Important 2021 IESBA Code of Ethics provisions:

Integrated Reporting
GRI Sustainability Reporting

* COSO internal control (mgmt)/PSA 315 (auditor’s)

* PSA 240 nonBSA (mgmt-prevent fraud)/ auditor-detect misstatements
resulting from fraud/fraud risk assessments
* compliance officer- laws and regulations/prevent
noncompliance (violations)…. PSA 250 -material
misstatements resulting from noncompliance (indications of
potential noncompliance)
* basic corporate governance
* integrated reporting/sustainability

COSO Internal Control Framework

PSA 315
1. Which of the following is not a member of COSO?
A. IIA
B. IMA
C. AICPA
D. IFAC

CHOPPER

2. All of the following are sub-components of the control environment, except

a. Management philosophy and operating style-yes
b. Information and communication
c. Ethical values-yes
d. Commitment to competence-yes

3. Which of the following is the first step in conducting management’s risk assessment?
A. Identify the risks - anything that can prevent the company from achieving objectives.
B. Respond to the risks
C. Analyze the risks
D. Set clear business objectives - o, r, c

4. Which of the following is required under the COSO Framework?

A. The components must be present and functioning-yes.
B. The components must operate together to reduce the risk of not achieving a business objective to an
acceptable low level-yes.
C. Both a and b
D. Answer not given
5. The conduct of ongoing and separate evaluations is part of which COSO component?
A. Control environment
B. Risk assessment
C. Monitoring
D. Control activities

46. When obtaining an understanding of controls that are relevant to the

audit in the “obtaining an understanding” stage, the auditor shall
I – evaluate design of the controls
II – determine whether they have been implemented
III – determine whether they are effective or not in
preventing and/or detecting material misstatements
a. I, II and III
b. I and II only
c. III only
d. II and III only

47. Which of the following does not fall within the entity’s control activities?
a. Authorization of transactions
b. Physical controls
c. Segregation of incompatible duties
d. Management philosophy and operating style

48. This internal control component is the foundation for all other
components. It sets the tone of the organization, provides discipline and
structure, and influences the control consciousness of employees.
a. control activities
b monitoring of controls
c. control environment
d. the entity’s risk assessment process
51. Proper segregation of duties reduces the opportunities to allow any
employee to be in a position to both
a. Journalize cash receipts and disbursements and prepare the financial
statements.
b. Monitor internal controls and evaluate whether the controls are
operating as intended.
c. Adopt new accounting pronouncements and authorize the recording of
transactions.
d. Record and conceal fraudulent transactions in the normal course of
assigned tasks.

52. An entity’s ongoing monitoring activities often include

a. Periodic audits by the audit committee.
b. Reviewing the purchasing function.
c. The audit of the annual financial statements.
d. Control risk assessment in conjunction with quarterly reviews.

54. Management philosophy and operating style most likely would have a
significant influence on an entity’s control environment when
a. The internal auditor reports directly to management.
b. Management is dominated by one individual.- at least if management is
vested in several individuals, there is no concentration of power.
c. Accurate management job descriptions delineate specific duties.
d. The audit committee actively oversees the financial reporting process

58. Which of the following would be least likely to be regarded as a test of

a control?
a. Tests of the additions to property by physical inspection.- this is a
substantive test
b. Comparisons of the signatures on cancelled checks to the authorized
check signer list.
c. Tests of signatures on purchase orders.
d. Recalculation of payroll deductions.

60. Which of the following procedures concerning accounts receivable

would an auditor most likely perform to obtain evidence in support of an
assessed level of control risk below the maximum (control risk can be
assessed as low when tests of controls are performed proving that controls
are effective)?
a. Observing an entity’s employee prepare the schedule of past due
accounts receivable. - this is the test of control; the other choices are
substantive tests
b. Sending confirmation requests to an entity’s principal customers to verify
the existence of accounts receivable.
c. Inspecting an entity’s analysis of accounts receivable for unusual
balances.
d. Comparing an entity’s uncollectible accounts expense to actual
uncollectible accounts receivable.

61. A procedure that involves tracing a transaction from its origination

through the company’s information systems until it is reflected in the
company’s financial report is referred to as a(n)
a. Analytical analysis.
b. Substantive procedure.
c. Test of a control.
d. Walk-through.

64. Which of the following controls most likely would reduce the risk of
diversion of customer receipts by an entity’s employees?
a. A bank lockbox system.
b. Prenumbered remittance advices.
c. Monthly bank reconciliations.
d. Daily deposit of cash receipts.

66. Which of the following controls most likely would be effective in

offsetting the tendency of sales personnel to maximize sales volume at the
expense of high bad debt write-offs?
a. Employees responsible for authorizing sales and bad debt write-offs are
denied access to cash.
b. Shipping documents and sales invoices are matched by an employee who
does not have authority to write off bad debts.
c. Employees involved in the credit-granting function are separated from
the sales function. - if sales managers are allowed to approve and grant
credit sales, no customer will be disapproved (to achieve high amount of
sales to meet their targets); however, this often results to high bad debts
due to the fact that sales department might not be strict in implementing
credit standards for the purpose of increasing sales
d. Subsidiary accounts receivable records are reconciled to the control
account by an employee independent of the authorization of credit.

67. Proper authorization of write-offs of uncollectible accounts should be

approved in which of the following departments?
a. Accounts receivable.
b. Credit.
c. Accounts payable.
d. Treasurer. - the one who should authorize writeoffs should be
independent of accounts receivable and credit. Accounts payable has no
relation to writeoffs because A/P are not subjected to writeoffs.
68. During the consideration of a small business client’s internal control,
the auditor discovered that the accounts receivable clerk approves credit
memos and has access to cash. Which of the following controls would be
most effective in offsetting this weakness?
a. The owner reviews errors in billings to customers and postings to the
subsidiary ledger.
b. The controller receives the monthly bank statement directly and
reconciles the checking accounts.
c. The owner reviews credit memos after they are recorded. - this is the
compensating control in the absence of segregation of duties in a small
business
d. The controller reconciles the total of the detail accounts receivable
accounts to the amount shown in the ledger.

73. Which of the following controls would an entity most likely use to assist
in satisfying the completeness assertion related to long-term investments?
a. Senior management verifies that securities in the bank safe-deposit box
are registered in the entity’s name. -rights & obligations
b. The internal auditor compares the securities in the bank safe-deposit box
with recorded investments.
c. The treasurer vouches the acquisition of securities by comparing brokers’
advices with canceled checks. - occurrence
d. The controller compares the current market prices of recorded
investments with the brokers’ advices on file. - valuation

75. A client erroneously recorded a large purchase twice. Which of the

following internal control measures would be most likely to detect this error
in a timely and efficient manner?
a. Footing the purchases journal.
b. Reconciling vendors’ monthly statements with subsidiary payable ledger
accounts.- this is time (monthly) and efficient/cost-less (suppliers simply
mail billing statements)
c. Tracing totals from the purchases journal to the ledger accounts.
d. Sending written quarterly confirmations to all vendors. - not timely
(quarterly)

77. An auditor vouched data for a sample of employees in a payroll register

to approved clock card data to provide assurance that
a. Payments to employees are computed at authorized rates.
b. Employees work the number of hours for which they are paid.
c. Segregation of duties exist between the preparation and distribution of
the payroll.
d. Controls relating to unclaimed payroll checks are operating effectively.
80. Which of the following departments most likely would approve changes
in pay rates and deductions from employee salaries?
a. Personnel.
b. Treasurer.
c. Controller.
d. Payroll.

82. When there are numerous property and equipment transactions during
the year, an auditor who plans to assess control risk at a low level usually
performs
a. Tests of controls and extensive tests of property and equipment balances
at the end of the year.
b. Analytical procedures for current year property and equipment
transactions.
c. Tests of controls (to assess control risk as low, auditor performs tests of
controls) and limited tests (because control risk is low) of current year
property and equipment transactions.
d. Analytical procedures for property and equipment balances at the end of
the year.

PSA 240 - Auditor’s responsibilities relating to Fraud in FS audits

* relevant also to non-BSA (MGMT)
PSA 520 - Analytical Procedures
1. The term “fraud” refers to an intentional act by one or more individuals
among management, those charged with governance, employees, or third
parties, involving the use of deception to obtain an unjust or illegal
advantage. Which statement is correct regarding fraud?
a. Auditors make legal determinations of whether fraud has actually
occurred.
b. Misstatement of the financial statements may not be the objective of
some frauds.
c. Fraud involving one or more members of management or those charged
with governance is referred to as “employee fraud”.
d. Fraud involving only employees of the entity is referred to as
“management fraud”.

2. Which of the following illustrates a perceived opportunity to commit

fraud?
a. Individuals are living beyond their means. - this is pressure
b. Management is under pressure, from sources outside or inside the entity,
to achieve an expected (and perhaps unrealistic) earnings target. - this is
pressure
c. An individual believes internal control could be circumvented because the
individual is in a position of trust or has knowledge of specific weaknesses
in the internal control system.
d. All of the above.

3. In comparing management fraud with employee fraud, the auditor’s risk

of failing to discover the fraud is
a. Greater for employee fraud because of the higher crime rate among blue
collar workers.
b. Greater for management fraud because of management’s ability to
override existing internal controls.
c. Greater for employee fraud because of the larger number of employees in
the organization.
d. Greater for management fraud because managers are inherently smarter
than employees.

4. Which of the following is fraud?

(a) Incorrect application of PFRS due to misinterpretation
(b) Incorrect accounting estimate due to lapses in professional judgment
(c) Recording costs as assets knowing that they are not expected to result to
the obtaining of future economic benefit
(d) Failure to use the appropriate methodology in the measurement of a
transaction that involves high degree of estimation

5. Which of the following is error?

(a) Lapses in calculating credit losses on receivables
(b) Misclassifying financial assets due to “forced” conclusions made about
the entity’s business model and cash flow characteristics
(c) Misrepresentation of revenue by overstatement to meet operational
targets
(d) Desire not to disclose future non-cancellable operating lease payments
in the notes.

6. Which of the following is a misappropriation of assets?

(a) Forgery of a bank certification confirming that the entity has a cash
deposit with the financial institution
(b) Inventory pilferage
(c) Reflecting fictitious receivables and non-existent inventory in the
financial statements
(d) Improper cookie jar reserves

7. Although fraud is a broad legal concept for purposes of the PSAs, the
auditor is concerned with fraud that
(a) Results to missing cash and other near-cash items
(b) Results to the bankruptcy of the entity
(c) Were perpetrated by management and those charged with governance
(d) Causes a material misstatement in the financial statements.

8. The risk of not detecting a material misstatement resulting from fraud is

higher than the risk of not detecting one resulting from error. This is
because fraud
(a) May involve sophisticated and carefully organized schemes designed to
conceal it
(b) Ordinarily results to material misstatement while error does not
(c) Cannot be detected simply by conducting independent audits of the
financial statements, but can be detected through the deployment of
forensic investigators
(d) Is always perpetrated by management while error is committed by entity
employees

9. This is a type of fraud that involves one or more members of management

or those charged with governance.
(a) Material fraud
(b) Collusive fraud
(c) Management fraud
(d) Misappropriation of asset

10. Under the PSAs, the categories of fraud are

(a) Management fraud and fraudulent financial reporting
(b) Fraudulent financial reporting and misappropriation of assets
(c) Management fraud and corruption
(d) Fraudulent financial reporting, asset misappropriation and corruption
Figure 2. Fraud risks

15. Which of the following is most likely to be presumed to represent fraud

risk on an audit of the financial statements?
(a) Fraud on cash
(b) Improper recording of retained earnings reserves
(c) Improper revenue recognition
(d) Payroll fraud

16. Which of the following would most likely be a way for concealing theft?
(a) Capitalizing stolen item as asset.
(b) Converting stolen item to cash.
(c) Charging stolen item to expense.
(d) Stealing cash and using the same to buy asset to replace the stolen item.

17. Which of the following would heighten an auditor's concern about the
risk of fraudulent financial reporting?
(a) Inability to generate positive cash flows from operations, while reporting
large increases in earnings.
(b) Management's lack of interest in increasing the dividend paid on
common stock.
(c) Large amounts of liquid assets that are easily convertible into cash.
(d) Inability to borrow necessary capital without obtaining waivers on debt
covenants.

23. Which of the following is a fraud risk factor that relates to fraudulent
financial reporting?
(a) Large amounts of cash on hand or processed. - MOA
(b) Inventory items that are small in size, of high value, or in high demand. -
MOA
(c) Marginal ability to meet exchange listing requirements or debt
repayment or other debt covenant requirements.
(d) Inadequate physical safeguards over cash, investments, inventory, or
fixed assets. - MOA
24. Which of the following is least likely to indicate a risk of possible
misstatement due to fraud?
(a) Management is dominated by a single person or a small group without
compensating controls such as effective oversight by those charged with
governance
(b) Excessive interest by management in maintaining or increasing the
entity’s stock price or earnings trends through the use of unusually
aggressive accounting practices
(c) Management commits to analysts, creditors and other third parties to
achieving what appear to be unduly or clearly unrealistic forecasts
(d) Use of conservative accounting practices - it will be a fraud risk factor if
it is aggressive accounting practices

25. Which of the following characteristics most likely would heighten an

auditor’s concern about the risk of intentional manipulation of financial
statements?
(a) Rate of change in the entity’s industry is low
(b) Turnover of senior accounting personnel is low
(c) Turnover of rank-and-file maintenance personnel is high
(d) Management places substantial (mgmt is obsessed) emphasis on
meeting earnings projections (mgmt committed to investors that they will
these targets)

26. Which of the following would most likely be a fraud risk factor relating
to fraudulent financial reporting?
(a) Large cash balances
(b) Small but high value inventory-misappropriation
(c) Negative operating cash inflows
(d) Spearheading of the strategy execution by the CEO

29. Which of the following is most likely to be an overall response to fraud

risks identified in an audit?
(a) Only use certified public accountants on the engagement.
(b) Place increased emphasis on the audit of objective transactions rather
than subjective transactions.
(c) Supervise members of the audit team less closely and rely more upon
judgment.
(d) Use less predictable audit procedures.
30. If the business environment is experiencing a recession, the auditor
most likely would focus increased attention on which of the following
accounts?
(a) Purchase returns and allowances.
(b) Allowance for doubtful accounts-auditor should determine adequacy.
(c) Common stock.
(d) Noncontrolling interest of a subsidiary purchased during the year.

31. Which of the following is most likely to be considered a risk factor

relating to fraudulent financial reporting?
(a) no-Low turnover of senior management.
(b) Extreme degree of competition within the industry.
(c) not a fraud risk-Capital structure including various operating
subsidiaries.
(d) Sales goals in excess of any of the preceding three years.

PSA 250

List of indications of noncompliance:

33. All of the following are types of policies and procedures an entity may
implement to assist in the prevention and detection of non-compliance with
laws and regulations. Which is not?
(a) Monitoring legal requirements and ensuring that operating procedures
are designed to meet these requirements.
(b) Maintaining a register of significant laws and regulations with which the
entity has to comply within its particular industry and a record of
complaints.
(c) Instituting a compliance department or compliance officer monitoring
adherence with legal requirements.
(d) Attempting to interpret laws and regulations in a manner that will
support the acts of management.

34. Noncompliance is an act of a client entity that is contrary to prevailing

laws and regulations. Noncompliance does not include
(a) Transactions entered into by the entity.
(b) Transactions entered into in the name of the entity.
(c) Personal misconduct of management or employees unrelated to the
entity’s business activities.
(d) Transactions entered into on the entity’s behalf by its management or
employees.

35. When the auditor becomes aware of the existence of, or information
about, the following matters, it may be an indication of non-
compliance with laws and regulations. Which is the exception?
(a) Investigations by regulatory organizations and government departments
or payment of fines or penalties-yes.
(b) Payments for unspecified services or loans to consultants, related
parties, employees or government employees-yes.
(c) Adverse media comment-yes.
(d) Transactions with apparent business purpose with companies registered
in tax havens.

36. Which of the following is incorrect regarding noncompliance by the

entity to laws and regulations?
(a) A significant fine or penalty for a violation of an environmental law had
no effect on the financial statements because it is a matter that deals with
operating aspects, not with financial aspects.
(b) An audit cannot be expected to detect noncompliance with all laws and
regulations.
(c) Noncompliance refers to acts of omission or commission, whether
intention or unintentional, by the entity being audited which are contrary to
prevailing laws or regulations.
(d) Payment for unspecified services to government officials is an indication
of potential noncompliance.

37. Which of the following is not an indication of possible noncompliance?

(a) Payment of fines and penalties.
(b) Payment for unspecified services to consultants or government officials
and employees.
(c) Purchasing at prices tha equal the market price.
(d) Payments without proper exchange control documentations.

38. An auditor discovers noncompliance of client that has a material effect

on the financial statements most likely would withdraw from the
engagement if the
(a) Noncompliance was committed last year when the financial statements
were not audited.
(b) Client does not take remedial action that the auditor considers
necessary.
(c) Auditor has already assessed control risk at a high level.
(d) Noncompliance was a violation of the PFRS.

41. Which of the following procedures would assist an auditor in identifying

noncompliance with laws and regulations?
(a) Confirmation of receivables.
(b) Inspecting correspondence with relevant regulatory agencies.
(c) Perform analytical procedures to determine unusual movements of the
client’s accounts.
(d) Determining the appropriate valuation of inventories.

43. An auditor who finds that the client has committed an illegal act would
be most likely to withdraw from the engagement when the
a. Illegal act affects auditor’s ability to rely on management
representations.
b. Illegal act has material financial statement implications.
c. Illegal act has received widespread publicity.
d. Auditor cannot reasonably estimate the effect of the illegal act on the
financial statements.
44. The most likely explanation why the auditor’s examination cannot
reasonably be expected to bring all noncompliance by the client to the
auditor’s attention is that
(a) Noncompliance by clients often relate to operating aspects rather than
accounting aspects.
(b) Noncompliance are perpetrated by management override of internal
accounting controls.
(c) The auditor is not required by PSAs to consider client’s noncompliance
in the audit of financial statements.
(d) The client’s system of internal accounting control may be so strong that
the auditor performs only minimal substantive testing.

45. Which of the following would an auditor least likely to do when he

becomes aware of noncompliance?
(a) Discuss the matter with client’s legal counsel.
(b) Obtain evidence about the impact of the noncompliance on the financial
statements.
(c) Change the financial statement audit engagement to compliance audit
engagement.
(d) Consider the impact of the noncompliance on the relationship with the
company’s management.

46. Which of the following is least likely to be considered a financial

statement audit risk factor?
a. Management operating and financing decisions are dominated by top
management.- this is normal since decisions are really dominated by
management
b. A new client with no prior audit history.
c. Rate of change in the entity's industry is rapid.
d. Profitability of the entity relative to its industry is inconsistent.

47.. Which of the following is an example of fraudulent financial reporting?

a. Company management falsifies inventory count tags thereby overstating
ending inventory and understating cost of goods sold.
b. An employee diverts customer payments to his personal use, concealing
his actions by debiting an expense account, thus overstating expenses.
c. An employee steals inventor and the "shrinkage" is recorded in cost of
goods sold.
d. An employee "borrows" tools from the company and neglects to return
them; the cost is reported as a miscellaneous operating expense.

48. Examples of the type of information that may come to the auditor's
attention that may indicate that noncompliance with laws or regulations has
occurred least likely include
a. Investigation by government departments or payment of fines or
penalties.
b. Sales commissions or agent's fees that appear reasonable in relation to
those ordinarily paid by the entity or in its industry or to the services
actually received.
c. Unusual transactions with companies registered in tax havens.
d. Adverse media comment.

49. Which of the following is most likely to be considered a risk factor

relating to fraudulent financial reporting?
a. Low turnover of senior management. - this is a fraud risk if “high”
b. Extreme degree of competition within the industry.
c. Capital structure including various operating subsidiaries.
d. Sales goals in excess of any of the preceding three years.

50. Which of the following is not a required source of information for the
auditors' assessment of fraud risk?
a. Discussion among audit team members.
b. Fraud risk factors.
c. Results of tests of controls. - this is usually performed after conducting
risk assessment
d. Inquiry of management and others.

SEC Code of Corporate Governance

* Study the contents of a Management Discussion & Analysis (like the one we previously discussed in
Apple, Inc.’s Form 10-k)