Review Questions: Chapter 21 - Internal, Operational, and Compliance Auditing

Chapter 21 - Internal, Operational, and Compliance Auditing
CHAPTER 21
Internal, Operational, and

Compliance Auditing
Review Questions
21–1 Internal auditing may be defined as an independent, objective assurance and consulting activity
designed to add value and improve an organization’s operations. It helps an organization
accomplish its objectives by bringing a systematic, disciplined approach to evaluate and
improve the effectiveness of risk management, control, and governance processes. AICPA
and PCAOB auditing standards state that one aspect of an organization's control environment is
management's control methods for monitoring and following up on performance, including internal
auditing.
21–2 The scope of internal auditing has evolved from a primary concern with financial controls to a scope
that includes:
(1) Reviewing and evaluating all types of internal controls,

(2) Evaluating the organization’s risk assessment processes,
(3) Making recommendations regarding the organization’s system of governance, and
(4) Performing other assurance and consulting services for the benefit of management.
21–3 Internal auditing has evolved to meet the needs of business, government, and nonprofit organizations.
Initially, internal auditors supplemented the work of the independent auditors by helping to ensure
the accuracy of the organization's financial information. However, as organizations became more
complex, operational controls became more important, and the scope of the internal auditors' work
expanded to include evaluating and testing financial and operational controls.
The enactment of the Foreign Corrupt Practices Act also expanded the demand for internal
auditing activities. The accounting provisions of the act require public companies to establish and
maintain effective internal accounting controls. An internal auditing function helps to ensure that a
company complies with these provisions.
The Report of the National Commission on Fraudulent Financial Reporting included a
recommendation that public companies establish and maintain an internal auditing function staffed
with appropriately qualified personnel and fully supported by top management.
Finally, the Sarbanes-Oxley Act of 2002 prohibits auditors from performing internal audit
services for public-company audit clients. This has increased the demand for internal auditors.
21–4 In addition to knowledge and skills about accounting and auditing, modern internal auditing requires
knowledge in such disciplines as economics, law, finance, statistics, computer processing,
engineering, and taxation.
21-1
© 2014 by McGraw-Hill Education. This is proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any
manner. This document may not be copied, scanned, duplicated, forwarded, distributed, or posted on a website, in whole or part.
21–5 This statement is false. The scope of the work of independent auditors is generally confined to the
audit of the organization's financial statements and, possibly, performing other attestation services
such as examining internal controls over financial reporting. Therefore, independent auditors are
primarily concerned with only those controls that affect the reliability of the organization's financial
statements. The work of the internal auditors encompasses evaluation of all financial, compliance,
and operating policies and procedures. Many progressive internal auditing departments also perform
operational audits for the organization to evaluate the efficiency and effectiveness of various
operating units, and a broad range of other assurance and consulting services for management.
21–6 The external auditors' objectives are to perform an audit of the organization's financial statements and
to express an opinion on those statements. In auditing the financial statements, the external auditors
will consider those controls that affect the reliability of the financial information included in the
financial statements. For a public company, they may also be engaged to examine the management’s
assertion about the reliability of internal controls over financial reporting. Internal auditors are
concerned with all controls, regardless of whether they are financial, compliance, or operational.
They appraise the effectiveness and efficiency of the operating segments throughout the organization.
21–7 The eleven general categories of the IIA's Standards for the Professional Practice of Internal
Auditing include:
(1) Purpose, Authority, and Responsibility

(2) Independence and Objectivity
(3) Proficiency and Due Professional Care
(4) Requirements of the Quality Assurance and Improvement Program
(5) Managing the Internal Audit Activity
(6) Nature of Work
(7) Engagement Planning
(8) Performing the Engagement
(9) Communicating Results
(10) Monitoring Progress
(11) Resolution of Senior Management’s Acceptance of Risks
21–8 The statement is false. Since internal auditors are employees of the organization, they cannot be
independent of the organization itself. However, when the organizational status of the director of
internal auditing is appropriate, and individual internal auditors are assigned to audit activities with
which they have no conflicts of interest, the internal auditors can certainly be independent of the
activities that they audit.
21–9 When the internal auditing department has sufficient organizational status, its director reports to a
level of management that would not inappropriately influence the scope of the internal auditors' work
or their reported findings. In addition, the internal auditors' recommendations are more likely to be
considered and implemented in such circumstances. This level of reporting is ideally the audit
committee of the board of directors.
21-2
21–10 The following are the significant factors that are important to the management of an internal audit
department:
(1) Developing risk-based audit plans, consistent with organizational goals.

(2) Communication of audit plans to senior management and the board for review and approval.
(3) Ensuring that the internal audit resources are appropriate, sufficient, and effectively deployed
to achieve the approved plan.
(4) Establishing policies and procedures to guide the internal audit activity.
(5) Sharing information and coordinating internal audit efforts with the efforts of other assurance
providers and consultants.
(6) Periodic reporting to the board or senior management on the internal audit activity’s purpose,
authority, responsibility, and performance relative to its plan.
21–11 The requirements for becoming a Certified Internal Auditor include: (1) having a baccalaureate
degree from an accredited college, (2) successful completion of a four-part examination, and (3)
obtaining at least two years of work experience in internal auditing or its equivalent. Once internal
auditors become certified, they must meet requirements for continuing professional education.
21–12 In a financial statement audit, the auditors obtain sufficient competent evidential matter to express an
opinion on the organization's financial position, results of operations, and cash flows. Operational
audits focus on the efficiency, effectiveness, and economy of an organization or of a segment of the
organization.
21–13 The purposes of an operational audit are to provide:
(1) Top management with assurances that every component of the organization is working to
attain the organization's goals, or
(2) Regulators and Congress with assurances that governmental programs are meeting their
objectives in an efficient and effective manner.
21–14 Yes. A discussion of findings with operating personnel ensures that the internal auditors have an
accurate and complete understanding of the situation. Also, affected management may consider the
findings and take immediate action on the problems disclosed.
21–15 CPAs may perform agreed upon procedures related to (1) management's assertion about compliance
with specified requirements or (2) management's assertion about the effectiveness of an entity's
internal control over compliance.
21–16 The statement is incorrect. The objective of such engagements is to present specific findings to assist
users in evaluating management's assertion about an entity's compliance with a law or regulation.
The report issued provides a summary of findings, not negative assurance.
21–17 Tests of compliance with laws and regulations are designed to determine whether assertions by
management are materially misstated because of violations of laws and regulations. They are
substantive tests usually accomplished by examining supporting documents.
21–18 In an audit in accordance with generally accepted auditing standards, the auditors have a
responsibility to design the audit to provide reasonable assurance of detecting material misstatements
resulting from violations of laws and regulations that have a direct effect on line-item amounts in the
financial statements. An example of a direct-effect illegal act is the violation of an income tax law
that affects the amount of the organization's income tax liability. Another example is a violation of
21-3
the provisions of a government program relating to the use of funds that could result in a material
liability.
21–19 A governmental organization may obtain any of the following types of audits:
(1) An audit of its financial statements in accordance with generally accepted auditing standards.
(2) An audit in accordance with Government Auditing Standards.
(3) An audit conducted in accordance with the Single Audit Act.
21–20 The additional documentation requirements of Government Auditing Standards include:
(1) Before the report is issued, evidence of supervisory review of the work performed that
supports findings, conclusions, and recommendations contained in the audit report, and
(2) Any departures from Generally Accepted Government Auditing Standards and the impact on
the audit or the auditors’ conclusions.
21–21 The ethical principles set forth in Government Auditing Standards include:
(1) The public interest—Observing integrity, objectivity, and independence in performing

professional services assists the auditors in serving the public interest;
(2) Integrity—Public confidence in government is maintained by auditors’ performing
professional services with integrity;
(3) Objectivity—Objectivity includes being independent in fact and appearance when providing
audit and attest services, maintaining an attitude of impartiality, being intellectually honest,
and being free from conflicts of interest;
(4) Proper use of government information, resources, and position—These items should be used
for official purposes and not for the auditors’ personal gain or otherwise inappropriately; and
(5) Professional behavior—Auditors should comply with laws and regulations and avoid any
conduct that might bring discredit to the auditors’ work.
21–22 This statement is not correct. In an audit in accordance with Government Auditing Standards, the
auditors are required to perform the same procedures as required for an audit in accordance with
generally accepted auditing standards. The auditors must test compliance with those laws and
regulations that have a direct and material effect on the amounts in the organization's financial
statements. In addition, Government Auditing Standards clarify that this includes provisions of
contracts and grants. An audit in accordance with Government Auditing Standards also involves some
additional communication requirements and issuing additional reports on internal control and on
compliance with laws and regulations.
21–23 The additional reports required by Government Auditing Standards (1) a report on internal control
that describes significant deficiencies and includes an identification and discussion of the implications
of those significant deficiencies that are considered to be material weaknesses, (2) describes the scope
of the auditors’ tests of compliance with laws and regulations and presents the auditor’s findings.
21–24 In an audit in accordance generally accepted auditing standards the auditors are required to
communicate violations of laws and regulations (other than those that are inconsequential) to the
audit committee of the board of directors (or others charged with governance). This communication
may be made orally or in writing. In an audit in accordance with Government Auditing Standards,
the auditors must report on compliance with laws and regulations, describing material instances of
noncompliance, and all other illegal acts and evidence of fraud, unless they are inconsequential.
21-4
21–25 In an audit in accordance with generally accepted auditing standards, the auditors perform sufficient
procedures to express an opinion on the organization's financial statements and, for a public company,
to report on management’s assertion about the reliability of internal controls over financial reporting.
In an audit in accordance with Government Auditing Standards, the auditors have two reporting
requirements beyond an opinion on the financial statements: (1) on compliance with laws and
regulations, and (2) on the organization's internal control. The performance standards are basically
the same. However, the auditors have additional requirements regarding communicating the nature of
their audit, considering the results of the prior-year audit, documentation, testing compliance with
provisions of contracts and grants, and adherence to additional ethical principles.
21–26 Governmental organizations are subject to a variety of laws and regulations that affect their financial
statements. An important aspect of generally accepted accounting principles for governmental
organizations is the recognition of various legal and contractual requirements. These requirements
are reflected in their bases of accounting, fund structure, and other accounting principles. Funds
received by the organization are often restricted for certain programs or purposes. Accordingly, in
auditing governmental organizations, the auditors are more likely to encounter laws and regulations
that have a direct and material effect on the amounts in the organization's financial statements.
21–27 The Single Audit Act requires extended audits of organizations that receive significant amounts of
federal financial assistance. It is designed to help ensure that the billions of dollars in funds provided
annually by the federal government are spent in accordance with the objectives of the various
programs.
21–28 Governmental and nonprofit organizations are required to have an audit in accordance with the Single
Audit Act when they expend $500,000 or more of federal assistance within a fiscal year. A
governmental organization is required to have an audit in accordance with the Single Audit Act when
it receives $500,000 or more of federal financial assistance within a fiscal year.
21–29 Major programs are determined based on a risk-based approach considering both the amount of the
program’s expenditures and the risk of material noncompliance. However, major programs must
constitute at least 50 percent of the total federal expenditures by the organization.
21–30 A questioned cost is an amount paid with federal assistance that appears to be in violation of a law or
regulation relating to allowability and eligibility, inadequately documented, or unreasonable in
amount. These amounts must be included in the Schedule of Findings and Questioned Costs.
21–31 A recipient is one that receives federal financial assistance directly from a federal government agency
or organization. This assistance may be passed through to a subrecipient that would use the funds in
accordance with the requirements of the program. An example of a primary recipient would be a state
education department that receives federal funds from the federal Department of Education. The state
education department would in turn pass the funds through to various school districts (subrecipients)
that would use the funds for appropriate purposes.
21–32 The fourteen general requirements include:
(1) Activities allowed or unallowed—determine that the organization complies with the specific
requirements regarding the activities allowed or unallowed by the program.
(2) Allowable costs/cost principles—determine that the organization complies with federal cost
accounting policies applicable to the program.
(3) Cash management—determine that the recipient/subrecipient followed procedures to
minimize the time elapsing between the transfer of funds from the U.S. Treasury, or pass-
through entity, and their disbursement.
21-5
(4) Davis-Bacon Act—determine that wages paid are not less than those established for the
locality of the project (prevailing wage rates) by the Department of Labor.
(5) Eligibility—determine that individuals or groups of individuals that are being provided goods
or services under a program are eligible for participation in and for the levels of assistance
received under that program.
(6) Equipment and real property management—determine that the organization safeguards and
maintains equipment purchased with federal assistance, and uses the equipment for
appropriate purposes.
(7) Matching, level of effort, earmarking—determine that the organization contributes the
appropriate amount of its own resources to the program.
(8) Period of availability of federal funds—determine that federal funds were spent or obligated
within the period of availability.
(9) Procurement and suspension and debarment—determine that the organization uses
appropriate policies for purchases with federal funds, and that the organization does not
contract with vendors that are suspended or debarred.
(10) Program income—determine whether program income is correctly recorded and used in
accordance with the program requirements.
(11) Real property acquisition and relocation assistance—determine that the organization
complied with property acquisition, appraisal, negotiation, and residential relocation
requirements.
(12) Reporting—determine that the organization has complied with prescribed reporting
requirements.
(13) Subrecipient monitoring—determine whether recipients monitor the compliance of
subrecipients.
(14) Special tests and provisions—determine that the organization complies with other significant
specific requirements that apply to the program.
Questions Requiring Analysis
21–33 a. Internal auditing may be defined as an independent, objective assurance and consulting
activity designed to add value and improve an organization’s operations. It helps an
organization accomplish its objectives by bringing a systematic, disciplined approach to
evaluate and improve the effectiveness of risk management, control, and governance
processes.
b. Possible benefits of an internal audit department's program to educate auditees and other
parties about the nature and purpose of internal auditing include (only three required):
(1) To obtain more cooperation from the auditees.

(2) To help ensure consideration and implementation of their recommendations.
(3) To obtain the support of top management.
(4) To gain acceptance by the external auditors.
(5) To work effectively with the audit committee of the board of directors.
21–34 a. Financial auditing involves tests of the accuracy and reliability of financial information.
b. Operational auditing includes evaluating the effectiveness, efficiency, and economy of an

organization or a segment of the organization.
c. Compliance auditing involves testing for an organization's compliance with various laws and
regulations.
21-6
21–35 Independent auditors must strive for complete independence of the organizations that they audit.
They attempt to achieve this level of independence by avoiding financial or business relationships
that may affect their independence in fact or appearance. These prohibited relationships are described
in Rule 101 of the AICPA Code of Professional Conduct.
Internal auditors are employees of the organization and, accordingly, cannot be independent
of the organization in the same way as independent auditors. However, internal auditors can still be
independent of the activities that they audit by assuring that the director of internal audit has
sufficient organizational status, and by establishing appropriate policies and procedures for assigning
staff auditors to audit activities.
21–36 a. The major aspect of the Standards for the Professional Practice of Internal Auditing that
applies to the problems of this situation is “Communicating Results.”
b. Techniques that may be used to improve the chances that the report will be well received and
appropriate corrective action will be taken include (only four required):
(1) Educate the marketing personnel on the objectives of the audit.

(2) Emphasize how the marketing personnel can benefit from the audit.
(3) Do not approach the audit in an accusatory manner.
(4) Discuss the findings with the personnel before they are finalized in the report.
(5) Allow the marketing personnel to respond to the findings and, when appropriate,
include both sides in the report.
(6) Develop practical recommendations.
(7) Discuss the recommendations with marketing personnel before the report is finalized
so they may be implemented on a timely basis.
(8) Clearly and concisely communicate the findings and recommendations.
(9) Review draft reports with all concerned.
(10) Follow-up on the recommendations.
21–37 a. Yes. Violations of laws and regulations may have a material effect on the City's financial
statements. Therefore, Matt must perform tests of compliance with those laws, regulations,
contracts, and grants that have a direct and material effect on the amounts in the financial
statements.
b. Matt should first identify the laws, regulations, contracts, and grants that may have a direct
effect on the City's financial statements, by performing procedures such as (1) discussing
laws and regulations with management, program and grant administrators, and government
auditors, (2) reviewing relevant grant and loan agreements, and (3) reviewing minutes of the
city council's meetings. Once he has an understanding of the important requirements, he
should assess the risks that financial statement amounts might be materially misstated by
violations. In making these assessments, Matt will consider the internal controls designed to
prevent or detect violations of laws, regulations, contacts, and grants. These risk assessments
will then be used to determine the nature, timing and extent of the substantive tests of
compliance.
21–38 a. Material instances of noncompliance generally result in a material misstatement of the

financial statements. For example, the instances of noncompliance may result in a liability to
a government agency to refund funds that were not appropriately disbursed. Therefore, the
auditors will not be able to issue an unqualified opinion on the financial statements unless
management corrects the financial statements (i.e., records the liability). In addition, the
auditor must include in the report on compliance a description of the instances of
21-7
noncompliance and, where these instances of noncompliance were the result of significant
deficiencies, discuss them in the auditor’s report on internal control.
b. If the financial statements were corrected, the auditors would be able to issue an unqualified
opinion on the financial statements. However, the instances of noncompliance would still
have to be described in the auditors' report on compliance with laws and regulations and
where these instances of noncompliance were the result of significant deficiencies, discuss
these conditions in the auditor’s report on internal control.
21–39 a. Because the school district expended more than $500,000 in federal financial assistance
during the year, it is required to have an audit in accordance with the Single Audit Act.
b. In an audit in accordance with the Single Audit Act the auditors must perform sufficient
procedures to report on whether:
(1) The financial statements are presented in accordance with generally accepted
accounting principles,
(2) The schedule of expenditures of federal awards is fairly presented in all material
respects in relation to the financial statements taken as a whole, and
(3) The entity complied with the provisions of laws, regulations, and contracts or grants
that may have a direct and material effect on each major federal financial assistance
program.
(4) The summary schedule of prior audit findings materially misrepresents the status of
any prior audit findings.
The auditors also must obtain an understanding of internal control pertaining to compliance
with the provisions of laws, regulations, contracts, or grants that may have a material effect
on each major federal financial assistance program; assess control risk; and perform tests of
controls. They must report on the procedures performed with respect to internal control and
on significant deficiencies with an identification of those that constitute material weaknesses.
21–40 a. An audit in accordance with generally accepted auditing standards involves an audit of the
organization's financial statements. The auditors consider internal control and test
compliance with laws, regulations, contracts, and grants to the extent necessary to express an
opinion on the financial statements.
An audit in accordance with Government Auditing Standards includes the same
procedures as an audit in accordance with general accepted auditing standards. However, the
auditors are required to consider management’s response to prior year audit findings, and
communicate the objectives of the audit to any outside parties requiring the audit. In
addition, Government Auditing Standards clarify that the auditors have a responsibility to
provide reasonable assurance of detecting material misstatements due to violations of
provisions of grants and contracts that have a direct and material effect on the financial
statements. Also, the auditors have two additional reporting requirements. They must
provide reports on compliance with laws, regulations, contracts, and grants and on the
organization's internal control.
An audit in accordance with the Single Audit Act includes the requirements of an audit
in accordance with Government Auditing Standards. In addition, the auditors perform
additional tests of compliance with requirements of laws, regulations, contracts, and grants
and tests of the internal control systems used in administering federal assistance programs.
They also, issue additional reports on these and other matters.
21-8
b. An audit under Government Auditing Standards would be required of an organization by law,

regulation, or agreement. An organization would be required to obtain a single audit if it
receives $500,000 or more in federal financial assistance in a fiscal year.
Objective Questions
21–41 Multiple Choice Questions

a. (4) The internal auditing function is a high-level internal control that monitors
compliance with other controls.
b. (1) Reporting directly to the audit committee of the board of directors provides the
internal audit department with the highest degree of independence.
c. (3) The preliminary survey summarizes the auditors' conclusions about the critical
aspects of operations and potential problem areas. This serves as a guide for
developing the audit program.
d. (1) Operational audits are designed to develop recommendations that will improve
effectiveness, efficiency, and economy, which are important management goals.
e. (3) The Government Accountability Office develops the standards for the audit of federal
financial assistance programs.
f. (3) An audit in accordance with Government Auditing Standards includes the issuance of
two additional reports—on compliance with laws and regulations and on internal
control.
g. (1) A compliance attestation engagement may involve attesting to compliance with laws
and regulations and/or internal control over compliance with laws and regulations.
h. (1) There are three major areas of internal control—financial reporting, operations, and
compliance with laws and regulations. When auditing for compliance with laws and
regulations, obviously, compliance controls are relevant.
i. (1) In reporting on compliance with laws and regulations, CPAs may provide an opinion
on management’s assertion or directly on compliance with the applicable laws and
regulations.
j. (3) While the CPA may be engaged to provide an opinion on either management’s
assertion or the subject matter (compliance), a qualified report must be directed to
compliance with laws and regulations. It cannot be directed at management’s
assertion.
k. (1) An important aspect of a Single Audit is the requirement to provide an opinion on

whether the entity complied with the provisions of laws, regulations, and contracts or
grants that may have a direct and material effect on each major federal financial
assistance program.
l. (2) The Institute of Internal Auditors administers the Certified Internal Auditor program.
21-9
21–42 Task-Based Simulation
Is it
Statement required? Comment
a. Determine that the organization complies with No Compliance must be with federal
generally accepted accounting principles cost accounting policies applicable
applicable to the program. to the program.
b. Determine that the organization complies with Yes
specific requirements regarding the activities
allowed or not allowed by the program.
c. Determine that wages paid are not more than No Wages should not be less than those
those established for the locality of the project so established.
by the Department of Labor.
d. Determine that the organization contributes the Yes
appropriate amount of its own resources to the
program.
e. Determine that federal funds were spent or Yes
obligated within the period of availability.
f. Determine whether program income is Yes
correctly recorded and used in accordance
with the program requirements.
g. Determine whether subrecipients monitor the No Recipients must monitor the
compliance of recipients. compliance of subrecipients.
h. Determine that only registered U.S. citizens No There is no such general
work on the program. requirement.
i. Determine that the organization does not Yes
contract with vendors that are suspended or
debarred.
j. Determine that the organization followed Yes
procedures to minimize the time elapsing
between the transfer of funds from the U.S.
Treasury and their disbursement.
21–43 Definitions
a. 7
b. 3
c. 1
d. 8
e. 6
Problems
21–44 SOLUTION: Operational audit (Estimated time: 30 minutes)
a. Memo (only eight points required)
TO: Senior Internal Auditor

FROM: Director of Internal Auditing
SUBJECT: Preliminary survey of accounts receivable accounting function
DATE: JUNE 15, 20XX
Described below are several questions that you should use to guide your preliminary survey.
21-10
The Problem
Total accounts receivable from patients have steadily and rapidly increased over the past
eight months. No apparent reason for the increase can be determined from changes in
capacity, occupancy rates, billing rates, or insurance contracts.
Who does the accounts receivable accounting?
(1) Have there been any changes in personnel since our last audit?
(2) Did resigned employees give reasons?
What data processing procedures and policies are in effect?

(3) How are patients billed?
(4) Have there been any changes in the billing procedure since our last audit?
(5) How are charges and collections recorded?
(6) Have there been any changes in the charges and collections procedures since our last
audit?
(7) What are the credit and collection policies?
(8) Have there been any changes in the credit and collection policies since our last audit?
How is the accounts receivable accounting done?
(9) Have there been any changes in the method of accounting for accounts receivable
since our last audit?
What financial and economic events have occurred in the past 10 months?
(10) Are a larger number of accounts receivable past due?

(11) Have there been changes in the number of uninsured patients since our last audit?
(12) Have patients complained about their bills?
(13) Are there a significant number of doubtful accounts?
b. After the preliminary survey the auditors would develop the audit program, execute the audit
program, report the findings, and follow-up on the implementation of recommendations.
21–45 SOLUTION: Devry Corporation (Estimated time: 25 minutes)
TO: Executive Committee, Foundation

FROM: Joe Smith, Internal Auditor
DATE: February X, 20X2
Purpose and Scope:

Our purpose was to determine any problems with the recording of transactions, the handling of cash,
and the documentation of transactions.
Findings and Recommendations:

1. The cash basis of reporting is used rather than the full accrual basis.
It is recommended that you switch to the full accrual basis of reporting in conformity with
governmental and not-for-profit accounting. Our internal auditing staff will be happy to
assist you with the conversion.
21-11
2. There was not a copy of a plane ticket for airfare reimbursed for a trip taken by one
volunteer.
It is recommended that you require any individual that loses an original plane ticket to certify
such in writing in order to receive travel reimbursements. A copy of the plane ticket should
be allowed when two or more organizations are sharing the cost of the travel.
3. Excess funds were invested in instruments other than those specified by the organization’s
policy manual.
4. Numerous certificates of deposit were found in many different locations (e.g., filing cabinets,
desk drawers, safe-deposit box).
It is recommended that either the policy manual be followed or that the manual be
amended by the executive committee to conform to currently acceptable investment policy.
All certificates of deposit should be kept in a safe-deposit box.
5. The purchase of a desktop publishing system was expensed.

It is recommended that this item be capitalized and depreciated over a three-year period.
6. None of your employees has formal accounting training.
7. Many errors were made in recording transactions that necessitated many year-end adjusting
entries.
It is recommended that you hire an accountant. This could be accomplished by
having an accountant on staff or by contracting with one to work two or three days per month
as needed.
8. The individual who wrote the checks reconciled the checking account.
It is recommended that you contract to have your bank reconcile your checking
account. Alternatively, the external or staff accountant could reconcile the checking account.
21–46 SOLUTION: Reports for audits in accordance with Government Auditing Standards (Estimated time:
25 minutes)
a. The auditors are not required to perform procedures beyond those required by generally
accepted auditing standards. However, Generally Accepted Government Auditing Standards
emphasize that this must include tests of requirements of contracts and grants that have a
material and direct effect on the financial statements.
b. The portion of the report dealing with compliance should describe the scope of the auditors’
procedures and the findings. The portion dealing with internal controls should include an
identification and discussion of those significant deficiencies considered to be material
weaknesses. It also includes (1) an indication of management’s responsibility for establishing
and maintaining internal control, (2) a description of the auditors’ work in obtaining an
understanding of internal control and assessing control risk, and (3) a description of
deficiencies in internal control not significant enough to be significant deficiencies, or a
reference to a letter to management that reported those conditions.
21–47 SOLUTION: Communication about internal control (Estimated time: 20 minutes)
a. In an audit in accordance with generally accepted auditing standards, the auditors are required
to communicate in writing significant deficiencies to the audit committee of the board of
directors (or others charged with governance). Significant deficiencies are significant
21-12
deficiencies in the design or operation of internal control that could adversely affect the
organization's ability to report appropriate financial information. When performing an audit
in accordance with Generally Accepted Government Auditing Standards, significant
deficiencies must be in writing and included in the auditor’s report on internal control. Also,
the report should include an identification and discussion of those significant deficiencies
considered to be material weaknesses.
b. The major aspects of the portion of the a report on internal control include a(n):
(1) Description of significant deficiencies with an identification and discussion of those

significant deficiencies considered to be material weaknesses.
(2) Indication of management’s responsibility for establishing and maintaining internal
control.
(3) Description of the auditors’ work in obtaining an understanding of internal control
and assessing control risk.
(4) Description of deficiencies in internal control not significant enough to be significant
deficiencies, or a reference to a letter to management that reported those conditions.
In-Class Team Case
21–48 SOLUTION: City of Mystic (Estimated time: 20 minutes)
a. The major programs include the (1) Department of Education, Title I Grants to Local
Education Agencies, and (2) Environmental Protection Agency Ford Creek Modification.
This is based on the amount of the expenditures and the risk of material noncompliance.
b. The auditors must perform compliance procedures on the specific requirements that, if not
complied with, could have a material effect on a major program.
21-13

Review Questions: Chapter 21 - Internal, Operational, and Compliance Auditing

Uploaded by

Copyright:

Available Formats

Review Questions: Chapter 21 - Internal, Operational, and Compliance Auditing

Uploaded by

Copyright:

Available Formats

Chapter 21 - Internal, Operational, and Compliance Auditing

Internal, Operational, and

(1) Reviewing and evaluating all types of internal controls,

(1) Purpose, Authority, and Responsibility

(1) Developing risk-based audit plans, consistent with organizational goals.

21–13 The purposes of an operational audit are to provide:

21–20 The additional documentation requirements of Government Auditing Standards include:

(1) The public interest—Observing integrity, objectivity, and independence in performing

21–32 The fourteen general requirements include:

Questions Requiring Analysis

(1) To obtain more cooperation from the auditees.

b. Operational auditing includes evaluating the effectiveness, efficiency, and economy of an

(1) Educate the marketing personnel on the objectives of the audit.

21–38 a. Material instances of noncompliance generally result in a material misstatement of the

b. An audit under Government Auditing Standards would be required of an organization by law,

21–41 Multiple Choice Questions

k. (1) An important aspect of a Single Audit is the requirement to provide an opinion on

21–42 Task-Based Simulation

21–44 SOLUTION: Operational audit (Estimated time: 30 minutes)

a. Memo (only eight points required)

TO: Senior Internal Auditor

Who does the accounts receivable accounting?

What data processing procedures and policies are in effect?

How is the accounts receivable accounting done?

(10) Are a larger number of accounts receivable past due?

21–45 SOLUTION: Devry Corporation (Estimated time: 25 minutes)

TO: Executive Committee, Foundation

Purpose and Scope:

Findings and Recommendations:

5. The purchase of a desktop publishing system was expensed.

6. None of your employees has formal accounting training.

21–47 SOLUTION: Communication about internal control (Estimated time: 20 minutes)

(1) Description of significant deficiencies with an identification and discussion of those

In-Class Team Case

21–48 SOLUTION: City of Mystic (Estimated time: 20 minutes)

You might also like