QUEENS’ COLLEGE DISTANCE EDUCATION DIVISION

TEL. 011-8-12-19-82

ASSIGNMENT

ON

Auditing II (ACFN 411)

Date: - _____________

Total Weight: - 30 %

Name: - ____________________________ ID NO: - ______________

Department: -_______________ Study center: -_____________ Entry year: - ___________

Program: DEGREE

This is the only assignment of this course.

This assignment is to be completed and submitted to the office of your center. Do not
attempt the assignment until you are certain that you have understood the units it covers and
have revised your self-test exercises and learning activities, and other necessary references.

If you have any question about the units and activities, state the item/s clearly on a
separate sheet of paper and attach to your assignment paper.
 Part One:

1) Write the three main reasons why the auditor should properly plan
engagements
It helps the auditor obtain sufficient appropriate evidence for the
circumstances.
It helps to keep audit costs at a reasonable level.
It helps to avoid misunderstandings with the client.

2) List and discus the elements of the effectiveness of internal control

The framework consists of five components that together create an effective and
integrated enterprise controls system.

1. Control Environment

The control environment is how senior management tries to inculcate a strong

sense of ethics and high performance across the whole enterprise. It includes all
the standards, processes, policies, and rules that enable an organization to
implement and improve its internal controls. The control environment provides a
foundation so the company’s other, more specific controls can:

 Support its strategic objectives

 Assure reliable financial reporting to stakeholders
 Improve business efficiency and effectiveness
 Facilitate compliance with all applicable laws and regulations
 Safeguard assets from the effects of careless errors or malicious activities

An effective control environment includes these seven important factors:

 Integrity and ethical values
 Commitment to competence
 Audit committee or board of directors
 Management philosophy and operating style
 Organizational structure
 Assignment of authority and responsibility
 Human resource policies

These factors demonstrate the organization’s commitment to responsible and

ethical operations. A strong tone from the top is crucial to build a strong control
environment. Senior managers must reiterate the importance of internal controls
and establish the expected standards of conduct throughout the organization.
Only then can the environment help to:

 Align business processes with applicable laws, regulations, and industry-

standard practices
 Attract and retain competent staff
 Increase accountability throughout the organization in pursuit of objectives
2. Risk Assessment

Risk assessment is the basis for risk management. For effective risk
assessment, management must identify possible changes in the internal and
external environment that may impede the organization’s ability to achieve its
goals. Managers must also:

 Act in a timely manner to manage the effect of these changes

 Consider risk tolerance when assessing acceptable risk levels
 Consider risk severity after considering its velocity, persistence, impact, and
likelihood

The COSO internal control framework suggests that risk assessment should be
a “dynamic and iterative process” – meaning, risk assessments should happen
at regular intervals. The risk assessment should also include sub-processes for
risk identification, risk analysis, and risk response.

3. Control Activities
 Control activities are the specific actions that allow the enterprise to mitigate risk
and achieve its objectives. These actions are usually described in standards,
policies, and control procedures, and are communicated to all stakeholders.

Control activities can be preventive, detective, or corrective. They are performed

at all levels of the business and at various stages of business processes.

4. Information and Communication

Information is an important element in an internal control system because it

supports the other components and allows the organization to achieve its
objectives. Effective, clear, and honest communication is required to assure that
the necessary information is available whenever required to manage and
optimize the internal control system.

Communication then disseminates the information, so the relevant stakeholders

can carry out daily internal control activities. For example, if an audit identifies a
major flaw in cybersecurity, the audit findings should then be communicated to
the IT department, the CISO, and perhaps even the board or legal team. Those
executives will then (ideally) understand their responsibilities for assuring that
the findings are addressed and internal controls work as expected.

5. Monitoring Activities

Internal or external auditors must regularly monitor the internal control system to
verify that it is functioning properly. They should also evaluate the findings and
communicate internal control deficiencies to top management and the board.

Per COSO’s framework, ongoing evaluations should be built into routine

operations and performed in real-time. Regular spot checks instead of an annual
“big bang evaluation” can help to identify and fix control gaps quickly, before the
company suffers significant harm.
 3) Discus the difference between internal audit and internal control

Internal Control is made up of procedures, policies and measures designed to make

sure that an organization meets its objectives, and that risks that can prevent an
organization from meeting its objectives are mitigated. While the Internal Audit
function is performed by internal auditors, Internal Control is the responsibility of
operational management functions. Another point of contrast is frequency. An
internal audit is a check that is conducted at specific times, whereas Internal Control
is responsible for checks that are on-going to make sure operational efficiency and
effectiveness are achieved through the control of risks. Some risk experts even say
that Internal Control is a part of a company’s day-to-day management and
administration.
4) List the needed documents during the examination of purchase
 5) Explain the uses of Audit working Paper

Audit working papers are an integral part of all audit processes. In the course of an audit, it
is extremely important to ensure that the audit is performed efficiently without any hassle. An
audit working paper is a document that facilitates a smooth and effective audit process. The
document facilitates effective planning of the audit and further helps establish procedures that
ensure systematic execution of the audit process.

In this regard, it is also important that the auditor takes into consideration the audit assertions
to give an opinion based on their professional judgment with substantial evidence. Documents
like the audit working paper provide a record of evidence and audit findings that helps in the
drafting of a final audit report with clear recommendations. Today, elaborating the significance
of working papers in an audit, we have explained why they are an integral part of an audit
process. So, let us take a closer look at the term audit working paper and then move on to
understanding its importance.
 6) Define auditing?

Auditing originates from the Latin term “Audire”, which means “to hear,” - just as in ancient
times auditors used to listen to officers and people of authority to confirm the validity of their
words. Over the years, the role of auditing evolved to verifying written reports: specifically, the
financial records of individuals and businesses.

By definition, auditing is an official inspection and verification of the credibility of financial

reports. Audits can be conducted by either a business’s management as an internal control
process or by the government, in case they notice suspicious financial activity.

7) What are the three types of Audit?

 There are three main types of audits: external audits, internal audits, and
Internal Revenue Service audits.
 External audits are commonly performed by Certified Public Accounting
firms and result in an auditor's opinion which is included in the audit
report.
 An unqualified, or clean, audit opinion means that the auditor has not
identified any material misstatement as a result of his or her review of the
financial statements.
 External audits can include a review of both financial statements and a
company's internal controls.
 Internal audits serve as a managerial tool to make improvements to
processes and internal controls.
 8) The GAAS are composed of three categories of standards

Generally accepted auditing standards (GAAS) are a set of systematic

guidelines used by auditors when conducting audits of companies' financial
records. GAAS helps to ensure the accuracy, consistency, and verifiability of
auditors' actions and reports.

The three sections of generally accepted auditing standards are General

Standards, Standards of Field Work, and Standards of Reporting.