because it often involves concealment through falsification of
documents or collusion.

a. true
b. false

Skip to content

Engineering interview questions,Mcqs,Objective Questions,Class Notes,Seminor topics,Lab Viva Pdf free download. CIVIL | Mechanical | CSE |
EEE | ECE | IT | Chemical Online Quiz Tests for Freshers.

 HOME
 Interview Questions
 MCQs
 *LAB VIVA
 CLASS NOTES
 SEMINAR TOPICS
 ONLINE TEST
 GATE
 CAT
 Internship
 ABOUT US
 Privacy Policy

Home » AUDITING MCQs » 300+ TOP AUDITING Objective Questions and Answers
MCQs

300+ TOP AUDITING Objective Questions

and Answers MCQs
AUDITING Multiple Choice Questions :-
1. Various types of quality audits are:
A) product
B) process
C) management (system)
D) registration (certification)
E) All of above

ANS: E

2. When the auditor is an employee of the organization being audited (auditee), the audit is
classified as an …….. quality audit.

A) internal
B) external
C) compliance
D) Both A & B

ANS: A

3. The most comprehensive type of audit is the ……… system audit, which examines
suitability and effectiveness of the system as a whole.

A) quantity
B) quality
C) Preliminary
D) sequential

ANS: B

4. Each of the three parties involved in an audit ……………………. plays a role that
contributes to its success.

A) the client, the auditor, and the auditeer

B) the client, the auditor, and the audite
C) the client, the moderator, and the auditee
D) the client, the auditor, and the auditee

ANS: D

5. An audit is usually conducted in three steps:

(1) A pre-examination or opening meeting with the auditee marks the beginning of the process.
(2) involves a suitability audit of the documented procedures against the selected reference
standard.
(3) the auditor examines in depth the implementation of the quality system.

A) True
B) False

ANS: A
6. The audit final report should include, at a minimum, the following:
(choose the one NOT required)

1. Type of audit conducted

2. Characteristics of audit
3. Identification of involved parties: auditor, auditee, and third party
4. Audit team members
5. Critical nonconformities and other observations
6. Audit standards and reference documents used
7. Determination of proper corrective action(s)
8. Duration of audit

A) 1
B) 2
C) 4
D) 8

ANS: B

7. The time required and costs involved in an external audit are much higher as compared
to internal audits.

A) True
B) False

ANS: A

8. Audit is a fact-finding process that compares actual results with ………………….

A) specified standards and plans

B) expected results
C) premature results
D) preliminary results

ANS: A

9. The ……… is also expected to provide the resources needed and select staff members to
accompany the auditors.

A) auditor
B) client
C) internal auditor
D) auditee

ANS: D

10. For the benefit of the organisation, quality auditing should only report non-
conformances and corrective actions, but should not highlight areas of good practice.

A) True
B) False
ANS: B

AUDITING MCQs

11. Who among the following can be appointed as auditor of a company?

A) A partner or a director of the company.
B) A person of unsound mind.
C) Mr. Y who owes Rs. 500 to the company.
D) Mr. Z the holder of C.A certificate.
Answer: D

12. Confirmation of the court is necessary for __________.

A) increasing the share capital.
B) reduction of share capital.
C) conversion of shares into stock.
D) issue of new shares.
Answer: B

13. Audit means ___________.

A) recording business transactions.
B) preparing the final accounts.
C) examination of books, accounts, vouchers etc.
D) preparing final accounts.
Answer: C

14. Auditor shall report on the accounts examined by him __________.

A) to the shareholders.
B) to the court.
C) to the bank.
D) to the general public.
Answer: A

15. Sale of land is a __________.

A) revenue receipt.
B) capital receipt.
C) capital expenditure.
D) revenue expenditure
Answer: B

16. Secret reserve can be created by _______________.

A) public limited company only
B) banking and financial companies only.
C) private limited company only.
D) co-operative societies
Answer: B

17. When a transaction has not been recorded in the books of account either wholly or
partially such errors are called as _________.
A) Error of commission
B) Error of omission.
C) Compensating error.
D) Error of principle.
Answer: B

18. Verification of the value of assets, liabilities, the balance of reserves, provision and the
amount of profit earned or loss suffered a firm is called _________.
A) Continuous audit.
B) Balance sheet audit.
C) Interim audit.
D) Partial audit.
Answer: B

19. Vouching of the balances of all incomes and expenses account is known as vouching of
______.
A) Personal ledger.
B) Impersonal ledger.
C) Cash
D) Sales
Answer: B

20. Preliminary expenses are the best example for _________.

A) fictitious asset.
B) intangible asset.
C) wasting asset.
D) floating asset.
Answer: A

21. Periodical audit is also called as _________.

A) Final audit.
B) Interim audit.
C) Balance sheet audit.
D) Income statement audit.
Answer: C

22. The auditor of a government company shall be appointed by ________.

A) the government company itself.
B) the central government.
C) the share holders.
D) the debenture holders.
Answer: B

23. The main object of the audit of the cash book may be ________.
A) to verify the assets and liabilities.
B) to know that all receipts and payments have been properly recorded.
C) to check the internal control system in business.
D) to check the bank balance.
Answer: B

24. One of the audit procedures to check the issue of share capital of the newly formed
company is __________.
A) the memorandum of association and articles of association.
B) the share transfer register.
C) the issue of debenture.
D) none of the above.
Answer: A

25. The work of one clerk is automatically check by another clerk is called _________.
A) Internal control.
B) Internal check.
C) Internal audit.
D) None of the above.
Answer: B

26. The owners of the company are called __________.

A) Debenture holders.
B) Debtors
C) Shareholders
D) None of the above.
Answer: C

27. The main objects of investigation is _________.

A) to discover errors and frauds.
B) to prevent errors and frauds.
C) to verify statements.
D) all the above
Answer: D

28. Share may be issued _____________.

A) at par.
B) at premium.
C) at discount.
D) all the above.
Answer: D

29. The liabilities of an auditor can be _________.

A) Civil
B) Criminal
C) Civil and Criminal.
D) Official
Answer: C

30. Internal auditor of a company must be _______________.

A) Cost accountant.
B) Chartered accountant.
C) ICWA
D) need not possess any professional qualification.
Answer: B

31. A vacancy caused by resignation of an auditor is filled by _________.

A) board of directors.
B) managing director.
C) general meeting.
D) central government.
Answer: C

32. Cost audit under section 233(b) of the companies act is ___________.
A) voluntary
B) compulsory
C) advisable
D) avoidable
Answer: C

33. When at an annual general meeting of a company no auditor is appointed or

reappointed. In that case ________
A) the central government appoints a person to fill the vacancy
B) the board of directors appoints a person to fill the vacancy.
C) the managing director of the company appoints a person to fill the vacancy.
D) none of these can appoint a person to fill the vacancy.
Answer: A

34. The most difficult type of misstatement to detect fraud is based on __________.
A) related party purchases.
B) related party sales.
C) the restatement of sales.
D) omission of a sales transaction from being recorded.
Answer: D

35. Professional skepticism requires that the auditor assume that management is
_________.
A) reasonably honest.
B) neither honest nor dishonest.
C) not necessarily honest.
D) dishonest unless proved otherwise.
Answer: B

36. The use of an audit engagement letter is the best method of assuring the auditor will
have which of the following?
A) Auditor will obtain sufficient appropriate audit evidence.
B) Management representation letter.
C) Access to all books, accounts and vouchers required for audit purpose.
D) Co-operation from other auditors
Answer: C

37. An auditor who accepts an audit but does not posses the industry expertise of the
business entity should ______________.
A) engage experts.
B) obtain knowledge of matters that relate to the nature of entity business.
C) inform management about it.
D) take help of other auditors.
Answer: B

38. Audit of banks is an example of __________.

A) Statutory audit.
B) Balance sheet audit.
C) Concurrent audit.
D) All of the above.
Answer: D

39. In India balance sheet audit is synonymous to _______________.

A) Annual audit.
B) Continuous audit.
C) Detailed audit.
D) Statutory audit.
Answer: A

40. Balance sheet audit included verification of ________.

A) assets
B) liabilities
C) income and expenditure accounts where appropriate.
D) all of the above.
Answer: D

41. Which of the following is not a fact of EPA?

A) Economic audit.
B) Efficiency audit.
C) Expenditure audit.
D) Effectiveness audit.
Answer: C

42. In determining the level of materiality for an audit what should not be considered?
A) Prior years errors.
B) The auditor remuneration.
C) Adjusted interim financial statement.
D) Prior year financial statements.
Answer: B

43. Which of the following statement is most closely associated with analytical procedure
applied at substantive stage?
A) It helps to study relationship among balance sheet accounts.
B) It helps to discover material misstatements in the financial statements.
C) It helps to identify possible oversights.
D) It helps to accumulate evidence supporting the validity of a specific account balance
Answer: D

44. Of the following, which is the least persuasive type of audit evidence?
A) Bank statements obtained from the client
B) Documents obtained by auditor from third parties directly.
C) Carbon copies of sales invoices inspected by the auditor
D) Computations made by the auditor.
Answer: C

45. Which of the following Auditing Assurance Standard deals with Audit planning?
A) AAS-7.
B) AAS-8.
C) AAS-9.
D) AAS-3.
Answer: B

46. Audit Programme is prepared by ___________.

A) the auditor.
B) the client.
C) the audit assistants.
D) the auditor and his audit assistants.
Answer: D

47. The quantity of audit working papers complied on engagement would most be affected
by _________________.
A) management integrity.
B) auditor experience and professional judgement.
C) Auditor qualification.
D) control risk.
Answer: A

48. Which of the following is not an advantage of the preparation of working paper?
A) To provide a basis for review of audit work.
B) To provide a basis for subsequent audits
C) To ensure audit work is being carried out as per Programme.
D) To provide a guide for advising another client on similar issues.
Answer: D

49. Which of the following sections deals with qualification of the auditor?
A) Section 226(1) and Section 226(2).
B) Section 224(1) and Section 224(2).
C) Section 226(3) and Section 226(4).
D) Section 224(3) and Section 224(4)
Answer: A

50. The board of directors shall appoint first auditor of a company ___________.
A) within one month of completion of capital subscription state of the company
B) within one month of the promotion of the company.
C) within one month of the commencement of the business of the company.
D) within one month of incorporation of the company.
Answer: D

51. In case the directions fail to appoint first auditors, the shareholders shall appoint them
at _______ by passing a resolution.
A) a general meeting.
B) first annual general meeting.
C) statutory meeting.
D) annual general meeting
Answer: A

52. The auditor of a government company is appointed by the C & AG. His remuneration
is fixed by _____________.
A) the C & AG.
B) the shareholders.
C) the shareholders at an annual general meeting.
D) the board of directors.
Answer: B

53. Which of the following statement is not correct regarding removal of first auditor
before expiry of the term?
A) He is removed at a general meeting.
B) The shareholders are authorized to do so
C) The approval of the central government is required for such removal.
D) The provision for such removal are contained in section 224(7)
Answer: C

54. The retiring auditor does not have a right to _________.

A) make written representations.
B) get his representation circulated.
C) be heard at the meeting.
D) speak as a member of the company.
Answer: D

55. Auditor of a _______ company does not have right to visit foreign branches of the
company.
A) unlimited liability.
B) manufacturing
C) banking
D) non-profit making.
Answer: B

56. Special audit is conducted at the order of the central government. Which section givers
such powers?
A) Section 233(A).
B) section 233(B)
C) section 242(A)
D) Section 242(B).
Answer: C

57. As per C & AG Act, 1971 the tenure of the comptroller and Auditor General is ______
a. four years.
A) four years.
B) five years.
C) six years.
D) seven years.
Answer: C
58. Audit of transactions does not include __________.
A) propriety audit.
B) efficiency cum performance audit.
C) audit of receipts.
D) audit of expenditure.
Answer: B

59. Audit of rent, deposits and remittances does not cover ____________.
A) audit of borrowings.
B) audit of amortization of debt.
C) audit of sanctions
D) remittance audit.
Answer: C

60. The statutory auditor of a Government Company submits his report to _________
A) the BOD of the company
B) the C & AG.
C) the legislature.
D) the company secretary.
Answer: B

61. THE RISK OF MANAGEMENT FRAUD INCREASES IN THE PRESENCE OF:

A) FREQUENT CHANGES IN SUPPLIES

B) IMPROVED INTERNAL CONTROL SYSTEM
C) SUBSTANTIAL INCREASES IN SALES
D) MANAGEMENT INCENTIVE SYSTEM BASED ON SALES DONE IN A QUARTER

ANS: D

62. AUDITING STANDARDS DIFFER FROM AUDIT PROCEDURES IN THAT

PROCEDURES RELATE TO

A) AUDIT ASSUMPTIONS
B) ACTS TO BE PERFORMED
C) QUALITY CRITERION
D) METHODS OF WORK

ANS: B

63. WHICH OF THE FOLLOWING FACTORS LIKELY TO BE IDENTIFIED AS A

FRAUD FACTOR BY THE AUDITOR?

A) THE COMPANY IS PLANNING AN INITIAL PUBLIC OFFER OF QUALITY SHARES

TO RAISE ADDITIONAL CAPITAL FOR EXPANSION.
B) BANK RECONCILIATION STATEMENT INCLUDES DEPOSITSINTRANSIT.
C) PLANT AND MACHINERY IS SOLD AT A LOSS.
D) THE COMPANY HAS MADE POLITICAL CONTRIBUTIONS.

ANS: A
64. THE MOST DIFFICULT TYPE OF MISSTATEMENT TO DETECT FRAUD IS
BASED ON:

A) RELATED PARTY PURCHASES

B) RELATED PARTY SALES
C) THE RESTATEMENT OF SALES
D) OMISSION OF A SALES TRANSACTION FROM BEING RECORDED.

ANS: D

65. WHICH OF THE FOLLOWING STATEMENTS IS CORRECT CONCERNING THE

REQUIRED DOCUMENTATION IN?

WORKING PAPERS OF FRAUD RISK ASSESSMENT UNDERTAKEN BY THE

AUDITOR.

A) AL RISK FACTORS AS MENTIONED IN AAS4, SHOULD BE CONSIDERED AND

DOCUMENTED ALONG WITH RESPONSE TO THEM.
B) DOCUMENT THE IDENTIFICATION OF FRAUD RISK FACTORS ALONG WITH
RESPONSE TO THEM.
C) DOCUMENT MATERIAL FRAUD, RISK FACTORS AND RESPONSE TO THEM.
D) NO DOCUMENTATION IN REQUIRED.

ANS: B

AUDITING Objective type Questions with Answers

66. WHICH OF THE FOLLOWING IS THE MOST APPROPRIATE POTENTIAL

REACTION OF THE AUDITOR TO HIS?
ASSESSMENT THAT THE RISK OF MATERIAL MISSTATEMENT DUE TO FRAUD
IS HIGH IN RELATION TO EXISTENCE OF INVENTORY?

A) VISIT LOCATION ON SURPRISE BASIS TO OBSERVE TEST COUNTS

B) REQUEST INVENTORY COUNT AT A DATE CLOSE TO YEAREND
C) VOUCH GOODS SENT ON APPROVAL VERY CAREFUL Y
D) PERFORM ANALYTICAL PROCEDURES.

67. WHICH OF THE FOLLOWING IS NOT LIKELY TO BE A FRAUD RISK FACTOR

RELATING TO MANAGEMENT’S? CHARACTERISTICS

A) TAX EVASION
B) FAILURE TO CORRECT KNOWN WEAKNESS IN INTERNAL CONTROL SYSTEM
C) ADOPTION OF CONSERVATIVE ACCOUNTING PRINCIPLES
D) HIGH MANAGEMENT TURNOVER

68. PROFESSIONAL SKEPTICISM REQUIRES THAT THE AUDITOR ASSUME

THAT MANAGEMENT IS

A) REASONABLY HONEST
B) NEITHER HONEST NOR DISHONEST
C) NOT NECESSARILY HONEST
D) DISHONEST UNLESS PROVED OTHERWISE

69. WHICH OF THE FOLLOWING INFORMATION SHOULD A SUCCESSOR

AUDITOR OBTAIN DURING THE INQUIRY OF?
THE PREDECESSOR AUDITOR BEFORE ACCEPTING ENGAGEMENT?

I) INFORMATION ABOUT INTEGRITY OF MANAGEMENT

II) DISAGREEMENT WITH MANAGEMENT CONCERNING AUDITING PROCEDURES
II) REVIEW OF INTERNAL CONTROL SYSTEM.
IV) ORGANIZATION STRUCTURE
A) (I) AND (I) B) (I) AND (I I) C) (I), (I) AND (I I) D) I) AND (I I)

70. THE AUDIT ENGAGEMENT LETTER, GENERAL Y, SHOULD INCLUDE A

REFERENCE TO EACH OF THE FOLLOWING EXCEPT

A) LIMITATIONS OF AUDITING
B) RESPONSIBILITIES OF MANAGEMENT WITH RESPECT TO AUDIT WORK
C) EXPECTATION OF RECEIVING A WRITTEN MANAGEMENT REPRESENTATION
LETTER.
D) A DESCRIPTION OF THE AUDITOR’S METHOD OF SAMPLE SELECTION.

71. THE USE OF AN AUDIT ENGAGEMENT LETTER IS THE BEST METHOD OF

ASSURING THE AUDITOR WILL HAVE WHICH OF THE FOLLOWING?

A) AUDITOR WILL OBTAIN SUFFICIENT APPROPRIATE AUDIT EVIDENCE.

B) MANAGEMENT REPRESENTATION LETTER
C) ACCESS TO ALL BOOKS, ACCOUNTS AND VOUCHERS REQUIRED FOR
AUDIT PURPOSE
D) COOPERATION FROM OTHER AUDITORS

72. THE USE OF AN AUDIT ENGAGEMENT LETTER IS THE BEST METHOD OF

DOCUMENTING

I) THE REQUIRED COMMUNICATION OF SIGNIFICANT DEFICIENCIES IN INTERNAL

CONTROL
II) SIGNIFICANTLY HIGHER CONTROL RISK THAN THAT ASSESSED IN PRIOR
AUDIT.
II) OBJECTIVE AND SCOPE OF AUDITOR’S WORK
IV) NOTIFICATION OF ANY CHANGES IN THE ORIGINAL ARRANGEMENTS OF THE
AUDIT.
A) (I) AND (I) B) (I) AND (II) C) I AND (IV) D) (I I AND (IV)

73. AN AUDITOR WHO ACCEPTS AN AUDIT BUT DOES NOT POSSESS THE
INDUSTRY EXPERTISE OF THE BUSINESS ENTITY SHOULD

A) ENGAGE EXPERTS
B) OBTAIN KNOWLEDGE OF MATTERS THAT RELATE TO THE NATURE OF
ENTITY’S BUSINESS
C) INFORM MANAGEMENT ABOUT IT
D) TAKE HELP OF OTHER AUDITORS
74. THE LEAST IMPORTANT ELEMENT IN THE EVALUATION OF AN AUDIT
FIRM’S SYSTEM OF QUALITY CONTROL WOULD RELATE TO

A) ASSIGNMENT OF AUDIT ASSISTANTS

B) SYSTEM OF DETERMINING AUDIT FEES
C) CONSULTATION WITH EXPERTS
D) CONFIDENTIALITY OF CLIENT’S INFORMATION

75. THE PRIMARY PURPOSE OF ESTABLISHING QUALITY CONTROL POLICIES

AND PROCEDURES FOR DECIDING ON CLIENT EVALUATION IS TO

A) ENSURE ADHERENCE TO GENERAL Y ACCEPTED AUDITING STANDARDS

B) ACCEPTANCE OR RETENTION OF CLIENTS WHOSE MANAGEMENT DOES
NOT LACK INTEGRITY
C) ENSURE AUDIT FEES IS CHARGED ACCORDING TO THE TYPE OF AUDIT WORK
ASSIGNED
D) ALL OF THE ABOVE

76. WHICH OF THE FOLLOWING IS NOT A QUALITY CONTROL

CONSIDERATION ON ACCEPTING A NEW CLIENT?

A) AVAILABILITY OF AUDIT ASSISTANTS WITH NECESSARY SKILL AND

COMPETENCE.
B) PROVISION OF OTHER SERVICES TO THE CLIENT WHICH MAY IMPAIR
INDEPENDENCE
C) PREDECESSOR AUDITOR’S ADVICE AS TO WHETHER AUDIT FEES WERE
PAID PROMPTLY
D) REVIEW OF AUDIT WORK DONE BY ONE PARTNER BY THE OTHER

77. AN AUDITOR OBTAINS KNOWLEDGE ABOUT A NEW CLIENT’S BUSINESS

AND ITS INDUSTRY TO

A) MAKE CONSTRUCTIVE SUGGESTIONS CONCERNING IMPROVEMENTS TO THE

CLIENT’S INTERNAL CONTROL SYSTEM
B) EVALUATE THE APPROPRIATENESS OF AUDIT EVIDENCE OBTAINED
C) UNDERSTAND THE EVENTS AND TRANSACTIONS THAT MAY HAVE AN
EFFECT ON CLIENT’S FINANCIAL STATEMENTS.
D) ALL OF THE ABOVE