The report of the independent auditor

work sheets

Combined balance sheets

Basic financial statements

Rules of Conduct that describe behavior norms expected of internal auditors

Principles that is relevant to the profession and practice of internal auditing

All of the above

None of the above

centralized function, Centralized agencies

decentralized function, Centralized agencies

centralized function, decentralized agencies

decentralized function, decentralized agencies

permanent fund, enterprise fund

program budgeting, Zero-based budgeting

General Funds, Special Revenue Funds

Debt Service Fund, Capital Projects Fund

Reliability of internal and external reporting, Effectiveness and efficiency of operations.

Reliability of external and external reporting, Effectiveness and efficiency of operations.

Reducing operational surprises, Effectiveness and efficiency of operations.

Effectiveness and efficiency of operations, Reliability of internal and external reporting.

Advisory board

Quasi-Judicial Boards

The Internal Auditing Standards Board

The external auditing boards

Evaluate general controls at the entity or installation level.

Evaluate general controls as they are applied to the application(s) being examined, such as a payroll system or a loan accounting system.

Evaluate application controls, which are the controls over input, processing, and output of data associated with individual applications.

All of above.

The Institute of Internal Auditors (IIA) Standards, the Committee of Sponsoring Organizations of the Treadway Commission (COSO),

the Committee of Sponsoring Organizations of the Treadway Commission (COSO), the Canadian Institute of Chartered Accountants’ Criteria of Control (CoCo)

International Organization of Supreme Audit Institutions (INTOSAI) Standards, the Canadian Institute of Chartered Accountants’ Criteria of Control (CoCo)

The Institute of Internal Auditors (IIA) Standards, the Committee of Sponsoring Organizations ofthe Treadway Commission (COSO)

Identify auditable activities (e.g., programs, accounts, contracts, transactions).

Estimate the significance of a risk (e.g., magnitude of exposure in dollars or other type of measure, type of threat, duration, etc.).

do not Estimate the likelihood that a risk will occur and do not determine how to manage the risks.

Estimate the likelihood that a risk will occur and Prioritize risks.

Executive preparation and Execution

Legislative consideration

leading and controlling

Audit and evaluation

Planning about future events

Inadequate performance monitoring by high-level management and prolonged understaffing.

Lack of competence and integrity of management and staff.

Acceptance of audit findings and corrective action taken.

Judgment samples, Probability samples

Attributes sampling, Variables sampling

Variables sampling, Attributes sampling

Probability samples, Judgment samples

Control the risk, Transfer the risk

Accept the risk, Transfer the risk

Transfer the risk, Control the risk

Control the risk, accept the risk

Prompt implementation of audit recommendations.

The audit function helps keep governments accountable to the public by measuring adherence to established laws, regulations, and controls, and the effectiveness, economy, and efficiency of operations.

The audit function provides objective assurance to oversight bodies about the reliability and credibility of financial and performance reports produced by management.

Input from audits can help employees improve their overall job performance and adherence to establish controls.

The purpose and goals for a specific program or the entire organization.

Organizational data (e.g., organizational charts, job descriptions, policy and procedure manuals, information system manuals).

A & B only.

None of the above.

Determine eligibility (number of applications reviewed for eligibility).

Applications corrected (number of applications corrected).

Facilities (cost per square foot of space allocated to licensing function, times percent of renewals received).

Renewal applications (number of applications received).

Incomplete data

Irrelevant data

Incomparable data

Complete data

Open-ended questions, interrogative questions

Open-ended questions, Closed-ended questions

interrogative questions, Closed-ended questions

Closed-ended questions, Open-ended questions

Audits of Compliance and Audits of Information and Related Technology

Audits of Financial Statements and Audits of Financial Systems

Audits of Performance/Value-for-Money/Operations (e.g., economy, efficiency, effectiveness).

quality services

Divide classes to ensure that the smallest and largest values in the array are shown.

Assign each item in the array to only one class.

make graph

Keep the size of each interval the same.

American Institute of Certified Public Accountants

Financial Executives Institute and American Accounting Association

Institute of Management Accountants and the Institute of Internal Auditors

All of the above

Employee lifestyle changes: expensive cars, jewelry, homes, clothes.

Behavioral changes: may be indication of drug, alcohol, or gambling problem.

High employee turnover, especially in areas that are more vulnerable to fraud.

Excessive number of year-end transactions (particularly if backed out in the next period).

Both C and D

Compliance audit

External auditing

Internal auditing

Autocratic management

Consultative management

Participative management.

Directing management

Reasonable assurance, auditor

Audit policy, controller

Reasonable assurance, trainer

Audit record, auditor

Involve people with the necessary knowledge, ability, and commitment to fulfill their responsibilities.

Are not prepared to ensure that the organization’s objectives are met and that performance is satisfactory.

Fulfill their accountability obligations to those whose interests they represent by reporting on the organization’s performance.

Are prepared to ensure that the organization’s objectives are met and that performance is satisfactory.

control measurement

Performance measurement

Quality measurement

quantity measurement

Acquisition and Implementation (AI), Planning and Organization (PO)

Planning and Organization (PO), Acquisition and Implementation (AI)

Delivery and Support (DS), Monitoring (MN)

Monitoring (MN), Delivery and Support (DS)

Abuse is distinct from illegal acts and noncompliance. Abuse occurs when conduct falls short of societal expectations for prudent behavior. Because determining abuse is subjective, auditors are not expected to provide reasonable assurance of detecting it.

Noncompliance includes illegal acts, as well as violations of provisions of contract or grant agreements.

Fraud is a type of illegal act that involves obtaining something of value through willful misrepresentation.

All of the above.

Output measures Input measures

Input measures Output measures

Output measures control measures

quality measures Output measures

Central data processing equipment (equipment cost for time generating license renewal notices).

Licensing staff (payroll costs for time spent receiving/processing renewal applications).

Facilities (cost per square foot of space allocated to licensing function, times percent of renewals received).

Determine eligibility (number of applications reviewed for eligibility).

Control environment and Risk assessment

assessing diversification risk

Control activities and Monitoring1

Information and communication

The kinds and sources of evidence used.

Organizational structure

The depth and coverage of work performed to accomplish the audit objectives, including a description of specific controls tested.

Confidential information omitted from the report.

Excessive number of year-end transactions (particularly if backed out in the next period).

Unexpected overdrafts or declines in cash balance.

Reluctance to provide information to auditors.

High employee turnover, especially in areas that are more vulnerable to fraud.

Measurement-based approach, process-based approach

Process-based approach, measurement-based approach

Planning-based approach, measurement-based approach

Measurement-based approach, control-based approach

Planning and controlling.

Reviewing management reports

Direct observation — Auditors can obtain valuable information and evidence by directly observing the customer’s operations and work processes.

Interviews — it is important to meet with personnel involved in the processes being audited to discuss key issues.

Auditors should evaluate the evidence and determine the appropriate course of action. An investigation may be warranted if indicators strongly suggest that integrity violations occurred.

When significant control weaknesses are found, the auditor should conduct sufficient tests to determine if these weaknesses resulted in integrity violations. The level of testing should increase as the number or significance of control weaknesses increases.

Auditors must not have the knowledge and skills to adequately identify when violations occurred.

Auditors should notify the proper legal authorities, if warranted.

Control

Fraud risk assessment practice

Outsourcing

Accountancy practice

Taxation, This includes federal and state income taxes, along with sales and property taxes.

User charges — as individuals become increasingly less receptive to taxes, user fees or charges have been used to finance some services.

employee charges

Transfer payments — State and local governments receive transfer payments from the federal government.

State the null and alternative hypotheses.

Establish the criterion for rejecting or accepting the null hypothesis.

Analyze the data. Data analysis involves collecting sampled items, estimating the parameter, and calculating the value of the sample mean.

Accept the null hypothesis only.

The questions should be as simple, direct, and unambiguous as possible.

Any unique or seldom used terms should be clearly defined.

Response choices should be consistent (avoid use of the most positive choice first in one question, followed by a question where the most negative response choice is first).

Avoid asking leading questions such as, “Do you believe that minority quotas are an unfair means of allocating political favors to specific voter groups?”

The auditor and the SAI must not be independent.

The auditor and the SAI must possess the required competence.

The auditor and the SAI must be independent.

The auditor and the SAI must exercise due care and concern in complying with the INTOSAI auditing standards.

Plan for personnel needs and review hiring results periodically to determine whether personnel needs are being achieved.

Estimate the significance of a risk (e.g., magnitude of exposure in dollars or other type of measure, type of threat, duration, etc.).

Provide continuing education and training for staff (e.g., external or in-house training courses, professional conferences, or seminars).

Develop procedures to identify sources of potential hires, methods of contacting and attracting potential hires, and methods of evaluating and selecting potential hires.

The program can be very small.

The program may not be large enough to draw useful inferences from the results.

Lack of baseline data to compare program results with.

Some outcomes can be hard to measure either from the lack of measurement instruments, such as changes in self-esteem, or from the logistical difficulty in measuring.